smena-pola-i-gay--sex--eto-kruto.duckdns.org Open in urlscan Pro
103.151.111.112 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://pontorez.com/
Effective URL:
https://smena-pola-i-gay--sex--eto-kruto.duckdns.org/1984.ebxml
Submission: On April 03 via manual (April 3rd 2023, 3:00:21 pm UTC) from RU — Scanned from SE

Summary HTTP 51 Redirects Links 7 Behaviour Indicators

Summary

This website contacted 8 IPs in 4 countries across 9 domains to perform 51 HTTP transactions. The main IP is 103.151.111.112, located in Islamabad, Pakistan and belongs to VIRTURY-AS-AP Virtury Cloud Pakistan, PK. The main domain is smena-pola-i-gay--sex--eto-kruto.duckdns.org.
TLS certificate: Issued by R3 on April 1st 2023. Valid for: 3 months.

This is the only time smena-pola-i-gay--sex--eto-kruto.duckdns.org was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 1	185.112.156.43 185.112.156.43	62214 (RACKFORES...) (RACKFOREST-AS)
14 18	103.151.111.112 103.151.111.112	150315 (VIRTURY-A...) (VIRTURY-AS-AP Virtury Cloud Pakistan)
13	151.101.65.137 151.101.65.137	54113 (FASTLY) (FASTLY)
2	142.250.185.234 142.250.185.234	15169 (GOOGLE) (GOOGLE)
3	142.250.185.72 142.250.185.72	15169 (GOOGLE) (GOOGLE)
14	5.181.80.165 5.181.80.165	50360 (TAMATIYA-AS) (TAMATIYA-AS)
2	142.250.185.227 142.250.185.227	15169 (GOOGLE) (GOOGLE)
2	216.239.34.36 216.239.34.36	15169 (GOOGLE) (GOOGLE)
51	8

1 185.112.156.43 (Hungary) 1 redirects

ASN62214 (RACKFOREST-AS, HU)

pontorez.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

18 103.151.111.112 (Islamabad, Pakistan) 14 redirects

ASN150315 (VIRTURY-AS-AP Virtury Cloud Pakistan, PK)

arandor.3-a.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
smena-pola-i-gay--sex--eto-kruto.duckdns.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

13 151.101.65.137 (United States)

ASN54113 (FASTLY, US)

res.cloudinary.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.250.185.234 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s53-in-f10.1e100.net

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 142.250.185.72 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s48-in-f8.1e100.net

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

14 5.181.80.165 (Bulgaria)

ASN50360 (TAMATIYA-AS, BG)
PTR: ip-80-165-bullethost.net

bladerunner.gb.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.250.185.227 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s53-in-f3.1e100.net

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 216.239.34.36 (United States)

ASN15169 (GOOGLE, US)

region1.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
17	duckdns.org 13 redirects smena-pola-i-gay--sex--eto-kruto.duckdns.org	25 KB
14	gb.net bladerunner.gb.net	162 KB
13	cloudinary.com res.cloudinary.com — Cisco Umbrella Rank: 2461	38 KB
3	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 62	233 KB
2	google-analytics.com region1.google-analytics.com — Cisco Umbrella Rank: 2284	329 B
2	gstatic.com fonts.gstatic.com	16 KB
2	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 47	2 KB
1	3-a.net 1 redirects arandor.3-a.net	227 B
1	pontorez.com 1 redirects pontorez.com	191 B
51	9

	Domain	Requested by
17	smena-pola-i-gay--sex--eto-kruto.duckdns.org	13 redirects smena-pola-i-gay--sex--eto-kruto.duckdns.org
14	bladerunner.gb.net	smena-pola-i-gay--sex--eto-kruto.duckdns.org
13	res.cloudinary.com	smena-pola-i-gay--sex--eto-kruto.duckdns.org res.cloudinary.com
3	www.googletagmanager.com	smena-pola-i-gay--sex--eto-kruto.duckdns.org www.googletagmanager.com
2	region1.google-analytics.com	www.googletagmanager.com
2	fonts.gstatic.com	fonts.googleapis.com
2	fonts.googleapis.com	smena-pola-i-gay--sex--eto-kruto.duckdns.org
1	arandor.3-a.net	1 redirects
1	pontorez.com	1 redirects
51	9

This site contains links to these domains. Also see Links.

Domain
ipv6-test.com
webmaster.yandex.ru
www.youtube.com
www.understandingwar.org
t.me

Subject Issuer	Validity	Valid
*.cloudinary.com Go Daddy Secure Certificate Authority - G2	`2022-05-30` - `2023-07-01`	a year	crt.sh
upload.video.google.com GTS CA 1C3	`2023-03-13` - `2023-06-05`	3 months	crt.sh
smena-pola-i-gay--sex--eto-kruto.duckdns.org R3	`2023-04-01` - `2023-06-30`	3 months	crt.sh
*.google-analytics.com GTS CA 1C3	`2023-03-13` - `2023-06-05`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2023-03-13` - `2023-06-05`	3 months	crt.sh
bladerunner.gb.net R3	`2023-03-23` - `2023-06-21`	3 months	crt.sh

This page contains 1 frames:

Primary Page: https://smena-pola-i-gay--sex--eto-kruto.duckdns.org/1984.ebxml
Frame ID: 1AA5C0FA6FAC27B872975CE98B699839
Requests: 51 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Оппозиционный портал Rashkostan.com

Page URL History Show full URLs

http://pontorez.com/ HTTP 301
http://arandor.3-a.net/ HTTP 301
http://smena-pola-i-gay--sex--eto-kruto.duckdns.org/ Page URL
http://smena-pola-i-gay--sex--eto-kruto.duckdns.org/1984.ebxml Page URL
https://smena-pola-i-gay--sex--eto-kruto.duckdns.org/1984.ebxml Page URL

Detected technologies

Cloudinary (CDN) Expand

Overall confidence: 80%
Detected patterns

<img[^>]+\.cloudinary\.com

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtag/js

Page Statistics

51
Requests

49 %
HTTPS

0 %
IPv6

9
Domains

9
Subdomains

8
IPs

4
Countries

473 kB
Transfer

1056 kB
Size

4
Cookies

7 Outgoing links

These are links going to different origins than the main page.

URL: https://ipv6-test.com/validate.php?url=antichekizm.com

Search URL Search Domain Scan URL

URL: https://webmaster.yandex.ru/sqi/?host=pontorez.com

Search URL Search Domain Scan URL

URL: https://www.youtube.com/watch?v=ETZzP1DhWXI&t=34m33s
Title: пУТИН — гондон, преступник, кровопийца, жулик и вор, предатель и изменник родины.

Search URL Search Domain Scan URL

URL: https://www.understandingwar.org/
Title: назвал

Search URL Search Domain Scan URL

URL: https://t.me/RKadyrov_95/3446
Title: очередной пост

Search URL Search Domain Scan URL

URL: https://www.youtube.com/@maltsev35/streams
Title: №35

Search URL Search Domain Scan URL

URL: https://t.me/bladerunner04
Title: Telegram

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://pontorez.com/ HTTP 301
http://arandor.3-a.net/ HTTP 301
http://smena-pola-i-gay--sex--eto-kruto.duckdns.org/ Page URL
http://smena-pola-i-gay--sex--eto-kruto.duckdns.org/1984.ebxml Page URL
https://smena-pola-i-gay--sex--eto-kruto.duckdns.org/1984.ebxml Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0

http://pontorez.com/ HTTP 301
http://arandor.3-a.net/ HTTP 301
http://smena-pola-i-gay--sex--eto-kruto.duckdns.org/

Request Chain 8

http://smena-pola-i-gay--sex--eto-kruto.duckdns.org/get/20221020-1125/images/z/zasrancy02.thumbnail.jpg HTTP 302
http://bladerunner.gb.net/images/z/zasrancy02.thumbnail.jpg?md5=kPjohfTRBxQbW3TQukpDsg&expires=1680537600

Request Chain 9

http://smena-pola-i-gay--sex--eto-kruto.duckdns.org/get/20221020-1125/images/v/vladlen-tatarskiy.thumbnail.jpg HTTP 302
http://bladerunner.gb.net/images/v/vladlen-tatarskiy.thumbnail.jpg?md5=iHQ0VJqVKQ8a5bWNaHWYmQ&expires=1680537600

Request Chain 25

https://smena-pola-i-gay--sex--eto-kruto.duckdns.org/get/20221020-1125/images/r/rusnya.thumbnail.jpg HTTP 302
https://bladerunner.gb.net/images/r/rusnya.thumbnail.jpg?md5=M6fodRG4DTQF0i6ttZTFDA&expires=1680537600

Request Chain 26

https://smena-pola-i-gay--sex--eto-kruto.duckdns.org/get/20221020-1125/images/v/vladlen-tatarskiy.thumbnail.jpg HTTP 302
https://bladerunner.gb.net/images/v/vladlen-tatarskiy.thumbnail.jpg?md5=iHQ0VJqVKQ8a5bWNaHWYmQ&expires=1680537600

Request Chain 27

https://smena-pola-i-gay--sex--eto-kruto.duckdns.org/get/20221020-1125/images/t/tsibenko.thumbnail.jpg HTTP 302
https://bladerunner.gb.net/images/t/tsibenko.thumbnail.jpg?md5=_UYZvrFZFoBjtggy6HBSVg&expires=1680537600

Request Chain 28

https://smena-pola-i-gay--sex--eto-kruto.duckdns.org/get/20221020-1125/images/s/shkolnikov-privlekut-k-prinuditelnomu-trudu.thumbnail.jpg HTTP 302
https://bladerunner.gb.net/images/s/shkolnikov-privlekut-k-prinuditelnomu-trudu.thumbnail.jpg?md5=Pk83H7oHf5InaifT0RtqtQ&expires=1680537600

Request Chain 29

https://smena-pola-i-gay--sex--eto-kruto.duckdns.org/get/20221020-1125/images/i/information-operation.thumbnail.jpg HTTP 302
https://bladerunner.gb.net/images/i/information-operation.thumbnail.jpg?md5=ehgBsbF6EQkVs7IKUMTDfA&expires=1680537600

Request Chain 30

https://smena-pola-i-gay--sex--eto-kruto.duckdns.org/get/20221020-1125/images/n/nuclear-maniac.thumbnail.jpg HTTP 302
https://bladerunner.gb.net/images/n/nuclear-maniac.thumbnail.jpg?md5=e4rrdHMaSiEO2D2n3I2bDQ&expires=1680537600

Request Chain 31

https://smena-pola-i-gay--sex--eto-kruto.duckdns.org/get/20221020-1125/images/k/kadyrov2.thumbnail.jpg HTTP 302
https://bladerunner.gb.net/images/k/kadyrov2.thumbnail.jpg?md5=qDurBUfkW_rP_6XbxFmZVg&expires=1680537600

Request Chain 32

https://smena-pola-i-gay--sex--eto-kruto.duckdns.org/get/20221020-1125/images/n/nato-nachinaet-voennye-ucheniya.thumbnail.jpg HTTP 302
https://bladerunner.gb.net/images/n/nato-nachinaet-voennye-ucheniya.thumbnail.jpg?md5=XR8Udcpy4yvkzNospO1WMg&expires=1680537600

Request Chain 33

https://smena-pola-i-gay--sex--eto-kruto.duckdns.org/get/20221020-1125/images/k/kadyrov-soobschil-o-novom-nabore-dobrovolcev.thumbnail.jpg HTTP 302
https://bladerunner.gb.net/images/k/kadyrov-soobschil-o-novom-nabore-dobrovolcev.thumbnail.jpg?md5=PPMmckgpbeFJCYfUmE1JAw&expires=1680537600

Request Chain 34

https://smena-pola-i-gay--sex--eto-kruto.duckdns.org/get/20221020-1125/images/x/xi.thumbnail.jpg HTTP 302
https://bladerunner.gb.net/images/x/xi.thumbnail.jpg?md5=xiQX1dIP2hzYdhILbPqjsw&expires=1680537600

Request Chain 35

https://smena-pola-i-gay--sex--eto-kruto.duckdns.org/get/20221020-1125/images/x/xi_jinping_and_putin.thumbnail.jpg HTTP 302
https://bladerunner.gb.net/images/x/xi_jinping_and_putin.thumbnail.jpg?md5=3wkSY0Z4vdQI8s4v_QtmsQ&expires=1680537600

Request Chain 36

https://smena-pola-i-gay--sex--eto-kruto.duckdns.org/get/20221020-1125/_/footer/zasrancy6.png HTTP 302
https://bladerunner.gb.net/_/footer/zasrancy6.png?md5=WpuTRzmPP7taVeU7Ds7ciQ&expires=1680537600

51 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1

200
OK

/
smena-pola-i-gay--sex--eto-kruto.duckdns.org/
Redirect Chain

http://pontorez.com/
http://arandor.3-a.net/
http://smena-pola-i-gay--sex--eto-kruto.duckdns.org/

537 B
569 B

1198ms
486ms

Document
text/html

103.151.111.112
VIRTURY-AS-AP Vir...

General

Check archive.org

Show headers Download Go to

Full URL: http://smena-pola-i-gay--sex--eto-kruto.duckdns.org/
Protocol: HTTP/1.1
Server: 103.151.111.112 Islamabad, Pakistan, ASN150315 (VIRTURY-AS-AP Virtury Cloud Pakistan, PK),
Reverse DNS
Software: nginx/1.22.1 /
Resource Hash

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
accept-language: se-SE,se;q=0.9

Response headers

Connection: keep-alive
Content-Encoding: gzip
Content-Type: text/html; charset=UTF-8
Date: Mon, 03 Apr 2023 15:00:12 GMT
Server: nginx/1.22.1
Transfer-Encoding: chunked

Redirect headers

Connection: keep-alive
Content-Length: 169
Content-Type: text/html
Date: Mon, 03 Apr 2023 15:00:11 GMT
Location: http://smena-pola-i-gay--sex--eto-kruto.duckdns.org/
Server: nginx/1.22.1

GET
H/1.1 200
OK 1984.ebxml Show response
smena-pola-i-gay--sex--eto-kruto.duckdns.org/ 40 KB
11 KB 667ms
666ms Document
text/html 103.151.111.112
VIRTURY-AS-AP Vir...

General

Check archive.org

Show headers Download Go to

Full URL: http://smena-pola-i-gay--sex--eto-kruto.duckdns.org/1984.ebxml
Requested by: Host: smena-pola-i-gay--sex--eto-kruto.duckdns.org
URL: http://smena-pola-i-gay--sex--eto-kruto.duckdns.org/
Protocol: HTTP/1.1
Server: 103.151.111.112 Islamabad, Pakistan, ASN150315 (VIRTURY-AS-AP Virtury Cloud Pakistan, PK),
Reverse DNS
Software: nginx/1.22.1 /
Resource Hash: f7b950a77fc133196fff0e0628d03c16f7f0e96e6a86f8b3a1ebfe8551c8524d

Request headers

Referer: http://smena-pola-i-gay--sex--eto-kruto.duckdns.org/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
accept-language: se-SE,se;q=0.9

Response headers

Connection: keep-alive
Content-Encoding: gzip
Content-Type: text/html; charset=UTF-8
Date: Mon, 03 Apr 2023 15:00:13 GMT
Server: nginx/1.22.1
Transfer-Encoding: chunked

GET
H2 200 site_dr4urk.css
res.cloudinary.com/dqpoetpc4/raw/upload/v1678825869/css/ 55 KB
11 KB 110ms
34ms Stylesheet
text/css 151.101.65.137
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://res.cloudinary.com/dqpoetpc4/raw/upload/v1678825869/css/site_dr4urk.css

Requested by

Host: smena-pola-i-gay--sex--eto-kruto.duckdns.org
URL: http://smena-pola-i-gay--sex--eto-kruto.duckdns.org/1984.ebxml

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.65.137 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Cloudinary /

Resource Hash

57bacc99bcf33197caa4fd5b0d4985b64e1e1d020da5012e7c05f206b349d69a

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800

Request headers

accept-language: se-SE,se;q=0.9
Referer: http://smena-pola-i-gay--sex--eto-kruto.duckdns.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Mon, 03 Apr 2023 15:00:13 GMT
content-encoding: br
strict-transport-security: max-age=604800
last-modified: Tue, 14 Mar 2023 20:31:10 GMT
server: Cloudinary
etag: W/"087bbc2f335aa9a6abf0109f8565913e"
vary: Accept-Encoding
content-type: text/css
access-control-allow-origin: *
access-control-expose-headers: Content-Length,ETag,Server-Timing,Vary
cache-control: public, no-transform, immutable, max-age=2592000
server-timing: cld-fastly;dur=4;cpu=2;start=2023-04-03T15:00:13.685Z;desc=hit,rtt;dur=29
accept-ranges: bytes
timing-allow-origin: *
content-length: 11424

GET
H2 200 css
fonts.googleapis.com/ 2 KB
928 B 183ms
63ms Stylesheet
text/css 142.250.185.234
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Oswald

Requested by

Host: smena-pola-i-gay--sex--eto-kruto.duckdns.org
URL: http://smena-pola-i-gay--sex--eto-kruto.duckdns.org/1984.ebxml

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.234 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s53-in-f10.1e100.net

Software

ESF /

Resource Hash

074cb8fe4c110377a05635d888ae1481b4f448e685b15dfcf56c5c816cd091c5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: se-SE,se;q=0.9
Referer: http://smena-pola-i-gay--sex--eto-kruto.duckdns.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Mon, 03 Apr 2023 15:00:13 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Mon, 03 Apr 2023 13:27:29 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Mon, 03 Apr 2023 15:00:13 GMT

GET
H2 200 redir-from-http-to-https.js
smena-pola-i-gay--sex--eto-kruto.duckdns.org/_/js/ 129 B
274 B 862ms
477ms Script
application/javascript 103.151.111.112
VIRTURY-AS-AP Vir...

General

Check archive.org

Show headers Download Go to

Full URL: https://smena-pola-i-gay--sex--eto-kruto.duckdns.org/_/js/redir-from-http-to-https.js
Requested by: Host: smena-pola-i-gay--sex--eto-kruto.duckdns.org
URL: http://smena-pola-i-gay--sex--eto-kruto.duckdns.org/1984.ebxml
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 103.151.111.112 Islamabad, Pakistan, ASN150315 (VIRTURY-AS-AP Virtury Cloud Pakistan, PK),
Reverse DNS
Software: nginx/1.22.1 /
Resource Hash

Request headers

accept-language: se-SE,se;q=0.9
Referer: http://smena-pola-i-gay--sex--eto-kruto.duckdns.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Mon, 03 Apr 2023 15:00:14 GMT
last-modified: Thu, 02 Feb 2023 18:35:53 GMT
server: nginx/1.22.1
accept-ranges: bytes
etag: "63dc0289-81"
content-length: 129
content-type: application/javascript

GET
H2 200 js_rjqzih.js Show response
res.cloudinary.com/dqpoetpc4/raw/upload/v1675288095/js/ 9 KB
3 KB 34ms
33ms Script
text/javascript 151.101.65.137
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://res.cloudinary.com/dqpoetpc4/raw/upload/v1675288095/js/js_rjqzih.js

Requested by

Host: smena-pola-i-gay--sex--eto-kruto.duckdns.org
URL: http://smena-pola-i-gay--sex--eto-kruto.duckdns.org/1984.ebxml

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.65.137 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Cloudinary /

Resource Hash

defc482aa5ea87131e6062dbe2296712cb485bf6ce6f04d9690515adcaa0b658

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800

Request headers

accept-language: se-SE,se;q=0.9
Referer: http://smena-pola-i-gay--sex--eto-kruto.duckdns.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Mon, 03 Apr 2023 15:00:13 GMT
content-encoding: br
strict-transport-security: max-age=604800
last-modified: Wed, 01 Feb 2023 21:48:16 GMT
server: Cloudinary
etag: W/"4267e7f52ea3945006d992bfd15c11eb"
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
access-control-expose-headers: Content-Length,ETag,Server-Timing,Vary
cache-control: public, no-transform, immutable, max-age=2592000
server-timing: cld-fastly;dur=3;cpu=0;start=2023-04-03T15:00:13.794Z;desc=hit,rtt;dur=30
accept-ranges: bytes
timing-allow-origin: *
content-length: 2544

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 222 KB
78 KB 193ms
71ms Script
application/javascript 142.250.185.72
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-JFYR3S8ZEK

Requested by

Host: smena-pola-i-gay--sex--eto-kruto.duckdns.org
URL: http://smena-pola-i-gay--sex--eto-kruto.duckdns.org/1984.ebxml

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.72 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s48-in-f8.1e100.net

Software

Google Tag Manager /

Resource Hash

2f1e3fb3e7c494903dcb5c7132acda36451dfe1776545935d440ab4d733cac5e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: se-SE,se;q=0.9
Referer: http://smena-pola-i-gay--sex--eto-kruto.duckdns.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Mon, 03 Apr 2023 15:00:13 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 79613
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Mon, 03 Apr 2023 15:00:13 GMT

GET
H2 200 sqicounter_qm5ezy.png
res.cloudinary.com/dqpoetpc4/image/upload/v1662566439/assets/ 737 B
999 B 32ms
32ms Image
image/png 151.101.65.137
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://res.cloudinary.com/dqpoetpc4/image/upload/v1662566439/assets/sqicounter_qm5ezy.png

Requested by

Host: smena-pola-i-gay--sex--eto-kruto.duckdns.org
URL: http://smena-pola-i-gay--sex--eto-kruto.duckdns.org/1984.ebxml

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.65.137 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Cloudinary /

Resource Hash

a35ab6d2cfd8e1cf1b98fa750639fcb90ef9efd25714b795a61a7d49ea18f5d1

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800
X-Content-Type-Options	nosniff

Request headers

accept-language: se-SE,se;q=0.9
Referer: http://smena-pola-i-gay--sex--eto-kruto.duckdns.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Mon, 03 Apr 2023 15:00:14 GMT
strict-transport-security: max-age=604800
x-content-type-options: nosniff
last-modified: Wed, 07 Sep 2022 16:00:40 GMT
server: Cloudinary
etag: "695e55f88282cd97ce435aa63aecbf53"
content-type: image/png
access-control-allow-origin: *
access-control-expose-headers: Content-Length,ETag,Server-Timing,X-Content-Type-Options
cache-control: public, no-transform, immutable, max-age=2592000
server-timing: cld-fastly;dur=2;cpu=1;start=2023-04-03T15:00:14.134Z;desc=hit,rtt;dur=30
accept-ranges: bytes
timing-allow-origin: *
content-length: 737

GET
H/1.1

200
OK

zasrancy02.thumbnail.jpg
bladerunner.gb.net/images/z/
Redirect Chain

http://smena-pola-i-gay--sex--eto-kruto.duckdns.org/get/20221020-1125/images/z/zasrancy02.thumbnail.jpg
http://bladerunner.gb.net/images/z/zasrancy02.thumbnail.jpg?md5=kPjohfTRBxQbW3TQukpDsg&expires=1680537600

22 KB
22 KB

239ms
146ms

Image
image/jpeg

5.181.80.165
TAMATIYA-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://bladerunner.gb.net/images/z/zasrancy02.thumbnail.jpg?md5=kPjohfTRBxQbW3TQukpDsg&expires=1680537600
Protocol: HTTP/1.1
Server: 5.181.80.165 , Bulgaria, ASN50360 (TAMATIYA-AS, BG),
Reverse DNS: ip-80-165-bullethost.net
Software: nginx/1.22.1 /
Resource Hash

Request headers

accept-language: se-SE,se;q=0.9
Referer: http://smena-pola-i-gay--sex--eto-kruto.duckdns.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

Date: Mon, 03 Apr 2023 15:00:14 GMT
Last-Modified: Sun, 03 Jul 2022 20:09:08 GMT
Server: nginx/1.22.1
ETag: "62c1f764-5610"
Content-Type: image/jpeg
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 22032

Redirect headers

Location: //bladerunner.gb.net/images/z/zasrancy02.thumbnail.jpg?md5=kPjohfTRBxQbW3TQukpDsg&expires=1680537600
Date: Mon, 03 Apr 2023 15:00:14 GMT
Content-Type: text/html; charset=UTF-8
Server: nginx/1.22.1
Connection: keep-alive
Transfer-Encoding: chunked
Expires: Mon, 03 Apr 2023 16:00:00 GMT

GET

vladlen-tatarskiy.thumbnail.jpg
bladerunner.gb.net/images/v/
Redirect Chain

http://smena-pola-i-gay--sex--eto-kruto.duckdns.org/get/20221020-1125/images/v/vladlen-tatarskiy.thumbnail.jpg
http://bladerunner.gb.net/images/v/vladlen-tatarskiy.thumbnail.jpg?md5=iHQ0VJqVKQ8a5bWNaHWYmQ&expires=1680537600

0
0

GET tsibenko.thumbnail.jpg
smena-pola-i-gay--sex--eto-kruto.duckdns.org/get/20221020-1125/images/t/ 0
0

GET shkolnikov-privlekut-k-prinuditelnomu-trudu.thumbnail.jpg
smena-pola-i-gay--sex--eto-kruto.duckdns.org/get/20221020-1125/images/s/ 0
0

GET information-operation.thumbnail.jpg
smena-pola-i-gay--sex--eto-kruto.duckdns.org/get/20221020-1125/images/i/ 0
0

GET nuclear-maniac.thumbnail.jpg
smena-pola-i-gay--sex--eto-kruto.duckdns.org/get/20221020-1125/images/n/ 0
0

GET kadyrov2.thumbnail.jpg
smena-pola-i-gay--sex--eto-kruto.duckdns.org/get/20221020-1125/images/k/ 0
0

GET nato-nachinaet-voennye-ucheniya.thumbnail.jpg
smena-pola-i-gay--sex--eto-kruto.duckdns.org/get/20221020-1125/images/n/ 0
0

GET kadyrov-soobschil-o-novom-nabore-dobrovolcev.thumbnail.jpg
smena-pola-i-gay--sex--eto-kruto.duckdns.org/get/20221020-1125/images/k/ 0
0

GET xi.thumbnail.jpg
smena-pola-i-gay--sex--eto-kruto.duckdns.org/get/20221020-1125/images/x/ 0
0

GET xi_jinping_and_putin.thumbnail.jpg
smena-pola-i-gay--sex--eto-kruto.duckdns.org/get/20221020-1125/images/x/ 0
0

GET zasrancy6.png
smena-pola-i-gay--sex--eto-kruto.duckdns.org/get/20221020-1125/_/footer/ 0
0

GET
H2 200 Primary Request 1984.ebxml Show response
smena-pola-i-gay--sex--eto-kruto.duckdns.org/ 40 KB
10 KB 667ms
666ms Document
text/html 103.151.111.112
VIRTURY-AS-AP Vir...

General

Check archive.org

Show headers Download Go to

Full URL: https://smena-pola-i-gay--sex--eto-kruto.duckdns.org/1984.ebxml
Requested by: Host: smena-pola-i-gay--sex--eto-kruto.duckdns.org
URL: https://smena-pola-i-gay--sex--eto-kruto.duckdns.org/_/js/redir-from-http-to-https.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 103.151.111.112 Islamabad, Pakistan, ASN150315 (VIRTURY-AS-AP Virtury Cloud Pakistan, PK),
Reverse DNS
Software: nginx/1.22.1 /
Resource Hash: a3123322abb7641c6846bf2c933fc73b55f3e50a95e41c081b0cf17f9a16bb09

Request headers

Referer: http://smena-pola-i-gay--sex--eto-kruto.duckdns.org/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
accept-language: se-SE,se;q=0.9

Response headers

content-encoding: gzip
content-type: text/html; charset=UTF-8
date: Mon, 03 Apr 2023 15:00:14 GMT
server: nginx/1.22.1

GET
H2 200 site_dr4urk.css
res.cloudinary.com/dqpoetpc4/raw/upload/v1678825869/css/ 55 KB
11 KB 32ms
31ms Stylesheet
text/css 151.101.65.137
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://res.cloudinary.com/dqpoetpc4/raw/upload/v1678825869/css/site_dr4urk.css

Requested by

Host: smena-pola-i-gay--sex--eto-kruto.duckdns.org
URL: https://smena-pola-i-gay--sex--eto-kruto.duckdns.org/1984.ebxml

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.65.137 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Cloudinary /

Resource Hash

57bacc99bcf33197caa4fd5b0d4985b64e1e1d020da5012e7c05f206b349d69a

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800

Request headers

accept-language: se-SE,se;q=0.9
Referer: https://smena-pola-i-gay--sex--eto-kruto.duckdns.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Mon, 03 Apr 2023 15:00:15 GMT
content-encoding: br
strict-transport-security: max-age=604800
last-modified: Tue, 14 Mar 2023 20:31:10 GMT
server: Cloudinary
etag: W/"087bbc2f335aa9a6abf0109f8565913e"
vary: Accept-Encoding
content-type: text/css
access-control-allow-origin: *
access-control-expose-headers: Content-Length,ETag,Server-Timing,Vary
cache-control: public, no-transform, immutable, max-age=2592000
server-timing: cld-fastly;dur=1;start=2023-04-03T15:00:15.277Z;desc=hit,rtt;dur=30
accept-ranges: bytes
timing-allow-origin: *
content-length: 11424

GET
H2 200 css
fonts.googleapis.com/ 2 KB
615 B 66ms
65ms Stylesheet
text/css 142.250.185.234
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Oswald

Requested by

Host: smena-pola-i-gay--sex--eto-kruto.duckdns.org
URL: https://smena-pola-i-gay--sex--eto-kruto.duckdns.org/1984.ebxml

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.234 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s53-in-f10.1e100.net

Software

ESF /

Resource Hash

074cb8fe4c110377a05635d888ae1481b4f448e685b15dfcf56c5c816cd091c5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: se-SE,se;q=0.9
Referer: https://smena-pola-i-gay--sex--eto-kruto.duckdns.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Mon, 03 Apr 2023 15:00:15 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Mon, 03 Apr 2023 14:34:23 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Mon, 03 Apr 2023 15:00:15 GMT

GET
H2 200 js_rjqzih.js Show response
res.cloudinary.com/dqpoetpc4/raw/upload/v1675288095/js/ 9 KB
3 KB 32ms
32ms Script
text/javascript 151.101.65.137
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://res.cloudinary.com/dqpoetpc4/raw/upload/v1675288095/js/js_rjqzih.js

Requested by

Host: smena-pola-i-gay--sex--eto-kruto.duckdns.org
URL: https://smena-pola-i-gay--sex--eto-kruto.duckdns.org/1984.ebxml

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.65.137 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Cloudinary /

Resource Hash

defc482aa5ea87131e6062dbe2296712cb485bf6ce6f04d9690515adcaa0b658

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800

Request headers

accept-language: se-SE,se;q=0.9
Referer: https://smena-pola-i-gay--sex--eto-kruto.duckdns.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Mon, 03 Apr 2023 15:00:15 GMT
content-encoding: br
strict-transport-security: max-age=604800
last-modified: Wed, 01 Feb 2023 21:48:16 GMT
server: Cloudinary
etag: W/"4267e7f52ea3945006d992bfd15c11eb"
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
access-control-expose-headers: Content-Length,ETag,Server-Timing,Vary
cache-control: public, no-transform, immutable, max-age=2592000
server-timing: cld-fastly;dur=1;start=2023-04-03T15:00:15.312Z;desc=hit,rtt;dur=29
accept-ranges: bytes
timing-allow-origin: *
content-length: 2544

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 222 KB
78 KB 80ms
71ms Script
application/javascript 142.250.185.72
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-JFYR3S8ZEK

Requested by

Host: smena-pola-i-gay--sex--eto-kruto.duckdns.org
URL: https://smena-pola-i-gay--sex--eto-kruto.duckdns.org/1984.ebxml

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.72 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s48-in-f8.1e100.net

Software

Google Tag Manager /

Resource Hash

647fcd5e84aa925a82879996d8f829bf96e64ce8bd89190e26cfdd46fddfcda2

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: se-SE,se;q=0.9
Referer: https://smena-pola-i-gay--sex--eto-kruto.duckdns.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Mon, 03 Apr 2023 15:00:15 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 79614
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Mon, 03 Apr 2023 15:00:15 GMT

GET
H2 200 sqicounter_qm5ezy.png
res.cloudinary.com/dqpoetpc4/image/upload/v1662566439/assets/ 737 B
825 B 40ms
31ms Image
image/png 151.101.65.137
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://res.cloudinary.com/dqpoetpc4/image/upload/v1662566439/assets/sqicounter_qm5ezy.png

Requested by

Host: smena-pola-i-gay--sex--eto-kruto.duckdns.org
URL: https://smena-pola-i-gay--sex--eto-kruto.duckdns.org/1984.ebxml

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.65.137 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Cloudinary /

Resource Hash

a35ab6d2cfd8e1cf1b98fa750639fcb90ef9efd25714b795a61a7d49ea18f5d1

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800
X-Content-Type-Options	nosniff

Request headers

accept-language: se-SE,se;q=0.9
Referer: https://smena-pola-i-gay--sex--eto-kruto.duckdns.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Mon, 03 Apr 2023 15:00:15 GMT
strict-transport-security: max-age=604800
x-content-type-options: nosniff
last-modified: Wed, 07 Sep 2022 16:00:40 GMT
server: Cloudinary
etag: "695e55f88282cd97ce435aa63aecbf53"
content-type: image/png
access-control-allow-origin: *
access-control-expose-headers: Content-Length,ETag,Server-Timing,X-Content-Type-Options
cache-control: public, no-transform, immutable, max-age=2592000
server-timing: cld-fastly;dur=1;start=2023-04-03T15:00:15.359Z;desc=hit,rtt;dur=29
accept-ranges: bytes
timing-allow-origin: *
content-length: 737

GET
H2

200

rusnya.thumbnail.jpg
bladerunner.gb.net/images/r/
Redirect Chain

https://smena-pola-i-gay--sex--eto-kruto.duckdns.org/get/20221020-1125/images/r/rusnya.thumbnail.jpg
https://bladerunner.gb.net/images/r/rusnya.thumbnail.jpg?md5=M6fodRG4DTQF0i6ttZTFDA&expires=1680537600

15 KB
15 KB

213ms
213ms

Image
image/jpeg

5.181.80.165
TAMATIYA-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://bladerunner.gb.net/images/r/rusnya.thumbnail.jpg?md5=M6fodRG4DTQF0i6ttZTFDA&expires=1680537600
Requested by: Host: smena-pola-i-gay--sex--eto-kruto.duckdns.org
URL: https://smena-pola-i-gay--sex--eto-kruto.duckdns.org/1984.ebxml
Protocol: H2
Server: 5.181.80.165 , Bulgaria, ASN50360 (TAMATIYA-AS, BG),
Reverse DNS: ip-80-165-bullethost.net
Software: nginx/1.22.1 /
Resource Hash: 6b74cfd1e79ffd15fe13043838725f3c630ccd1d50be2bc31256823d5b2bcd78

Request headers

accept-language: se-SE,se;q=0.9
Referer: https://smena-pola-i-gay--sex--eto-kruto.duckdns.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Mon, 03 Apr 2023 15:00:15 GMT
last-modified: Fri, 03 Jun 2022 14:21:15 GMT
server: nginx/1.22.1
accept-ranges: bytes
etag: "629a18db-3a9d"
content-length: 15005
content-type: image/jpeg

Redirect headers

location: //bladerunner.gb.net/images/r/rusnya.thumbnail.jpg?md5=M6fodRG4DTQF0i6ttZTFDA&expires=1680537600
date: Mon, 03 Apr 2023 15:00:15 GMT
content-type: text/html; charset=UTF-8
server: nginx/1.22.1
expires: Mon, 03 Apr 2023 16:00:00 GMT

GET
H2

200

vladlen-tatarskiy.thumbnail.jpg
bladerunner.gb.net/images/v/
Redirect Chain

https://smena-pola-i-gay--sex--eto-kruto.duckdns.org/get/20221020-1125/images/v/vladlen-tatarskiy.thumbnail.jpg
https://bladerunner.gb.net/images/v/vladlen-tatarskiy.thumbnail.jpg?md5=iHQ0VJqVKQ8a5bWNaHWYmQ&expires=1680537600

4 KB
4 KB

287ms
287ms

Image
image/jpeg

5.181.80.165
TAMATIYA-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://bladerunner.gb.net/images/v/vladlen-tatarskiy.thumbnail.jpg?md5=iHQ0VJqVKQ8a5bWNaHWYmQ&expires=1680537600
Requested by: Host: smena-pola-i-gay--sex--eto-kruto.duckdns.org
URL: https://smena-pola-i-gay--sex--eto-kruto.duckdns.org/1984.ebxml
Protocol: H2
Server: 5.181.80.165 , Bulgaria, ASN50360 (TAMATIYA-AS, BG),
Reverse DNS: ip-80-165-bullethost.net
Software: nginx/1.22.1 /
Resource Hash: f1c6804ebe640e9f1f4a81764932b363faf75570025fc01846a24690dcaf5f54

Request headers

accept-language: se-SE,se;q=0.9
Referer: https://smena-pola-i-gay--sex--eto-kruto.duckdns.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Mon, 03 Apr 2023 15:00:16 GMT
last-modified: Sun, 02 Apr 2023 17:14:56 GMT
server: nginx/1.22.1
accept-ranges: bytes
etag: "6429b810-f0a"
content-length: 3850
content-type: image/jpeg

Redirect headers

location: //bladerunner.gb.net/images/v/vladlen-tatarskiy.thumbnail.jpg?md5=iHQ0VJqVKQ8a5bWNaHWYmQ&expires=1680537600
date: Mon, 03 Apr 2023 15:00:15 GMT
content-type: text/html; charset=UTF-8
server: nginx/1.22.1
expires: Mon, 03 Apr 2023 16:00:00 GMT

GET
H2

200

tsibenko.thumbnail.jpg
bladerunner.gb.net/images/t/
Redirect Chain

https://smena-pola-i-gay--sex--eto-kruto.duckdns.org/get/20221020-1125/images/t/tsibenko.thumbnail.jpg
https://bladerunner.gb.net/images/t/tsibenko.thumbnail.jpg?md5=_UYZvrFZFoBjtggy6HBSVg&expires=1680537600

15 KB
15 KB

228ms
227ms

Image
image/jpeg

5.181.80.165
TAMATIYA-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://bladerunner.gb.net/images/t/tsibenko.thumbnail.jpg?md5=_UYZvrFZFoBjtggy6HBSVg&expires=1680537600
Requested by: Host: smena-pola-i-gay--sex--eto-kruto.duckdns.org
URL: https://smena-pola-i-gay--sex--eto-kruto.duckdns.org/1984.ebxml
Protocol: H2
Server: 5.181.80.165 , Bulgaria, ASN50360 (TAMATIYA-AS, BG),
Reverse DNS: ip-80-165-bullethost.net
Software: nginx/1.22.1 /
Resource Hash: a46a203bda260d9c048e6aa901e2d881ca8e54b849a3068b862b2cb5c8d79156

Request headers

accept-language: se-SE,se;q=0.9
Referer: https://smena-pola-i-gay--sex--eto-kruto.duckdns.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Mon, 03 Apr 2023 15:00:16 GMT
last-modified: Fri, 31 Mar 2023 02:44:14 GMT
server: nginx/1.22.1
accept-ranges: bytes
etag: "642648fe-3b0c"
content-length: 15116
content-type: image/jpeg

Redirect headers

location: //bladerunner.gb.net/images/t/tsibenko.thumbnail.jpg?md5=_UYZvrFZFoBjtggy6HBSVg&expires=1680537600
date: Mon, 03 Apr 2023 15:00:15 GMT
content-type: text/html; charset=UTF-8
server: nginx/1.22.1
expires: Mon, 03 Apr 2023 16:00:00 GMT

GET
H2

200

shkolnikov-privlekut-k-prinuditelnomu-trudu.thumbnail.jpg
bladerunner.gb.net/images/s/
Redirect Chain

https://smena-pola-i-gay--sex--eto-kruto.duckdns.org/get/20221020-1125/images/s/shkolnikov-privlekut-k-prinuditelnomu-trudu.thumbnail.jpg
https://bladerunner.gb.net/images/s/shkolnikov-privlekut-k-prinuditelnomu-trudu.thumbnail.jpg?md5=Pk83H7oHf5InaifT0RtqtQ&expires=1680537600

13 KB
13 KB

268ms
268ms

Image
image/jpeg

5.181.80.165
TAMATIYA-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://bladerunner.gb.net/images/s/shkolnikov-privlekut-k-prinuditelnomu-trudu.thumbnail.jpg?md5=Pk83H7oHf5InaifT0RtqtQ&expires=1680537600
Requested by: Host: smena-pola-i-gay--sex--eto-kruto.duckdns.org
URL: https://smena-pola-i-gay--sex--eto-kruto.duckdns.org/1984.ebxml
Protocol: H2
Server: 5.181.80.165 , Bulgaria, ASN50360 (TAMATIYA-AS, BG),
Reverse DNS: ip-80-165-bullethost.net
Software: nginx/1.22.1 /
Resource Hash: 02411d59e7e4ef1d8399d4d6b86dc1b87f4b252598851bec9d11fa8e56132534

Request headers

accept-language: se-SE,se;q=0.9
Referer: https://smena-pola-i-gay--sex--eto-kruto.duckdns.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Mon, 03 Apr 2023 15:00:15 GMT
last-modified: Wed, 29 Mar 2023 20:33:44 GMT
server: nginx/1.22.1
accept-ranges: bytes
etag: "6424a0a8-3285"
content-length: 12933
content-type: image/jpeg

Redirect headers

location: //bladerunner.gb.net/images/s/shkolnikov-privlekut-k-prinuditelnomu-trudu.thumbnail.jpg?md5=Pk83H7oHf5InaifT0RtqtQ&expires=1680537600
date: Mon, 03 Apr 2023 15:00:15 GMT
content-type: text/html; charset=UTF-8
server: nginx/1.22.1
expires: Mon, 03 Apr 2023 16:00:00 GMT

GET
H2

200

information-operation.thumbnail.jpg
bladerunner.gb.net/images/i/
Redirect Chain

https://smena-pola-i-gay--sex--eto-kruto.duckdns.org/get/20221020-1125/images/i/information-operation.thumbnail.jpg
https://bladerunner.gb.net/images/i/information-operation.thumbnail.jpg?md5=ehgBsbF6EQkVs7IKUMTDfA&expires=1680537600

10 KB
10 KB

148ms
148ms

Image
image/jpeg

5.181.80.165
TAMATIYA-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://bladerunner.gb.net/images/i/information-operation.thumbnail.jpg?md5=ehgBsbF6EQkVs7IKUMTDfA&expires=1680537600
Requested by: Host: smena-pola-i-gay--sex--eto-kruto.duckdns.org
URL: https://smena-pola-i-gay--sex--eto-kruto.duckdns.org/1984.ebxml
Protocol: H2
Server: 5.181.80.165 , Bulgaria, ASN50360 (TAMATIYA-AS, BG),
Reverse DNS: ip-80-165-bullethost.net
Software: nginx/1.22.1 /
Resource Hash: 099ca50d3788a3133858f626ee4464f08172c8d85c94b1eb5f9967fc095314d5

Request headers

accept-language: se-SE,se;q=0.9
Referer: https://smena-pola-i-gay--sex--eto-kruto.duckdns.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Mon, 03 Apr 2023 15:00:15 GMT
last-modified: Sun, 26 Mar 2023 18:27:53 GMT
server: nginx/1.22.1
accept-ranges: bytes
etag: "64208ea9-2605"
content-length: 9733
content-type: image/jpeg

Redirect headers

location: //bladerunner.gb.net/images/i/information-operation.thumbnail.jpg?md5=ehgBsbF6EQkVs7IKUMTDfA&expires=1680537600
date: Mon, 03 Apr 2023 15:00:15 GMT
content-type: text/html; charset=UTF-8
server: nginx/1.22.1
expires: Mon, 03 Apr 2023 16:00:00 GMT

GET
H2

200

nuclear-maniac.thumbnail.jpg
bladerunner.gb.net/images/n/
Redirect Chain

https://smena-pola-i-gay--sex--eto-kruto.duckdns.org/get/20221020-1125/images/n/nuclear-maniac.thumbnail.jpg
https://bladerunner.gb.net/images/n/nuclear-maniac.thumbnail.jpg?md5=e4rrdHMaSiEO2D2n3I2bDQ&expires=1680537600

4 KB
4 KB

246ms
246ms

Image
image/jpeg

5.181.80.165
TAMATIYA-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://bladerunner.gb.net/images/n/nuclear-maniac.thumbnail.jpg?md5=e4rrdHMaSiEO2D2n3I2bDQ&expires=1680537600
Requested by: Host: smena-pola-i-gay--sex--eto-kruto.duckdns.org
URL: https://smena-pola-i-gay--sex--eto-kruto.duckdns.org/1984.ebxml
Protocol: H2
Server: 5.181.80.165 , Bulgaria, ASN50360 (TAMATIYA-AS, BG),
Reverse DNS: ip-80-165-bullethost.net
Software: nginx/1.22.1 /
Resource Hash: 19b1aa5eccbd1bc5e7d3d2479937df57dff1d7cbc61b8e27bb700bdfacd0ee13

Request headers

accept-language: se-SE,se;q=0.9
Referer: https://smena-pola-i-gay--sex--eto-kruto.duckdns.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Mon, 03 Apr 2023 15:00:16 GMT
last-modified: Sun, 26 Mar 2023 18:23:42 GMT
server: nginx/1.22.1
accept-ranges: bytes
etag: "64208dae-f6a"
content-length: 3946
content-type: image/jpeg

Redirect headers

location: //bladerunner.gb.net/images/n/nuclear-maniac.thumbnail.jpg?md5=e4rrdHMaSiEO2D2n3I2bDQ&expires=1680537600
date: Mon, 03 Apr 2023 15:00:15 GMT
content-type: text/html; charset=UTF-8
server: nginx/1.22.1
expires: Mon, 03 Apr 2023 16:00:00 GMT

GET
H2

200

kadyrov2.thumbnail.jpg
bladerunner.gb.net/images/k/
Redirect Chain

https://smena-pola-i-gay--sex--eto-kruto.duckdns.org/get/20221020-1125/images/k/kadyrov2.thumbnail.jpg
https://bladerunner.gb.net/images/k/kadyrov2.thumbnail.jpg?md5=qDurBUfkW_rP_6XbxFmZVg&expires=1680537600

6 KB
6 KB

203ms
203ms

Image
image/jpeg

5.181.80.165
TAMATIYA-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://bladerunner.gb.net/images/k/kadyrov2.thumbnail.jpg?md5=qDurBUfkW_rP_6XbxFmZVg&expires=1680537600
Requested by: Host: smena-pola-i-gay--sex--eto-kruto.duckdns.org
URL: https://smena-pola-i-gay--sex--eto-kruto.duckdns.org/1984.ebxml
Protocol: H2
Server: 5.181.80.165 , Bulgaria, ASN50360 (TAMATIYA-AS, BG),
Reverse DNS: ip-80-165-bullethost.net
Software: nginx/1.22.1 /
Resource Hash: 46b1a758063dde2c42f3aa6746bb81b776109ebacf928fded0c6873ff97fb56a

Request headers

accept-language: se-SE,se;q=0.9
Referer: https://smena-pola-i-gay--sex--eto-kruto.duckdns.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Mon, 03 Apr 2023 15:00:15 GMT
last-modified: Sat, 25 Mar 2023 16:38:31 GMT
server: nginx/1.22.1
accept-ranges: bytes
etag: "641f2387-17c4"
content-length: 6084
content-type: image/jpeg

Redirect headers

location: //bladerunner.gb.net/images/k/kadyrov2.thumbnail.jpg?md5=qDurBUfkW_rP_6XbxFmZVg&expires=1680537600
date: Mon, 03 Apr 2023 15:00:15 GMT
content-type: text/html; charset=UTF-8
server: nginx/1.22.1
expires: Mon, 03 Apr 2023 16:00:00 GMT

GET
H2

200

nato-nachinaet-voennye-ucheniya.thumbnail.jpg
bladerunner.gb.net/images/n/
Redirect Chain

https://smena-pola-i-gay--sex--eto-kruto.duckdns.org/get/20221020-1125/images/n/nato-nachinaet-voennye-ucheniya.thumbnail.jpg
https://bladerunner.gb.net/images/n/nato-nachinaet-voennye-ucheniya.thumbnail.jpg?md5=XR8Udcpy4yvkzNospO1WMg&expires=1680537600

6 KB
6 KB

223ms
222ms

Image
image/jpeg

5.181.80.165
TAMATIYA-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://bladerunner.gb.net/images/n/nato-nachinaet-voennye-ucheniya.thumbnail.jpg?md5=XR8Udcpy4yvkzNospO1WMg&expires=1680537600
Requested by: Host: smena-pola-i-gay--sex--eto-kruto.duckdns.org
URL: https://smena-pola-i-gay--sex--eto-kruto.duckdns.org/1984.ebxml
Protocol: H2
Server: 5.181.80.165 , Bulgaria, ASN50360 (TAMATIYA-AS, BG),
Reverse DNS: ip-80-165-bullethost.net
Software: nginx/1.22.1 /
Resource Hash: 97cc3533d5285b47983d3336fe28658bd2697406b7357ebfc69a70879ccbc895

Request headers

accept-language: se-SE,se;q=0.9
Referer: https://smena-pola-i-gay--sex--eto-kruto.duckdns.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Mon, 03 Apr 2023 15:00:16 GMT
last-modified: Sat, 25 Mar 2023 16:31:09 GMT
server: nginx/1.22.1
accept-ranges: bytes
etag: "641f21cd-1672"
content-length: 5746
content-type: image/jpeg

Redirect headers

location: //bladerunner.gb.net/images/n/nato-nachinaet-voennye-ucheniya.thumbnail.jpg?md5=XR8Udcpy4yvkzNospO1WMg&expires=1680537600
date: Mon, 03 Apr 2023 15:00:15 GMT
content-type: text/html; charset=UTF-8
server: nginx/1.22.1
expires: Mon, 03 Apr 2023 16:00:00 GMT

GET
H2

200

kadyrov-soobschil-o-novom-nabore-dobrovolcev.thumbnail.jpg
bladerunner.gb.net/images/k/
Redirect Chain

https://smena-pola-i-gay--sex--eto-kruto.duckdns.org/get/20221020-1125/images/k/kadyrov-soobschil-o-novom-nabore-dobrovolcev.thumbnail.jpg
https://bladerunner.gb.net/images/k/kadyrov-soobschil-o-novom-nabore-dobrovolcev.thumbnail.jpg?md5=PPMmckgpbeFJCYfUmE1JAw&expires=1680537600

24 KB
24 KB

238ms
238ms

Image
image/jpeg

5.181.80.165
TAMATIYA-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://bladerunner.gb.net/images/k/kadyrov-soobschil-o-novom-nabore-dobrovolcev.thumbnail.jpg?md5=PPMmckgpbeFJCYfUmE1JAw&expires=1680537600
Requested by: Host: smena-pola-i-gay--sex--eto-kruto.duckdns.org
URL: https://smena-pola-i-gay--sex--eto-kruto.duckdns.org/1984.ebxml
Protocol: H2
Server: 5.181.80.165 , Bulgaria, ASN50360 (TAMATIYA-AS, BG),
Reverse DNS: ip-80-165-bullethost.net
Software: nginx/1.22.1 /
Resource Hash: 6d82b7f5850c568d06dc41b6a46b114f167f16205498a65fc142999c09dc19d6

Request headers

accept-language: se-SE,se;q=0.9
Referer: https://smena-pola-i-gay--sex--eto-kruto.duckdns.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Mon, 03 Apr 2023 15:00:16 GMT
last-modified: Wed, 22 Mar 2023 13:31:16 GMT
server: nginx/1.22.1
accept-ranges: bytes
etag: "641b0324-60bf"
content-length: 24767
content-type: image/jpeg

Redirect headers

location: //bladerunner.gb.net/images/k/kadyrov-soobschil-o-novom-nabore-dobrovolcev.thumbnail.jpg?md5=PPMmckgpbeFJCYfUmE1JAw&expires=1680537600
date: Mon, 03 Apr 2023 15:00:15 GMT
content-type: text/html; charset=UTF-8
server: nginx/1.22.1
expires: Mon, 03 Apr 2023 16:00:00 GMT

GET
H2

200

xi.thumbnail.jpg
bladerunner.gb.net/images/x/
Redirect Chain

https://smena-pola-i-gay--sex--eto-kruto.duckdns.org/get/20221020-1125/images/x/xi.thumbnail.jpg
https://bladerunner.gb.net/images/x/xi.thumbnail.jpg?md5=xiQX1dIP2hzYdhILbPqjsw&expires=1680537600

6 KB
7 KB

256ms
255ms

Image
image/jpeg

5.181.80.165
TAMATIYA-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://bladerunner.gb.net/images/x/xi.thumbnail.jpg?md5=xiQX1dIP2hzYdhILbPqjsw&expires=1680537600
Requested by: Host: smena-pola-i-gay--sex--eto-kruto.duckdns.org
URL: https://smena-pola-i-gay--sex--eto-kruto.duckdns.org/1984.ebxml
Protocol: H2
Server: 5.181.80.165 , Bulgaria, ASN50360 (TAMATIYA-AS, BG),
Reverse DNS: ip-80-165-bullethost.net
Software: nginx/1.22.1 /
Resource Hash: 7bc80e9fca30720f0cd030eac6c02f862fb8ebd2d9949be655b19e03b4980037

Request headers

accept-language: se-SE,se;q=0.9
Referer: https://smena-pola-i-gay--sex--eto-kruto.duckdns.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Mon, 03 Apr 2023 15:00:15 GMT
last-modified: Wed, 22 Mar 2023 13:23:57 GMT
server: nginx/1.22.1
accept-ranges: bytes
etag: "641b016d-19e2"
content-length: 6626
content-type: image/jpeg

Redirect headers

location: //bladerunner.gb.net/images/x/xi.thumbnail.jpg?md5=xiQX1dIP2hzYdhILbPqjsw&expires=1680537600
date: Mon, 03 Apr 2023 15:00:15 GMT
content-type: text/html; charset=UTF-8
server: nginx/1.22.1
expires: Mon, 03 Apr 2023 16:00:00 GMT

GET
H2

200

xi_jinping_and_putin.thumbnail.jpg
bladerunner.gb.net/images/x/
Redirect Chain

https://smena-pola-i-gay--sex--eto-kruto.duckdns.org/get/20221020-1125/images/x/xi_jinping_and_putin.thumbnail.jpg
https://bladerunner.gb.net/images/x/xi_jinping_and_putin.thumbnail.jpg?md5=3wkSY0Z4vdQI8s4v_QtmsQ&expires=1680537600

13 KB
13 KB

170ms
169ms

Image
image/jpeg

5.181.80.165
TAMATIYA-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://bladerunner.gb.net/images/x/xi_jinping_and_putin.thumbnail.jpg?md5=3wkSY0Z4vdQI8s4v_QtmsQ&expires=1680537600
Requested by: Host: smena-pola-i-gay--sex--eto-kruto.duckdns.org
URL: https://smena-pola-i-gay--sex--eto-kruto.duckdns.org/1984.ebxml
Protocol: H2
Server: 5.181.80.165 , Bulgaria, ASN50360 (TAMATIYA-AS, BG),
Reverse DNS: ip-80-165-bullethost.net
Software: nginx/1.22.1 /
Resource Hash: bdb16d84baaf1d75c69a447a433ddc301afeb01f5520bd7784a3f3ab2fcbbf3a

Request headers

accept-language: se-SE,se;q=0.9
Referer: https://smena-pola-i-gay--sex--eto-kruto.duckdns.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Mon, 03 Apr 2023 15:00:16 GMT
last-modified: Tue, 21 Mar 2023 21:14:23 GMT
server: nginx/1.22.1
accept-ranges: bytes
etag: "641a1e2f-3466"
content-length: 13414
content-type: image/jpeg

Redirect headers

location: //bladerunner.gb.net/images/x/xi_jinping_and_putin.thumbnail.jpg?md5=3wkSY0Z4vdQI8s4v_QtmsQ&expires=1680537600
date: Mon, 03 Apr 2023 15:00:15 GMT
content-type: text/html; charset=UTF-8
server: nginx/1.22.1
expires: Mon, 03 Apr 2023 16:00:00 GMT

GET
H2

200

zasrancy6.png
bladerunner.gb.net/_/footer/
Redirect Chain

https://smena-pola-i-gay--sex--eto-kruto.duckdns.org/get/20221020-1125/_/footer/zasrancy6.png
https://bladerunner.gb.net/_/footer/zasrancy6.png?md5=WpuTRzmPP7taVeU7Ds7ciQ&expires=1680537600

24 KB
24 KB

180ms
180ms

Image
image/png

5.181.80.165
TAMATIYA-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://bladerunner.gb.net/_/footer/zasrancy6.png?md5=WpuTRzmPP7taVeU7Ds7ciQ&expires=1680537600
Requested by: Host: smena-pola-i-gay--sex--eto-kruto.duckdns.org
URL: https://smena-pola-i-gay--sex--eto-kruto.duckdns.org/1984.ebxml
Protocol: H2
Server: 5.181.80.165 , Bulgaria, ASN50360 (TAMATIYA-AS, BG),
Reverse DNS: ip-80-165-bullethost.net
Software: nginx/1.22.1 /
Resource Hash: 5ad58e2411619225da0cb8b6da814d4c4f85d74df982104f39b9374010585f86

Request headers

accept-language: se-SE,se;q=0.9
Referer: https://smena-pola-i-gay--sex--eto-kruto.duckdns.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Mon, 03 Apr 2023 15:00:16 GMT
last-modified: Mon, 13 Feb 2023 17:05:15 GMT
server: nginx/1.22.1
accept-ranges: bytes
etag: "63ea6dcb-5e4f"
content-length: 24143
content-type: image/png

Redirect headers

location: //bladerunner.gb.net/_/footer/zasrancy6.png?md5=WpuTRzmPP7taVeU7Ds7ciQ&expires=1680537600
date: Mon, 03 Apr 2023 15:00:15 GMT
content-type: text/html; charset=UTF-8
server: nginx/1.22.1
expires: Mon, 03 Apr 2023 16:00:00 GMT

GET
H2 200 button-ipv6-small_ijejht.png
res.cloudinary.com/dqpoetpc4/image/upload/v1675290166/assets/ 3 KB
3 KB 51ms
49ms Image
image/png 151.101.65.137
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://res.cloudinary.com/dqpoetpc4/image/upload/v1675290166/assets/button-ipv6-small_ijejht.png

Requested by

Host: smena-pola-i-gay--sex--eto-kruto.duckdns.org
URL: https://smena-pola-i-gay--sex--eto-kruto.duckdns.org/1984.ebxml

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.65.137 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Cloudinary /

Resource Hash

f3ec7a6d3050ae752377444a289b1d79366948aa2449d384ef1b6386568e27ef

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800
X-Content-Type-Options	nosniff

Request headers

accept-language: se-SE,se;q=0.9
Referer: https://smena-pola-i-gay--sex--eto-kruto.duckdns.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Mon, 03 Apr 2023 15:00:15 GMT
strict-transport-security: max-age=604800
x-content-type-options: nosniff
last-modified: Wed, 01 Feb 2023 22:22:47 GMT
server: Cloudinary
etag: "2aca8ec77688353f363f0b5d22e6b0a4"
content-type: image/png
access-control-allow-origin: *
access-control-expose-headers: Content-Length,ETag,Server-Timing,X-Content-Type-Options
cache-control: public, no-transform, immutable, max-age=2592000
server-timing: cld-fastly;dur=19;cpu=0;start=2023-04-03T15:00:15.360Z;desc=hit,rtt;dur=29
accept-ranges: bytes
timing-allow-origin: *
content-length: 2643

GET
H2 200 bg-navigation_uqviua.png
res.cloudinary.com/dqpoetpc4/image/upload/v1583107232/garland/ 98 B
240 B 33ms
32ms Image
image/png 151.101.65.137
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://res.cloudinary.com/dqpoetpc4/image/upload/v1583107232/garland/bg-navigation_uqviua.png

Requested by

Host: res.cloudinary.com
URL: https://res.cloudinary.com/dqpoetpc4/raw/upload/v1678825869/css/site_dr4urk.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.65.137 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Cloudinary /

Resource Hash

3af4aa507bfc5c2131be97c4f7d772b41646ed00ccddf178d1354c76bfcbda40

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800
X-Content-Type-Options	nosniff

Request headers

accept-language: se-SE,se;q=0.9
Referer: https://res.cloudinary.com/dqpoetpc4/raw/upload/v1678825869/css/site_dr4urk.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Mon, 03 Apr 2023 15:00:15 GMT
strict-transport-security: max-age=604800
x-content-type-options: nosniff
last-modified: Mon, 02 Mar 2020 00:00:33 GMT
server: Cloudinary
etag: "caeed14e1ce5d823b4f8fe178433d6c5"
content-type: image/png
access-control-allow-origin: *
access-control-expose-headers: Content-Length,ETag,Server-Timing,X-Content-Type-Options
cache-control: public, no-transform, immutable, max-age=2592000
server-timing: cld-fastly;dur=1;cpu=0;start=2023-04-03T15:00:15.366Z;desc=hit,rtt;dur=29
accept-ranges: bytes
timing-allow-origin: *
content-length: 98

GET
H2 200 body_wv93ov.png
res.cloudinary.com/dqpoetpc4/image/upload/v1583107232/garland/ 214 B
335 B 34ms
33ms Image
image/png 151.101.65.137
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://res.cloudinary.com/dqpoetpc4/image/upload/v1583107232/garland/body_wv93ov.png

Requested by

Host: res.cloudinary.com
URL: https://res.cloudinary.com/dqpoetpc4/raw/upload/v1678825869/css/site_dr4urk.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.65.137 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Cloudinary /

Resource Hash

44b4a033cdc6570412b7527959b5f0eb3d6089841eeba91261a47511f748f6ff

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800
X-Content-Type-Options	nosniff

Request headers

accept-language: se-SE,se;q=0.9
Referer: https://res.cloudinary.com/dqpoetpc4/raw/upload/v1678825869/css/site_dr4urk.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Mon, 03 Apr 2023 15:00:15 GMT
strict-transport-security: max-age=604800
x-content-type-options: nosniff
last-modified: Mon, 02 Mar 2020 00:00:33 GMT
server: Cloudinary
etag: "f534e9766e607fd4e3fb09fcdac508d7"
content-type: image/png
access-control-allow-origin: *
access-control-expose-headers: Content-Length,ETag,Server-Timing,X-Content-Type-Options
cache-control: public, no-transform, immutable, max-age=2592000
server-timing: cld-fastly;dur=2;cpu=0;start=2023-04-03T15:00:15.366Z;desc=hit,rtt;dur=29
accept-ranges: bytes
timing-allow-origin: *
content-length: 214

GET
H2 200 bg-navigation-item_i51gws.png
res.cloudinary.com/dqpoetpc4/image/upload/v1583107232/garland/ 475 B
539 B 33ms
32ms Image
image/png 151.101.65.137
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://res.cloudinary.com/dqpoetpc4/image/upload/v1583107232/garland/bg-navigation-item_i51gws.png

Requested by

Host: res.cloudinary.com
URL: https://res.cloudinary.com/dqpoetpc4/raw/upload/v1678825869/css/site_dr4urk.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.65.137 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Cloudinary /

Resource Hash

7381726b06fe99a821a1dee9ac136c60a8b5e43153775f45da49a6944a5f5e86

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800
X-Content-Type-Options	nosniff

Request headers

accept-language: se-SE,se;q=0.9
Referer: https://res.cloudinary.com/dqpoetpc4/raw/upload/v1678825869/css/site_dr4urk.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Mon, 03 Apr 2023 15:00:15 GMT
strict-transport-security: max-age=604800
x-content-type-options: nosniff
last-modified: Mon, 02 Mar 2020 00:00:33 GMT
server: Cloudinary
etag: "d5fac10d9e79a6dc515ce359040394dd"
content-type: image/png
access-control-allow-origin: *
access-control-expose-headers: Content-Length,ETag,Server-Timing,X-Content-Type-Options
cache-control: public, no-transform, immutable, max-age=2592000
server-timing: cld-fastly;dur=1;cpu=0;start=2023-04-03T15:00:15.366Z;desc=hit,rtt;dur=29
accept-ranges: bytes
timing-allow-origin: *
content-length: 475

GET
H2 200 bg-content_inazu2.png
res.cloudinary.com/dqpoetpc4/image/upload/v1583107232/garland/ 244 B
365 B 33ms
31ms Image
image/png 151.101.65.137
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://res.cloudinary.com/dqpoetpc4/image/upload/v1583107232/garland/bg-content_inazu2.png

Requested by

Host: res.cloudinary.com
URL: https://res.cloudinary.com/dqpoetpc4/raw/upload/v1678825869/css/site_dr4urk.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.65.137 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Cloudinary /

Resource Hash

4773d5021d6f42c5ddfdbfec0387facf849b57139f909db853603f26f428b9c6

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800
X-Content-Type-Options	nosniff

Request headers

accept-language: se-SE,se;q=0.9
Referer: https://res.cloudinary.com/dqpoetpc4/raw/upload/v1678825869/css/site_dr4urk.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Mon, 03 Apr 2023 15:00:15 GMT
strict-transport-security: max-age=604800
x-content-type-options: nosniff
last-modified: Mon, 02 Mar 2020 00:00:33 GMT
server: Cloudinary
etag: "0b8f79a3bcee3a6b44b85b3e099ae7a7"
content-type: image/png
access-control-allow-origin: *
access-control-expose-headers: Content-Length,ETag,Server-Timing,X-Content-Type-Options
cache-control: public, no-transform, immutable, max-age=2592000
server-timing: cld-fastly;dur=1;cpu=0;start=2023-04-03T15:00:15.367Z;desc=hit,rtt;dur=29
accept-ranges: bytes
timing-allow-origin: *
content-length: 244

GET
H2 200 bg-content-right_huytno.png
res.cloudinary.com/dqpoetpc4/image/upload/v1583107232/garland/ 2 KB
2 KB 34ms
32ms Image
image/png 151.101.65.137
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://res.cloudinary.com/dqpoetpc4/image/upload/v1583107232/garland/bg-content-right_huytno.png

Requested by

Host: res.cloudinary.com
URL: https://res.cloudinary.com/dqpoetpc4/raw/upload/v1678825869/css/site_dr4urk.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.65.137 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Cloudinary /

Resource Hash

84ca417c8d55556f6753a2527d7a06613897a4792bb2f2fa1145c741d83d3734

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800
X-Content-Type-Options	nosniff

Request headers

accept-language: se-SE,se;q=0.9
Referer: https://res.cloudinary.com/dqpoetpc4/raw/upload/v1678825869/css/site_dr4urk.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Mon, 03 Apr 2023 15:00:15 GMT
strict-transport-security: max-age=604800
x-content-type-options: nosniff
last-modified: Mon, 02 Mar 2020 00:00:33 GMT
server: Cloudinary
etag: "bd6e66615c1366c2dd4fdcaf83990408"
content-type: image/png
access-control-allow-origin: *
access-control-expose-headers: Content-Length,ETag,Server-Timing,X-Content-Type-Options
cache-control: public, no-transform, immutable, max-age=2592000
server-timing: cld-fastly;dur=2;cpu=0;start=2023-04-03T15:00:15.369Z;desc=hit,rtt;dur=29
accept-ranges: bytes
timing-allow-origin: *
content-length: 1958

GET
H2 200 bg-content-left_eg0swf.png
res.cloudinary.com/dqpoetpc4/image/upload/v1583107232/garland/ 2 KB
2 KB 33ms
31ms Image
image/png 151.101.65.137
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://res.cloudinary.com/dqpoetpc4/image/upload/v1583107232/garland/bg-content-left_eg0swf.png

Requested by

Host: res.cloudinary.com
URL: https://res.cloudinary.com/dqpoetpc4/raw/upload/v1678825869/css/site_dr4urk.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.65.137 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Cloudinary /

Resource Hash

5269dad88965728410890c6981fb49565640e34bc57ea71e4f17ce82574aa3b5

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800
X-Content-Type-Options	nosniff

Request headers

accept-language: se-SE,se;q=0.9
Referer: https://res.cloudinary.com/dqpoetpc4/raw/upload/v1678825869/css/site_dr4urk.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Mon, 03 Apr 2023 15:00:15 GMT
strict-transport-security: max-age=604800
x-content-type-options: nosniff
last-modified: Mon, 02 Mar 2020 00:00:33 GMT
server: Cloudinary
etag: "1e90d6cb89d4203f944fc4487edaccc8"
content-type: image/png
access-control-allow-origin: *
access-control-expose-headers: Content-Length,ETag,Server-Timing,X-Content-Type-Options
cache-control: public, no-transform, immutable, max-age=2592000
server-timing: cld-fastly;dur=1;cpu=0;start=2023-04-03T15:00:15.369Z;desc=hit,rtt;dur=29
accept-ranges: bytes
timing-allow-origin: *
content-length: 2068

GET
H2 200 TK3_WkUHHAIjg75cFRf3bXL8LICs1_FvsUZiZQ.woff2
fonts.gstatic.com/s/oswald/v49/ 10 KB
10 KB 179ms
59ms Font
font/woff2 142.250.185.227
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/oswald/v49/TK3_WkUHHAIjg75cFRf3bXL8LICs1_FvsUZiZQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Oswald

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.227 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s53-in-f3.1e100.net

Software

sffe /

Resource Hash

81cd29d1413ecf75834fb3ce1da572fe5c39e53b22c61f5dafec5b14ed4ee12e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://smena-pola-i-gay--sex--eto-kruto.duckdns.org
accept-language: se-SE,se;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Tue, 28 Mar 2023 10:31:47 GMT
x-content-type-options: nosniff
age: 534508
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9840
x-xss-protection: 0
last-modified: Mon, 18 Jul 2022 19:24:04 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 27 Mar 2024 10:31:47 GMT

GET
H2 200 TK3_WkUHHAIjg75cFRf3bXL8LICs1_FvsUJiZTaR.woff2
fonts.gstatic.com/s/oswald/v49/ 6 KB
6 KB 142ms
56ms Font
font/woff2 142.250.185.227
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/oswald/v49/TK3_WkUHHAIjg75cFRf3bXL8LICs1_FvsUJiZTaR.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Oswald

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.227 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s53-in-f3.1e100.net

Software

sffe /

Resource Hash

2eea6522648a0efe79473ddf2b6d98680b4abb1933cbb7377ab62e16b0d99ec3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://smena-pola-i-gay--sex--eto-kruto.duckdns.org
accept-language: se-SE,se;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Tue, 28 Mar 2023 11:44:40 GMT
x-content-type-options: nosniff
age: 530135
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 5804
x-xss-protection: 0
last-modified: Mon, 18 Jul 2022 19:16:43 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 27 Mar 2024 11:44:40 GMT

GET
H2 200 background.gif
bladerunner.gb.net/img/ 43 B
196 B 315ms
159ms Image
image/gif 5.181.80.165
TAMATIYA-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://bladerunner.gb.net/img/background.gif?url=https%3A//smena-pola-i-gay--sex--eto-kruto.duckdns.org/1984.ebxml&referer=http%3A//smena-pola-i-gay--sex--eto-kruto.duckdns.org/
Requested by: Host: smena-pola-i-gay--sex--eto-kruto.duckdns.org
URL: https://smena-pola-i-gay--sex--eto-kruto.duckdns.org/1984.ebxml
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 5.181.80.165 , Bulgaria, ASN50360 (TAMATIYA-AS, BG),
Reverse DNS: ip-80-165-bullethost.net
Software: nginx/1.22.1 /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language: se-SE,se;q=0.9
Referer: https://smena-pola-i-gay--sex--eto-kruto.duckdns.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 03 Apr 2023 15:00:15 GMT
cache-control: no-store, no-cache, must-revalidate, max-age=0, post-check=0, pre-check=0
server: nginx/1.22.1
content-type: image/gif

GET
H3 200 js Show response
www.googletagmanager.com/gtag/ 219 KB
77 KB 72ms
71ms Script
application/javascript 142.250.185.72
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-JE1CF92ZFD&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-JFYR3S8ZEK

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.72 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s48-in-f8.1e100.net

Software

Google Tag Manager /

Resource Hash

1bf9cc453ca1a26069e4127f4f8d8e6ba99d9f6d03911ffd2bee1f7bdf626af7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: se-SE,se;q=0.9
Referer: https://smena-pola-i-gay--sex--eto-kruto.duckdns.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Mon, 03 Apr 2023 15:00:15 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 78634
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Mon, 03 Apr 2023 15:00:15 GMT

POST
H2 204 collect
region1.google-analytics.com/g/ 0
275 B 111ms
38ms Ping
text/plain 216.239.34.36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.google-analytics.com/g/collect?v=2&tid=G-JFYR3S8ZEK&gtm=45je33t0&_p=1386889358&cid=1809256415.1680534015&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=1&sid=1680534015&sct=1&seg=0&dl=https%3A%2F%2Fsmena-pola-i-gay--sex--eto-kruto.duckdns.org%2F1984.ebxml&dr=http%3A%2F%2Fsmena-pola-i-gay--sex--eto-kruto.duckdns.org%2F&dt=%D0%9E%D0%BF%D0%BF%D0%BE%D0%B7%D0%B8%D1%86%D0%B8%D0%BE%D0%BD%D0%BD%D1%8B%D0%B9%20%D0%BF%D0%BE%D1%80%D1%82%D0%B0%D0%BB%20Rashkostan.com&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-JFYR3S8ZEK
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 216.239.34.36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: se-SE,se;q=0.9
Referer: https://smena-pola-i-gay--sex--eto-kruto.duckdns.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 03 Apr 2023 15:00:15 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://smena-pola-i-gay--sex--eto-kruto.duckdns.org
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 collect
region1.google-analytics.com/g/ 0
54 B 40ms
39ms Ping
text/plain 216.239.34.36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.google-analytics.com/g/collect?v=2&tid=G-JE1CF92ZFD&gtm=45je33t0&_p=1386889358&cid=1809256415.1680534015&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=1&sid=1680534015&sct=1&seg=0&dl=https%3A%2F%2Fsmena-pola-i-gay--sex--eto-kruto.duckdns.org%2F1984.ebxml&dr=http%3A%2F%2Fsmena-pola-i-gay--sex--eto-kruto.duckdns.org%2F&dt=%D0%9E%D0%BF%D0%BF%D0%BE%D0%B7%D0%B8%D1%86%D0%B8%D0%BE%D0%BD%D0%BD%D1%8B%D0%B9%20%D0%BF%D0%BE%D1%80%D1%82%D0%B0%D0%BB%20Rashkostan.com&en=page_view&_fv=1&_ss=1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-JE1CF92ZFD&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 216.239.34.36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: se-SE,se;q=0.9
Referer: https://smena-pola-i-gay--sex--eto-kruto.duckdns.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 03 Apr 2023 15:00:15 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://smena-pola-i-gay--sex--eto-kruto.duckdns.org
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: bladerunner.gb.net
URL: http://bladerunner.gb.net/images/v/vladlen-tatarskiy.thumbnail.jpg?md5=iHQ0VJqVKQ8a5bWNaHWYmQ&expires=1680537600

Domain: smena-pola-i-gay--sex--eto-kruto.duckdns.org
URL: http://smena-pola-i-gay--sex--eto-kruto.duckdns.org/get/20221020-1125/images/t/tsibenko.thumbnail.jpg

Domain: smena-pola-i-gay--sex--eto-kruto.duckdns.org
URL: http://smena-pola-i-gay--sex--eto-kruto.duckdns.org/get/20221020-1125/images/s/shkolnikov-privlekut-k-prinuditelnomu-trudu.thumbnail.jpg

Domain: smena-pola-i-gay--sex--eto-kruto.duckdns.org
URL: http://smena-pola-i-gay--sex--eto-kruto.duckdns.org/get/20221020-1125/images/i/information-operation.thumbnail.jpg

Domain: smena-pola-i-gay--sex--eto-kruto.duckdns.org
URL: http://smena-pola-i-gay--sex--eto-kruto.duckdns.org/get/20221020-1125/images/n/nuclear-maniac.thumbnail.jpg

Domain: smena-pola-i-gay--sex--eto-kruto.duckdns.org
URL: http://smena-pola-i-gay--sex--eto-kruto.duckdns.org/get/20221020-1125/images/k/kadyrov2.thumbnail.jpg

Domain: smena-pola-i-gay--sex--eto-kruto.duckdns.org
URL: http://smena-pola-i-gay--sex--eto-kruto.duckdns.org/get/20221020-1125/images/n/nato-nachinaet-voennye-ucheniya.thumbnail.jpg

Domain: smena-pola-i-gay--sex--eto-kruto.duckdns.org
URL: http://smena-pola-i-gay--sex--eto-kruto.duckdns.org/get/20221020-1125/images/k/kadyrov-soobschil-o-novom-nabore-dobrovolcev.thumbnail.jpg

Domain: smena-pola-i-gay--sex--eto-kruto.duckdns.org
URL: http://smena-pola-i-gay--sex--eto-kruto.duckdns.org/get/20221020-1125/images/x/xi.thumbnail.jpg

Domain: smena-pola-i-gay--sex--eto-kruto.duckdns.org
URL: http://smena-pola-i-gay--sex--eto-kruto.duckdns.org/get/20221020-1125/images/x/xi_jinping_and_putin.thumbnail.jpg

Domain: smena-pola-i-gay--sex--eto-kruto.duckdns.org
URL: http://smena-pola-i-gay--sex--eto-kruto.duckdns.org/get/20221020-1125/_/footer/zasrancy6.png

Verdicts & Comments Add Verdict or Comment

14 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

4 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
smena-pola-i-gay--sex--eto-kruto.duckdns.org/	1969-12-31 23:59:59	Name: _csrf Value: 968b529a8c9f1947c79fb96dc344ca9fdc1ae7983a70170d9b11731440366ca5a%3A2%3A%7Bi%3A0%3Bs%3A5%3A%22_csrf%22%3Bi%3A1%3Bs%3A32%3A%22WoJodqsIqDHrHnX8ElfuZa_FDUtd7XpZ%22%3B%7D
.smena-pola-i-gay--sex--eto-kruto.duckdns.org/	1970-01-20 20:24:54	Name: _ga_JFYR3S8ZEK Value: GS1.1.1680534015.1.0.1680534015.0.0.0
.smena-pola-i-gay--sex--eto-kruto.duckdns.org/	1970-01-20 20:24:54	Name: _ga Value: GA1.1.1809256415.1680534015
.smena-pola-i-gay--sex--eto-kruto.duckdns.org/	1970-01-20 20:24:54	Name: _ga_JE1CF92ZFD Value: GS1.1.1680534015.1.0.1680534015.0.0.0

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

arandor.3-a.net
bladerunner.gb.net
fonts.googleapis.com
fonts.gstatic.com
pontorez.com
region1.google-analytics.com
res.cloudinary.com
smena-pola-i-gay--sex--eto-kruto.duckdns.org
www.googletagmanager.com
bladerunner.gb.net
smena-pola-i-gay--sex--eto-kruto.duckdns.org
103.151.111.112
142.250.185.227
142.250.185.234
142.250.185.72
151.101.65.137
185.112.156.43
216.239.34.36
5.181.80.165
02411d59e7e4ef1d8399d4d6b86dc1b87f4b252598851bec9d11fa8e56132534
074cb8fe4c110377a05635d888ae1481b4f448e685b15dfcf56c5c816cd091c5
099ca50d3788a3133858f626ee4464f08172c8d85c94b1eb5f9967fc095314d5
19b1aa5eccbd1bc5e7d3d2479937df57dff1d7cbc61b8e27bb700bdfacd0ee13
1bf9cc453ca1a26069e4127f4f8d8e6ba99d9f6d03911ffd2bee1f7bdf626af7
2eea6522648a0efe79473ddf2b6d98680b4abb1933cbb7377ab62e16b0d99ec3
2f1e3fb3e7c494903dcb5c7132acda36451dfe1776545935d440ab4d733cac5e
3af4aa507bfc5c2131be97c4f7d772b41646ed00ccddf178d1354c76bfcbda40
44b4a033cdc6570412b7527959b5f0eb3d6089841eeba91261a47511f748f6ff
46b1a758063dde2c42f3aa6746bb81b776109ebacf928fded0c6873ff97fb56a
4773d5021d6f42c5ddfdbfec0387facf849b57139f909db853603f26f428b9c6
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
5269dad88965728410890c6981fb49565640e34bc57ea71e4f17ce82574aa3b5
57bacc99bcf33197caa4fd5b0d4985b64e1e1d020da5012e7c05f206b349d69a
5ad58e2411619225da0cb8b6da814d4c4f85d74df982104f39b9374010585f86
647fcd5e84aa925a82879996d8f829bf96e64ce8bd89190e26cfdd46fddfcda2
6b74cfd1e79ffd15fe13043838725f3c630ccd1d50be2bc31256823d5b2bcd78
6d82b7f5850c568d06dc41b6a46b114f167f16205498a65fc142999c09dc19d6
7381726b06fe99a821a1dee9ac136c60a8b5e43153775f45da49a6944a5f5e86
7bc80e9fca30720f0cd030eac6c02f862fb8ebd2d9949be655b19e03b4980037
81cd29d1413ecf75834fb3ce1da572fe5c39e53b22c61f5dafec5b14ed4ee12e
84ca417c8d55556f6753a2527d7a06613897a4792bb2f2fa1145c741d83d3734
97cc3533d5285b47983d3336fe28658bd2697406b7357ebfc69a70879ccbc895
a3123322abb7641c6846bf2c933fc73b55f3e50a95e41c081b0cf17f9a16bb09
a35ab6d2cfd8e1cf1b98fa750639fcb90ef9efd25714b795a61a7d49ea18f5d1
a46a203bda260d9c048e6aa901e2d881ca8e54b849a3068b862b2cb5c8d79156
bdb16d84baaf1d75c69a447a433ddc301afeb01f5520bd7784a3f3ab2fcbbf3a
defc482aa5ea87131e6062dbe2296712cb485bf6ce6f04d9690515adcaa0b658
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
f1c6804ebe640e9f1f4a81764932b363faf75570025fc01846a24690dcaf5f54
f3ec7a6d3050ae752377444a289b1d79366948aa2449d384ef1b6386568e27ef
f7b950a77fc133196fff0e0628d03c16f7f0e96e6a86f8b3a1ebfe8551c8524d

smena-pola-i-gay--sex--eto-kruto.duckdns.org Open in urlscan Pro 103.151.111.112 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

51 Requests

49 %HTTPS

0 %IPv6

9 Domains

9 Subdomains

8 IPs

4 Countries

473 kBTransfer

1056 kBSize

4 Cookies

7 Outgoing links

Page URL History

Redirected requests

51 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

smena-pola-i-gay--sex--eto-kruto.duckdns.org Open in urlscan Pro
103.151.111.112 Public Scan

Screenshot
Live screenshot

Full Image

51
Requests

49 %
HTTPS

0 %
IPv6

9
Domains

9
Subdomains

8
IPs

4
Countries

473 kB
Transfer

1056 kB
Size

4
Cookies

51 HTTP transactions
0 data transactions