totalbeststories.com Open in urlscan Pro
172.64.137.7 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://aitsouty.top/dating-survey.html?offer_id=2061
Effective URL:
https://totalbeststories.com/?b=2909618&ba=0&campid=14083&did=2&dm=0&ep=0&fp=0&g=NL&hr=0&i18db=1&l=gnSq6b3k7lHvVR4&oaid=u7xhn...
Submission: On December 20 via api (December 20th 2023, 3:34:51 pm UTC) from US — Scanned from NL

Summary HTTP 99 Redirects Links 1 Behaviour Indicators

Summary

This website contacted 10 IPs in 3 countries across 11 domains to perform 99 HTTP transactions. The main IP is 172.64.137.7, located in and belongs to . The main domain is totalbeststories.com.
TLS certificate: Issued by E1 on November 3rd 2023. Valid for: 3 months.

This is the only time totalbeststories.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 43	188.114.97.3 188.114.97.3	13335 (CLOUDFLAR...) (CLOUDFLARENET)
4 19	2a02:6b8::1:119 2a02:6b8::1:119	13238 (YANDEX) (YANDEX)
7	139.45.195.8 139.45.195.8	9002 (RETN-AS) (RETN-AS)
2	139.45.195.253 139.45.195.253	9002 (RETN-AS) (RETN-AS)
12	139.45.197.248 139.45.197.248	9002 (RETN-AS) (RETN-AS)
1	139.45.197.237 139.45.197.237	9002 (RETN-AS) (RETN-AS)
2	139.45.197.250 139.45.197.250	9002 (RETN-AS) (RETN-AS)
13	172.64.137.7 172.64.137.7	() ()
2	2606:4700:10:... 2606:4700:10::6816:1974	() ()
99	10

43 188.114.97.3 (Amsterdam, Netherlands) 1 redirects

ASN13335 (CLOUDFLARENET, US)

aitsouty.top	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

19 2a02:6b8::1:119 (Moscow, Russian Federation) 4 redirects

ASN13238 (YANDEX, RU)

mc.yandex.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
mc.yandex.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 139.45.195.8 (United Kingdom)

ASN9002 (RETN-AS, GB)

my.rtmark.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 139.45.195.253 (United Kingdom)

ASN9002 (RETN-AS, GB)

datatechonert.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
datatechone.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

12 139.45.197.248 (United Kingdom)

ASN9002 (RETN-AS, GB)

dortmark.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 139.45.197.237 (United Kingdom)

ASN9002 (RETN-AS, GB)

offpichuan.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 139.45.197.250 (United Kingdom)

ASN9002 (RETN-AS, GB)

laugoust.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

13 172.64.137.7 (None, )

ASN- ()

totalbeststories.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700:10::6816:1974 (None, )

ASN- ()

littlecdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
43	aitsouty.top 1 redirects aitsouty.top	386 KB
16	yandex.com 3 redirects mc.yandex.com — Cisco Umbrella Rank: 8902	4 KB
13	totalbeststories.com totalbeststories.com	58 KB
12	dortmark.net dortmark.net — Cisco Umbrella Rank: 60713	657 B
7	rtmark.net my.rtmark.net — Cisco Umbrella Rank: 12331	4 KB
3	yandex.ru 1 redirects mc.yandex.ru — Cisco Umbrella Rank: 4182	71 KB
2	littlecdn.com littlecdn.com	3 KB
2	laugoust.com laugoust.com — Cisco Umbrella Rank: 62273	690 B
1	datatechone.com datatechone.com	465 B
1	offpichuan.com offpichuan.com — Cisco Umbrella Rank: 59545	1 KB
1	datatechonert.com datatechonert.com — Cisco Umbrella Rank: 31161	482 B
99	11

	Domain	Requested by
43	aitsouty.top	1 redirects aitsouty.top
16	mc.yandex.com	3 redirects aitsouty.top mc.yandex.ru
13	totalbeststories.com	totalbeststories.com
12	dortmark.net	aitsouty.top
7	my.rtmark.net	aitsouty.top totalbeststories.com
3	mc.yandex.ru	1 redirects aitsouty.top
2	littlecdn.com	totalbeststories.com
2	laugoust.com	aitsouty.top
1	datatechone.com	aitsouty.top
1	offpichuan.com	aitsouty.top
1	datatechonert.com	aitsouty.top
99	11

This site contains links to these domains. Also see Links.

Domain
vuolobnhqb.com

Subject Issuer	Validity	Valid
aitsouty.top GTS CA 1P5	`2023-12-17` - `2024-03-16`	3 months	crt.sh
mc.yandex.ru GlobalSign ECC OV SSL CA 2018	`2023-08-14` - `2024-01-24`	5 months	crt.sh
rtmark.net R3	`2023-10-07` - `2024-01-05`	3 months	crt.sh
datatechonert.com Sectigo RSA Domain Validation Secure Server CA	`2022-12-18` - `2023-12-24`	a year	crt.sh
dortmark.net R3	`2023-09-27` - `2023-12-26`	3 months	crt.sh
offpichuan.com R3	`2023-11-28` - `2024-02-26`	3 months	crt.sh
laugoust.com R3	`2023-11-14` - `2024-02-12`	3 months	crt.sh
datatechone.com Sectigo RSA Domain Validation Secure Server CA	`2022-12-18` - `2023-12-24`	a year	crt.sh
totalbeststories.com E1	`2023-11-03` - `2024-02-01`	3 months	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2023-04-11` - `2024-04-10`	a year	crt.sh

This page contains 1 frames:

Primary Page: https://totalbeststories.com/?b=2909618&ba=0&campid=14083&did=2&dm=0&ep=0&fp=0&g=NL&hr=0&i18db=1&l=gnSq6b3k7lHvVR4&oaid=u7xhnm3udr0iqav3uly2gy0mgmzaa417&pshr=0&rd=0&s=761362526582875104&ssk=1224ab60bf40461c0a87ba67264ec2e0&svar=1703086490&tb=5202628&tbad=5234825&vi=0&vo=0&z=5473348&rdc=2
Frame ID: 2E1A7B643E1268C3ED157F45DB84C7F3
Requests: 94 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Love Test <3

Page URL History Show full URLs

https://aitsouty.top/dating-survey.html?offer_id=2061 Page URL
https://aitsouty.top/cndi4858vmefovl/5473348/?var=&ymid=&rhd=1&oaid=u7xhnm3udr0iqav3uly2gy0mgmzaa... Page URL
https://aitsouty.top/rhd?z=5473348&syncedCookie=false&rhd=true HTTP 302
https://totalbeststories.com/?b=2909618&ba=0&campid=14083&did=2&dm=0&ep=0&fp=0&g=NL&hr=0&i18db=1&l=gnSq6b... Page URL
https://totalbeststories.com/?b=2909618&ba=0&campid=14083&did=2&dm=0&ep=0&fp=0&g=NL&hr=0&i18db=1&l=gnSq6b... Page URL

Detected technologies

Yandex.Metrika (Analytics) Expand

Overall confidence: 100%
Detected patterns

mc\.yandex\.ru/metrika/(?:tag|watch)\.js

Page Statistics

99
Requests

95 %
HTTPS

22 %
IPv6

11
Domains

11
Subdomains

10
IPs

3
Countries

526 kB
Transfer

1189 kB
Size

23
Cookies

1 Outgoing links

These are links going to different origins than the main page.

URL: https://vuolobnhqb.com/4180207/?var=null&ymid=null

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://aitsouty.top/dating-survey.html?offer_id=2061 Page URL
https://aitsouty.top/cndi4858vmefovl/5473348/?var=&ymid=&rhd=1&oaid=u7xhnm3udr0iqav3uly2gy0mgmzaa417&usid=18c87dd0d3350dc145bb2e7 Page URL
https://aitsouty.top/rhd?z=5473348&syncedCookie=false&rhd=true HTTP 302
https://totalbeststories.com/?b=2909618&ba=0&campid=14083&did=2&dm=0&ep=0&fp=0&g=NL&hr=0&i18db=1&l=gnSq6b3k7lHvVR4&oaid=u7xhnm3udr0iqav3uly2gy0mgmzaa417&pshr=0&rd=0&s=761362526582875104&ssk=1224ab60bf40461c0a87ba67264ec2e0&svar=1703086490&tb=5202628&tbad=5234825&vi=0&vo=0&z=5473348 Page URL
https://totalbeststories.com/?b=2909618&ba=0&campid=14083&did=2&dm=0&ep=0&fp=0&g=NL&hr=0&i18db=1&l=gnSq6b3k7lHvVR4&oaid=u7xhnm3udr0iqav3uly2gy0mgmzaa417&pshr=0&rd=0&s=761362526582875104&ssk=1224ab60bf40461c0a87ba67264ec2e0&svar=1703086490&tb=5202628&tbad=5234825&vi=0&vo=0&z=5473348&rdc=2 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 54

https://mc.yandex.com/sync_cookie_image_check HTTP 302
https://mc.yandex.ru/sync_cookie_image_start?redirect_domain=mc.yandex.com&token=10223.c3l8WfHxhzqn2eujTN4ksfSbNTin41-p7CH9t9VZmiO3f0J5CW7CgNdD1JgmUAk_.HQrOq5xIqFbuDyy5TFmQ6Ln1-_c%2C HTTP 302
https://mc.yandex.com/sync_cookie_image_decide?token=10223.LyDQ-fUfZCknDACDuJnsk424RFiMAVm6ncM14bA2Mhw101AWa0HRcpPIK2vnJHmV03Yu86tTOkHI5ApnYwhqqW9o12iJTezx3aFNCkIs-4zdUAJqwsdcoGmkF-khnt0jZSYI4rqjeYt45wlnb8VMHwzzkRpfitZyLRo9j7meiX0CIW630-dY2pVxhIAlIsjjmsTOehOd9569RB5X-sWsgC1ISpKUNUcC5_BK4n3wkx0%2C.upgG-W1z6CocvojjC5aA61ARkjI%2C HTTP 302
https://mc.yandex.ru/sync_cookie_image_finish?redirect_domain=mc.yandex.com&token=10223.yQa70hRG6oLSIRvyWBAfhMwbKsNby499ONWTxepcI_gt4QzHNwp_gMfzovrfA90sfvPW_0vWUSULeQLiPgu4atJjJOLRtx_TzWFr0cRB6b1kEB75tZruCKLNpzCVm_ucP7GnRc4-aTm0IROBdT6dQJb-Ila3bWRIWHww1ieY1VMhXel8Ubbqozd3KjgcFk2dFA3H8OEeQJHtivpFFOOttA%2C%2C.W-2dalvpJvqecQasZ8zuqvtqdyU%2C

Request Chain 58

https://mc.yandex.com/watch/66423859?wmode=7&page-url=https%3A%2F%2Faitsouty.top%2Fdating-survey.html%3Foffer_id%3D2061%26utm_content%3Dzd_public_v2&charset=utf-8&site-info=%7B%7D&uah=chm%0A%3F0&browser-info=pv%3A1%3Avf%3A3bfl5e3f8ptrmgtp6nxhmpy3%3Afp%3A237%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A1190%3Acn%3A1%3Adp%3A0%3Als%3A960335423864%3Ahid%3A40686421%3Az%3A60%3Ai%3A20231220163420%3Aet%3A1703086461%3Ac%3A1%3Arn%3A816152493%3Arqn%3A1%3Au%3A1703086461380815207%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Awv%3A2%3Ads%3A0%2C57%2C43%2C1%2C%2C0%2C%2C56%2C1%2C%2C%2C%2C269%3Aco%3A0%3Acpf%3A1%3Ans%3A1703086459967%3Aadb%3A2%3Arqnl%3A1%3Ast%3A1703086461%3At%3ALove%20Test%20%3C3&t=gdpr(14)mc(g-8)clc(0-0-0)rqnt(1)aw(1)rcm(1)ti(1) HTTP 302
https://mc.yandex.com/watch/66423859/1?wmode=7&page-url=https%3A%2F%2Faitsouty.top%2Fdating-survey.html%3Foffer_id%3D2061%26utm_content%3Dzd_public_v2&charset=utf-8&site-info=%7B%7D&uah=chm%0A%3F0&browser-info=pv%3A1%3Avf%3A3bfl5e3f8ptrmgtp6nxhmpy3%3Afp%3A237%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A1190%3Acn%3A1%3Adp%3A0%3Als%3A960335423864%3Ahid%3A40686421%3Az%3A60%3Ai%3A20231220163420%3Aet%3A1703086461%3Ac%3A1%3Arn%3A816152493%3Arqn%3A1%3Au%3A1703086461380815207%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Awv%3A2%3Ads%3A0%2C57%2C43%2C1%2C%2C0%2C%2C56%2C1%2C%2C%2C%2C269%3Aco%3A0%3Acpf%3A1%3Ans%3A1703086459967%3Aadb%3A2%3Arqnl%3A1%3Ast%3A1703086461%3At%3ALove%20Test%20%3C3&t=gdpr%2814%29mc%28g-8%29clc%280-0-0%29rqnt%281%29aw%281%29rcm%281%29ti%281%29

Request Chain 79

https://aitsouty.top/rhd?z=5473348&syncedCookie=false&rhd=true HTTP 302
https://totalbeststories.com/?b=2909618&ba=0&campid=14083&did=2&dm=0&ep=0&fp=0&g=NL&hr=0&i18db=1&l=gnSq6b3k7lHvVR4&oaid=u7xhnm3udr0iqav3uly2gy0mgmzaa417&pshr=0&rd=0&s=761362526582875104&ssk=1224ab60bf40461c0a87ba67264ec2e0&svar=1703086490&tb=5202628&tbad=5234825&vi=0&vo=0&z=5473348

99 HTTP transactions
1 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 dating-survey.html Show response
aitsouty.top/ 12 KB
4 KB 121ms
43ms Document
text/html 188.114.97.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://aitsouty.top/dating-survey.html?offer_id=2061

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

974bdaee19cda4823c4d108deecb61f18b6183225e5b3f9b5163247d1ee25bb6

Security Headers

Name	Value
Strict-Transport-Security	max-age=1
X-Content-Type-Options	nosniff

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 8388f2e76ab36694-AMS
content-encoding: br
content-type: text/html
date: Wed, 20 Dec 2023 15:34:20 GMT
last-modified: Wed, 20 Dec 2023 12:41:29 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=lDwRescRBIFRhfQvwwQzmhHMvITAN74tBh%2Fu8E2Km%2BeZg6YD56arC4Tp%2BKnGgl0HDOvn3UcASdgYlGpigdp0fVsFXcKOU5M181reR7vA5k25WpHZAT5wFd7w9xJliOc%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
strict-transport-security: max-age=1
vary: Accept-Encoding
x-content-type-options: nosniff

GET
H2 200 _prefetcher.c676a135.js Show response
aitsouty.top/js/ 3 KB
2 KB 35ms
34ms Script
application/javascript 188.114.97.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://aitsouty.top/js/_prefetcher.c676a135.js

Requested by

Host: aitsouty.top
URL: https://aitsouty.top/dating-survey.html?offer_id=2061

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

825d675f691af874b7c6c902c810151b2389cf3756f81213c10e6e9c617051fd

Security Headers

Name	Value
Strict-Transport-Security	max-age=1
X-Content-Type-Options	nosniff

Request headers

accept-language: nl-NL,nl;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Wed, 20 Dec 2023 15:34:20 GMT
strict-transport-security: max-age=1
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 139
content-encoding: br
alt-svc: h3=":443"; ma=86400
cf-bgj: minify
last-modified: Wed, 20 Dec 2023 12:41:29 GMT
server: cloudflare
etag: W/"6582e0f9-cdd"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=l%2BWqs4%2Fdc36ZHZHwvpKDs%2F2SXzTRjsmKewiUH22NVRxKZj0u6KjeN1J%2FKnnWj59R9D9zwVlhOxYFuUQdl29qjSZqkBBmudin7P%2FNTbdGFnXAlog3iNdwxNB3%2FAEDAzk%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=1800
cf-ray: 8388f2e7bb316694-AMS

GET
H2 200 _rtc.d4f57c31.js Show response
aitsouty.top/js/ 12 KB
5 KB 36ms
35ms Script
application/javascript 188.114.97.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://aitsouty.top/js/_rtc.d4f57c31.js

Requested by

Host: aitsouty.top
URL: https://aitsouty.top/dating-survey.html?offer_id=2061

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

8887765d153d7c53e7a10bc4588e94a98e453672264c0b0b31fccec090e4380c

Security Headers

Name	Value
Strict-Transport-Security	max-age=1
X-Content-Type-Options	nosniff

Request headers

accept-language: nl-NL,nl;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Wed, 20 Dec 2023 15:34:20 GMT
strict-transport-security: max-age=1
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 139
content-encoding: br
alt-svc: h3=":443"; ma=86400
cf-bgj: minify
last-modified: Wed, 20 Dec 2023 12:41:31 GMT
server: cloudflare
etag: W/"6582e0fb-2fbe"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=TWiLx1HUo9JbTijHXUexXVNWTFlXjw1o9M%2BXkcmo9sx%2FOeUwnVVOY%2F8N0gwwL1SyWr4xpMtTfAkC7fb695wKUwhZnw69ZDPEuwrVLiUj7qn5mpmEdT%2FgwBtGqS0Bd9E%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=1800
cf-ray: 8388f2e7bb336694-AMS

GET
H2 200 v-index.js.ff87eeae.js Show response
aitsouty.top/js/ 40 KB
14 KB 60ms
57ms Script
application/javascript 188.114.97.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://aitsouty.top/js/v-index.js.ff87eeae.js

Requested by

Host: aitsouty.top
URL: https://aitsouty.top/dating-survey.html?offer_id=2061

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

280dc7edff92d7a2d69167e2d12212c7161277a8fe06cd8c4c18e148e7a2bb96

Security Headers

Name	Value
Strict-Transport-Security	max-age=1
X-Content-Type-Options	nosniff

Request headers

accept-language: nl-NL,nl;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Wed, 20 Dec 2023 15:34:20 GMT
strict-transport-security: max-age=1
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 123
cf-polished: origSize=40988
content-encoding: br
alt-svc: h3=":443"; ma=86400
cf-bgj: minify
last-modified: Wed, 20 Dec 2023 12:41:30 GMT
server: cloudflare
etag: W/"6582e0fa-a01c"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=AJvSu6FeJ5%2FR6aRCbXMLQxuWYwsxofr7fuiobGnX3bnyUpBPukEwhC59KeHOcaLzALIq9D7A459WRA3%2FaoyERnB6B9j9WlWf4vR8tBRCDTh2X5PSEbEWMHeTy41sFv8%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=1800
cf-ray: 8388f2e7db5d6694-AMS

GET
H2 200 s-storageService.js.f1a53ebb.js Show response
aitsouty.top/js/ 2 KB
1 KB 42ms
39ms Script
application/javascript 188.114.97.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://aitsouty.top/js/s-storageService.js.f1a53ebb.js

Requested by

Host: aitsouty.top
URL: https://aitsouty.top/dating-survey.html?offer_id=2061

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2888ed1b353d3d0b539aa294c4f8e6e591c291923193780608b10e324c5696f5

Security Headers

Name	Value
Strict-Transport-Security	max-age=1
X-Content-Type-Options	nosniff

Request headers

accept-language: nl-NL,nl;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Wed, 20 Dec 2023 15:34:20 GMT
strict-transport-security: max-age=1
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 123
content-encoding: br
alt-svc: h3=":443"; ma=86400
cf-bgj: minify
last-modified: Wed, 20 Dec 2023 12:41:29 GMT
server: cloudflare
etag: W/"6582e0f9-87a"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=8nY7AO8wvIWQCr604A6E2xqwnX%2B%2FA9YrYtI6g6AoAUjWM2ZeDcf79PjnJgwi8GgfYhlY2h2CaMBotoI66xwlPpbkngi0HUFNKkvfHecLexEVaoViYhp9lz%2BmTD138Wc%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=1800
cf-ray: 8388f2e7db626694-AMS

GET
H2 200 s-checkSessionStorageAvailable.ts.d364e28d.js Show response
aitsouty.top/js/ 330 B
541 B 39ms
36ms Script
application/javascript 188.114.97.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://aitsouty.top/js/s-checkSessionStorageAvailable.ts.d364e28d.js

Requested by

Host: aitsouty.top
URL: https://aitsouty.top/dating-survey.html?offer_id=2061

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

3984488b76f1aabe956510bb957aa2430991ea6a5f04b2b6b6fbb1933de32810

Security Headers

Name	Value
Strict-Transport-Security	max-age=1
X-Content-Type-Options	nosniff

Request headers

accept-language: nl-NL,nl;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Wed, 20 Dec 2023 15:34:20 GMT
strict-transport-security: max-age=1
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 123
content-encoding: br
alt-svc: h3=":443"; ma=86400
cf-bgj: minify
last-modified: Wed, 20 Dec 2023 12:41:30 GMT
server: cloudflare
etag: W/"6582e0fa-14a"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=gMiu8lQw6X%2B%2BSDCDMvUjNS9697z%2FaAqZBjP6Fp6E%2BMI2yX3I4JpFwCz3TKKDuO%2BmnPkgT0y7%2FTUCobElmkTPuW25QSmYBy6WeAiZ46oddO2WQ026s6NlchTGn3Hqr5o%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=1800
cf-ray: 8388f2e7db636694-AMS

GET
H2 200 s-checkLocalStorageAvailable.ts.b4edc661.js Show response
aitsouty.top/js/ 330 B
491 B 41ms
38ms Script
application/javascript 188.114.97.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://aitsouty.top/js/s-checkLocalStorageAvailable.ts.b4edc661.js

Requested by

Host: aitsouty.top
URL: https://aitsouty.top/dating-survey.html?offer_id=2061

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

18d7b29a36802e9af78ba61e7d1f4c8677cb223dbedd876675d2acf8cd996e40

Security Headers

Name	Value
Strict-Transport-Security	max-age=1
X-Content-Type-Options	nosniff

Request headers

accept-language: nl-NL,nl;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Wed, 20 Dec 2023 15:34:20 GMT
strict-transport-security: max-age=1
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 123
content-encoding: br
alt-svc: h3=":443"; ma=86400
cf-bgj: minify
last-modified: Wed, 20 Dec 2023 12:41:29 GMT
server: cloudflare
etag: W/"6582e0f9-14a"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=2QzjsZc62bO3T7rpaFW0Sk%2FrX70vCP%2BbgKPOUVK31jAAGitihvFxe6I83WAXFR8WdMbOWFYxaOrH9ANaAc%2BpEH9A76Gkb6VRaTTS0a8FB1wMjAwYFjNz89P%2F%2FWaBg3g%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=1800
cf-ray: 8388f2e7db646694-AMS

GET
H2 200 v-redux-toolkit.esm.js.b780b026.js Show response
aitsouty.top/js/ 11 KB
4 KB 39ms
37ms Script
application/javascript 188.114.97.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://aitsouty.top/js/v-redux-toolkit.esm.js.b780b026.js

Requested by

Host: aitsouty.top
URL: https://aitsouty.top/dating-survey.html?offer_id=2061

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

5b916ae417684f745d75c6ea3fdb3ed33c0c9947bdea5dd7a0684b22f295e277

Security Headers

Name	Value
Strict-Transport-Security	max-age=1
X-Content-Type-Options	nosniff

Request headers

accept-language: nl-NL,nl;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Wed, 20 Dec 2023 15:34:20 GMT
strict-transport-security: max-age=1
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 123
content-encoding: br
alt-svc: h3=":443"; ma=86400
cf-bgj: minify
last-modified: Wed, 20 Dec 2023 12:41:29 GMT
server: cloudflare
etag: W/"6582e0f9-2c37"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=mpeMpnvM%2BfrT7XZBlGXwZqG1m4R6ep6ymHqvtvjNLIPUkPNghv%2F2%2F1pSZ7mfBBh0yN9ZyU8nMmDgQIOl81OQ9NzBSJe5fsGy6%2FWvaN9Vfg236eDnVwWeaOwygcmU9KA%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=1800
cf-ray: 8388f2e7db656694-AMS

GET
H2 200 _each-land-config.41c98b0f.js Show response
aitsouty.top/js/ 70 KB
21 KB 67ms
64ms Script
application/javascript 188.114.97.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://aitsouty.top/js/_each-land-config.41c98b0f.js

Requested by

Host: aitsouty.top
URL: https://aitsouty.top/dating-survey.html?offer_id=2061

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

1805153589e310caaa895675a41913e8b2a7d871312cace64c8a5a0fb29c18bc

Security Headers

Name	Value
Strict-Transport-Security	max-age=1
X-Content-Type-Options	nosniff

Request headers

accept-language: nl-NL,nl;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Wed, 20 Dec 2023 15:34:20 GMT
strict-transport-security: max-age=1
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 121
cf-polished: origSize=71793
content-encoding: br
alt-svc: h3=":443"; ma=86400
cf-bgj: minify
last-modified: Wed, 20 Dec 2023 12:41:29 GMT
server: cloudflare
etag: W/"6582e0f9-11871"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=1e3E4dKpmWIMhXZZ10OE5SuJNCgHDhZXUFaKULg%2BGSsTCWYVvrfDVDvoKClMtPoU71mAJVMrBpR%2BNNUEqZHvBtTgfwYjp9IWBug4L8rYeRKYysQxBFux734jc8%2FYIsA%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=1800
cf-ray: 8388f2e7db666694-AMS

GET
H2 200 v-react-dom.production.min.js.76e7579b.js Show response
aitsouty.top/js/ 126 KB
41 KB 61ms
59ms Script
application/javascript 188.114.97.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://aitsouty.top/js/v-react-dom.production.min.js.76e7579b.js

Requested by

Host: aitsouty.top
URL: https://aitsouty.top/dating-survey.html?offer_id=2061

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c0b97b722ee3c27befbc77104bdc8874e02f611a07ba285c1d21d60df8f4a116

Security Headers

Name	Value
Strict-Transport-Security	max-age=1
X-Content-Type-Options	nosniff

Request headers

accept-language: nl-NL,nl;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Wed, 20 Dec 2023 15:34:20 GMT
strict-transport-security: max-age=1
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 121
cf-polished: origSize=129359
content-encoding: br
alt-svc: h3=":443"; ma=86400
cf-bgj: minify
last-modified: Wed, 20 Dec 2023 12:41:29 GMT
server: cloudflare
etag: W/"6582e0f9-1f94f"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=a1GvR6WyuO7PF7eca629n7HV97y2%2BUlcA2pMD%2B%2F0LlYMMWl3btXRvfNaHdH1DLVbAG3oGl4FUnRyzGF%2B6jLlWvJYUuwuCB0wtoMfCbeXzOuSpssEpENdmCRA05wxH8Y%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=1800
cf-ray: 8388f2e7db686694-AMS

GET
H2 200 _core-survey.2c33caf6.js Show response
aitsouty.top/js/ 165 KB
44 KB 65ms
64ms Script
application/javascript 188.114.97.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://aitsouty.top/js/_core-survey.2c33caf6.js

Requested by

Host: aitsouty.top
URL: https://aitsouty.top/dating-survey.html?offer_id=2061

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f99524def2124017f16297189c6e9368a5c88258aa694001948366c75dfc0c60

Security Headers

Name	Value
Strict-Transport-Security	max-age=1
X-Content-Type-Options	nosniff

Request headers

accept-language: nl-NL,nl;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Wed, 20 Dec 2023 15:34:20 GMT
strict-transport-security: max-age=1
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 121
cf-polished: origSize=169080
content-encoding: br
alt-svc: h3=":443"; ma=86400
cf-bgj: minify
last-modified: Wed, 20 Dec 2023 12:41:31 GMT
server: cloudflare
etag: W/"6582e0fb-29478"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=sxUHjUEh4OCxSEWMIpcIM5JSkGqlwCAg5RMKzUwcqRRSDrkmWyyQZSSVTLe7GTjCWfi3k1AW04jNhELZ%2BDYb5%2F2sIZfHS%2FAoFUad%2FomVdjmMEUTA9YcILxdgoPLQ45U%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=1800
cf-ray: 8388f2e7db696694-AMS

GET
H2 200 survey-dating.fba0f3be.js Show response
aitsouty.top/js/ 10 KB
4 KB 61ms
59ms Script
application/javascript 188.114.97.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://aitsouty.top/js/survey-dating.fba0f3be.js

Requested by

Host: aitsouty.top
URL: https://aitsouty.top/dating-survey.html?offer_id=2061

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

6ccdf0f1823302bdb00e1051e36a19b3acf6552eb68682ce68f41d60c05eab60

Security Headers

Name	Value
Strict-Transport-Security	max-age=1
X-Content-Type-Options	nosniff

Request headers

accept-language: nl-NL,nl;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Wed, 20 Dec 2023 15:34:20 GMT
strict-transport-security: max-age=1
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 5920
content-encoding: br
alt-svc: h3=":443"; ma=86400
cf-bgj: minify
last-modified: Wed, 20 Dec 2023 12:41:29 GMT
server: cloudflare
etag: W/"6582e0f9-29bf"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=vNageDHhSu2n75FwOKQcj1Vi6ZwVC7zvBDAAQZ7xPyLLw0APqGyunS1yvfEMbX2WNv6XdsHYUloIO6r1WZkCcOvUCmmaYZYwAVxGqyBVgmwXeYkATz%2BPEhEZOBKKa2c%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=1800
cf-ray: 8388f2e7db6a6694-AMS

GET
H2 200 _core-survey.d3ac2ee0.css
aitsouty.top/css/ 83 B
405 B 35ms
34ms Stylesheet
text/css 188.114.97.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://aitsouty.top/css/_core-survey.d3ac2ee0.css

Requested by

Host: aitsouty.top
URL: https://aitsouty.top/dating-survey.html?offer_id=2061

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

4916da6d6e00e0e6681cccaf9107eb45fdfc78fe2e476444623c30a64959b5e4

Security Headers

Name	Value
Strict-Transport-Security	max-age=1
X-Content-Type-Options	nosniff

Request headers

accept-language: nl-NL,nl;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Wed, 20 Dec 2023 15:34:20 GMT
strict-transport-security: max-age=1
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 139
cf-polished: origSize=84
content-encoding: br
alt-svc: h3=":443"; ma=86400
cf-bgj: minify
last-modified: Wed, 20 Dec 2023 12:41:30 GMT
server: cloudflare
etag: W/"6582e0fa-54"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=hlxJjPn41YdEk9XZZtwuBvcIpzTiZx9Mp8lq6amkQB1Vz5K730CKCZP2VPHyKt9D3SowMyZaLuZMf%2BT%2BYzlnKUZaxFHuWwoji9KRht0gLP5gg%2BqWMQzPT99x8BWixfw%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=1800
cf-ray: 8388f2e7bb346694-AMS

GET
H2 200 survey-dating.77b63812.css
aitsouty.top/css/ 27 KB
6 KB 43ms
42ms Stylesheet
text/css 188.114.97.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://aitsouty.top/css/survey-dating.77b63812.css

Requested by

Host: aitsouty.top
URL: https://aitsouty.top/dating-survey.html?offer_id=2061

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f1a9d47b3f153990f65d7c83331b1a49c0a0b2bf0c17c1444bb6416e73669624

Security Headers

Name	Value
Strict-Transport-Security	max-age=1
X-Content-Type-Options	nosniff

Request headers

accept-language: nl-NL,nl;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Wed, 20 Dec 2023 15:34:20 GMT
strict-transport-security: max-age=1
x-content-type-options: nosniff
cf-cache-status: EXPIRED
last-modified: Wed, 20 Dec 2023 12:41:31 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
content-encoding: br
etag: W/"6582e0fb-6c95"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=FhdbFpcue24BCSMcx6NSJvjbggoq8m82hJ%2FAwCaoUZP6Wgtr5kGK7%2FInuAn7LJfwsZs2zZSv%2Bt1POAL1cjHGEqoYxE2eByXXtl6NBGpFSL6E2CcD%2BoPv9wPqvV5xfco%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=1800
cf-ray: 8388f2e7bb356694-AMS
alt-svc: h3=":443"; ma=86400

GET
H2 200 jessica.webp
aitsouty.top/img/dating/ 20 KB
20 KB 37ms
37ms Image
image/webp 188.114.97.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://aitsouty.top/img/dating/jessica.webp

Requested by

Host: aitsouty.top
URL: https://aitsouty.top/dating-survey.html?offer_id=2061

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d9d561a628dfa01b112d7ab632da73d2270de5fae7549cc196ed0112fbbb9ebb

Security Headers

Name	Value
Strict-Transport-Security	max-age=1
X-Content-Type-Options	nosniff

Request headers

accept-language: nl-NL,nl;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Wed, 20 Dec 2023 15:34:20 GMT
strict-transport-security: max-age=1
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 5921
alt-svc: h3=":443"; ma=86400
content-length: 20200
last-modified: Wed, 20 Dec 2023 12:41:30 GMT
server: cloudflare
etag: "6582e0fa-4ee8"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=rrmWHuYRi3ZE8iT1MdUJsROW%2B59VBLdYzkARLdIZntCpkCdA8SM1dJXhJnfuRsnPkz0o%2FE60XXsEGRZlgMLGtF%2BLZ9aH%2B%2FYnNY8drklr%2BD6lFAlhjBdU9sAZ4EjHsxA%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
cache-control: max-age=1800
accept-ranges: bytes
cf-ray: 8388f2e7bb376694-AMS

GET
H2 200 location.png
aitsouty.top/img/dating/ 1 KB
2 KB 36ms
36ms Image
image/png 188.114.97.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://aitsouty.top/img/dating/location.png

Requested by

Host: aitsouty.top
URL: https://aitsouty.top/dating-survey.html?offer_id=2061

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

4e4d3c81874840a43119f58352787b0091a22499ad67694a1c4f531f0b47203e

Security Headers

Name	Value
Strict-Transport-Security	max-age=1
X-Content-Type-Options	nosniff

Request headers

accept-language: nl-NL,nl;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Wed, 20 Dec 2023 15:34:20 GMT
strict-transport-security: max-age=1
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 5921
alt-svc: h3=":443"; ma=86400
content-length: 1517
last-modified: Wed, 20 Dec 2023 12:41:31 GMT
server: cloudflare
etag: "6582e0fb-5ed"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=LAs0IYkves1gs05HQ%2BVChi5ftfzTpNThcnl6danNWMJXYEeQewnJEbQcJu3gRIGbLFjE6jbH1hveR2pOSgrXwiojMuE5h6J%2FAJAnjYCYJD5jbhCcjw%2FgQzG5dLd%2FhXc%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=1800
accept-ranges: bytes
cf-ray: 8388f2e7bb396694-AMS

GET
H2 200 anna.webp
aitsouty.top/img/dating/ 14 KB
14 KB 36ms
33ms Image
image/webp 188.114.97.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://aitsouty.top/img/dating/anna.webp

Requested by

Host: aitsouty.top
URL: https://aitsouty.top/dating-survey.html?offer_id=2061

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b6fc298a9e5ceb3e5533137e2439179adc97db2278cdf2c07baac25e711bab27

Security Headers

Name	Value
Strict-Transport-Security	max-age=1
X-Content-Type-Options	nosniff

Request headers

accept-language: nl-NL,nl;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Wed, 20 Dec 2023 15:34:20 GMT
strict-transport-security: max-age=1
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 5921
alt-svc: h3=":443"; ma=86400
content-length: 13976
last-modified: Wed, 20 Dec 2023 12:41:30 GMT
server: cloudflare
etag: "6582e0fa-3698"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=TMrEOaAFaOeYxI8QL8v56dYuca3G7m4Y4hzE8vGSjSmD%2Fn3fSdbZJC21fs6mH1YPJQqcyDCgSxmpMD704ZVDhlQ%2FD9r72T1UngLY%2BJIH9HCY0GbAvHs0dGeWt%2BA%2F%2FMA%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
cache-control: max-age=1800
accept-ranges: bytes
cf-ray: 8388f2e7db5a6694-AMS

GET
H2 200 milana.webp
aitsouty.top/img/dating/ 8 KB
9 KB 38ms
35ms Image
image/webp 188.114.97.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://aitsouty.top/img/dating/milana.webp

Requested by

Host: aitsouty.top
URL: https://aitsouty.top/dating-survey.html?offer_id=2061

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d47c3085088b0964867de396473c6552befe6f13ad3946718f76f7ff8a781b6d

Security Headers

Name	Value
Strict-Transport-Security	max-age=1
X-Content-Type-Options	nosniff

Request headers

accept-language: nl-NL,nl;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Wed, 20 Dec 2023 15:34:20 GMT
strict-transport-security: max-age=1
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 5921
alt-svc: h3=":443"; ma=86400
content-length: 8522
last-modified: Wed, 20 Dec 2023 12:41:30 GMT
server: cloudflare
etag: "6582e0fa-214a"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=yIFsJ2eZ5PFPp%2FUq6VWN%2B49kfF9QUxLcSjMv8dfGnDwDjP1IMIJ%2B9UPnzWZwAOi8wHTC0KKYkUFIv0Exmnv07Su%2FM3JnjQRKk%2B2hLqGwRXBpssp%2BG8jCkICu32EfE%2Fg%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
cache-control: max-age=1800
accept-ranges: bytes
cf-ray: 8388f2e7db5b6694-AMS

GET
H2 200 adriana.webp
aitsouty.top/img/dating/ 10 KB
11 KB 59ms
58ms Image
image/webp 188.114.97.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://aitsouty.top/img/dating/adriana.webp

Requested by

Host: aitsouty.top
URL: https://aitsouty.top/dating-survey.html?offer_id=2061

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

5800f01a47e4c9266b23e3c9bc9d1cba7ca6a7860405d70bbe67c47bcea2cec0

Security Headers

Name	Value
Strict-Transport-Security	max-age=1
X-Content-Type-Options	nosniff

Request headers

accept-language: nl-NL,nl;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Wed, 20 Dec 2023 15:34:20 GMT
strict-transport-security: max-age=1
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 5920
alt-svc: h3=":443"; ma=86400
content-length: 10520
last-modified: Wed, 20 Dec 2023 12:41:30 GMT
server: cloudflare
etag: "6582e0fa-2918"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=DolEuayL%2BfYKt47icSphW%2BCen4zDHFy8BNDsSk67zp%2F6K%2FIC9nyzKxF5sf6WWrATa%2FyCSI5nKz6gnSdPQF0DMVWSBsS5R3n0xMUDFYb5zjdj%2BleJhV3mJAdtMr864UY%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
cache-control: max-age=1800
accept-ranges: bytes
cf-ray: 8388f2e7db6b6694-AMS

GET
H2 200 jayden.webp
aitsouty.top/img/dating/ 5 KB
5 KB 60ms
58ms Image
image/webp 188.114.97.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://aitsouty.top/img/dating/jayden.webp

Requested by

Host: aitsouty.top
URL: https://aitsouty.top/dating-survey.html?offer_id=2061

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

7ab7205c68dd0cc636ba0be7046e43f266c131cd8725cc9857b7bb801f3113c3

Security Headers

Name	Value
Strict-Transport-Security	max-age=1
X-Content-Type-Options	nosniff

Request headers

accept-language: nl-NL,nl;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Wed, 20 Dec 2023 15:34:20 GMT
strict-transport-security: max-age=1
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 5921
alt-svc: h3=":443"; ma=86400
content-length: 4912
last-modified: Wed, 20 Dec 2023 12:41:30 GMT
server: cloudflare
etag: "6582e0fa-1330"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=tATPAR6bnr%2F%2B7vtDxkd1P%2FszgZMHKmN9TJZ7jSERtxWAraThyZDXDIf0n2bN0qghcYDZyWMCVWDqlDxZgkVAegy93DvR%2BRE6AtvV6gqtPPrAvGg7bXsqgfasOtNqMrQ%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
cache-control: max-age=1800
accept-ranges: bytes
cf-ray: 8388f2e7db6c6694-AMS

GET
H2 200 melisa.webp
aitsouty.top/img/dating/ 32 KB
32 KB 65ms
64ms Image
image/webp 188.114.97.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://aitsouty.top/img/dating/melisa.webp

Requested by

Host: aitsouty.top
URL: https://aitsouty.top/dating-survey.html?offer_id=2061

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d31231e53199c4e75d6f82e839cdb38984b266121574c55ce85c1612f78b4278

Security Headers

Name	Value
Strict-Transport-Security	max-age=1
X-Content-Type-Options	nosniff

Request headers

accept-language: nl-NL,nl;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Wed, 20 Dec 2023 15:34:20 GMT
strict-transport-security: max-age=1
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 5921
alt-svc: h3=":443"; ma=86400
content-length: 32782
last-modified: Wed, 20 Dec 2023 12:41:30 GMT
server: cloudflare
etag: "6582e0fa-800e"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Xm9nLOu%2BEalhkVtCQM9PVM%2FdJ2j88DLH0Kgca0QYd2oG8HcVXxFZoJrrmjKBc%2FiPnhhERhAKBdOJ6qKDRsFon3dQuX2dvxnmmCSqB%2BXhQIjWd2TIl0wA7ovbanwlDO8%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
cache-control: max-age=1800
accept-ranges: bytes
cf-ray: 8388f2e7db6d6694-AMS

GET
H2 200 tiffany.webp
aitsouty.top/img/dating/ 17 KB
17 KB 60ms
59ms Image
image/webp 188.114.97.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://aitsouty.top/img/dating/tiffany.webp

Requested by

Host: aitsouty.top
URL: https://aitsouty.top/dating-survey.html?offer_id=2061

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

3cfacc85bcfc651f7052c2cc7b378ae530f27b39e88ca4e58b67816f497bad30

Security Headers

Name	Value
Strict-Transport-Security	max-age=1
X-Content-Type-Options	nosniff

Request headers

accept-language: nl-NL,nl;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Wed, 20 Dec 2023 15:34:20 GMT
strict-transport-security: max-age=1
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 5921
alt-svc: h3=":443"; ma=86400
content-length: 17412
last-modified: Wed, 20 Dec 2023 12:41:31 GMT
server: cloudflare
etag: "6582e0fb-4404"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=86YPNwJRyr7kVasFTxVnAPTSgyVbJdzRh6eWWbQF%2FNFhrP6PP6rQxOjH%2FoQBUrsxHGGsx3b2igu1j8oFUEvv98AyCK7kP96ZfeYUI3xyddZkbNFWaotVXpwn9dbfimc%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
cache-control: max-age=1800
accept-ranges: bytes
cf-ray: 8388f2e7db6e6694-AMS

GET
H2 200 jasmine.webp
aitsouty.top/img/dating/ 31 KB
31 KB 41ms
40ms Image
image/webp 188.114.97.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://aitsouty.top/img/dating/jasmine.webp

Requested by

Host: aitsouty.top
URL: https://aitsouty.top/dating-survey.html?offer_id=2061

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

03a5e38911a4cf7978c712bd809511e68327f909d5a5249df9bd75ae54f7897b

Security Headers

Name	Value
Strict-Transport-Security	max-age=1
X-Content-Type-Options	nosniff

Request headers

accept-language: nl-NL,nl;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Wed, 20 Dec 2023 15:34:20 GMT
strict-transport-security: max-age=1
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 5921
alt-svc: h3=":443"; ma=86400
content-length: 31474
last-modified: Wed, 20 Dec 2023 12:41:30 GMT
server: cloudflare
etag: "6582e0fa-7af2"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=t%2F%2FP8swK%2Bofl2aBq%2BPtuvI5DcDPouzZi5QiwtYhPu0SsD%2FyfsqBn8xbLqgzF%2Ft5yElWmFM2fM03aSefRJd%2BbHzHejTBVi1jELhh5u2KLokZEt2TjexHdg7RIxIerEf4%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
cache-control: max-age=1800
accept-ranges: bytes
cf-ray: 8388f2e7db706694-AMS

GET
H2 200 tag.js Show response
mc.yandex.ru/metrika/ 202 KB
70 KB 302ms
151ms Script
application/javascript 2a02:6b8::1:119
YANDEX

General

Check archive.org

Show headers Download Go to

Full URL

https://mc.yandex.ru/metrika/tag.js

Requested by

Host: aitsouty.top
URL: https://aitsouty.top/dating-survey.html?offer_id=2061

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN13238 (YANDEX, RU),

Reverse DNS

Software

Resource Hash

9b2c36195d8149926940ce2d9ed3b6c4e4390464224b8f4733cf096cc4494e74

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: nl-NL,nl;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Wed, 20 Dec 2023 15:34:20 GMT
content-encoding: br
strict-transport-security: max-age=31536000
last-modified: Wed, 20 Dec 2023 13:02:26 GMT
accept-ch: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
etag: "6582e5e2-1158c"
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=3600
timing-allow-origin: *
content-length: 71052
expires: Wed, 20 Dec 2023 16:34:20 GMT

GET
H2 200 prefetcher.js Show response
aitsouty.top/scripts/ 11 KB
5 KB 51ms
50ms Script
application/javascript 188.114.97.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://aitsouty.top/scripts/prefetcher.js

Requested by

Host: aitsouty.top
URL: https://aitsouty.top/js/_prefetcher.c676a135.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

a444e5e431c2189cbf352c01d0b08dd505fe7fffa99dc0b12b4dbd0791fe564f

Security Headers

Name	Value
Strict-Transport-Security	max-age=1
X-Content-Type-Options	nosniff

Request headers

accept-language: nl-NL,nl;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Wed, 20 Dec 2023 15:34:20 GMT
strict-transport-security: max-age=1
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 121
content-encoding: br
alt-svc: h3=":443"; ma=86400
cf-bgj: minify
last-modified: Wed, 20 Dec 2023 12:41:30 GMT
server: cloudflare
etag: W/"6582e0fa-2a09"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ahlxkc9YwoZY%2FP38E8PcwZIGUoN88DFkkBRnXkElFz1791RID7riO2kMlelsooVaSNyFhxs0nPuVMbHyJIhrkyukf%2BNFsyZaEBePHZKKU5BEbgAXq%2BZ6a6gmlY0awOE%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=1800
cf-ray: 8388f2e7eb8d6694-AMS

GET
H2 200 map.webp
aitsouty.top/img/dating/ 19 KB
19 KB 44ms
43ms Image
image/webp 188.114.97.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://aitsouty.top/img/dating/map.webp

Requested by

Host: aitsouty.top
URL: https://aitsouty.top/css/survey-dating.77b63812.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b2e5f5af4ce01433609251c3fb4e83c8bad2b9cd1ccd51d3d8249dd29f2d16de

Security Headers

Name	Value
Strict-Transport-Security	max-age=1
X-Content-Type-Options	nosniff

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://aitsouty.top/css/survey-dating.77b63812.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Wed, 20 Dec 2023 15:34:20 GMT
strict-transport-security: max-age=1
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 5921
alt-svc: h3=":443"; ma=86400
content-length: 19442
last-modified: Wed, 20 Dec 2023 12:41:30 GMT
server: cloudflare
etag: "6582e0fa-4bf2"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=6KHg55PYBZev%2F%2FnXtYUxQm%2BNSy0ibGd8swmIf2zC0g4H5I2iiud%2FZw%2BaELmFTxVI2141u3mk4tYvU2ZN%2F%2BFyJrWfZ4FRXS8%2BVYvtvAa3LulpNMpgPp567ZAhehbPb%2Fo%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
cache-control: max-age=1800
accept-ranges: bytes
cf-ray: 8388f2e7fb986694-AMS

GET
H2 200 gid.js Show response
my.rtmark.net/ 65 B
543 B 90ms
25ms Fetch
application/json 139.45.195.8
RETN-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://my.rtmark.net/gid.js?userId=u7xhnm3udr0iqav3uly2gy0mgmzaa417

Requested by

Host: aitsouty.top
URL: https://aitsouty.top/js/_each-land-config.41c98b0f.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

139.45.195.8 , United Kingdom, ASN9002 (RETN-AS, GB),

Reverse DNS

Software

nginx /

Resource Hash

349b536978344bd69ec81aff029828dca5c8b1b75b8f66b89e17fa00f59b3458

Security Headers

Name	Value
Strict-Transport-Security	max-age=1
X-Content-Type-Options	nosniff

Request headers

accept-language: nl-NL,nl;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Wed, 20 Dec 2023 15:34:20 GMT
strict-transport-security: max-age=1
x-content-type-options: nosniff
server: nginx
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
content-type: application/json; charset=utf-8
access-control-allow-origin: https://aitsouty.top
access-control-expose-headers: Authorization
access-control-allow-credentials: true
timing-allow-origin: *, *
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, Authorization,X-CSRF-Token
content-length: 65

GET
H3 200 sd-2061-en.js Show response
aitsouty.top/js/config/sd/ 4 KB
2 KB 39ms
39ms Script
application/javascript 188.114.97.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://aitsouty.top/js/config/sd/sd-2061-en.js?v=10

Requested by

Host: aitsouty.top
URL: https://aitsouty.top/js/_each-land-config.41c98b0f.js

Protocol

Security

QUIC, , AES_128_GCM

Server

188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ab42e593af9b4e46f87ea4a4a0a12d8cf238ce896f372d50ff17216af4e366fd

Security Headers

Name	Value
Strict-Transport-Security	max-age=1
X-Content-Type-Options	nosniff

Request headers

Referer
Origin: https://aitsouty.top
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Wed, 20 Dec 2023 15:34:20 GMT
strict-transport-security: max-age=1
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 5533
content-encoding: br
alt-svc: h3=":443"; ma=86400
cf-bgj: minify
last-modified: Wed, 20 Dec 2023 12:41:29 GMT
server: cloudflare
etag: W/"6582e0f9-1068"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=2lg6C5t2VAJpbsYOA4%2FSOT9nYMyL9SQiJsTJci1lzI12ZaDAi6kk%2F1fYRMzy2tyxHR8i6oN%2BPBZRTpoZPZuKnoCroKoq8F2s5OHUcSfW63Yhq%2BdkhzmhA9NUq%2BjYNTY%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=1800
cf-ray: 8388f2e87ac20bb3-AMS

GET
DATA 200
OK truncated
/ 82 B
0 Image
image/webp

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 7e41ca21e421f129d3881e345f990027b66c0ab3c5580e549575f9393d117cbd

Request headers

accept-language: nl-NL,nl;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Content-Type: image/webp

GET
H3 200 cookie-consent-1.json Show response
aitsouty.top/js/config/dict/ 7 KB
3 KB 40ms
40ms Fetch
application/json 188.114.97.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://aitsouty.top/js/config/dict/cookie-consent-1.json?v=10

Requested by

Host: aitsouty.top
URL: https://aitsouty.top/js/_each-land-config.41c98b0f.js

Protocol

Security

QUIC, , AES_128_GCM

Server

188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2bfa8e9b4326caea44f0d0c0345a31f34f19d47ae2e60fbc7c557df9ceffdca6

Security Headers

Name	Value
Strict-Transport-Security	max-age=1
X-Content-Type-Options	nosniff

Request headers

accept-language: nl-NL,nl;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Wed, 20 Dec 2023 15:34:20 GMT
strict-transport-security: max-age=1
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
last-modified: Wed, 20 Dec 2023 12:41:30 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
content-encoding: br
etag: W/"6582e0fa-1a65"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=cfYGok32jJI8HQFoGlA5E2SV6NGnBlQyyIF%2BZXSY3NGzZO08YYxaj2ajiZpUbUkbyuqhzHy9wN9aOwjJnGTRTRo5GAzLR1difa1E4rkzBxWWhATK7FSsHXK02c1%2BEWo%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/json
cf-ray: 8388f2e89aee0bb3-AMS
alt-svc: h3=":443"; ma=86400

GET
H3 200 micro.tag.min.js Show response
aitsouty.top/pfe/current/ 26 KB
10 KB 39ms
38ms Script
application/javascript 188.114.97.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://aitsouty.top/pfe/current/micro.tag.min.js?z=5953353&sw=/sw/sw5953353.js&var=null&var_3=null&var_4=null&ymid=null&cdn=1&domain=laugoust.com&ab2_ttl=5184000000

Requested by

Host: aitsouty.top
URL: https://aitsouty.top/js/_each-land-config.41c98b0f.js

Protocol

Security

QUIC, , AES_128_GCM

Server

188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

8f13eabfe1290926119e6421d35719e33ef68384b295eaee367923d75de2dc17

Security Headers

Name	Value
Strict-Transport-Security	max-age=1
X-Content-Type-Options	nosniff

Request headers

accept-language: nl-NL,nl;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Wed, 20 Dec 2023 15:34:20 GMT
strict-transport-security: max-age=1
x-content-type-options: nosniff
cf-cache-status: MISS
last-modified: Wed, 20 Dec 2023 12:41:29 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
content-encoding: br
etag: W/"6582e0f9-6949"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Wx1fHer21dhhM%2FjhoiN%2BxABMtcfTviJd63X%2BXyFpJHZpb6rdisdR93jm9u3E3kjjcq0xksbZMZUrGhbmnQgfPCkfiAS7XFxi3q1R69V%2BE0M7n2%2Bu51upF4Chgs%2FpPGY%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=1800
cf-ray: 8388f2e8bb1c0bb3-AMS
alt-svc: h3=":443"; ma=86400

GET
H3 200 stattag.js Show response
aitsouty.top/pfe/current/ 19 KB
8 KB 34ms
33ms Script
application/javascript 188.114.97.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://aitsouty.top/pfe/current/stattag.js

Requested by

Host: aitsouty.top
URL: https://aitsouty.top/js/_core-survey.2c33caf6.js

Protocol

Security

QUIC, , AES_128_GCM

Server

188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

333132f2f62e5bcef5ab8a1950e7a8342023c0cea68b563b1130bea16dd0bc6a

Security Headers

Name	Value
Strict-Transport-Security	max-age=1
X-Content-Type-Options	nosniff

Request headers

accept-language: nl-NL,nl;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Wed, 20 Dec 2023 15:34:20 GMT
strict-transport-security: max-age=1
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 142
content-encoding: br
alt-svc: h3=":443"; ma=86400
cf-bgj: minify
last-modified: Wed, 20 Dec 2023 12:41:29 GMT
server: cloudflare
etag: W/"6582e0f9-4a50"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=h4XcqEjuCZnPGw9RbVXlKwNNO9hOb6eLpPzJARg3VUZto215uGynouLu2erj98APyUlGBz6E0j%2Ff377MhpGsgNHvcZ6J0zQeSq9Qy7nD3pGWjS4HdDTe3quec69QUfQ%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=1800
cf-ray: 8388f2e8bb200bb3-AMS

GET
H3 200 v-index.mjs.04df4b54.js Show response
aitsouty.top/js/ 34 KB
8 KB 47ms
46ms Script
application/javascript 188.114.97.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://aitsouty.top/js/v-index.mjs.04df4b54.js

Requested by

Host: aitsouty.top
URL: https://aitsouty.top/js/_core-survey.2c33caf6.js

Protocol

Security

QUIC, , AES_128_GCM

Server

188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

7f6ba82c002126759b17f7e9021d512326ca9a7dd1363401432d9e7dbd6d501e

Security Headers

Name	Value
Strict-Transport-Security	max-age=1
X-Content-Type-Options	nosniff

Request headers

accept-language: nl-NL,nl;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Wed, 20 Dec 2023 15:34:20 GMT
strict-transport-security: max-age=1
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 142
content-encoding: br
alt-svc: h3=":443"; ma=86400
cf-bgj: minify
last-modified: Wed, 20 Dec 2023 12:41:29 GMT
server: cloudflare
etag: W/"6582e0f9-89d7"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=CdNeN2GzOHmXC6aSMkeAt%2BSHHGd61S5wATktKptqbJCt3n8bzSK6Enr9NkkCsgvMBsuQBpWfDUqSHOW2JhiX2jktwU%2BIEVOA4k8AjcJHTbHqgYvyEtYZZ0lPbTC3phk%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=1800
cf-ray: 8388f2e8cb3b0bb3-AMS

GET
H3 200 v-node.js.6cb412fa.js Show response
aitsouty.top/js/ 6 KB
2 KB 47ms
46ms Script
application/javascript 188.114.97.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://aitsouty.top/js/v-node.js.6cb412fa.js

Requested by

Host: aitsouty.top
URL: https://aitsouty.top/js/_core-survey.2c33caf6.js

Protocol

Security

QUIC, , AES_128_GCM

Server

188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

42cebcf8bb57a3fc8c09c5717d4a7e9f4f2ee4d4d2bf14f5600b9df28ac6816c

Security Headers

Name	Value
Strict-Transport-Security	max-age=1
X-Content-Type-Options	nosniff

Request headers

accept-language: nl-NL,nl;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Wed, 20 Dec 2023 15:34:20 GMT
strict-transport-security: max-age=1
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 142
content-encoding: br
alt-svc: h3=":443"; ma=86400
cf-bgj: minify
last-modified: Wed, 20 Dec 2023 12:41:29 GMT
server: cloudflare
etag: W/"6582e0f9-186b"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=86zyF2zgmBa5tVh4rtpgR7eW3QkTDct44D9O43sqO3KF0YebclJpXyE4G%2B0c4ooXmxE0%2BOWvL%2FfVbocSq61to2hNZkBJg2W3UlIHqDXVYuoA6IR8IygjTWabiEIrovg%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=1800
cf-ray: 8388f2e8cb3d0bb3-AMS

GET
H3 200 v-possibleStandardNamesOptimized.js.ea2ab3f7.js Show response
aitsouty.top/js/ 7 KB
3 KB 47ms
47ms Script
application/javascript 188.114.97.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://aitsouty.top/js/v-possibleStandardNamesOptimized.js.ea2ab3f7.js

Requested by

Host: aitsouty.top
URL: https://aitsouty.top/js/_core-survey.2c33caf6.js

Protocol

Security

QUIC, , AES_128_GCM

Server

188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

5b5c7b40d0fabbb1973ea986ec2d951db81149f92ade101a6b63ce7e655413ea

Security Headers

Name	Value
Strict-Transport-Security	max-age=1
X-Content-Type-Options	nosniff

Request headers

accept-language: nl-NL,nl;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Wed, 20 Dec 2023 15:34:20 GMT
strict-transport-security: max-age=1
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 142
content-encoding: br
alt-svc: h3=":443"; ma=86400
cf-bgj: minify
last-modified: Wed, 20 Dec 2023 12:41:30 GMT
server: cloudflare
etag: W/"6582e0fa-1d99"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=TuWdoJqEGSFJONdPKS5OugYCwgagKBYVb1%2BEyinno%2BMlu4ASt73JrZw0inHYWQf38voq1BqVt%2BhqF9E1Du5T0Cf1jtIbhN5af7yZ69I26BB6H5fFpxPk3VPJLJVr3CM%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=1800
cf-ray: 8388f2e8cb3f0bb3-AMS

GET
H3 200 v-utilities.js.9374c474.js Show response
aitsouty.top/js/ 3 KB
2 KB 56ms
55ms Script
application/javascript 188.114.97.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://aitsouty.top/js/v-utilities.js.9374c474.js

Requested by

Host: aitsouty.top
URL: https://aitsouty.top/js/_core-survey.2c33caf6.js

Protocol

Security

QUIC, , AES_128_GCM

Server

188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

49009fea9bd3177751ed15e421435bc76828120291df4ec9c6451a5ba3f86d17

Security Headers

Name	Value
Strict-Transport-Security	max-age=1
X-Content-Type-Options	nosniff

Request headers

accept-language: nl-NL,nl;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Wed, 20 Dec 2023 15:34:20 GMT
strict-transport-security: max-age=1
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 142
content-encoding: br
alt-svc: h3=":443"; ma=86400
cf-bgj: minify
last-modified: Wed, 20 Dec 2023 12:41:29 GMT
server: cloudflare
etag: W/"6582e0f9-a11"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Ojh4%2B2hmlTnUomxbg35zf7cTWPJ5nMCvZWALIYAChH6u5t9YeiufHUeRwutEEsjDrw8RlMmWBv%2B7a4MVicHiVPw%2BKwBmSAkhQRsXZbqWV151oZ%2FGLOZlyBqi3%2BBU4%2B4%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=1800
cf-ray: 8388f2e8cb410bb3-AMS

GET
H3 200 v-domparser.js.6a239ba8.js Show response
aitsouty.top/js/ 2 KB
1 KB 56ms
55ms Script
application/javascript 188.114.97.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://aitsouty.top/js/v-domparser.js.6a239ba8.js

Requested by

Host: aitsouty.top
URL: https://aitsouty.top/js/_core-survey.2c33caf6.js

Protocol

Security

QUIC, , AES_128_GCM

Server

188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

19e6aeebc0792b6f0f022bdaebd967f2af4069075483b4c0c992404266df0a4d

Security Headers

Name	Value
Strict-Transport-Security	max-age=1
X-Content-Type-Options	nosniff

Request headers

accept-language: nl-NL,nl;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Wed, 20 Dec 2023 15:34:20 GMT
strict-transport-security: max-age=1
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 142
content-encoding: br
alt-svc: h3=":443"; ma=86400
cf-bgj: minify
last-modified: Wed, 20 Dec 2023 12:41:29 GMT
server: cloudflare
etag: W/"6582e0f9-6b8"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=G4VBWK5TVEF7%2FLgHdrYmLCzVqwQm2ttxcG5IPkidSBFnvXx7zC58ebecUITMl8%2BlNp9BZG8IUPHOOBSDrVaF0rQRjPw%2FMxRi5KEsr2VWXYysYxBx6xKs%2F5IdeNQ7t2Q%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=1800
cf-ray: 8388f2e8cb420bb3-AMS

GET
H3 200 v-dom-to-react.js.825e11f8.js Show response
aitsouty.top/js/ 1 KB
1 KB 56ms
55ms Script
application/javascript 188.114.97.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://aitsouty.top/js/v-dom-to-react.js.825e11f8.js

Requested by

Host: aitsouty.top
URL: https://aitsouty.top/js/_core-survey.2c33caf6.js

Protocol

Security

QUIC, , AES_128_GCM

Server

188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e29c619309b40bd254b662cc3540963dd5a2dabbe3f239f94ae7977e92f43c96

Security Headers

Name	Value
Strict-Transport-Security	max-age=1
X-Content-Type-Options	nosniff

Request headers

accept-language: nl-NL,nl;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Wed, 20 Dec 2023 15:34:20 GMT
strict-transport-security: max-age=1
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 142
content-encoding: br
alt-svc: h3=":443"; ma=86400
cf-bgj: minify
last-modified: Wed, 20 Dec 2023 12:41:29 GMT
server: cloudflare
etag: W/"6582e0f9-43d"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=bPY1USATvSFCJEpe80Zu%2FbMhRPVyGM9ByG998Mx%2ByNK6behZoUxXBgu2ykxFbygoypga1xSTVCUfUC8x2XS8NZIZ4yZZZ12gPJ0Mu%2FoCsPGLuQbPLQADUNUN%2FGmsukw%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=1800
cf-ray: 8388f2e8cb440bb3-AMS

GET
H3 200 v-attributes-to-props.js.a4072057.js Show response
aitsouty.top/js/ 702 B
931 B 71ms
70ms Script
application/javascript 188.114.97.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://aitsouty.top/js/v-attributes-to-props.js.a4072057.js

Requested by

Host: aitsouty.top
URL: https://aitsouty.top/js/_core-survey.2c33caf6.js

Protocol

Security

QUIC, , AES_128_GCM

Server

188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e3544d0dee9df7f5a37336f6358c4da2251833fe706a102cc44aefa66032c994

Security Headers

Name	Value
Strict-Transport-Security	max-age=1
X-Content-Type-Options	nosniff

Request headers

accept-language: nl-NL,nl;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Wed, 20 Dec 2023 15:34:20 GMT
strict-transport-security: max-age=1
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 142
content-encoding: br
alt-svc: h3=":443"; ma=86400
cf-bgj: minify
last-modified: Wed, 20 Dec 2023 12:41:29 GMT
server: cloudflare
etag: W/"6582e0f9-2be"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=JZswG5dIwF4H41XoWhPlokG8UDys89qK7ugBopDSMv9hRmwhyrCSrBGA0C5wI2iDLCjiPBJHpTynScqmmB%2FEq96PkeRVdOH%2FIX96Dok1UOboW7Lv5AcIfz%2FcsOVmMPA%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=1800
cf-ray: 8388f2e8cb460bb3-AMS

GET
H3 200 v-html-to-dom.js.5bb25ae8.js Show response
aitsouty.top/js/ 364 B
729 B 71ms
70ms Script
application/javascript 188.114.97.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://aitsouty.top/js/v-html-to-dom.js.5bb25ae8.js

Requested by

Host: aitsouty.top
URL: https://aitsouty.top/js/_core-survey.2c33caf6.js

Protocol

Security

QUIC, , AES_128_GCM

Server

188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

6cb36828224760fb9205691e1aeb16d3e979e657bef5e1bb85fe8f6d47541f6f

Security Headers

Name	Value
Strict-Transport-Security	max-age=1
X-Content-Type-Options	nosniff

Request headers

accept-language: nl-NL,nl;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Wed, 20 Dec 2023 15:34:20 GMT
strict-transport-security: max-age=1
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 142
content-encoding: br
alt-svc: h3=":443"; ma=86400
cf-bgj: minify
last-modified: Wed, 20 Dec 2023 12:41:29 GMT
server: cloudflare
etag: W/"6582e0f9-16c"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=w3vzJTWVs9C%2FobY3bDwzHOFxxJZPXN9%2Be4tErzfK9oLOipDdAGVJS%2B03cQHcpK4KAnhoPWPVCIPotB4ubEf2%2BqX3KOhejJdSKHeA1bdKLqHFoMYdj9Xh5v6w%2B2kfTys%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=1800
cf-ray: 8388f2e8cb470bb3-AMS

GET
H3 200 v-constants.js.b3810a2d.js Show response
aitsouty.top/js/ 600 B
821 B 71ms
71ms Script
application/javascript 188.114.97.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://aitsouty.top/js/v-constants.js.b3810a2d.js

Requested by

Host: aitsouty.top
URL: https://aitsouty.top/js/_core-survey.2c33caf6.js

Protocol

Security

QUIC, , AES_128_GCM

Server

188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d20e0fc5035186be8329c9f0e2a5301e81b7fbf6bbe3d7e022fa6a21a69b554e

Security Headers

Name	Value
Strict-Transport-Security	max-age=1
X-Content-Type-Options	nosniff

Request headers

accept-language: nl-NL,nl;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Wed, 20 Dec 2023 15:34:20 GMT
strict-transport-security: max-age=1
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 142
content-encoding: br
alt-svc: h3=":443"; ma=86400
cf-bgj: minify
last-modified: Wed, 20 Dec 2023 12:41:29 GMT
server: cloudflare
etag: W/"6582e0f9-258"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=irmtGkBYl7DwQx4LBZgmjAqqaWUk4dYclQH9yLrj%2F67LVI5qBsNXllBIor2G39eBnH6l4LZSQgZTrKgp36GrV8hZNhtU5cNga2zlMM4vy3TrbHdRy3lvVs9HB%2BeN7zk%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=1800
cf-ray: 8388f2e8cb490bb3-AMS

GET
H3 200 SurveyContainer.3ef90480.js Show response
aitsouty.top/js/ 55 KB
15 KB 72ms
71ms Script
application/javascript 188.114.97.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://aitsouty.top/js/SurveyContainer.3ef90480.js

Requested by

Host: aitsouty.top
URL: https://aitsouty.top/js/_core-survey.2c33caf6.js

Protocol

Security

QUIC, , AES_128_GCM

Server

188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

5249a96dbba94090cf9337f901d75fb06ec64e5217c47dba8d20a84f4bad3f38

Security Headers

Name	Value
Strict-Transport-Security	max-age=1
X-Content-Type-Options	nosniff

Request headers

accept-language: nl-NL,nl;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Wed, 20 Dec 2023 15:34:20 GMT
strict-transport-security: max-age=1
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 142
cf-polished: origSize=55855
content-encoding: br
alt-svc: h3=":443"; ma=86400
cf-bgj: minify
last-modified: Wed, 20 Dec 2023 12:41:29 GMT
server: cloudflare
etag: W/"6582e0f9-da2f"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=H6W%2Bxd%2BorQkm1wbsqCEjArA0kAhMRSE%2F%2BVt63OerEROxlTBXYJSdKtCB%2BIFRJBQ0np4SBSO7y4mQ6V%2BPRbRszcpcJtO9mHsCOx8Hop0epWmEPpdqRHC2cI14Aaatx50%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=1800
cf-ray: 8388f2e8cb4a0bb3-AMS

POST
H/1.1 200
OK add Show response
datatechonert.com/log/ 12 B
482 B 138ms
27ms XHR
application/json 139.45.195.253
RETN-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://datatechonert.com/log/add?cid=eacf36da-c06d-4d71-90cc-88e30cd4240a
Requested by: Host: aitsouty.top
URL: https://aitsouty.top/pfe/current/stattag.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 139.45.195.253 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software: nginx/1.19.10 /
Resource Hash: 21c1f682de27109caabcca9016511974defcec217c0441fd3f1b50ecdf8247ed

Request headers

Referer
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

Date: Wed, 20 Dec 2023 15:34:20 GMT
Server: nginx/1.19.10
Access-Control-Allow-Methods: POST, GET, OPTIONS, PUT, DELETE
Content-Type: application/json; charset=utf-8
Access-Control-Allow-Origin: https://aitsouty.top
Access-Control-Allow-Credentials: true
Connection: keep-alive
Access-Control-Allow-Headers: Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-Forwarded-For, If-None-Match
Content-Length: 12

POST
H2 200 sync-metrics
dortmark.net/ 17 B
0 83ms
25ms Fetch
application/json 139.45.197.248
RETN-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://dortmark.net/sync-metrics

Requested by

Host: aitsouty.top
URL: https://aitsouty.top/js/_each-land-config.41c98b0f.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

139.45.197.248 , United Kingdom, ASN9002 (RETN-AS, GB),

Reverse DNS

Software

nginx /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=1
X-Content-Type-Options	nosniff

Request headers

Referer
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
Content-Type: application/json

Response headers

x-trace-id: 18bce65d5d8f3e80b2f7711a5ae34959
pragma: no-cache
date: Wed, 20 Dec 2023 15:34:20 GMT
strict-transport-security: max-age=1
x-content-type-options: nosniff
server: nginx
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/json; charset=utf-8
access-control-allow-origin: https://aitsouty.top
cache-control: no-transform, no-store, no-cache, must-revalidate, max-age=0
access-control-allow-credentials: true
timing-allow-origin: *, *
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, baggage, sentry-trace
content-length: 17
expires: Tue, 11 Jan 1994 10:00:00 GMT

OPTIONS
H2 200 sync-metrics
dortmark.net/ 0
0 101ms
29ms Preflight 139.45.197.248
RETN-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://dortmark.net/sync-metrics

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

139.45.197.248 , United Kingdom, ASN9002 (RETN-AS, GB),

Reverse DNS

Software

nginx /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=1
X-Content-Type-Options	nosniff

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://aitsouty.top
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, baggage, sentry-trace
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: https://aitsouty.top
cache-control: no-transform, no-store, no-cache, must-revalidate, max-age=0
content-length: 0
date: Wed, 20 Dec 2023 15:34:20 GMT
expires: Tue, 11 Jan 1994 10:00:00 GMT
pragma: no-cache
server: nginx
strict-transport-security: max-age=1
timing-allow-origin: * *
x-content-type-options: nosniff

GET
H2 200 rotate Show response
offpichuan.com/ 767 B
1 KB 102ms
43ms Fetch
text/plain 139.45.197.237
RETN-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://offpichuan.com/rotate?zz=5473379;5473392;5473396;5473420;5473381;5473432;5473425;5473415&var=&uid=u7xhnm3udr0iqav3uly2gy0mgmzaa417

Requested by

Host: aitsouty.top
URL: https://aitsouty.top/js/_core-survey.2c33caf6.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

139.45.197.237 , United Kingdom, ASN9002 (RETN-AS, GB),

Reverse DNS

Software

nginx /

Resource Hash

2c90c4a829c05927b97695f2f1903824f3153dee60316e8d351578c21f7ab44d

Security Headers

Name	Value
Strict-Transport-Security	max-age=1
X-Content-Type-Options	nosniff

Request headers

accept-language: nl-NL,nl;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

x-trace-id: a26cae82e6c11ed2175c9edaeb46e34a
pragma: no-cache
date: Wed, 20 Dec 2023 15:34:20 GMT
strict-transport-security: max-age=1
x-content-type-options: nosniff
server: nginx
access-control-allow-methods: GET, POST, OPTIONS
content-type: text/plain; charset=utf-8
access-control-allow-origin: https://aitsouty.top
cache-control: no-transform, no-store, no-cache, must-revalidate, max-age=0
access-control-allow-credentials: true
timing-allow-origin: *, *
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, baggage, sentry-trace
content-length: 767
expires: Tue, 11 Jan 1994 10:00:00 GMT

GET
H3 200 sw5953353.js
aitsouty.top/sw/ 0
795 B 37ms
36ms Other
application/javascript 188.114.97.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://aitsouty.top/sw/sw5953353.js?var=null&var_3=null&var_4=null&ymid=null&ab2_ttl=5184000000

Requested by

Host: aitsouty.top
URL: https://aitsouty.top/pfe/current/micro.tag.min.js?z=5953353&sw=/sw/sw5953353.js&var=null&var_3=null&var_4=null&ymid=null&cdn=1&domain=laugoust.com&ab2_ttl=5184000000

Protocol

Security

QUIC, , AES_128_GCM

Server

188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=1
X-Content-Type-Options	nosniff

Request headers

accept-language: nl-NL,nl;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Wed, 20 Dec 2023 15:34:20 GMT
strict-transport-security: max-age=1
x-content-type-options: nosniff
cf-cache-status: MISS
last-modified: Wed, 20 Dec 2023 12:41:29 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
content-encoding: br
etag: W/"6582e0f9-529"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Fhij8zpJ9sjxfNwPZ4vHDjsYT80ozjB8WrTEgHns1yHP5ju1REjHZyNKxhJK7067s5pAl61HmzQ3THjzl04X3yiJtXM%2FfQ4PTDkg9o%2FyVQuVG2VQRCQ7iOQ%2BtzBTTIM%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=1800
cf-ray: 8388f2e94bcc0bb3-AMS
alt-svc: h3=":443"; ma=86400

POST
H2 200 zone
laugoust.com/ 0
255 B 94ms
25ms Ping
text/plain 139.45.197.250
RETN-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://laugoust.com/zone?&pub=0&zone_id=5953353&is_mobile=false&domain=aitsouty.top&var=null&ymid=null&var_3=null&var_4=null&dsig=&tg=1&action=prerequest

Requested by

Host: aitsouty.top
URL: https://aitsouty.top/pfe/current/micro.tag.min.js?z=5953353&sw=/sw/sw5953353.js&var=null&var_3=null&var_4=null&ymid=null&cdn=1&domain=laugoust.com&ab2_ttl=5184000000

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

139.45.197.250 , United Kingdom, ASN9002 (RETN-AS, GB),

Reverse DNS

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=1
X-Content-Type-Options	nosniff

Request headers

accept-language: nl-NL,nl;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

x-trace-id: 659615e515b8dee8ec9a01e32711c9e9
date: Wed, 20 Dec 2023 15:34:20 GMT
strict-transport-security: max-age=1
x-content-type-options: nosniff
server: nginx
access-control-allow-origin: https://aitsouty.top
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, X-Oaid, Content-Type, Accept
content-length: 0

GET
H2 200 gid.js Show response
my.rtmark.net/ 65 B
542 B 29ms
28ms Fetch
application/json 139.45.195.8
RETN-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://my.rtmark.net/gid.js?pub=0&userId=&zoneId=5953353&checkDuplicate=true&ymid=null&var=null

Requested by

Host: aitsouty.top
URL: https://aitsouty.top/pfe/current/micro.tag.min.js?z=5953353&sw=/sw/sw5953353.js&var=null&var_3=null&var_4=null&ymid=null&cdn=1&domain=laugoust.com&ab2_ttl=5184000000

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

139.45.195.8 , United Kingdom, ASN9002 (RETN-AS, GB),

Reverse DNS

Software

nginx /

Resource Hash

349b536978344bd69ec81aff029828dca5c8b1b75b8f66b89e17fa00f59b3458

Security Headers

Name	Value
Strict-Transport-Security	max-age=1
X-Content-Type-Options	nosniff

Request headers

accept-language: nl-NL,nl;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Wed, 20 Dec 2023 15:34:20 GMT
strict-transport-security: max-age=1
x-content-type-options: nosniff
server: nginx
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
content-type: application/json; charset=utf-8
access-control-allow-origin: https://aitsouty.top
access-control-expose-headers: Authorization
access-control-allow-credentials: true
timing-allow-origin: *, *
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, Authorization,X-CSRF-Token
content-length: 65

GET
H2 200 zone Show response
laugoust.com/ 144 B
435 B 77ms
27ms Fetch
application/json 139.45.197.250
RETN-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://laugoust.com/zone?&pub=0&zone_id=5953353&is_mobile=false&domain=aitsouty.top&var=null&ymid=null&var_3=null&var_4=null&dsig=&tg=1&action=settings

Requested by

Host: aitsouty.top
URL: https://aitsouty.top/pfe/current/micro.tag.min.js?z=5953353&sw=/sw/sw5953353.js&var=null&var_3=null&var_4=null&ymid=null&cdn=1&domain=laugoust.com&ab2_ttl=5184000000

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

139.45.197.250 , United Kingdom, ASN9002 (RETN-AS, GB),

Reverse DNS

Software

nginx /

Resource Hash

3ab83e12e0096d62dfeb0b64e022272ec8560c817a9b02395c65064da53519ba

Security Headers

Name	Value
Strict-Transport-Security	max-age=1
X-Content-Type-Options	nosniff

Request headers

accept-language: nl-NL,nl;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

x-trace-id: 061b121be18ac9733bcc755b9f4dc42d
date: Wed, 20 Dec 2023 15:34:20 GMT
strict-transport-security: max-age=1
x-content-type-options: nosniff
server: nginx
content-type: application/json; charset=utf-8
access-control-allow-origin: https://aitsouty.top
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, X-Oaid, Content-Type, Accept
content-length: 144

OPTIONS
H2 200 sync-do
dortmark.net/ 0
0 50ms
28ms Preflight 139.45.197.248
RETN-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://dortmark.net/sync-do

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

139.45.197.248 , United Kingdom, ASN9002 (RETN-AS, GB),

Reverse DNS

Software

nginx /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=1
X-Content-Type-Options	nosniff

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://aitsouty.top
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, baggage, sentry-trace
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: https://aitsouty.top
cache-control: no-transform, no-store, no-cache, must-revalidate, max-age=0
content-length: 0
date: Wed, 20 Dec 2023 15:34:20 GMT
expires: Tue, 11 Jan 1994 10:00:00 GMT
pragma: no-cache
server: nginx
strict-transport-security: max-age=1
timing-allow-origin: * *
x-content-type-options: nosniff

POST
H2 200 sync-do Show response
dortmark.net/ 177 B
657 B 82ms
25ms Fetch
application/json 139.45.197.248
RETN-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://dortmark.net/sync-do

Requested by

Host: aitsouty.top
URL: https://aitsouty.top/js/_core-survey.2c33caf6.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

139.45.197.248 , United Kingdom, ASN9002 (RETN-AS, GB),

Reverse DNS

Software

nginx /

Resource Hash

aabfa27fcfd0b8b04efb721f3db9da912c86272468c25256c3b1e0a7a83db2a6

Security Headers

Name	Value
Strict-Transport-Security	max-age=1
X-Content-Type-Options	nosniff

Request headers

Referer
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
Content-Type: application/json

Response headers

x-trace-id: c2c55563fc00591b0d4034c441042bac
pragma: no-cache
date: Wed, 20 Dec 2023 15:34:20 GMT
strict-transport-security: max-age=1
x-content-type-options: nosniff
server: nginx
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/json; charset=utf-8
access-control-allow-origin: https://aitsouty.top
cache-control: no-transform, no-store, no-cache, must-revalidate, max-age=0
access-control-allow-credentials: true
timing-allow-origin: *, *
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, baggage, sentry-trace
content-length: 177
expires: Tue, 11 Jan 1994 10:00:00 GMT

POST
H2 200 sync-metrics
dortmark.net/ 17 B
0 30ms
30ms Fetch
application/json 139.45.197.248
RETN-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://dortmark.net/sync-metrics

Requested by

Host: aitsouty.top
URL: https://aitsouty.top/js/_core-survey.2c33caf6.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

139.45.197.248 , United Kingdom, ASN9002 (RETN-AS, GB),

Reverse DNS

Software

nginx /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=1
X-Content-Type-Options	nosniff

Request headers

Referer
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
Content-Type: application/json

Response headers

x-trace-id: d6c46bdadc6ba3b10d8be70543970f65
pragma: no-cache
date: Wed, 20 Dec 2023 15:34:20 GMT
strict-transport-security: max-age=1
x-content-type-options: nosniff
server: nginx
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/json; charset=utf-8
access-control-allow-origin: https://aitsouty.top
cache-control: no-transform, no-store, no-cache, must-revalidate, max-age=0
access-control-allow-credentials: true
timing-allow-origin: *, *
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, baggage, sentry-trace
content-length: 17
expires: Tue, 11 Jan 1994 10:00:00 GMT

OPTIONS
H2 200 sync-metrics
dortmark.net/ 0
0 26ms
25ms Preflight 139.45.197.248
RETN-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://dortmark.net/sync-metrics

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

139.45.197.248 , United Kingdom, ASN9002 (RETN-AS, GB),

Reverse DNS

Software

nginx /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=1
X-Content-Type-Options	nosniff

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://aitsouty.top
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, baggage, sentry-trace
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: https://aitsouty.top
cache-control: no-transform, no-store, no-cache, must-revalidate, max-age=0
content-length: 0
date: Wed, 20 Dec 2023 15:34:20 GMT
expires: Tue, 11 Jan 1994 10:00:00 GMT
pragma: no-cache
server: nginx
strict-transport-security: max-age=1
timing-allow-origin: * *
x-content-type-options: nosniff

GET
H2

200

sync_cookie_image_finish
mc.yandex.ru/
Redirect Chain

https://mc.yandex.com/sync_cookie_image_check
https://mc.yandex.ru/sync_cookie_image_start?redirect_domain=mc.yandex.com&token=10223.c3l8WfHxhzqn2eujTN4ksfSbNTin41-p7CH9t9VZmiO3f0J5CW7CgNdD1JgmUAk_.HQrOq5xIqFbuDyy5TFmQ6Ln1-_c%2C
https://mc.yandex.com/sync_cookie_image_decide?token=10223.LyDQ-fUfZCknDACDuJnsk424RFiMAVm6ncM14bA2Mhw101AWa0HRcpPIK2vnJHmV03Yu86tTOkHI5ApnYwhqqW9o12iJTezx3aFNCkIs-4zdUAJqwsdcoGmkF-khnt0jZSYI4rqjeY...
https://mc.yandex.ru/sync_cookie_image_finish?redirect_domain=mc.yandex.com&token=10223.yQa70hRG6oLSIRvyWBAfhMwbKsNby499ONWTxepcI_gt4QzHNwp_gMfzovrfA90sfvPW_0vWUSULeQLiPgu4atJjJOLRtx_TzWFr0cRB6b1kE...

43 B
580 B

72ms
72ms

Image
image/gif

2a02:6b8::1:119
YANDEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://mc.yandex.ru/sync_cookie_image_finish?redirect_domain=mc.yandex.com&token=10223.yQa70hRG6oLSIRvyWBAfhMwbKsNby499ONWTxepcI_gt4QzHNwp_gMfzovrfA90sfvPW_0vWUSULeQLiPgu4atJjJOLRtx_TzWFr0cRB6b1kEB75tZruCKLNpzCVm_ucP7GnRc4-aTm0IROBdT6dQJb-Ila3bWRIWHww1ieY1VMhXel8Ubbqozd3KjgcFk2dFA3H8OEeQJHtivpFFOOttA%2C%2C.W-2dalvpJvqecQasZ8zuqvtqdyU%2C

Requested by

Host: aitsouty.top
URL: https://aitsouty.top/dating-survey.html?offer_id=2061&utm_content=zd_public_v2

Protocol

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN13238 (YANDEX, RU),

Reverse DNS

Software

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

accept-language: nl-NL,nl;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Wed, 20 Dec 2023 15:34:20 GMT
strict-transport-security: max-age=31536000
content-length: 43
x-xss-protection: 1; mode=block
content-type: image/gif

Redirect headers

location: https://mc.yandex.ru/sync_cookie_image_finish?redirect_domain=mc.yandex.com&token=10223.yQa70hRG6oLSIRvyWBAfhMwbKsNby499ONWTxepcI_gt4QzHNwp_gMfzovrfA90sfvPW_0vWUSULeQLiPgu4atJjJOLRtx_TzWFr0cRB6b1kEB75tZruCKLNpzCVm_ucP7GnRc4-aTm0IROBdT6dQJb-Ila3bWRIWHww1ieY1VMhXel8Ubbqozd3KjgcFk2dFA3H8OEeQJHtivpFFOOttA%2C%2C.W-2dalvpJvqecQasZ8zuqvtqdyU%2C
date: Wed, 20 Dec 2023 15:34:20 GMT
strict-transport-security: max-age=31536000
x-xss-protection: 1; mode=block

GET
H2 200 advert.gif
mc.yandex.com/metrika/ 43 B
473 B 118ms
118ms Image
image/gif 2a02:6b8::1:119
YANDEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://mc.yandex.com/metrika/advert.gif

Requested by

Host: aitsouty.top
URL: https://aitsouty.top/dating-survey.html?offer_id=2061&utm_content=zd_public_v2

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN13238 (YANDEX, RU),

Reverse DNS

Software

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: nl-NL,nl;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Wed, 20 Dec 2023 15:34:20 GMT
strict-transport-security: max-age=31536000
last-modified: Wed, 20 Dec 2023 13:02:26 GMT
accept-ch: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
etag: "6582e5e2-2b"
content-type: image/gif
access-control-allow-origin: *
cache-control: max-age=3600
accept-ranges: bytes
timing-allow-origin: *
content-length: 43
expires: Wed, 20 Dec 2023 16:34:20 GMT

POST
H2 200 sync-metrics
dortmark.net/ 17 B
0 33ms
33ms Fetch
application/json 139.45.197.248
RETN-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://dortmark.net/sync-metrics

Requested by

Host: aitsouty.top
URL: https://aitsouty.top/js/_each-land-config.41c98b0f.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

139.45.197.248 , United Kingdom, ASN9002 (RETN-AS, GB),

Reverse DNS

Software

nginx /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=1
X-Content-Type-Options	nosniff

Request headers

Referer
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
Content-Type: application/json

Response headers

x-trace-id: 1071434f4a4c5cd2e325006702bd4336
pragma: no-cache
date: Wed, 20 Dec 2023 15:34:20 GMT
strict-transport-security: max-age=1
x-content-type-options: nosniff
server: nginx
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/json; charset=utf-8
access-control-allow-origin: https://aitsouty.top
cache-control: no-transform, no-store, no-cache, must-revalidate, max-age=0
access-control-allow-credentials: true
timing-allow-origin: *, *
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, baggage, sentry-trace
content-length: 17
expires: Tue, 11 Jan 1994 10:00:00 GMT

OPTIONS
H2 200 sync-metrics
dortmark.net/ 0
0 26ms
25ms Preflight 139.45.197.248
RETN-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://dortmark.net/sync-metrics

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

139.45.197.248 , United Kingdom, ASN9002 (RETN-AS, GB),

Reverse DNS

Software

nginx /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=1
X-Content-Type-Options	nosniff

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://aitsouty.top
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, baggage, sentry-trace
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: https://aitsouty.top
cache-control: no-transform, no-store, no-cache, must-revalidate, max-age=0
content-length: 0
date: Wed, 20 Dec 2023 15:34:20 GMT
expires: Tue, 11 Jan 1994 10:00:00 GMT
pragma: no-cache
server: nginx
strict-transport-security: max-age=1
timing-allow-origin: * *
x-content-type-options: nosniff

GET
H2

200

1 Show response
mc.yandex.com/watch/66423859/
Redirect Chain

https://mc.yandex.com/watch/66423859?wmode=7&page-url=https%3A%2F%2Faitsouty.top%2Fdating-survey.html%3Foffer_id%3D2061%26utm_content%3Dzd_public_v2&charset=utf-8&site-info=%7B%7D&uah=chm%0A%3F0&br...
https://mc.yandex.com/watch/66423859/1?wmode=7&page-url=https%3A%2F%2Faitsouty.top%2Fdating-survey.html%3Foffer_id%3D2061%26utm_content%3Dzd_public_v2&charset=utf-8&site-info=%7B%7D&uah=chm%0A%3F0&...

420 B
511 B

75ms
74ms

Fetch
application/json

2a02:6b8::1:119
YANDEX

General

Check archive.org

Show headers Download Go to

Full URL

https://mc.yandex.com/watch/66423859/1?wmode=7&page-url=https%3A%2F%2Faitsouty.top%2Fdating-survey.html%3Foffer_id%3D2061%26utm_content%3Dzd_public_v2&charset=utf-8&site-info=%7B%7D&uah=chm%0A%3F0&browser-info=pv%3A1%3Avf%3A3bfl5e3f8ptrmgtp6nxhmpy3%3Afp%3A237%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A1190%3Acn%3A1%3Adp%3A0%3Als%3A960335423864%3Ahid%3A40686421%3Az%3A60%3Ai%3A20231220163420%3Aet%3A1703086461%3Ac%3A1%3Arn%3A816152493%3Arqn%3A1%3Au%3A1703086461380815207%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Awv%3A2%3Ads%3A0%2C57%2C43%2C1%2C%2C0%2C%2C56%2C1%2C%2C%2C%2C269%3Aco%3A0%3Acpf%3A1%3Ans%3A1703086459967%3Aadb%3A2%3Arqnl%3A1%3Ast%3A1703086461%3At%3ALove%20Test%20%3C3&t=gdpr%2814%29mc%28g-8%29clc%280-0-0%29rqnt%281%29aw%281%29rcm%281%29ti%281%29

Protocol

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN13238 (YANDEX, RU),

Reverse DNS

Software

Resource Hash

1674c973c07e4f001c263e18171fd047076871a5efdbe94812ff2e1dddfadcfc

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: nl-NL,nl;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 20 Dec 2023 15:34:20 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
last-modified: Wed, 20-Dec-2023 15:34:20 GMT
accept-ch: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
content-type: application/json; charset=utf-8
access-control-allow-origin: https://aitsouty.top
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
content-length: 420
x-xss-protection: 1; mode=block
expires: Wed, 20-Dec-2023 15:34:20 GMT

Redirect headers

pragma: no-cache
date: Wed, 20 Dec 2023 15:34:20 GMT
strict-transport-security: max-age=31536000
last-modified: Wed, 20-Dec-2023 15:34:20 GMT
accept-ch: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
location: /watch/66423859/1?wmode=7&page-url=https%3A%2F%2Faitsouty.top%2Fdating-survey.html%3Foffer_id%3D2061%26utm_content%3Dzd_public_v2&charset=utf-8&site-info=%7B%7D&uah=chm%0A%3F0&browser-info=pv%3A1%3Avf%3A3bfl5e3f8ptrmgtp6nxhmpy3%3Afp%3A237%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A1190%3Acn%3A1%3Adp%3A0%3Als%3A960335423864%3Ahid%3A40686421%3Az%3A60%3Ai%3A20231220163420%3Aet%3A1703086461%3Ac%3A1%3Arn%3A816152493%3Arqn%3A1%3Au%3A1703086461380815207%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Awv%3A2%3Ads%3A0%2C57%2C43%2C1%2C%2C0%2C%2C56%2C1%2C%2C%2C%2C269%3Aco%3A0%3Acpf%3A1%3Ans%3A1703086459967%3Aadb%3A2%3Arqnl%3A1%3Ast%3A1703086461%3At%3ALove%20Test%20%3C3&t=gdpr%2814%29mc%28g-8%29clc%280-0-0%29rqnt%281%29aw%281%29rcm%281%29ti%281%29
access-control-allow-origin: https://aitsouty.top
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
x-xss-protection: 1; mode=block
expires: Wed, 20-Dec-2023 15:34:20 GMT

POST
H2 200 sync-metrics
dortmark.net/ 17 B
0 29ms
28ms Fetch
application/json 139.45.197.248
RETN-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://dortmark.net/sync-metrics

Requested by

Host: aitsouty.top
URL: https://aitsouty.top/js/_core-survey.2c33caf6.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

139.45.197.248 , United Kingdom, ASN9002 (RETN-AS, GB),

Reverse DNS

Software

nginx /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=1
X-Content-Type-Options	nosniff

Request headers

Referer
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
Content-Type: application/json

Response headers

x-trace-id: 9dd93c44065d23ef4390a07344135a51
pragma: no-cache
date: Wed, 20 Dec 2023 15:34:20 GMT
strict-transport-security: max-age=1
x-content-type-options: nosniff
server: nginx
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/json; charset=utf-8
access-control-allow-origin: https://aitsouty.top
cache-control: no-transform, no-store, no-cache, must-revalidate, max-age=0
access-control-allow-credentials: true
timing-allow-origin: *, *
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, baggage, sentry-trace
content-length: 17
expires: Tue, 11 Jan 1994 10:00:00 GMT

OPTIONS
H2 200 sync-metrics
dortmark.net/ 0
0 25ms
25ms Preflight 139.45.197.248
RETN-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://dortmark.net/sync-metrics

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

139.45.197.248 , United Kingdom, ASN9002 (RETN-AS, GB),

Reverse DNS

Software

nginx /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=1
X-Content-Type-Options	nosniff

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://aitsouty.top
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, baggage, sentry-trace
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: https://aitsouty.top
cache-control: no-transform, no-store, no-cache, must-revalidate, max-age=0
content-length: 0
date: Wed, 20 Dec 2023 15:34:20 GMT
expires: Tue, 11 Jan 1994 10:00:00 GMT
pragma: no-cache
server: nginx
strict-transport-security: max-age=1
timing-allow-origin: * *
x-content-type-options: nosniff

POST
H2 200 1
mc.yandex.com/watch/66423859/ 43 B
74 B 82ms
81ms Ping
image/gif 2a02:6b8::1:119
YANDEX

General

Check archive.org

Show headers Download Go to

Full URL

https://mc.yandex.com/watch/66423859/1?page-url=goal%3A%2F%2Faitsouty.top%2FonSurveyStart&page-ref=https%3A%2F%2Faitsouty.top%2Fdating-survey.html%3Foffer_id%3D2061%26utm_content%3Dzd_public_v2&charset=utf-8&uah=chm%0A%3F0&hittoken=1703086460_e0c54671ec8ebe125efaea8e3ffedd96ea6eb14e409f25bebda48fe39bd355e4&browser-info=ar%3A1%3Avf%3A3bfl5e3f8ptrmgtp6nxhmpy3%3Afu%3A3%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A1190%3Acn%3A1%3Adp%3A1%3Als%3A960335423864%3Ahid%3A40686421%3Az%3A60%3Ai%3A20231220163420%3Aet%3A1703086461%3Ac%3A1%3Arn%3A858126246%3Arqn%3A2%3Au%3A1703086461380815207%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Awv%3A2%3Ads%3A%2C%2C%2C%2C%2C%2C%2C%2C%2C863%2C863%2C0%2C%3Aco%3A0%3Acpf%3A1%3Ans%3A1703086459967%3Aadb%3A2%3Arqnl%3A1%3Ast%3A1703086461%3At%3ALove%20Test%20%3C3&t=gdpr(14%2C14)mc(g-9)clc(0-0-0)rqnt(2)aw(1)rcm(1)ti(0)&force-urlencoded=1&site-info=%7B%22userOfferId%22%3A%222061%22%2C%22userSurveyId%22%3A%222061%22%2C%22vertical%22%3A%22dating%22%2C%22zone%22%3A%22%22%7D

Requested by

Host: mc.yandex.ru
URL: https://mc.yandex.ru/metrika/tag.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN13238 (YANDEX, RU),

Reverse DNS

Software

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

accept-language: nl-NL,nl;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 20 Dec 2023 15:34:21 GMT
strict-transport-security: max-age=31536000
last-modified: Wed, 20-Dec-2023 15:34:21 GMT
accept-ch: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
content-type: image/gif
access-control-allow-origin: https://aitsouty.top
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
content-length: 43
x-xss-protection: 1; mode=block
expires: Wed, 20-Dec-2023 15:34:21 GMT

POST
H2 200 1
mc.yandex.com/watch/66423859/ 43 B
74 B 76ms
75ms Ping
image/gif 2a02:6b8::1:119
YANDEX

General

Check archive.org

Show headers Download Go to

Full URL

https://mc.yandex.com/watch/66423859/1?page-url=goal%3A%2F%2Faitsouty.top%2FonLanguageSelect&page-ref=https%3A%2F%2Faitsouty.top%2Fdating-survey.html%3Foffer_id%3D2061%26utm_content%3Dzd_public_v2&charset=utf-8&uah=chm%0A%3F0&hittoken=1703086460_e0c54671ec8ebe125efaea8e3ffedd96ea6eb14e409f25bebda48fe39bd355e4&browser-info=ar%3A1%3Avf%3A3bfl5e3f8ptrmgtp6nxhmpy3%3Afu%3A3%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A1190%3Acn%3A1%3Adp%3A1%3Als%3A960335423864%3Ahid%3A40686421%3Az%3A60%3Ai%3A20231220163420%3Aet%3A1703086461%3Ac%3A1%3Arn%3A1051054044%3Arqn%3A3%3Au%3A1703086461380815207%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Awv%3A2%3Aco%3A0%3Acpf%3A1%3Ans%3A1703086459967%3Aadb%3A2%3Arqnl%3A1%3Ast%3A1703086461%3At%3ALove%20Test%20%3C3&t=gdpr(14%2C14%2C14)mc(g-9)clc(0-0-0)rqnt(3)aw(1)rcm(1)ti(0)&force-urlencoded=1&site-info=%7B%22languageCode%22%3A%22en%22%2C%22languageSource%22%3A%22browser%22%7D

Requested by

Host: mc.yandex.ru
URL: https://mc.yandex.ru/metrika/tag.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN13238 (YANDEX, RU),

Reverse DNS

Software

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

accept-language: nl-NL,nl;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 20 Dec 2023 15:34:21 GMT
strict-transport-security: max-age=31536000
last-modified: Wed, 20-Dec-2023 15:34:21 GMT
accept-ch: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
content-type: image/gif
access-control-allow-origin: https://aitsouty.top
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
content-length: 43
x-xss-protection: 1; mode=block
expires: Wed, 20-Dec-2023 15:34:21 GMT

POST
H2 200 1
mc.yandex.com/watch/66423859/ 43 B
74 B 75ms
74ms Ping
image/gif 2a02:6b8::1:119
YANDEX

General

Check archive.org

Show headers Download Go to

Full URL

https://mc.yandex.com/watch/66423859/1?page-url=goal%3A%2F%2Faitsouty.top%2FonAdexCall&page-ref=https%3A%2F%2Faitsouty.top%2Fdating-survey.html%3Foffer_id%3D2061%26utm_content%3Dzd_public_v2&charset=utf-8&uah=chm%0A%3F0&hittoken=1703086460_e0c54671ec8ebe125efaea8e3ffedd96ea6eb14e409f25bebda48fe39bd355e4&browser-info=ar%3A1%3Avf%3A3bfl5e3f8ptrmgtp6nxhmpy3%3Afu%3A3%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A1190%3Acn%3A1%3Adp%3A1%3Als%3A960335423864%3Ahid%3A40686421%3Az%3A60%3Ai%3A20231220163420%3Aet%3A1703086461%3Ac%3A1%3Arn%3A623489151%3Arqn%3A4%3Au%3A1703086461380815207%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Awv%3A2%3Aco%3A0%3Acpf%3A1%3Ans%3A1703086459967%3Aadb%3A2%3Arqnl%3A1%3Ast%3A1703086461%3At%3ALove%20Test%20%3C3&t=gdpr(14%2C14%2C14%2C14)mc(g-9)clc(0-0-0)rqnt(4)aw(1)rcm(1)ti(0)&force-urlencoded=1&site-info=%7B%7D

Requested by

Host: mc.yandex.ru
URL: https://mc.yandex.ru/metrika/tag.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN13238 (YANDEX, RU),

Reverse DNS

Software

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

accept-language: nl-NL,nl;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 20 Dec 2023 15:34:21 GMT
strict-transport-security: max-age=31536000
last-modified: Wed, 20-Dec-2023 15:34:21 GMT
accept-ch: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
content-type: image/gif
access-control-allow-origin: https://aitsouty.top
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
content-length: 43
x-xss-protection: 1; mode=block
expires: Wed, 20-Dec-2023 15:34:21 GMT

POST
H2 200 1
mc.yandex.com/watch/66423859/ 43 B
158 B 74ms
73ms Ping
image/gif 2a02:6b8::1:119
YANDEX

General

Check archive.org

Show headers Download Go to

Full URL

https://mc.yandex.com/watch/66423859/1?page-url=goal%3A%2F%2Faitsouty.top%2FonAdexLoad&page-ref=https%3A%2F%2Faitsouty.top%2Fdating-survey.html%3Foffer_id%3D2061%26utm_content%3Dzd_public_v2&charset=utf-8&uah=chm%0A%3F0&hittoken=1703086460_e0c54671ec8ebe125efaea8e3ffedd96ea6eb14e409f25bebda48fe39bd355e4&browser-info=ar%3A1%3Avf%3A3bfl5e3f8ptrmgtp6nxhmpy3%3Afu%3A3%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A1190%3Acn%3A1%3Adp%3A1%3Als%3A960335423864%3Ahid%3A40686421%3Az%3A60%3Ai%3A20231220163420%3Aet%3A1703086461%3Ac%3A1%3Arn%3A656809217%3Arqn%3A5%3Au%3A1703086461380815207%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Awv%3A2%3Aco%3A0%3Acpf%3A1%3Ans%3A1703086459967%3Aadb%3A2%3Arqnl%3A1%3Ast%3A1703086461%3At%3ALove%20Test%20%3C3&t=gdpr(14%2C14%2C14%2C14%2C14)mc(g-9)clc(0-0-0)rqnt(5)aw(1)rcm(1)ti(0)&force-urlencoded=1&site-info=%7B%7D

Requested by

Host: mc.yandex.ru
URL: https://mc.yandex.ru/metrika/tag.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN13238 (YANDEX, RU),

Reverse DNS

Software

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

accept-language: nl-NL,nl;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 20 Dec 2023 15:34:21 GMT
strict-transport-security: max-age=31536000
last-modified: Wed, 20-Dec-2023 15:34:21 GMT
accept-ch: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
content-type: image/gif
access-control-allow-origin: https://aitsouty.top
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
content-length: 43
x-xss-protection: 1; mode=block
expires: Wed, 20-Dec-2023 15:34:21 GMT

POST
H2 200 1
mc.yandex.com/watch/66423859/ 43 B
74 B 89ms
88ms Ping
image/gif 2a02:6b8::1:119
YANDEX

General

Check archive.org

Show headers Download Go to

Full URL

https://mc.yandex.com/watch/66423859/1?page-url=goal%3A%2F%2Faitsouty.top%2FonGidratorAddUrlParam&page-ref=https%3A%2F%2Faitsouty.top%2Fdating-survey.html%3Foffer_id%3D2061%26utm_content%3Dzd_public_v2&charset=utf-8&uah=chm%0A%3F0&hittoken=1703086460_e0c54671ec8ebe125efaea8e3ffedd96ea6eb14e409f25bebda48fe39bd355e4&browser-info=ar%3A1%3Avf%3A3bfl5e3f8ptrmgtp6nxhmpy3%3Afu%3A3%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A1190%3Acn%3A1%3Adp%3A1%3Als%3A960335423864%3Ahid%3A40686421%3Az%3A60%3Ai%3A20231220163420%3Aet%3A1703086461%3Ac%3A1%3Arn%3A757770079%3Arqn%3A6%3Au%3A1703086461380815207%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Awv%3A2%3Aco%3A0%3Acpf%3A1%3Ans%3A1703086459967%3Aadb%3A2%3Arqnl%3A1%3Ast%3A1703086461%3At%3ALove%20Test%20%3C3&t=gdpr(14%2C14%2C14%2C14%2C14%2C14)mc(g-9)clc(0-0-0)rqnt(6)aw(1)rcm(1)ti(0)&force-urlencoded=1&site-info=%7B%22isGidratorUnique%22%3Afalse%7D

Requested by

Host: mc.yandex.ru
URL: https://mc.yandex.ru/metrika/tag.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN13238 (YANDEX, RU),

Reverse DNS

Software

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

accept-language: nl-NL,nl;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 20 Dec 2023 15:34:21 GMT
strict-transport-security: max-age=31536000
last-modified: Wed, 20-Dec-2023 15:34:21 GMT
accept-ch: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
content-type: image/gif
access-control-allow-origin: https://aitsouty.top
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
content-length: 43
x-xss-protection: 1; mode=block
expires: Wed, 20-Dec-2023 15:34:21 GMT

POST
H2 200 1
mc.yandex.com/watch/66423859/ 43 B
74 B 80ms
79ms Ping
image/gif 2a02:6b8::1:119
YANDEX

General

Check archive.org

Show headers Download Go to

Full URL

https://mc.yandex.com/watch/66423859/1?page-url=goal%3A%2F%2Faitsouty.top%2FonStepChange&page-ref=https%3A%2F%2Faitsouty.top%2Fdating-survey.html%3Foffer_id%3D2061%26utm_content%3Dzd_public_v2&charset=utf-8&uah=chm%0A%3F0&hittoken=1703086460_e0c54671ec8ebe125efaea8e3ffedd96ea6eb14e409f25bebda48fe39bd355e4&browser-info=ar%3A1%3Avf%3A3bfl5e3f8ptrmgtp6nxhmpy3%3Afu%3A3%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A1190%3Acn%3A1%3Adp%3A1%3Als%3A960335423864%3Ahid%3A40686421%3Az%3A60%3Ai%3A20231220163420%3Aet%3A1703086461%3Ac%3A1%3Arn%3A859253789%3Arqn%3A7%3Au%3A1703086461380815207%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Awv%3A2%3Aco%3A0%3Acpf%3A1%3Ans%3A1703086459967%3Aadb%3A2%3Arqnl%3A1%3Ast%3A1703086461%3At%3ALove%20Test%20%3C3&t=gdpr(14%2C14%2C14%2C14%2C14%2C14%2C14)mc(g-9)clc(0-0-0)rqnt(7)aw(1)rcm(1)ti(0)&force-urlencoded=1&site-info=%7B%22stepName%22%3A%22main%22%7D

Requested by

Host: mc.yandex.ru
URL: https://mc.yandex.ru/metrika/tag.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN13238 (YANDEX, RU),

Reverse DNS

Software

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

accept-language: nl-NL,nl;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 20 Dec 2023 15:34:21 GMT
strict-transport-security: max-age=31536000
last-modified: Wed, 20-Dec-2023 15:34:21 GMT
accept-ch: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
content-type: image/gif
access-control-allow-origin: https://aitsouty.top
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
content-length: 43
x-xss-protection: 1; mode=block
expires: Wed, 20-Dec-2023 15:34:21 GMT

POST
H2 200 1
mc.yandex.com/watch/66423859/ 43 B
74 B 74ms
74ms Ping
image/gif 2a02:6b8::1:119
YANDEX

General

Check archive.org

Show headers Download Go to

Full URL

https://mc.yandex.com/watch/66423859/1?page-url=goal%3A%2F%2Faitsouty.top%2FonNotificationEvent&page-ref=https%3A%2F%2Faitsouty.top%2Fdating-survey.html%3Foffer_id%3D2061%26utm_content%3Dzd_public_v2&charset=utf-8&uah=chm%0A%3F0&hittoken=1703086460_e0c54671ec8ebe125efaea8e3ffedd96ea6eb14e409f25bebda48fe39bd355e4&browser-info=ar%3A1%3Avf%3A3bfl5e3f8ptrmgtp6nxhmpy3%3Afu%3A3%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A1190%3Acn%3A1%3Adp%3A1%3Als%3A960335423864%3Ahid%3A40686421%3Az%3A60%3Ai%3A20231220163420%3Aet%3A1703086461%3Ac%3A1%3Arn%3A173081097%3Arqn%3A8%3Au%3A1703086461380815207%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Awv%3A2%3Aco%3A0%3Acpf%3A1%3Ans%3A1703086459967%3Aadb%3A2%3Arqnl%3A1%3Ast%3A1703086461%3At%3ALove%20Test%20%3C3&t=gdpr(14%2C14%2C14%2C14%2C14%2C14%2C14%2C14)mc(g-9)clc(0-0-0)rqnt(8)aw(1)rcm(1)ti(0)&force-urlencoded=1&site-info=%7B%22notificationEvent%22%3A%22onPermissionDefault%22%7D

Requested by

Host: mc.yandex.ru
URL: https://mc.yandex.ru/metrika/tag.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN13238 (YANDEX, RU),

Reverse DNS

Software

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

accept-language: nl-NL,nl;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 20 Dec 2023 15:34:21 GMT
strict-transport-security: max-age=31536000
last-modified: Wed, 20-Dec-2023 15:34:21 GMT
accept-ch: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
content-type: image/gif
access-control-allow-origin: https://aitsouty.top
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
content-length: 43
x-xss-protection: 1; mode=block
expires: Wed, 20-Dec-2023 15:34:21 GMT

POST
H2 200 1
mc.yandex.com/watch/66423859/ 43 B
74 B 74ms
74ms Ping
image/gif 2a02:6b8::1:119
YANDEX

General

Check archive.org

Show headers Download Go to

Full URL

https://mc.yandex.com/watch/66423859/1?page-url=goal%3A%2F%2Faitsouty.top%2FonTrafficQualityCheck&page-ref=https%3A%2F%2Faitsouty.top%2Fdating-survey.html%3Foffer_id%3D2061%26utm_content%3Dzd_public_v2&charset=utf-8&uah=chm%0A%3F0&hittoken=1703086460_e0c54671ec8ebe125efaea8e3ffedd96ea6eb14e409f25bebda48fe39bd355e4&browser-info=ar%3A1%3Avf%3A3bfl5e3f8ptrmgtp6nxhmpy3%3Afu%3A3%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A1190%3Acn%3A1%3Adp%3A1%3Als%3A960335423864%3Ahid%3A40686421%3Az%3A60%3Ai%3A20231220163420%3Aet%3A1703086461%3Ac%3A1%3Arn%3A686434416%3Arqn%3A9%3Au%3A1703086461380815207%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Awv%3A2%3Aco%3A0%3Acpf%3A1%3Ans%3A1703086459967%3Aadb%3A2%3Arqnl%3A1%3Ast%3A1703086461%3At%3ALove%20Test%20%3C3&t=gdpr(14%2C14%2C14%2C14%2C14%2C14%2C14%2C14%2C14)mc(g-9)clc(0-0-0)rqnt(9)aw(1)rcm(1)ti(0)&force-urlencoded=1&site-info=%7B%22trafficQuality%22%3A%22alert%22%7D

Requested by

Host: mc.yandex.ru
URL: https://mc.yandex.ru/metrika/tag.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN13238 (YANDEX, RU),

Reverse DNS

Software

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

accept-language: nl-NL,nl;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 20 Dec 2023 15:34:21 GMT
strict-transport-security: max-age=31536000
last-modified: Wed, 20-Dec-2023 15:34:21 GMT
accept-ch: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
content-type: image/gif
access-control-allow-origin: https://aitsouty.top
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
content-length: 43
x-xss-protection: 1; mode=block
expires: Wed, 20-Dec-2023 15:34:21 GMT

POST
H2 200 1
mc.yandex.com/watch/66423859/ 43 B
74 B 81ms
81ms Ping
image/gif 2a02:6b8::1:119
YANDEX

General

Check archive.org

Show headers Download Go to

Full URL

https://mc.yandex.com/watch/66423859/1?page-url=goal%3A%2F%2Faitsouty.top%2FonGetIppRotate&page-ref=https%3A%2F%2Faitsouty.top%2Fdating-survey.html%3Foffer_id%3D2061%26utm_content%3Dzd_public_v2&charset=utf-8&uah=chm%0A%3F0&hittoken=1703086460_e0c54671ec8ebe125efaea8e3ffedd96ea6eb14e409f25bebda48fe39bd355e4&browser-info=ar%3A1%3Avf%3A3bfl5e3f8ptrmgtp6nxhmpy3%3Afu%3A3%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A1190%3Acn%3A1%3Adp%3A1%3Als%3A960335423864%3Ahid%3A40686421%3Az%3A60%3Ai%3A20231220163420%3Aet%3A1703086461%3Ac%3A1%3Arn%3A461258433%3Arqn%3A10%3Au%3A1703086461380815207%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Awv%3A2%3Aco%3A0%3Acpf%3A1%3Ans%3A1703086459967%3Aadb%3A2%3Arqnl%3A1%3Ast%3A1703086461%3At%3ALove%20Test%20%3C3&t=gdpr(14%2C14%2C14%2C14%2C14%2C14%2C14%2C14%2C14)mc(g-9)clc(0-0-0)rqnt(10)aw(1)rcm(1)ti(0)&force-urlencoded=1&site-info=%7B%22getIppLinkTime%22%3A0%2C%22mainExitDirection%22%3A%22onclick%22%2C%22teenageExitDirection%22%3A%22onclick%22%2C%22mainExitPopunderDirection%22%3A%22onclick%22%2C%22teenageExitPopunderDirection%22%3A%22onclick%22%2C%22notUniqueExitDirection%22%3A%22onclick%22%2C%22autoexitStep%22%3A%22onclick%22%2C%22autoexitPopunderStep%22%3A%22onclick%22%2C%22inapp%22%3A%22onclick%22%7D

Requested by

Host: mc.yandex.ru
URL: https://mc.yandex.ru/metrika/tag.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN13238 (YANDEX, RU),

Reverse DNS

Software

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

accept-language: nl-NL,nl;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 20 Dec 2023 15:34:21 GMT
strict-transport-security: max-age=31536000
last-modified: Wed, 20-Dec-2023 15:34:21 GMT
accept-ch: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
content-type: image/gif
access-control-allow-origin: https://aitsouty.top
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
content-length: 43
x-xss-protection: 1; mode=block
expires: Wed, 20-Dec-2023 15:34:21 GMT

POST
H2 200 1
mc.yandex.com/watch/66423859/ 43 B
146 B 80ms
80ms Ping
image/gif 2a02:6b8::1:119
YANDEX

General

Check archive.org

Show headers Download Go to

Full URL

https://mc.yandex.com/watch/66423859/1?page-url=https%3A%2F%2Faitsouty.top%2Fdating-survey.html%3Foffer_id%3D2061%26utm_content%3Dzd_public_v2&charset=utf-8&hittoken=1703086460_e0c54671ec8ebe125efaea8e3ffedd96ea6eb14e409f25bebda48fe39bd355e4&browser-info=nb%3A1%3Acl%3A474%3Aar%3A1%3Avf%3A3bfl5e3f8ptrmgtp6nxhmpy3%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A1190%3Acn%3A1%3Adp%3A1%3Als%3A960335423864%3Ahid%3A40686421%3Az%3A60%3Ai%3A20231220163435%3Aet%3A1703086476%3Ac%3A1%3Arn%3A827174343%3Arqn%3A11%3Au%3A1703086461380815207%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Awv%3A2%3Aco%3A0%3Acpf%3A1%3Aeu%3A1%3Ans%3A1703086459967%3Aadb%3A2%3Arqnl%3A1%3Ast%3A1703086476&t=gdpr(14%2C14%2C14%2C14%2C14%2C14%2C14%2C14%2C14)mc(g-9)clc(0-0-0)rqnt(11)aw(1)rcm(1)ti(0)&force-urlencoded=1&site-info=%7B%22__ym%22%3A%7B%22ct.e%22%3A%22ns%22%7D%7D

Requested by

Host: mc.yandex.ru
URL: https://mc.yandex.ru/metrika/tag.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN13238 (YANDEX, RU),

Reverse DNS

Software

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

accept-language: nl-NL,nl;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 20 Dec 2023 15:34:35 GMT
strict-transport-security: max-age=31536000
last-modified: Wed, 20-Dec-2023 15:34:35 GMT
accept-ch: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
content-type: image/gif
access-control-allow-origin: https://aitsouty.top
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
content-length: 43
x-xss-protection: 1; mode=block
expires: Wed, 20-Dec-2023 15:34:35 GMT

POST
H2 200 img.gif
my.rtmark.net/ 43 B
505 B 27ms
27ms Ping
image/gif 139.45.195.8
RETN-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://my.rtmark.net/img.gif?f=sync&partner=bad62ccd10dfd3975a220f1dc703b0db2bef248b3619abc54d9cd11706692958

Requested by

Host: aitsouty.top
URL: https://aitsouty.top/js/_core-survey.2c33caf6.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

139.45.195.8 , United Kingdom, ASN9002 (RETN-AS, GB),

Reverse DNS

Software

nginx /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=1
X-Content-Type-Options	nosniff

Request headers

accept-language: nl-NL,nl;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Wed, 20 Dec 2023 15:34:50 GMT
strict-transport-security: max-age=1
x-content-type-options: nosniff
server: nginx
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
content-type: image/gif
access-control-allow-origin: https://aitsouty.top
access-control-expose-headers: Authorization
access-control-allow-credentials: true
timing-allow-origin: *, *
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, Authorization,X-CSRF-Token
content-length: 43

POST
H2 200 sync-metrics
dortmark.net/ 17 B
0 28ms
27ms Fetch
application/json 139.45.197.248
RETN-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://dortmark.net/sync-metrics

Requested by

Host: aitsouty.top
URL: https://aitsouty.top/js/_core-survey.2c33caf6.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

139.45.197.248 , United Kingdom, ASN9002 (RETN-AS, GB),

Reverse DNS

Software

nginx /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=1
X-Content-Type-Options	nosniff

Request headers

Referer
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
Content-Type: application/json

Response headers

x-trace-id: 07c34de54c19625bd4e3515e86b8e0ee
pragma: no-cache
date: Wed, 20 Dec 2023 15:34:50 GMT
strict-transport-security: max-age=1
x-content-type-options: nosniff
server: nginx
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/json; charset=utf-8
access-control-allow-origin: https://aitsouty.top
cache-control: no-transform, no-store, no-cache, must-revalidate, max-age=0
access-control-allow-credentials: true
timing-allow-origin: *, *
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, baggage, sentry-trace
content-length: 17
expires: Tue, 11 Jan 1994 10:00:00 GMT

GET
H2 200 / Show response
aitsouty.top/cndi4858vmefovl/5473348/ 30 KB
12 KB 64ms
63ms Document
text/html 188.114.97.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://aitsouty.top/cndi4858vmefovl/5473348/?var=&ymid=&rhd=1&oaid=u7xhnm3udr0iqav3uly2gy0mgmzaa417&usid=18c87dd0d3350dc145bb2e7

Requested by

Host: aitsouty.top
URL: https://aitsouty.top/js/_core-survey.2c33caf6.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c7e1335d6dba2e41254349b2d3bde8b6778091cf829f469a4132411db592e61f

Security Headers

Name	Value
Strict-Transport-Security	max-age=1
X-Content-Type-Options	nosniff

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Wow64
access-control-allow-credentials: true
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, baggage, sentry-trace
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: *
access-control-max-age: 86400
alt-svc: h3=":443"; ma=86400
cache-control: no-transform, no-store, no-cache, must-revalidate, max-age=0
cf-cache-status: DYNAMIC
cf-ray: 8388f3a5b8a56694-AMS
content-encoding: gzip
content-type: text/html; charset=utf8
date: Wed, 20 Dec 2023 15:34:50 GMT
expires: Tue, 11 Jan 1994 10:00:00 GMT
link: <https://propeller-tracking.com>; rel="preconnect dns-prefetch",<https://my.rtmark.net>; rel="preconnect dns-prefetch"
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
pragma: no-cache
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=flYQXuebgX22ncqqjb1p3arNpLDGj706hzpbq84tEdOBfHISNPsTTLoKSEVfxuyycW8Sul%2Ba1lMx1yd0mTlK864JFzWscDJYBCqh8nLYTMWHf8PnDVmGHyMaqUtFxJQ%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
strict-transport-security: max-age=1
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-trace-id: 8c560f6376a2f4a8672920f83cac4268

POST
H2 200 1
mc.yandex.com/watch/66423859/ 43 B
146 B 81ms
81ms Ping
image/gif 2a02:6b8::1:119
YANDEX

General

Check archive.org

Show headers Download Go to

Full URL

https://mc.yandex.com/watch/66423859/1?page-url=goal%3A%2F%2Faitsouty.top%2FonAutoExit&page-ref=https%3A%2F%2Faitsouty.top%2Frevers.html%3Fz%3D6724522%26oaid%3Du7xhnm3udr0iqav3uly2gy0mgmzaa417%26rhd%3D1%26domain_onclick%3Dhttps%3A%2F%2Faitsouty.top&charset=utf-8&uah=chm%0A%3F0&hittoken=1703086460_e0c54671ec8ebe125efaea8e3ffedd96ea6eb14e409f25bebda48fe39bd355e4&browser-info=ar%3A1%3Avf%3A3bfl5e3f8ptrmgtp6nxhmpy3%3Afu%3A3%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A1190%3Acn%3A1%3Adp%3A1%3Als%3A960335423864%3Ahid%3A40686421%3Az%3A60%3Ai%3A20231220163450%3Aet%3A1703086490%3Ac%3A1%3Arn%3A549509915%3Arqn%3A12%3Au%3A1703086461380815207%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Awv%3A2%3Aco%3A0%3Acpf%3A1%3Aeu%3A1%3Ans%3A1703086459967%3Aadb%3A2%3Arqnl%3A1%3Ast%3A1703086490%3At%3ALove%20Test%20%3C3&t=gdpr(14%2C14%2C14%2C14%2C14%2C14%2C14%2C14%2C14)mc(g-9)clc(0-0-0)rqnt(12)aw(1)rcm(1)ti(0)&force-urlencoded=1&site-info=%7B%22autoExitPopunder%22%3A0%7D

Requested by

Host: mc.yandex.ru
URL: https://mc.yandex.ru/metrika/tag.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN13238 (YANDEX, RU),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

accept-language: nl-NL,nl;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 20 Dec 2023 15:34:50 GMT
strict-transport-security: max-age=31536000
last-modified: Wed, 20-Dec-2023 15:34:50 GMT
accept-ch: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
content-type: image/gif
access-control-allow-origin: https://aitsouty.top
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
content-length: 43
x-xss-protection: 1; mode=block
expires: Wed, 20-Dec-2023 15:34:50 GMT

OPTIONS
H2 200 sync-metrics
dortmark.net/ 0
0 26ms
26ms Preflight 139.45.197.248
RETN-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://dortmark.net/sync-metrics

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

139.45.197.248 , United Kingdom, ASN9002 (RETN-AS, GB),

Reverse DNS

Software

nginx /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=1
X-Content-Type-Options	nosniff

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://aitsouty.top
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, baggage, sentry-trace
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: https://aitsouty.top
cache-control: no-transform, no-store, no-cache, must-revalidate, max-age=0
content-length: 0
date: Wed, 20 Dec 2023 15:34:50 GMT
expires: Tue, 11 Jan 1994 10:00:00 GMT
pragma: no-cache
server: nginx
strict-transport-security: max-age=1
timing-allow-origin: * *
x-content-type-options: nosniff

POST
H3 200 sftouch
aitsouty.top/ 2 B
795 B 36ms
35ms Ping
text/plain 188.114.97.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://aitsouty.top/sftouch?userId=u7xhnm3udr0iqav3uly2gy0mgmzaa417&z=5473348&p_rid=1aeff691-b80d-4e1a-baa0-cefce9784c5b&p_src=sf

Requested by

Host: aitsouty.top
URL: https://aitsouty.top/cndi4858vmefovl/5473348/?var=&ymid=&rhd=1&oaid=u7xhnm3udr0iqav3uly2gy0mgmzaa417&usid=18c87dd0d3350dc145bb2e7

Protocol

Security

QUIC, , AES_128_GCM

Server

188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=1
X-Content-Type-Options	nosniff

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://aitsouty.top/cndi4858vmefovl/5473348/?var=&ymid=&rhd=1&oaid=u7xhnm3udr0iqav3uly2gy0mgmzaa417&usid=18c87dd0d3350dc145bb2e7
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Wed, 20 Dec 2023 15:34:50 GMT
strict-transport-security: max-age=1
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
content-length: 2
x-trace-id: 8e067cae0b63219bf7961eeead35b991
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Wow64
server: cloudflare
access-control-max-age: 86400
access-control-allow-methods: GET, POST, OPTIONS
content-type: text/plain
access-control-allow-origin: https://aitsouty.top
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=VVsQbZSDp9I5Hx2Q%2BJDxvoMD2savQe%2BQuGe4EpX58TKgOq0YHBX0b5nMIKbdPGFV9V6pwU8r9%2FnzliWMfVnLboP5IZkiviZpAig9YYKpDltk9XjvbbnOd%2F1GZEroELg%3D"}],"group":"cf-nel","max_age":604800}
cache-control: no-transform, no-store, no-cache, must-revalidate, max-age=0
access-control-allow-credentials: true
timing-allow-origin: *
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, baggage, sentry-trace
cf-ray: 8388f3a638db06c6-AMS
expires: Tue, 11 Jan 1994 10:00:00 GMT

POST
H2 200 img.gif
my.rtmark.net/ 43 B
505 B 25ms
25ms Ping
image/gif 139.45.195.8
RETN-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://my.rtmark.net/img.gif?f=merge&userId=u7xhnm3udr0iqav3uly2gy0mgmzaa417&z=5473348&p_rid=1aeff691-b80d-4e1a-baa0-cefce9784c5b&p_src=sf

Requested by

Host: aitsouty.top
URL: https://aitsouty.top/cndi4858vmefovl/5473348/?var=&ymid=&rhd=1&oaid=u7xhnm3udr0iqav3uly2gy0mgmzaa417&usid=18c87dd0d3350dc145bb2e7

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

139.45.195.8 , United Kingdom, ASN9002 (RETN-AS, GB),

Reverse DNS

Software

nginx /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=1
X-Content-Type-Options	nosniff

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://aitsouty.top/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Wed, 20 Dec 2023 15:34:50 GMT
strict-transport-security: max-age=1
x-content-type-options: nosniff
server: nginx
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
content-type: image/gif
access-control-allow-origin: https://aitsouty.top
access-control-expose-headers: Authorization
access-control-allow-credentials: true
timing-allow-origin: *, *
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, Authorization,X-CSRF-Token
content-length: 43

POST
H/1.1 200
OK add
datatechone.com/log/ 2 B
465 B 107ms
25ms XHR
text/plain 139.45.195.253
RETN-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://datatechone.com/log/add?cid=1db9169f-90f4-4b2d-b517-bc47aab19c1f
Requested by: Host: aitsouty.top
URL: https://aitsouty.top/cndi4858vmefovl/5473348/?var=&ymid=&rhd=1&oaid=u7xhnm3udr0iqav3uly2gy0mgmzaa417&usid=18c87dd0d3350dc145bb2e7
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 139.45.195.253 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software: nginx/1.19.10 /
Resource Hash

Request headers

Referer: https://aitsouty.top/
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

Date: Wed, 20 Dec 2023 15:34:50 GMT
Server: nginx/1.19.10
Access-Control-Allow-Methods: POST, GET, OPTIONS, PUT, DELETE
Content-Type: text/plain; charset=utf-8
Access-Control-Allow-Origin: https://aitsouty.top
Access-Control-Allow-Credentials: true
Connection: keep-alive
Access-Control-Allow-Headers: Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-Forwarded-For, If-None-Match
Content-Length: 2

GET
H2

200

/ Show response
totalbeststories.com/
Redirect Chain

https://aitsouty.top/rhd?z=5473348&syncedCookie=false&rhd=true
https://totalbeststories.com/?b=2909618&ba=0&campid=14083&did=2&dm=0&ep=0&fp=0&g=NL&hr=0&i18db=1&l=gnSq6b3k7lHvVR4&oaid=u7xhnm3udr0iqav3uly2gy0mgmzaa417&pshr=0&rd=0&s=761362526582875104&ssk=1224ab6...

33 KB
12 KB

273ms
70ms

Document
text/html

172.64.137.7

General

Check archive.org

Show headers Download Go to

Full URL: https://totalbeststories.com/?b=2909618&ba=0&campid=14083&did=2&dm=0&ep=0&fp=0&g=NL&hr=0&i18db=1&l=gnSq6b3k7lHvVR4&oaid=u7xhnm3udr0iqav3uly2gy0mgmzaa417&pshr=0&rd=0&s=761362526582875104&ssk=1224ab60bf40461c0a87ba67264ec2e0&svar=1703086490&tb=5202628&tbad=5234825&vi=0&vo=0&z=5473348
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.64.137.7 -, , ASN (),
Reverse DNS
Software: cloudflare / PHP/7.4.33
Resource Hash: cabeefeaf81d7abebf87692a02ce53757829f77ec9fe3093b2db6639611c1590

Request headers

Content-Type: application/x-www-form-urlencoded
Origin: https://aitsouty.top
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range
access-control-allow-methods: GET, POST, OPTIONS, HEAD
access-control-allow-origin: *
access-control-expose-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range
alt-svc: h3=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 8388f3a829db0b87-AMS
content-encoding: br
content-type: text/html; charset=UTF-8
date: Wed, 20 Dec 2023 15:34:50 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=WAuh6VLkjBqiW1H8hwmRdfsHI5BxEQDOmyc4u4GwP1FqXrh6ZZhdHKteIojhM0bnjTqjF8dJiEOJKYXQEKo6Km%2FzpIi5GJc5JQ9fGG9nF2VZe6RHfMLUdBVCx5cb5%2Byryu9zzfwQgA%3D%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
x-powered-by: PHP/7.4.33

Redirect headers

accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Wow64
access-control-allow-credentials: true
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, baggage, sentry-trace
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: https://aitsouty.top
access-control-max-age: 86400
alt-svc: h3=":443"; ma=86400
cache-control: no-transform, no-store, no-cache, must-revalidate, max-age=0
cf-cache-status: DYNAMIC
cf-ray: 8388f3a6892e06c6-AMS
content-length: 0
date: Wed, 20 Dec 2023 15:34:50 GMT
expires: Tue, 11 Jan 1994 10:00:00 GMT
link: <https://totalbeststories.com>; rel="preconnect dns-prefetch",<https://propeller-tracking.com>; rel="preconnect dns-prefetch",<https://sr7pv7n5x.com>; rel="preconnect dns-prefetch"
location: https://totalbeststories.com/?b=2909618&ba=0&campid=14083&did=2&dm=0&ep=0&fp=0&g=NL&hr=0&i18db=1&l=gnSq6b3k7lHvVR4&oaid=u7xhnm3udr0iqav3uly2gy0mgmzaa417&pshr=0&rd=0&s=761362526582875104&ssk=1224ab60bf40461c0a87ba67264ec2e0&svar=1703086490&tb=5202628&tbad=5234825&vi=0&vo=0&z=5473348
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
pragma: no-cache
referrer-policy: no-referrer
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=7Jd0ps93XKwWeVXZwzy1b0KNklGyQdJcSJMvMzDnGh4pFMtlU41a6LGwC8d5eZgG1jPvElYfTC8VSYg9h9ojykCiaqPJhS6D9jI5g9QSFu6yBBV4oAr8HOROVTDCyfw%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
strict-transport-security: max-age=1
timing-allow-origin: *
x-content-type-options: nosniff
x-trace-id: 3937d88e9c566c5f304fabcad4014685

GET
H2 200 style.css
littlecdn.com/apps/templates/subscriptions/universal/css/ 7 KB
2 KB 106ms
35ms Stylesheet
text/css 2606:4700:10::6816:1974

General

Check archive.org

Show headers Download Go to

Full URL: https://littlecdn.com/apps/templates/subscriptions/universal/css/style.css?v=2
Requested by: Host: totalbeststories.com
URL: https://totalbeststories.com/?b=2909618&ba=0&campid=14083&did=2&dm=0&ep=0&fp=0&g=NL&hr=0&i18db=1&l=gnSq6b3k7lHvVR4&oaid=u7xhnm3udr0iqav3uly2gy0mgmzaa417&pshr=0&rd=0&s=761362526582875104&ssk=1224ab60bf40461c0a87ba67264ec2e0&svar=1703086490&tb=5202628&tbad=5234825&vi=0&vo=0&z=5473348
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:1974 -, , ASN (),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://totalbeststories.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Wed, 20 Dec 2023 15:34:51 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Tue, 19 Dec 2023 14:43:29 GMT
server: cloudflare
age: 6458
etag: W/"6581ac11-1bb3"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS, HEAD
content-type: text/css
access-control-allow-origin: *
access-control-expose-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range
cache-control: max-age=3600
cf-ray: 8388f3a91abcb8b5-AMS
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range

GET
H2 200 gid.js Show response
my.rtmark.net/ 65 B
547 B 25ms
25ms Fetch
application/json 139.45.195.8
RETN-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://my.rtmark.net/gid.js?userId=u7xhnm3udr0iqav3uly2gy0mgmzaa417

Requested by

Host: totalbeststories.com
URL: https://totalbeststories.com/?b=2909618&ba=0&campid=14083&did=2&dm=0&ep=0&fp=0&g=NL&hr=0&i18db=1&l=gnSq6b3k7lHvVR4&oaid=u7xhnm3udr0iqav3uly2gy0mgmzaa417&pshr=0&rd=0&s=761362526582875104&ssk=1224ab60bf40461c0a87ba67264ec2e0&svar=1703086490&tb=5202628&tbad=5234825&vi=0&vo=0&z=5473348

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

139.45.195.8 , United Kingdom, ASN9002 (RETN-AS, GB),

Reverse DNS

Software

nginx /

Resource Hash

349b536978344bd69ec81aff029828dca5c8b1b75b8f66b89e17fa00f59b3458

Security Headers

Name	Value
Strict-Transport-Security	max-age=1
X-Content-Type-Options	nosniff

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://totalbeststories.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Wed, 20 Dec 2023 15:34:50 GMT
strict-transport-security: max-age=1
x-content-type-options: nosniff
server: nginx
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
content-type: application/json; charset=utf-8
access-control-allow-origin: https://totalbeststories.com
access-control-expose-headers: Authorization
access-control-allow-credentials: true
timing-allow-origin: *, *
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, Authorization,X-CSRF-Token
content-length: 65

GET
H2 200 micro.tag.min.js Show response
totalbeststories.com/pfe/current/ 26 KB
11 KB 39ms
37ms Script
application/javascript 172.64.137.7

General

Check archive.org

Show headers Download Go to

Full URL: https://totalbeststories.com/pfe/current/micro.tag.min.js?z=5202932&ymid=761362526582875104&var=5473348&sw=/sw-check-permissions/5202932&uhd=1
Requested by: Host: totalbeststories.com
URL: https://totalbeststories.com/?b=2909618&ba=0&campid=14083&did=2&dm=0&ep=0&fp=0&g=NL&hr=0&i18db=1&l=gnSq6b3k7lHvVR4&oaid=u7xhnm3udr0iqav3uly2gy0mgmzaa417&pshr=0&rd=0&s=761362526582875104&ssk=1224ab60bf40461c0a87ba67264ec2e0&svar=1703086490&tb=5202628&tbad=5234825&vi=0&vo=0&z=5473348
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.64.137.7 -, , ASN (),
Reverse DNS
Software: cloudflare /
Resource Hash: 9fc2aa21f3a7bfe66783d35fdbb48147f73e72a41f87aea848f64a8cb4518eba

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://totalbeststories.com/?b=2909618&ba=0&campid=14083&did=2&dm=0&ep=0&fp=0&g=NL&hr=0&i18db=1&l=gnSq6b3k7lHvVR4&oaid=u7xhnm3udr0iqav3uly2gy0mgmzaa417&pshr=0&rd=0&s=761362526582875104&ssk=1224ab60bf40461c0a87ba67264ec2e0&svar=1703086490&tb=5202628&tbad=5234825&vi=0&vo=0&z=5473348
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 20 Dec 2023 15:34:51 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Thu, 23 Nov 2023 20:42:33 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"655fb939-697f"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=VRg2sGib3gnBbfKBfTQpWb2Rhiwjiv7zwiZ4Rusrb1s%2FCofbYFkheLeYwRik2qPe6%2FBtwehaYO%2BlLBCOofHC91Yzr5rQ2e%2BxppMUizMs9DLwPy%2FaABktC0fkUtJMSby%2BcqH%2FDUIV%2Fg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=86400
access-control-allow-credentials: true
cf-ray: 8388f3a8ba910b87-AMS
alt-svc: h3=":443"; ma=86400

GET
H2 200 / Show response
totalbeststories.com/19/5202628/ 3 KB
3 KB 43ms
42ms XHR
application/json 172.64.137.7

General

Check archive.org

Show headers Download Go to

Full URL

https://totalbeststories.com/19/5202628/?abt_opts=1&var=5473348&var3=761362526582875104&ymid=&rhd=1

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.64.137.7 -, , ASN (),

Reverse DNS

Software

cloudflare /

Resource Hash

fe0c474659de45b20dd5a735d01f837a99e27bef09f8fdd800907881ce1aa3aa

Security Headers

Name	Value
Strict-Transport-Security	max-age=1
X-Content-Type-Options	nosniff

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://totalbeststories.com/?b=2909618&ba=0&campid=14083&did=2&dm=0&ep=0&fp=0&g=NL&hr=0&i18db=1&l=gnSq6b3k7lHvVR4&oaid=u7xhnm3udr0iqav3uly2gy0mgmzaa417&pshr=0&rd=0&s=761362526582875104&ssk=1224ab60bf40461c0a87ba67264ec2e0&svar=1703086490&tb=5202628&tbad=5234825&vi=0&vo=0&z=5473348
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Wed, 20 Dec 2023 15:34:51 GMT
strict-transport-security: max-age=1
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
content-encoding: gzip
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
x-trace-id: fe65877d2da60a6eff3462254f6fe4c3
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Wow64
server: cloudflare
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/json
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=x%2BPDxKIi%2Fy1SDSeX9f%2FYo%2BXP1%2BrueEjNz1N1PemOW%2B16n4GeLlbrKLQxepBoycwRBhkA5bIFgc1OIybH%2BDNiwlnMeLwygB7%2BJCFhX5tWQU2nCXqpoPsBEIafKzlIGHTlfxtBXAdArA%3D%3D"}],"group":"cf-nel","max_age":604800}
access-control-max-age: 86400
access-control-allow-credentials: true
cache-control: no-transform, no-store, no-cache, must-revalidate, max-age=0
timing-allow-origin: *
link: <https://my.rtmark.net>; rel="preconnect dns-prefetch",<https://propeller-tracking.com>; rel="preconnect dns-prefetch",<https://sr7pv7n5x.com>; rel="preconnect dns-prefetch"
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, baggage, sentry-trace
cf-ray: 8388f3a8ba8f0b87-AMS
expires: Tue, 11 Jan 1994 10:00:00 GMT

GET
H2 200 5202932
totalbeststories.com/sw-check-permissions/ 0
963 B 44ms
43ms Other
application/javascript 172.64.137.7

General

Check archive.org

Show headers Download Go to

Full URL: https://totalbeststories.com/sw-check-permissions/5202932?var=5473348&ymid=761362526582875104&uhd=1
Requested by: Host: totalbeststories.com
URL: https://totalbeststories.com/pfe/current/micro.tag.min.js?z=5202932&ymid=761362526582875104&var=5473348&sw=/sw-check-permissions/5202932&uhd=1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.64.137.7 -, , ASN (),
Reverse DNS
Software: cloudflare / PHP/7.4.33
Resource Hash

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://totalbeststories.com/?b=2909618&ba=0&campid=14083&did=2&dm=0&ep=0&fp=0&g=NL&hr=0&i18db=1&l=gnSq6b3k7lHvVR4&oaid=u7xhnm3udr0iqav3uly2gy0mgmzaa417&pshr=0&rd=0&s=761362526582875104&ssk=1224ab60bf40461c0a87ba67264ec2e0&svar=1703086490&tb=5202628&tbad=5234825&vi=0&vo=0&z=5473348
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Wed, 20 Dec 2023 15:34:51 GMT
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
x-powered-by: PHP/7.4.33
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS, HEAD
content-type: application/javascript
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=fUwrjRWgPQxqBI5hkzfTWAmvxx%2BS%2BRSqsntt6tv%2Bqd10assgQq33LmXZDoJgGNj70dLtdyDx6uQtfilfCRPJKYFihNdmvBPYh%2FqJdAt9yV%2B4krkhcbECNRIHqtJb1RImfXmeBzZFsw%3D%3D"}],"group":"cf-nel","max_age":604800}
access-control-expose-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range
cf-ray: 8388f3a90af10b87-AMS
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range
alt-svc: h3=":443"; ma=86400

POST
H2 200 zone
totalbeststories.com/ 0
351 B 34ms
34ms Ping
text/plain 172.64.137.7

General

Check archive.org

Show headers Download Go to

Full URL

https://totalbeststories.com/zone?&pub=0&zone_id=5202932&is_mobile=false&domain=totalbeststories.com&var=5473348&ymid=761362526582875104&var_3=&var_4=&dsig=&tg=1&sw=3.1.471&action=prerequest

Requested by

Host: totalbeststories.com
URL: https://totalbeststories.com/pfe/current/micro.tag.min.js?z=5202932&ymid=761362526582875104&var=5473348&sw=/sw-check-permissions/5202932&uhd=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.64.137.7 -, , ASN (),

Reverse DNS

Software

cloudflare /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=1
X-Content-Type-Options	nosniff

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://totalbeststories.com/?b=2909618&ba=0&campid=14083&did=2&dm=0&ep=0&fp=0&g=NL&hr=0&i18db=1&l=gnSq6b3k7lHvVR4&oaid=u7xhnm3udr0iqav3uly2gy0mgmzaa417&pshr=0&rd=0&s=761362526582875104&ssk=1224ab60bf40461c0a87ba67264ec2e0&svar=1703086490&tb=5202628&tbad=5234825&vi=0&vo=0&z=5473348
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

x-trace-id: 46cab1f1dd8f4482f29f466b9e2ee97d
date: Wed, 20 Dec 2023 15:34:51 GMT
strict-transport-security: max-age=1
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=r9Cm3znrNNTg%2B%2BNpYK3K0LWh1z6hOUI7VEoSUzPbux%2Bgf%2BWZtDjLcFDYCL1BH2n%2BSea2d6FRjib5W6AMpv1t3BRPcdmJqyaub3GtrZqueSQo6Ul4JCcU1MfkUayiSui1SLlq2BJXYA%3D%3D"}],"group":"cf-nel","max_age":604800}
access-control-allow-origin: https://totalbeststories.com
access-control-allow-credentials: true
cf-ray: 8388f3a90af30b87-AMS
access-control-allow-headers: Origin, X-Requested-With, X-Oaid, Content-Type, Accept
content-length: 0
alt-svc: h3=":443"; ma=86400

GET
H3 200 rhd
totalbeststories.com/ 3 KB
3 KB 48ms
48ms Fetch
application/json 172.64.137.7

General

Check archive.org

Show headers Download Go to

Full URL

https://totalbeststories.com/rhd?rb=rK_Svalla7UsLYotV9cmbufix_eoLpBMf9EBlx1LwHQtUKDrLU-HH4zBDhOztbNB_gHvcBzBCV9Uiwn72vpalU0EVeVYP80MZJGxJZ6sEK-3mJxiHRfZXePzQuhnxx_OZPjefbKZX4sywpeD47pfUkD3rwpUc-rYt_oslppRbyrDpNNEFvahHeZDHUWgcszA0Zm95AXUD5odNZOTtogvpfsaGMY15rICBVNPU_GfPGu3lSWVzdqT0m1mB26ZF2o45tnfhrAPhqBYEJ-h0ouAXU_JQnprpcOuinLpNLLE6KTm-0m-PNccUwx1b9ZdbXYKulsAoWX9OQlTgpCKd11AyBx-LNtpS69h4gRo3AMU4i7Yj89CDYa-haVHGqQ_tT_LLqcRi_c89i_C5Ux6Ghn5f1rV1l4ZjJG-yi3aZZGr5hq22rp7JzVkEY-h0nh7vjNkxE6dW3prCB4NJVyl1iokwfUjC2JVh8JvHQK4WpEeoQDiZthF7C6y8iuiqFussmzDDZ7mjnZyfbgU6gqASmJqx53QM0XxNyEVNNyUt0L_Cn-mNf7osNVZpEsT4MIqU88EsnHml4_bUi0nPzmnYZb4L3DRrAQ7q06jVxD_Jx0iWt1UrgFO7vVVL387kD7Pb1QD7IlY-EEL_s2diP0Ot1kW6Q1--kI%3D&request_ab2=0&zoneid=5202628&fs=0&cf=0&sw=1600&sh=1200&sah=1200&wx=0&wy=0&ww=1600&wh=1200&cw=1600&wih=1200&wiw=1600&wfc=0&pl=https%3A%2F%2Ftotalbeststories.com%2F%3Fb%3D2909618%26ba%3D0%26campid%3D14083%26did%3D2%26dm%3D0%26ep%3D0%26fp%3D0%26g%3DNL%26hr%3D0%26i18db%3D1%26l%3DgnSq6b3k7lHvVR4%26oaid%3Du7xhnm3udr0iqav3uly2gy0mgmzaa417%26pshr%3D0%26rd%3D0%26s%3D761362526582875104%26ssk%3D1224ab60bf40461c0a87ba67264ec2e0%26svar%3D1703086490%26tb%3D5202628%26tbad%3D5234825%26vi%3D0%26vo%3D0%26z%3D5473348&drf=&np=1&pt=0&nb=1&ng=1&ix=0&nw=1&tb=false&js_build=iclick-unknown&var=5473348&var3=761362526582875104&ymid=&rhd=1&m=link

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

172.64.137.7 -, , ASN (),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=1
X-Content-Type-Options	nosniff

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://totalbeststories.com/?b=2909618&ba=0&campid=14083&did=2&dm=0&ep=0&fp=0&g=NL&hr=0&i18db=1&l=gnSq6b3k7lHvVR4&oaid=u7xhnm3udr0iqav3uly2gy0mgmzaa417&pshr=0&rd=0&s=761362526582875104&ssk=1224ab60bf40461c0a87ba67264ec2e0&svar=1703086490&tb=5202628&tbad=5234825&vi=0&vo=0&z=5473348
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Wed, 20 Dec 2023 15:34:51 GMT
strict-transport-security: max-age=1
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
content-encoding: gzip
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
x-trace-id: 463a5b243f88e54006ac274b5f9cffb2
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Wow64
server: cloudflare
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/json
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=s%2BkrEOtV%2B84rmvaFiQTuxGu2EZvtzgnHCJ0WIuItUuH9m45l9XLy7e7ft1Ur%2Fu%2BF3KDBNIToFh9WWWMgWRlInD9KYaWQ0S9xZEJyw1Hkqeetf9cWUFXAWxODFU4sbpCLY93mlUozMQ%3D%3D"}],"group":"cf-nel","max_age":604800}
access-control-max-age: 86400
access-control-allow-credentials: true
cache-control: no-transform, no-store, no-cache, must-revalidate, max-age=0
timing-allow-origin: *
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, baggage, sentry-trace
cf-ray: 8388f3a929df0b75-AMS
expires: Tue, 11 Jan 1994 10:00:00 GMT

GET
H2 200 gid.js
my.rtmark.net/ 65 B
547 B 29ms
28ms Fetch
application/json 139.45.195.8
RETN-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://my.rtmark.net/gid.js?pub=0&userId=&zoneId=5202932&checkDuplicate=true&ymid=761362526582875104&var=5473348

Requested by

Host: totalbeststories.com
URL: https://totalbeststories.com/pfe/current/micro.tag.min.js?z=5202932&ymid=761362526582875104&var=5473348&sw=/sw-check-permissions/5202932&uhd=1

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

139.45.195.8 , United Kingdom, ASN9002 (RETN-AS, GB),

Reverse DNS

Software

nginx /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=1
X-Content-Type-Options	nosniff

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://totalbeststories.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Wed, 20 Dec 2023 15:34:51 GMT
strict-transport-security: max-age=1
x-content-type-options: nosniff
server: nginx
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
content-type: application/json; charset=utf-8
access-control-allow-origin: https://totalbeststories.com
access-control-expose-headers: Authorization
access-control-allow-credentials: true
timing-allow-origin: *, *
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, Authorization,X-CSRF-Token
content-length: 65

GET
H3 200 zone
totalbeststories.com/ 797 B
1 KB 36ms
35ms Fetch
application/json 172.64.137.7

General

Check archive.org

Show headers Download Go to

Full URL

https://totalbeststories.com/zone?&pub=0&zone_id=5202932&is_mobile=false&domain=totalbeststories.com&var=5473348&ymid=761362526582875104&var_3=&var_4=&dsig=&tg=1&sw=3.1.471&action=settings

Requested by

Host: totalbeststories.com
URL: https://totalbeststories.com/pfe/current/micro.tag.min.js?z=5202932&ymid=761362526582875104&var=5473348&sw=/sw-check-permissions/5202932&uhd=1

Protocol

Security

QUIC, , AES_128_GCM

Server

172.64.137.7 -, , ASN (),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=1
X-Content-Type-Options	nosniff

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://totalbeststories.com/?b=2909618&ba=0&campid=14083&did=2&dm=0&ep=0&fp=0&g=NL&hr=0&i18db=1&l=gnSq6b3k7lHvVR4&oaid=u7xhnm3udr0iqav3uly2gy0mgmzaa417&pshr=0&rd=0&s=761362526582875104&ssk=1224ab60bf40461c0a87ba67264ec2e0&svar=1703086490&tb=5202628&tbad=5234825&vi=0&vo=0&z=5473348
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Wed, 20 Dec 2023 15:34:51 GMT
strict-transport-security: max-age=1
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding: br
alt-svc: h3=":443"; ma=86400
x-trace-id: c2392cc591537accb806909acd82e5a0
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Y9QbpXeyDu%2BfKdD1zbqY19HUHhR7ngSTz9KIs9WDGtgQ%2FaLdG46ygCcQxuZHDrLVecqx1vHE7QZhi7WSu%2Fbie1%2Fvl2%2FYe%2BmF3uDYUbBri1yXPOdbi35KrZ9QQV0o64VwaZLXz9eiIw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/json; charset=utf-8
access-control-allow-origin: *
access-control-allow-credentials: true
cf-ray: 8388f3a939f10b75-AMS
access-control-allow-headers: Origin, X-Requested-With, X-Oaid, Content-Type, Accept

POST
H3 200 /
totalbeststories.com/ 2 B
537 B 49ms
48ms XHR
application/json 172.64.137.7

General

Check archive.org

Show headers Download Go to

Full URL: https://totalbeststories.com/?b=2909618&ba=0&campid=14083&did=2&dm=0&ep=0&fp=0&g=NL&hr=0&i18db=1&l=gnSq6b3k7lHvVR4&oaid=u7xhnm3udr0iqav3uly2gy0mgmzaa417&pshr=0&rd=0&s=761362526582875104&ssk=1224ab60bf40461c0a87ba67264ec2e0&svar=1703086490&tb=5202628&tbad=5234825&vi=0&vo=0&z=5473348&mprtr=1
Requested by: Host: totalbeststories.com
URL: https://totalbeststories.com/?b=2909618&ba=0&campid=14083&did=2&dm=0&ep=0&fp=0&g=NL&hr=0&i18db=1&l=gnSq6b3k7lHvVR4&oaid=u7xhnm3udr0iqav3uly2gy0mgmzaa417&pshr=0&rd=0&s=761362526582875104&ssk=1224ab60bf40461c0a87ba67264ec2e0&svar=1703086490&tb=5202628&tbad=5234825&vi=0&vo=0&z=5473348
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.64.137.7 -, , ASN (),
Reverse DNS
Software: cloudflare / PHP/7.4.33
Resource Hash

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://totalbeststories.com/?b=2909618&ba=0&campid=14083&did=2&dm=0&ep=0&fp=0&g=NL&hr=0&i18db=1&l=gnSq6b3k7lHvVR4&oaid=u7xhnm3udr0iqav3uly2gy0mgmzaa417&pshr=0&rd=0&s=761362526582875104&ssk=1224ab60bf40461c0a87ba67264ec2e0&svar=1703086490&tb=5202628&tbad=5234825&vi=0&vo=0&z=5473348
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Wed, 20 Dec 2023 15:34:51 GMT
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
x-powered-by: PHP/7.4.33
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/json
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=82kPZtq9kfzOAF7oeH3Mz4plr3DsGPLYpNEzFX9ki9P7qfLKmkCmk3b%2BbevBtj4NNhYimgLKGKAr5MGbBDfvbDYIEqY1S1qy%2BFw6UDzNBJqNoHfuRqONQDfg8xb7FCRUh%2FPoZDMqRA%3D%3D"}],"group":"cf-nel","max_age":604800}
access-control-allow-credentials: true
cf-ray: 8388f3a96a350b75-AMS
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
alt-svc: h3=":443"; ma=86400

GET
H3 200 Primary Request / Show response
totalbeststories.com/ 33 KB
12 KB 74ms
73ms Document
text/html 172.64.137.7

General

Check archive.org

Show headers Download Go to

Full URL: https://totalbeststories.com/?b=2909618&ba=0&campid=14083&did=2&dm=0&ep=0&fp=0&g=NL&hr=0&i18db=1&l=gnSq6b3k7lHvVR4&oaid=u7xhnm3udr0iqav3uly2gy0mgmzaa417&pshr=0&rd=0&s=761362526582875104&ssk=1224ab60bf40461c0a87ba67264ec2e0&svar=1703086490&tb=5202628&tbad=5234825&vi=0&vo=0&z=5473348&rdc=2
Requested by: Host: totalbeststories.com
URL: https://totalbeststories.com/?b=2909618&ba=0&campid=14083&did=2&dm=0&ep=0&fp=0&g=NL&hr=0&i18db=1&l=gnSq6b3k7lHvVR4&oaid=u7xhnm3udr0iqav3uly2gy0mgmzaa417&pshr=0&rd=0&s=761362526582875104&ssk=1224ab60bf40461c0a87ba67264ec2e0&svar=1703086490&tb=5202628&tbad=5234825&vi=0&vo=0&z=5473348
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.64.137.7 -, , ASN (),
Reverse DNS
Software: cloudflare / PHP/7.4.33
Resource Hash: 5d731981f299e842f35cb93392b18fa1a0f45eb0faacf10b49a1c93f2b031df6

Request headers

Referer: https://totalbeststories.com/?b=2909618&ba=0&campid=14083&did=2&dm=0&ep=0&fp=0&g=NL&hr=0&i18db=1&l=gnSq6b3k7lHvVR4&oaid=u7xhnm3udr0iqav3uly2gy0mgmzaa417&pshr=0&rd=0&s=761362526582875104&ssk=1224ab60bf40461c0a87ba67264ec2e0&svar=1703086490&tb=5202628&tbad=5234825&vi=0&vo=0&z=5473348
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range
access-control-allow-methods: GET, POST, OPTIONS, HEAD
access-control-allow-origin: *
access-control-expose-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range
alt-svc: h3=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 8388f3a97a560b75-AMS
content-encoding: br
content-type: text/html; charset=UTF-8
date: Wed, 20 Dec 2023 15:34:51 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=hWn8UX7IHuDIgajtF2QCv%2BhZSqcUR2VMoP3YepWFU3qdYDYN8KyezDC5osMV1OOeP0TbSvNj6jNQzF%2Bktm51rz6WvbcUGMYSkfXnwcQMR2wnL7fmpN9R0imfQM0bf0wH0ARSrj9CJw%3D%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
x-powered-by: PHP/7.4.33

GET
H2 200 style.css
littlecdn.com/apps/templates/subscriptions/universal/css/ 7 KB
1 KB 34ms
33ms Stylesheet
text/css 2606:4700:10::6816:1974

General

Check archive.org

Show headers Download Go to

Full URL: https://littlecdn.com/apps/templates/subscriptions/universal/css/style.css?v=2
Requested by: Host: totalbeststories.com
URL: https://totalbeststories.com/?b=2909618&ba=0&campid=14083&did=2&dm=0&ep=0&fp=0&g=NL&hr=0&i18db=1&l=gnSq6b3k7lHvVR4&oaid=u7xhnm3udr0iqav3uly2gy0mgmzaa417&pshr=0&rd=0&s=761362526582875104&ssk=1224ab60bf40461c0a87ba67264ec2e0&svar=1703086490&tb=5202628&tbad=5234825&vi=0&vo=0&z=5473348&rdc=2
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:1974 -, , ASN (),
Reverse DNS
Software: cloudflare /
Resource Hash: 4335283743eb9e075b61c5870fd9a6ef1077eeb5369044b1d614a32a098b4779

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://totalbeststories.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Wed, 20 Dec 2023 15:34:51 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Tue, 19 Dec 2023 14:43:29 GMT
server: cloudflare
age: 6458
etag: W/"6581ac11-1bb3"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS, HEAD
content-type: text/css
access-control-allow-origin: *
access-control-expose-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range
cache-control: max-age=3600
cf-ray: 8388f3a9fbc4b8b5-AMS
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range

GET
H3 200 micro.tag.min.js Show response
totalbeststories.com/pfe/current/ 26 KB
11 KB 38ms
36ms Script
application/javascript 172.64.137.7

General

Check archive.org

Show headers Download Go to

Full URL: https://totalbeststories.com/pfe/current/micro.tag.min.js?z=5202932&ymid=761362526582875104&var=5473348&sw=/sw-check-permissions/5202932&uhd=1
Requested by: Host: totalbeststories.com
URL: https://totalbeststories.com/?b=2909618&ba=0&campid=14083&did=2&dm=0&ep=0&fp=0&g=NL&hr=0&i18db=1&l=gnSq6b3k7lHvVR4&oaid=u7xhnm3udr0iqav3uly2gy0mgmzaa417&pshr=0&rd=0&s=761362526582875104&ssk=1224ab60bf40461c0a87ba67264ec2e0&svar=1703086490&tb=5202628&tbad=5234825&vi=0&vo=0&z=5473348&rdc=2
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.64.137.7 -, , ASN (),
Reverse DNS
Software: cloudflare /
Resource Hash: 9fc2aa21f3a7bfe66783d35fdbb48147f73e72a41f87aea848f64a8cb4518eba

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://totalbeststories.com/?b=2909618&ba=0&campid=14083&did=2&dm=0&ep=0&fp=0&g=NL&hr=0&i18db=1&l=gnSq6b3k7lHvVR4&oaid=u7xhnm3udr0iqav3uly2gy0mgmzaa417&pshr=0&rd=0&s=761362526582875104&ssk=1224ab60bf40461c0a87ba67264ec2e0&svar=1703086490&tb=5202628&tbad=5234825&vi=0&vo=0&z=5473348&rdc=2
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 20 Dec 2023 15:34:51 GMT
content-encoding: br
cf-cache-status: REVALIDATED
last-modified: Thu, 23 Nov 2023 20:42:33 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"655fb939-697f"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=l88fffNm%2B%2BGkzlsvCHmpK08Uw9n%2Bv1JIchgAtHiO3fDPEJxP131xGI4r3CD%2B985soDH2tr4mpMgqThshUrurTv8HtLw7mTGaLRttYavqMJdb0tXEE4NucjUGuodKbxERmY0%2FKHgFWQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=86400
access-control-allow-credentials: true
cf-ray: 8388f3aa0b1e0b75-AMS
alt-svc: h3=":443"; ma=86400

GET
H3 200 / Show response
totalbeststories.com/19/5202628/ 3 KB
3 KB 38ms
37ms XHR
application/json 172.64.137.7

General

Check archive.org

Show headers Download Go to

Full URL

https://totalbeststories.com/19/5202628/?abt_opts=1&var=5473348&var3=761362526582875104&ymid=&rhd=1

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

172.64.137.7 -, , ASN (),

Reverse DNS

Software

cloudflare /

Resource Hash

468e5f8037719c7a18db577206cd1af8d809a867ea88afebe092c09e19588512

Security Headers

Name	Value
Strict-Transport-Security	max-age=1
X-Content-Type-Options	nosniff

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://totalbeststories.com/?b=2909618&ba=0&campid=14083&did=2&dm=0&ep=0&fp=0&g=NL&hr=0&i18db=1&l=gnSq6b3k7lHvVR4&oaid=u7xhnm3udr0iqav3uly2gy0mgmzaa417&pshr=0&rd=0&s=761362526582875104&ssk=1224ab60bf40461c0a87ba67264ec2e0&svar=1703086490&tb=5202628&tbad=5234825&vi=0&vo=0&z=5473348&rdc=2
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Wed, 20 Dec 2023 15:34:51 GMT
strict-transport-security: max-age=1
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
content-encoding: gzip
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
x-trace-id: c2737f9d4f6456d15bdd85632a2c5c4a
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Wow64
server: cloudflare
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/json
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=LB%2BmapNIzL7Lg1trJOkmzmPfBOpqLzp2IpHmPOQn6Ao1fgNjS8GwCrD%2Fq9xBQOHccn2Ov6sdv5J0HwS91no6jHVP6CRYU22feq%2BX578dl4qtd8rFU3eVACFimcxv1cj6Yl9EzG45CQ%3D%3D"}],"group":"cf-nel","max_age":604800}
access-control-max-age: 86400
access-control-allow-credentials: true
cache-control: no-transform, no-store, no-cache, must-revalidate, max-age=0
timing-allow-origin: *
link: <https://my.rtmark.net>; rel="preconnect dns-prefetch",<https://propeller-tracking.com>; rel="preconnect dns-prefetch",<https://sr7pv7n5x.com>; rel="preconnect dns-prefetch"
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, baggage, sentry-trace
cf-ray: 8388f3aa0b230b75-AMS
expires: Tue, 11 Jan 1994 10:00:00 GMT

POST
H3 200 / Show response
totalbeststories.com/ 2 B
534 B 46ms
46ms XHR
application/json 172.64.137.7

General

Check archive.org

Show headers Download Go to

Full URL: https://totalbeststories.com/?b=2909618&ba=0&campid=14083&did=2&dm=0&ep=0&fp=0&g=NL&hr=0&i18db=1&l=gnSq6b3k7lHvVR4&oaid=u7xhnm3udr0iqav3uly2gy0mgmzaa417&pshr=0&rd=0&s=761362526582875104&ssk=1224ab60bf40461c0a87ba67264ec2e0&svar=1703086490&tb=5202628&tbad=5234825&vi=0&vo=0&z=5473348&rdc=2&mprtr=1
Requested by: Host: totalbeststories.com
URL: https://totalbeststories.com/?b=2909618&ba=0&campid=14083&did=2&dm=0&ep=0&fp=0&g=NL&hr=0&i18db=1&l=gnSq6b3k7lHvVR4&oaid=u7xhnm3udr0iqav3uly2gy0mgmzaa417&pshr=0&rd=0&s=761362526582875104&ssk=1224ab60bf40461c0a87ba67264ec2e0&svar=1703086490&tb=5202628&tbad=5234825&vi=0&vo=0&z=5473348&rdc=2
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.64.137.7 -, , ASN (),
Reverse DNS
Software: cloudflare / PHP/7.4.33
Resource Hash: 44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://totalbeststories.com/?b=2909618&ba=0&campid=14083&did=2&dm=0&ep=0&fp=0&g=NL&hr=0&i18db=1&l=gnSq6b3k7lHvVR4&oaid=u7xhnm3udr0iqav3uly2gy0mgmzaa417&pshr=0&rd=0&s=761362526582875104&ssk=1224ab60bf40461c0a87ba67264ec2e0&svar=1703086490&tb=5202628&tbad=5234825&vi=0&vo=0&z=5473348&rdc=2
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Wed, 20 Dec 2023 15:34:51 GMT
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
x-powered-by: PHP/7.4.33
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/json
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=nWgTzcqAfNw17Rw81%2BJlIIfTwZY5F8ZYYPEi93sBhwAuBD9%2B2%2Bn4W6Qjp7e1FIoYqqB3i9K25GldU8m5bSlAEe7OCGBKV3dz2xmEBuKB2oPTwNBtKeLUa572lFGGlCI8snsULJ5YCw%3D%3D"}],"group":"cf-nel","max_age":604800}
access-control-allow-credentials: true
cf-ray: 8388f3aa3b530b75-AMS
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
alt-svc: h3=":443"; ma=86400

GET
H3 200 5202932
totalbeststories.com/sw-check-permissions/ 0
968 B 40ms
39ms Other
application/javascript 172.64.137.7

General

Check archive.org

Show headers Download Go to

Full URL: https://totalbeststories.com/sw-check-permissions/5202932?var=5473348&ymid=761362526582875104&uhd=1
Requested by: Host: totalbeststories.com
URL: https://totalbeststories.com/pfe/current/micro.tag.min.js?z=5202932&ymid=761362526582875104&var=5473348&sw=/sw-check-permissions/5202932&uhd=1
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.64.137.7 -, , ASN (),
Reverse DNS
Software: cloudflare / PHP/7.4.33
Resource Hash

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://totalbeststories.com/?b=2909618&ba=0&campid=14083&did=2&dm=0&ep=0&fp=0&g=NL&hr=0&i18db=1&l=gnSq6b3k7lHvVR4&oaid=u7xhnm3udr0iqav3uly2gy0mgmzaa417&pshr=0&rd=0&s=761362526582875104&ssk=1224ab60bf40461c0a87ba67264ec2e0&svar=1703086490&tb=5202628&tbad=5234825&vi=0&vo=0&z=5473348&rdc=2
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Wed, 20 Dec 2023 15:34:51 GMT
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
x-powered-by: PHP/7.4.33
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS, HEAD
content-type: application/javascript
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2FUi6bNjsFgVwQnDztxt9Mt1FkB%2BcPTB7%2BOCuSXRMO0DiQNxeXC0CY9P%2Bkd%2F8sbpZzwTij0TmCrGr%2Be1AW9rIsOdNOQ%2Fdg8KYdyR7ccZdGFOpxnJ%2FdStfGq0RbhQ%2FSh31GTC2E76RsA%3D%3D"}],"group":"cf-nel","max_age":604800}
access-control-expose-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range
cf-ray: 8388f3aa5b780b75-AMS
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range
alt-svc: h3=":443"; ma=86400

POST zone
totalbeststories.com/ 0
0

GET rhd
totalbeststories.com/ 0
0

GET
H2 200 gid.js
my.rtmark.net/ 65 B
547 B 27ms
26ms Fetch
application/json 139.45.195.8
RETN-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://my.rtmark.net/gid.js?pub=0&userId=&zoneId=5202932&checkDuplicate=true&ymid=761362526582875104&var=5473348

Requested by

Host: totalbeststories.com
URL: https://totalbeststories.com/pfe/current/micro.tag.min.js?z=5202932&ymid=761362526582875104&var=5473348&sw=/sw-check-permissions/5202932&uhd=1

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

139.45.195.8 , United Kingdom, ASN9002 (RETN-AS, GB),

Reverse DNS

Software

nginx /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=1
X-Content-Type-Options	nosniff

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://totalbeststories.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Wed, 20 Dec 2023 15:34:51 GMT
strict-transport-security: max-age=1
x-content-type-options: nosniff
server: nginx
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
content-type: application/json; charset=utf-8
access-control-allow-origin: https://totalbeststories.com
access-control-expose-headers: Authorization
access-control-allow-credentials: true
timing-allow-origin: *, *
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, Authorization,X-CSRF-Token
content-length: 65

GET zone
totalbeststories.com/ 0
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: totalbeststories.com
URL: https://totalbeststories.com/zone?&pub=0&zone_id=5202932&is_mobile=false&domain=totalbeststories.com&var=5473348&ymid=761362526582875104&var_3=&var_4=&dsig=&tg=1&sw=3.1.471&action=prerequest

Domain: totalbeststories.com
URL: https://totalbeststories.com/rhd?rb=4foD4Fz4TBIMuSZ229dZ7RUCsOm2KJE2P6Gp1YeB6WtPq340HUbqkDuQwAfcXTa5RaDPBpp7CkPcdm8Cr2wu4bGusnPEX4QSHattrx54asdqAcoOxZlV78UECHako1-IhaIMbXqddyKRjEuX6P9yjvlZVuz_NoGi9WU-cNU7sU8iycGYBncVJh0fVAgqoCrN1HdOAU7ZQ0jQM-Zb88eY5SsYiwPXt_ZBRcSVXkrxLohJmcLgIFZ5pWYUH9tseyhVj2tdCLFgqtYfmbQ3PDOsdV_UR8iY-3pFDIkfUqfaZBW2kySFG07TCXX2w3Yz6jYDcX9VjHyiMoKoAs5Ym5EdUk6fgiWnk82Sg_XY44DoW7yR3GYck_KkDq3UEaqWPsvO9D8gZMmqJlp8NgJxOsfUOiQ55kxUQohiMYoUaWucDG7MQugvgkeo0Tc_ErPOqHUk5cwH6HzZyqMVzeUD1GkYz320HwhdgSefKtQCCu3CVo1ZbL2NDTHkUi6rLr-Tk86x3WS_OiRLlnrGr2BGDnyo3T4LzBxEQna0wQ245d3X3lI0JVgvSjI_magbd2kqWC2_XMtVkmNUReUNiK73HWvvHW0scPn0INAhzlz5pEQ-Pu_6c33HHHzpJeUmaKliAVBqsz0BzN9I2RlPZDmqpmWgQFwQYgItcafJpAAO1A%3D%3D&request_ab2=0&zoneid=5202628&fs=0&cf=0&sw=1600&sh=1200&sah=1200&wx=0&wy=0&ww=1600&wh=1200&cw=1600&wih=1200&wiw=1600&wfc=0&pl=https%3A%2F%2Ftotalbeststories.com%2F%3Fb%3D2909618%26ba%3D0%26campid%3D14083%26did%3D2%26dm%3D0%26ep%3D0%26fp%3D0%26g%3DNL%26hr%3D0%26i18db%3D1%26l%3DgnSq6b3k7lHvVR4%26oaid%3Du7xhnm3udr0iqav3uly2gy0mgmzaa417%26pshr%3D0%26rd%3D0%26s%3D761362526582875104%26ssk%3D1224ab60bf40461c0a87ba67264ec2e0%26svar%3D1703086490%26tb%3D5202628%26tbad%3D5234825%26vi%3D0%26vo%3D0%26z%3D5473348%26rdc%3D2&drf=https%3A%2F%2Ftotalbeststories.com%2F%3Fb%3D2909618%26ba%3D0%26campid%3D14083%26did%3D2%26dm%3D0%26ep%3D0%26fp%3D0%26g%3DNL%26hr%3D0%26i18db%3D1%26l%3DgnSq6b3k7lHvVR4%26oaid%3Du7xhnm3udr0iqav3uly2gy0mgmzaa417%26pshr%3D0%26rd%3D0%26s%3D761362526582875104%26ssk%3D1224ab60bf40461c0a87ba67264ec2e0%26svar%3D1703086490%26tb%3D5202628%26tbad%3D5234825%26vi%3D0%26vo%3D0%26z%3D5473348&np=1&pt=0&nb=1&ng=1&ix=0&nw=1&tb=false&js_build=iclick-unknown&var=5473348&var3=761362526582875104&ymid=&rhd=1&m=link

Domain: totalbeststories.com
URL: https://totalbeststories.com/zone?&pub=0&zone_id=5202932&is_mobile=false&domain=totalbeststories.com&var=5473348&ymid=761362526582875104&var_3=&var_4=&dsig=&tg=1&sw=3.1.471&action=settings

Verdicts & Comments Add Verdict or Comment

18 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

23 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
my.rtmark.net/	1970-01-21 01:50:22	Name: ID Value: u7xhnm3udr0iqav3uly2gy0mgmzaa417
.aitsouty.top/	1970-01-20 18:31:10	Name: OAID Value: u7xhnm3udr0iqav3uly2gy0mgmzaa417
.aitsouty.top/	1970-01-20 17:14:51	Name: syncedCookie Value: true
.aitsouty.top/	1970-01-20 18:31:10	Name: oaidts Value: 1703086460
.aitsouty.top/	1970-01-20 18:31:10	Name: ID Value: u7xhnm3udr0iqav3uly2gy0mgmzaa417
.aitsouty.top/	1970-01-21 01:50:22	Name: _ym_uid Value: 1703086461380815207
.aitsouty.top/	1970-01-21 01:50:22	Name: _ym_d Value: 1703086461
.mc.yandex.com/	1970-01-20 17:04:47	Name: sync_cookie_csrf Value: 589147053fake
.yandex.com/	1970-01-21 02:40:46	Name: i Value: OoFx3/MIfzyGP4dbbqsCi3EuRbsfm9w5THxJ7eYkkmFVQ4vyUo12uelfrMJ2yuIAp/Uanr9fFh/yy1ZtDApFpstzgRY=
.yandex.com/	1970-01-21 01:50:22	Name: yandexuid Value: 2261767451703086460
.aitsouty.top/	1970-01-20 17:05:58	Name: _ym_isad Value: 2
.mc.yandex.ru/	1970-01-20 17:04:47	Name: sync_cookie_csrf Value: 1181899819fake
.mc.yandex.com/	1970-01-20 17:06:12	Name: sync_cookie_ok Value: synced
.yandex.ru/	1970-01-21 02:40:46	Name: yandexuid Value: 2261767451703086460
.yandex.ru/	1970-01-21 02:40:46	Name: yuidss Value: 2261767451703086460
.yandex.ru/	1970-01-21 02:40:46	Name: i Value: OoFx3/MIfzyGP4dbbqsCi3EuRbsfm9w5THxJ7eYkkmFVQ4vyUo12uelfrMJ2yuIAp/Uanr9fFh/yy1ZtDApFpstzgRY=
.yandex.ru/	1970-01-21 02:40:46	Name: yp Value: 1703172860.yu.2230832331703086460
.yandex.ru/	1970-01-21 01:50:22	Name: ymex Value: 1705678460.oyu.2230832331703086460
mc.yandex.com/	1969-12-31 23:59:59	Name: yabs-sid Value: 679853031703086460
.yandex.com/	1970-01-21 01:50:22	Name: yuidss Value: 2261767451703086460
.yandex.com/	1970-01-21 01:50:22	Name: ymex Value: 1734622460.yrts.1703086460
.yandex.com/	1970-01-21 01:50:22	Name: bh Value: KgI/MA==
.aitsouty.top/	1970-01-20 17:04:48	Name: _ym_visorc Value: b

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Strict-Transport-Security	max-age=1
X-Content-Type-Options	nosniff

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

aitsouty.top
datatechone.com
datatechonert.com
dortmark.net
laugoust.com
littlecdn.com
mc.yandex.com
mc.yandex.ru
my.rtmark.net
offpichuan.com
totalbeststories.com
totalbeststories.com
139.45.195.253
139.45.195.8
139.45.197.237
139.45.197.248
139.45.197.250
172.64.137.7
188.114.97.3
2606:4700:10::6816:1974
2a02:6b8::1:119
03a5e38911a4cf7978c712bd809511e68327f909d5a5249df9bd75ae54f7897b
1674c973c07e4f001c263e18171fd047076871a5efdbe94812ff2e1dddfadcfc
1805153589e310caaa895675a41913e8b2a7d871312cace64c8a5a0fb29c18bc
18d7b29a36802e9af78ba61e7d1f4c8677cb223dbedd876675d2acf8cd996e40
19e6aeebc0792b6f0f022bdaebd967f2af4069075483b4c0c992404266df0a4d
21c1f682de27109caabcca9016511974defcec217c0441fd3f1b50ecdf8247ed
280dc7edff92d7a2d69167e2d12212c7161277a8fe06cd8c4c18e148e7a2bb96
2888ed1b353d3d0b539aa294c4f8e6e591c291923193780608b10e324c5696f5
2bfa8e9b4326caea44f0d0c0345a31f34f19d47ae2e60fbc7c557df9ceffdca6
2c90c4a829c05927b97695f2f1903824f3153dee60316e8d351578c21f7ab44d
333132f2f62e5bcef5ab8a1950e7a8342023c0cea68b563b1130bea16dd0bc6a
349b536978344bd69ec81aff029828dca5c8b1b75b8f66b89e17fa00f59b3458
3984488b76f1aabe956510bb957aa2430991ea6a5f04b2b6b6fbb1933de32810
3ab83e12e0096d62dfeb0b64e022272ec8560c817a9b02395c65064da53519ba
3cfacc85bcfc651f7052c2cc7b378ae530f27b39e88ca4e58b67816f497bad30
42cebcf8bb57a3fc8c09c5717d4a7e9f4f2ee4d4d2bf14f5600b9df28ac6816c
4335283743eb9e075b61c5870fd9a6ef1077eeb5369044b1d614a32a098b4779
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
468e5f8037719c7a18db577206cd1af8d809a867ea88afebe092c09e19588512
49009fea9bd3177751ed15e421435bc76828120291df4ec9c6451a5ba3f86d17
4916da6d6e00e0e6681cccaf9107eb45fdfc78fe2e476444623c30a64959b5e4
4e4d3c81874840a43119f58352787b0091a22499ad67694a1c4f531f0b47203e
5249a96dbba94090cf9337f901d75fb06ec64e5217c47dba8d20a84f4bad3f38
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
5800f01a47e4c9266b23e3c9bc9d1cba7ca6a7860405d70bbe67c47bcea2cec0
5b5c7b40d0fabbb1973ea986ec2d951db81149f92ade101a6b63ce7e655413ea
5b916ae417684f745d75c6ea3fdb3ed33c0c9947bdea5dd7a0684b22f295e277
5d731981f299e842f35cb93392b18fa1a0f45eb0faacf10b49a1c93f2b031df6
6cb36828224760fb9205691e1aeb16d3e979e657bef5e1bb85fe8f6d47541f6f
6ccdf0f1823302bdb00e1051e36a19b3acf6552eb68682ce68f41d60c05eab60
7ab7205c68dd0cc636ba0be7046e43f266c131cd8725cc9857b7bb801f3113c3
7e41ca21e421f129d3881e345f990027b66c0ab3c5580e549575f9393d117cbd
7f6ba82c002126759b17f7e9021d512326ca9a7dd1363401432d9e7dbd6d501e
825d675f691af874b7c6c902c810151b2389cf3756f81213c10e6e9c617051fd
8887765d153d7c53e7a10bc4588e94a98e453672264c0b0b31fccec090e4380c
8f13eabfe1290926119e6421d35719e33ef68384b295eaee367923d75de2dc17
974bdaee19cda4823c4d108deecb61f18b6183225e5b3f9b5163247d1ee25bb6
9b2c36195d8149926940ce2d9ed3b6c4e4390464224b8f4733cf096cc4494e74
9fc2aa21f3a7bfe66783d35fdbb48147f73e72a41f87aea848f64a8cb4518eba
a444e5e431c2189cbf352c01d0b08dd505fe7fffa99dc0b12b4dbd0791fe564f
aabfa27fcfd0b8b04efb721f3db9da912c86272468c25256c3b1e0a7a83db2a6
ab42e593af9b4e46f87ea4a4a0a12d8cf238ce896f372d50ff17216af4e366fd
b2e5f5af4ce01433609251c3fb4e83c8bad2b9cd1ccd51d3d8249dd29f2d16de
b6fc298a9e5ceb3e5533137e2439179adc97db2278cdf2c07baac25e711bab27
c0b97b722ee3c27befbc77104bdc8874e02f611a07ba285c1d21d60df8f4a116
c7e1335d6dba2e41254349b2d3bde8b6778091cf829f469a4132411db592e61f
cabeefeaf81d7abebf87692a02ce53757829f77ec9fe3093b2db6639611c1590
d20e0fc5035186be8329c9f0e2a5301e81b7fbf6bbe3d7e022fa6a21a69b554e
d31231e53199c4e75d6f82e839cdb38984b266121574c55ce85c1612f78b4278
d47c3085088b0964867de396473c6552befe6f13ad3946718f76f7ff8a781b6d
d9d561a628dfa01b112d7ab632da73d2270de5fae7549cc196ed0112fbbb9ebb
e29c619309b40bd254b662cc3540963dd5a2dabbe3f239f94ae7977e92f43c96
e3544d0dee9df7f5a37336f6358c4da2251833fe706a102cc44aefa66032c994
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
f1a9d47b3f153990f65d7c83331b1a49c0a0b2bf0c17c1444bb6416e73669624
f99524def2124017f16297189c6e9368a5c88258aa694001948366c75dfc0c60
fe0c474659de45b20dd5a735d01f837a99e27bef09f8fdd800907881ce1aa3aa

totalbeststories.com Open in urlscan Pro 172.64.137.7 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

99 Requests

95 %HTTPS

22 %IPv6

11 Domains

11 Subdomains

10 IPs

3 Countries

526 kBTransfer

1189 kBSize

23 Cookies

1 Outgoing links

Page URL History

Redirected requests

99 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 1 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

totalbeststories.com Open in urlscan Pro
172.64.137.7 Public Scan

Screenshot
Live screenshot

Full Image

99
Requests

95 %
HTTPS

22 %
IPv6

11
Domains

11
Subdomains

10
IPs

3
Countries

526 kB
Transfer

1189 kB
Size

23
Cookies

99 HTTP transactions
1 data transactions