urlscan.io logo urlscan.io
SecurityTrails logo

en.ntunhs.net Open in urlscan Pro
104.21.8.118  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://en.ntunhs.net/
Effective URL: https://en.ntunhs.net/IPInfo/EN/index.html
Submission: On October 25 via manual from US — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 6 IPs in 3 countries across 7 domains to perform 49 HTTP transactions. The main IP is 104.21.8.118, located in United States and belongs to CLOUDFLARENET, US. The main domain is en.ntunhs.net.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on June 21st 2021. Valid for: a year.
This is the only time en.ntunhs.net was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
3 18 104.21.8.118 13335 (CLOUDFLAR...)
4 35.201.103.0 15169 (GOOGLE)
2 7 173.192.101.24 36351 (SOFTLAYER)
7 54.241.51.109 16509 (AMAZON-02)
9 94.31.29.128 6461 (ZAYO-6461)
9 18.66.121.84 16509 (AMAZON-02)
49 6
18    104.21.8.118 (United States)

ASN13335 (CLOUDFLARENET, US)
en.ntunhs.net
tracker.ntunhs.net
4    35.201.103.0 (Ascension Island)

ASN15169 (GOOGLE, US)
PTR: 0.103.201.35.bc.googleusercontent.com
www.greatdexchange.com
7    173.192.101.24 (Dallas, United States)

ASN36351 (SOFTLAYER, US)
PTR: 18.65.c0ad.ip4.static.sl-reverse.com
p93920.clksite.com
mybetterdl.com
clksite.com
7    54.241.51.109 (San Jose, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-241-51-109.us-west-1.compute.amazonaws.com
bdv.bidvertiser.com
9    94.31.29.128 (United Kingdom)

ASN6461 (ZAYO-6461, US)
PTR: 94.31.29.128.IPYX-077437-ZYO.above.net
p93920.mycdn.co
9    18.66.121.84 (United States)

ASN16509 (AMAZON-02, US)
d2b9l3u54v5v39.cloudfront.net
Domain Requested by
17 en.ntunhs.net 3 redirects en.ntunhs.net
9 d2b9l3u54v5v39.cloudfront.net bdv.bidvertiser.com
9 p93920.mycdn.co p93920.clksite.com
p93920.mycdn.co
clksite.com
en.ntunhs.net
7 bdv.bidvertiser.com en.ntunhs.net
bdv.bidvertiser.com
5 mybetterdl.com en.ntunhs.net
p93920.mycdn.co
4 www.greatdexchange.com en.ntunhs.net
www.greatdexchange.com
1 clksite.com 1 redirects
1 p93920.clksite.com 1 redirects
1 tracker.ntunhs.net en.ntunhs.net
49 9

This site contains links to these domains. Also see Links.

Domain
www.ntunhs.net
anglecam.derekr.com
search.derekr.com
language.derekr.com
www.intango.com
Subject Issuer Validity Valid
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2021-06-21 -
2022-06-20		 a year crt.sh
greatdexchange.com
Sectigo RSA Domain Validation Secure Server CA		 2021-02-18 -
2022-02-18		 a year crt.sh
*.mybetterdl.com
Sectigo RSA Domain Validation Secure Server CA		 2021-04-26 -
2022-04-26		 a year crt.sh
*.bidvertiser.com
Sectigo RSA Domain Validation Secure Server CA		 2019-11-25 -
2021-11-30		 2 years crt.sh
*.mycdn.co
Sectigo RSA Domain Validation Secure Server CA		 2021-10-13 -
2022-10-22		 a year crt.sh
*.cloudfront.net
Amazon		 2021-03-19 -
2022-03-17		 a year crt.sh

This page contains 10 frames:

Primary Page: https://en.ntunhs.net/IPInfo/EN/index.html
Frame ID: 6B909CF1F402669DA8BDF38DB668A60C
Requests: 28 HTTP requests in this frame

Frame: https://www.greatdexchange.com/ad/display.php?stamat=m%257C%252Cs43JqYjdrB1dAN0dEdHP3xP.0df%252CZMkKdRAQlkuDbgTABrav5K8yP3pyR5AunZtdoHL5fpKm8KpSHx7xvAUrAnGED5GPJu9p-A-7vN4oFEBUjdFrY2A5k54K7jgryPZH6P8-qok%252C&cbur=0.12828758133882334&cbtitle=All%20IP%20address%20information&cbiframe=0&cbWidth=1600&cbHeight=1200&cbdescription=A%20complete%20database%20for%20IP%2FDN%2FWhois%20lookup.&cbkeywords=%20domain%20name%20lookup%2C%20IP%20address%20lookup%2C%20Whois%2C%20DNS%2C%20Domain%20Name%2C%20ip%20address%2C%20IP%2C%20search%20domain%20name%2C%20global%20domain%20name%20search%2C%20ip%20domain%20name%2C%20whois%20IP%2C%20IP%2FDomain%2C%20domain%20name%20tracker%2C%20ip%20tracker%2C%20track%20domain%2C%20track%20ip%2C%20IP%20to%20domain%2C%20domain%20to%20IP%2C%20google%20map&cbref=
Frame ID: 855D7A85DD06F45F2AA8914E6F70D533
Requests: 1 HTTP requests in this frame

Frame: https://bdv.bidvertiser.com/BidVertiser.dbm?pid=556857&bid=1397212&RD=5329892478765&DIF=1&bd_ref_v=en.ntunhs.net&tref=1&win_name=null&docref=&jsrand=5329892478765&js1loc=-&loctitle=%20IP
Frame ID: 2A8C844ACF1A4AD61AC3ABA2DBA7A8F4
Requests: 4 HTTP requests in this frame

Frame: https://www.greatdexchange.com/ad/display.php?stamat=m%257C%252Cs43JqYjdrB1dAN0dEdHP3xP.0df%252CZMkKdRAQlkuDbgTABrav5K8yP3pyR5AunZtdoHL5fpKm8KpSHx7xvAUrAnGED5GPJu9p-A-7vN4oFEBUjdFrY2A5k54K7jgryPZH6P8-qok%252C&cbur=0.7123920862441193&cbtitle=All%20IP%20address%20information&cbiframe=0&cbWidth=1600&cbHeight=1200&cbdescription=A%20complete%20database%20for%20IP%2FDN%2FWhois%20lookup.&cbkeywords=%20domain%20name%20lookup%2C%20IP%20address%20lookup%2C%20Whois%2C%20DNS%2C%20Domain%20Name%2C%20ip%20address%2C%20IP%2C%20search%20domain%20name%2C%20global%20domain%20name%20search%2C%20ip%20domain%20name%2C%20whois%20IP%2C%20IP%2FDomain%2C%20domain%20name%20tracker%2C%20ip%20tracker%2C%20track%20domain%2C%20track%20ip%2C%20IP%20to%20domain%2C%20domain%20to%20IP%2C%20google%20map&cbref=
Frame ID: A0B7C13E08BAA99B80FEC0470F51A68A
Requests: 1 HTTP requests in this frame

Frame: https://p93920.mycdn.co/uicomp/styles/dist/80.2-1/it-banner-frame.css
Frame ID: B0545E080563947246342F2111D348BF
Requests: 2 HTTP requests in this frame

Frame: https://www.greatdexchange.com/ad/display.php?stamat=m%257C%252Cs43JqYjdrB1dAN0dEdHP3xP.0df%252CZMkKdRAQlkuDbgTABrav5K8yP3pyR5AunZtdoHL5fpKm8KpSHx7xvAUrAnGED5GPJu9p-A-7vN4oFEBUjdFrY2A5k54K7jgryPZH6P8-qok%252C&cbur=0.15244190770843535&cbtitle=All%20IP%20address%20information&cbiframe=0&cbWidth=1600&cbHeight=1200&cbdescription=A%20complete%20database%20for%20IP%2FDN%2FWhois%20lookup.&cbkeywords=%20domain%20name%20lookup%2C%20IP%20address%20lookup%2C%20Whois%2C%20DNS%2C%20Domain%20Name%2C%20ip%20address%2C%20IP%2C%20search%20domain%20name%2C%20global%20domain%20name%20search%2C%20ip%20domain%20name%2C%20whois%20IP%2C%20IP%2FDomain%2C%20domain%20name%20tracker%2C%20ip%20tracker%2C%20track%20domain%2C%20track%20ip%2C%20IP%20to%20domain%2C%20domain%20to%20IP%2C%20google%20map&cbref=
Frame ID: 543E0B54A7C78D71BB43EF5D5E11610E
Requests: 1 HTTP requests in this frame

Frame: https://p93920.mycdn.co/uicomp/styles/dist/80.2-1/it-banner-frame.css
Frame ID: 453C7C4E7420FB37FC94F2977D3A85ED
Requests: 2 HTTP requests in this frame

Frame: https://bdv.bidvertiser.com/BidVertiser.dbm?pid=556857&bid=1397212&RD=4823298364558&DIF=1&bd_ref_v=en.ntunhs.net&tref=1&win_name=null&docref=&jsrand=4823298364558&js1loc=-&loctitle=%20IP
Frame ID: 514C4BB4A0AD65CB940D889CE5312652
Requests: 4 HTTP requests in this frame

Frame: https://p93920.mycdn.co/uicomp/styles/dist/80.2-1/it-banner-frame.css
Frame ID: B5DC01C316B9180DC8E4CEA5BAF0836D
Requests: 2 HTTP requests in this frame

Frame: https://bdv.bidvertiser.com/BidVertiser.dbm?pid=556857&bid=1397212&RD=5317702522882&DIF=1&bd_ref_v=en.ntunhs.net&tref=1&win_name=null&docref=&jsrand=5317702522882&js1loc=-&loctitle=%20IP
Frame ID: 6EA742D016D95356182A1906BECEA9AA
Requests: 4 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

All IP address information

Page URL History Show full URLs

  1. http://en.ntunhs.net/ HTTP 301
    https://en.ntunhs.net/ HTTP 301
    http://en.ntunhs.net/IPInfo/EN/index.html HTTP 301
    https://en.ntunhs.net/IPInfo/EN/index.html Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • tracker\.js

Page Statistics

49
Requests

100 %
HTTPS

0 %
IPv6

7
Domains

9
Subdomains

6
IPs

3
Countries

409 kB
Transfer

703 kB
Size

3
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://en.ntunhs.net/ HTTP 301
    https://en.ntunhs.net/ HTTP 301
    http://en.ntunhs.net/IPInfo/EN/index.html HTTP 301
    https://en.ntunhs.net/IPInfo/EN/index.html Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 10
  • https://p93920.clksite.com/adServe/banners?tid=93920_153711_0 HTTP 301
  • https://mybetterdl.com/adServe/banners?tid=93920_153711_0
Request Chain 13
  • https://clksite.com/adServe/banners?tid=93920_153711_2&pause=5 HTTP 301
  • https://mybetterdl.com/adServe/banners?tid=93920_153711_2&pause=5

49 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request index.html
en.ntunhs.net/IPInfo/EN/
Redirect Chain
  • http://en.ntunhs.net/
  • https://en.ntunhs.net/
  • http://en.ntunhs.net/IPInfo/EN/index.html
  • https://en.ntunhs.net/IPInfo/EN/index.html
23 KB
4 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://en.ntunhs.net/IPInfo/EN/index.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.21.8.118 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f2eb56db064f8970ff0fa9e08dea4cc2c811bdced753e18829550f1efc67a9bd

Request headers

:method
GET
:authority
en.ntunhs.net
:scheme
https
:path
/IPInfo/EN/index.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
none
sec-fetch-mode
navigate
sec-fetch-user
?1
sec-fetch-dest
document
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9

Response headers

date
Mon, 25 Oct 2021 16:30:57 GMT
content-type
text/html; charset=utf-8
x-mod-pagespeed
1.13.35.2-0
vary
Accept-Encoding
cache-control
max-age=0, no-cache, s-maxage=10
cf-cache-status
DYNAMIC
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=VG%2F5rmBzDwYbi2ocXeAzm3MByVxH86nUMQtui%2F5WZokHpZ21lmNRU8R8bvSbPk6IAGoSoc26zEK7uTikUzrWy6Ol%2F1g5Y3HxN7r9cTAO3%2BnpkGKczsS%2BwPbkRAWoGQF%2F"}],"group":"cf-nel","max_age":604800}
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
cf-ray
6a3cd516ba24a8b5-CDG
content-encoding
br
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400

Redirect headers

Date
Mon, 25 Oct 2021 16:30:57 GMT
Transfer-Encoding
chunked
Connection
keep-alive
Cache-Control
max-age=3600
Expires
Mon, 25 Oct 2021 17:30:57 GMT
Location
https://en.ntunhs.net/IPInfo/EN/index.html
Report-To
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=m%2Bao6SMjje3aFtEYfh%2BXO3yIehBl1Uew47SfMyQVEfL4DgSErpnQjxM9DMRb8jONah1I3UqqB6D%2FCZkBHBxLM2BWh6RmktmM3pR3Og2k3TRCN7zrACqCtgaz9rJAGTnd"}],"group":"cf-nel","max_age":604800}
NEL
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary
Accept-Encoding
Server
cloudflare
CF-RAY
6a3cd5168fa04007-CDG
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
A.style.css.pagespeed.cf.-GKIhUPb9k.css
en.ntunhs.net/js/ 		4 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://en.ntunhs.net/js/A.style.css.pagespeed.cf.-GKIhUPb9k.css
Requested by
Host: en.ntunhs.net
URL: https://en.ntunhs.net/IPInfo/EN/index.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.21.8.118 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
60c41d8b4f88460344083f31cdf52f55c55df9a05fcbab462968a413e27546e8

Request headers

:path
/js/A.style.css.pagespeed.cf.-GKIhUPb9k.css
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode
no-cors
accept
text/css,*/*;q=0.1
cache-control
no-cache
sec-fetch-dest
style
:authority
en.ntunhs.net
referer
https://en.ntunhs.net/IPInfo/EN/index.html
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://en.ntunhs.net/IPInfo/EN/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Mon, 25 Oct 2021 16:30:57 GMT
content-encoding
br
vary
Accept-Encoding
cf-cache-status
HIT
x-original-content-length
4840
age
11767913
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
last-modified
Fri, 11 Jun 2021 11:39:03 GMT
server
cloudflare
etag
W/"0"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=MqZ3IyQSn25IMVTyIduDRscLH1wngmvjuMw8i4iVNiYWvEzkPkPqcht4uKr2dsjhaAUwziRYpO5HJ7zk7JpTDaI7ISAGOUD90PbXkdZzeKU06r5xDTNktbz35dcsjVE0"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=31536000
cf-ray
6a3cd518fb89ee03-CDG
expires
Sat, 11 Jun 2022 11:39:03 GMT
tracker.js+lang_EN.js.pagespeed.jc.erPILz4ykc.js
en.ntunhs.net/js/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://en.ntunhs.net/js/tracker.js+lang_EN.js.pagespeed.jc.erPILz4ykc.js
Requested by
Host: en.ntunhs.net
URL: https://en.ntunhs.net/IPInfo/EN/index.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.21.8.118 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
de88f686fd14ecca7e6addc021de16209e8cda948a9d3eb9f8d492ac9bd08f75

Request headers

:path
/js/tracker.js+lang_EN.js.pagespeed.jc.erPILz4ykc.js
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
en.ntunhs.net
referer
https://en.ntunhs.net/IPInfo/EN/index.html
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://en.ntunhs.net/IPInfo/EN/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Mon, 25 Oct 2021 16:30:57 GMT
content-encoding
br
vary
Accept-Encoding
cf-cache-status
HIT
x-original-content-length
1881
age
11767913
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
last-modified
Fri, 11 Jun 2021 11:38:32 GMT
server
cloudflare
etag
W/"0"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=upCAYWnC8AFH02xmkey2QsBbm1N65CEvoAGPECiekC9KvFOJZnJ7LamZs2Iy3GKROZhxW7jZynT7efbrQn%2BxJPHP9rLgt%2BaWKonKaTrDj6OWtDsTJ2IOHJzMWHbhO%2B01"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=31536000
cf-ray
6a3cd518fb8bee03-CDG
expires
Sat, 11 Jun 2022 11:38:32 GMT
ximg05.jpg.pagespeed.ic.8pXTJFAsMm.webp
en.ntunhs.net/images/ 		49 KB
50 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://en.ntunhs.net/images/ximg05.jpg.pagespeed.ic.8pXTJFAsMm.webp
Requested by
Host: en.ntunhs.net
URL: https://en.ntunhs.net/IPInfo/EN/index.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.21.8.118 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
fe08d8b9b5cce12bc7d204500e5665add3225795e02b445c0cdaf6fe6be42c21

Request headers

:path
/images/ximg05.jpg.pagespeed.ic.8pXTJFAsMm.webp
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
en.ntunhs.net
referer
https://en.ntunhs.net/IPInfo/EN/index.html
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://en.ntunhs.net/IPInfo/EN/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Mon, 25 Oct 2021 16:30:57 GMT
vary
Accept-Encoding
cf-cache-status
HIT
x-original-content-length
107856
age
8768417
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
50220
last-modified
Fri, 16 Jul 2021 01:55:46 GMT
server
cloudflare
etag
W/"0"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=zyaJA600fgrDeERcjwpOMnXWTtf8P1kqsx2MnSB%2FLMvswckmcIv61vOxoSaD2Q3c7AO9VHyreGNsIDgWZTCyicZVjNGiXUuI2qTTJ6TJ%2B7TQTPbMoQJwKAG8pRYRes00"}],"group":"cf-nel","max_age":604800}
content-type
image/webp
cache-control
max-age=31536000
accept-ranges
bytes
cf-ray
6a3cd5192bc2ee03-CDG
link
<http://en.ntunhs.net/images/img05.jpg>; rel="canonical"
expires
Sat, 16 Jul 2022 01:55:46 GMT
ad3_EN.js+ad3A_EN.js+ad3A_EN.js+ad3A_EN.js+tail1.js.pagespeed.jc.slhuGOK2sa.js
en.ntunhs.net/js/ 		4 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://en.ntunhs.net/js/ad3_EN.js+ad3A_EN.js+ad3A_EN.js+ad3A_EN.js+tail1.js.pagespeed.jc.slhuGOK2sa.js
Requested by
Host: en.ntunhs.net
URL: https://en.ntunhs.net/IPInfo/EN/index.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.21.8.118 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1487124cc03b9f8bf440b8fa727cafe299a564fabefbf4e923df210352f0da99

Request headers

:path
/js/ad3_EN.js+ad3A_EN.js+ad3A_EN.js+ad3A_EN.js+tail1.js.pagespeed.jc.slhuGOK2sa.js
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
en.ntunhs.net
referer
https://en.ntunhs.net/IPInfo/EN/index.html
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://en.ntunhs.net/IPInfo/EN/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Mon, 25 Oct 2021 16:30:57 GMT
content-encoding
br
vary
Accept-Encoding
cf-cache-status
HIT
x-original-content-length
5078
age
6312473
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
last-modified
Fri, 13 Aug 2021 15:02:28 GMT
server
cloudflare
etag
W/"0"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=qHdbnFfqFpuM9JH1HQQF5bk9Ubwg0GZu5nCL78LhCRuJEq4RQ%2F7LTaRdCHUtKR9ML5yU%2BykyLzLlBCb5c3BHrJOg%2BDJbqUN8Rl4x0%2F8PJrAbeedJ7AHBqv9u3mSugK8C"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=31536000
cf-ray
6a3cd5192bbfee03-CDG
expires
Sat, 13 Aug 2022 15:02:28 GMT
keep.cgi
tracker.ntunhs.net/cgi-bin/ 		0
309 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tracker.ntunhs.net/cgi-bin/keep.cgi?User=whois&Page=1&JS=Y&SW=1600&SH=1200&SD=24&LO=&FWD=--
Requested by
Host: en.ntunhs.net
URL: https://en.ntunhs.net/IPInfo/EN/index.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.21.8.118 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://en.ntunhs.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Mon, 25 Oct 2021 16:30:58 GMT
content-encoding
br
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=YSlvd6aOhcQaqO89LFlYyGe8ipp3kxLqKsL5mqNKFwLKDWouY8brnvRaAm6bArYCY4anHQCsnRYotfo6uJG1qHiJNp35Agp8zrs1KL18Q1uz90AKJBrjniI61fIZ%2BdcyC3mOzRM%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/html; charset=UTF-8
cache-control
max-age=0, no-cache, s-maxage=10
x-mod-pagespeed
1.13.35.2-0
cf-ray
6a3cd5194b2ca8b5-CDG
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
ximg01.gif.pagespeed.ic.HqrQGqTqGZ.webp
en.ntunhs.net/images/ 		88 B
759 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://en.ntunhs.net/images/ximg01.gif.pagespeed.ic.HqrQGqTqGZ.webp
Requested by
Host: en.ntunhs.net
URL: https://en.ntunhs.net/js/A.style.css.pagespeed.cf.-GKIhUPb9k.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.21.8.118 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
50c5aaf8fce8f2b07b928eaa46ab4f7b0fa1c50b72b1a2a8c61f496e5bb5502e

Request headers

:path
/images/ximg01.gif.pagespeed.ic.HqrQGqTqGZ.webp
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
en.ntunhs.net
referer
https://en.ntunhs.net/js/A.style.css.pagespeed.cf.-GKIhUPb9k.css
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://en.ntunhs.net/js/A.style.css.pagespeed.cf.-GKIhUPb9k.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Mon, 25 Oct 2021 16:30:57 GMT
vary
Accept-Encoding
cf-cache-status
HIT
x-original-content-length
174
age
423459
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
88
last-modified
Wed, 20 Oct 2021 12:37:35 GMT
server
cloudflare
etag
W/"0"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=KaJf3YcnS3vJOwS69iVvDciQY5Zd1DfeV7lO2BY6zoMlth8jR3v9gtFYeQSxn0uUOwqnnpSQyGXnPFJ1mMnwNHGMztUt5AsBVL8%2BlgLG7EaqMZlj6InFzPN4KVZIdMG2"}],"group":"cf-nel","max_age":604800}
content-type
image/webp
cache-control
max-age=31536000
accept-ranges
bytes
cf-ray
6a3cd5192bc9ee03-CDG
link
<http://en.ntunhs.net/images/img01.gif>; rel="canonical"
expires
Thu, 20 Oct 2022 12:37:35 GMT
ximg02.jpg.pagespeed.ic.VSxpAFbBIE.webp
en.ntunhs.net/images/ 		1 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://en.ntunhs.net/images/ximg02.jpg.pagespeed.ic.VSxpAFbBIE.webp
Requested by
Host: en.ntunhs.net
URL: https://en.ntunhs.net/js/A.style.css.pagespeed.cf.-GKIhUPb9k.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.21.8.118 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5e5eb667363388fc2b477594a410afd53abc3c33021b40de140fe52a16e836f9

Request headers

:path
/images/ximg02.jpg.pagespeed.ic.VSxpAFbBIE.webp
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
en.ntunhs.net
referer
https://en.ntunhs.net/js/A.style.css.pagespeed.cf.-GKIhUPb9k.css
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://en.ntunhs.net/js/A.style.css.pagespeed.cf.-GKIhUPb9k.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Mon, 25 Oct 2021 16:30:57 GMT
vary
Accept-Encoding
cf-cache-status
HIT
x-original-content-length
7122
age
11178530
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
1076
last-modified
Fri, 18 Jun 2021 07:17:01 GMT
server
cloudflare
etag
W/"0"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=n0gCog89eKFt2SbGD1zqTkAbYDMLTgiqJLDm0lovlOKhEKD4VelQm1Ryh11paGVnLNekm%2FbiZ%2FHWZBOZLgw3VipyVeitegAZ9hYYIAtuCutI7NxnSybXtHWM6OrZ5cEf"}],"group":"cf-nel","max_age":604800}
content-type
image/webp
cache-control
max-age=31536000
accept-ranges
bytes
cf-ray
6a3cd5192bcaee03-CDG
link
<http://en.ntunhs.net/images/img02.jpg>; rel="canonical"
expires
Sat, 18 Jun 2022 07:17:01 GMT
ximg03.gif.pagespeed.ic.rvkdTx5xYk.webp
en.ntunhs.net/images/ 		46 B
719 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://en.ntunhs.net/images/ximg03.gif.pagespeed.ic.rvkdTx5xYk.webp
Requested by
Host: en.ntunhs.net
URL: https://en.ntunhs.net/js/A.style.css.pagespeed.cf.-GKIhUPb9k.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.21.8.118 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3f3cfb3edcca5285b4753ed44519f2cc1e167a068e2d558c4542a141b3edd3ad

Request headers

:path
/images/ximg03.gif.pagespeed.ic.rvkdTx5xYk.webp
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
en.ntunhs.net
referer
https://en.ntunhs.net/js/A.style.css.pagespeed.cf.-GKIhUPb9k.css
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://en.ntunhs.net/js/A.style.css.pagespeed.cf.-GKIhUPb9k.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Mon, 25 Oct 2021 16:30:57 GMT
vary
Accept-Encoding
cf-cache-status
HIT
x-original-content-length
52
age
11767913
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
46
last-modified
Thu, 10 Jun 2021 23:01:55 GMT
server
cloudflare
etag
W/"0"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=HwkgsWwR4X3EZVPpZfGClVmjB419Gf6CZgZ8zP2l9VlfzskM3l8MQ4rCpkYfK18%2FP7bZGZtdDx2aU%2FTQaFajjpIfa0f3sQBKrI%2B4hWeZB6YIAbem2yPitEqvN2U8SBvy"}],"group":"cf-nel","max_age":604800}
content-type
image/webp
cache-control
max-age=31536000
accept-ranges
bytes
cf-ray
6a3cd5192bccee03-CDG
link
<http://en.ntunhs.net/images/img03.gif>; rel="canonical"
expires
Fri, 10 Jun 2022 23:01:55 GMT
ximg06.gif.pagespeed.ic.MzbzQkFKL7.webp
en.ntunhs.net/images/ 		250 B
928 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://en.ntunhs.net/images/ximg06.gif.pagespeed.ic.MzbzQkFKL7.webp
Requested by
Host: en.ntunhs.net
URL: https://en.ntunhs.net/js/A.style.css.pagespeed.cf.-GKIhUPb9k.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.21.8.118 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a9d300afcd9d8841abe499285cb03c3b2e2e6d66ecb0d028d2bba64c77246d47

Request headers

:path
/images/ximg06.gif.pagespeed.ic.MzbzQkFKL7.webp
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
en.ntunhs.net
referer
https://en.ntunhs.net/js/A.style.css.pagespeed.cf.-GKIhUPb9k.css
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://en.ntunhs.net/js/A.style.css.pagespeed.cf.-GKIhUPb9k.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Mon, 25 Oct 2021 16:30:57 GMT
vary
Accept-Encoding
cf-cache-status
HIT
x-original-content-length
1979
age
2753909
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
250
last-modified
Thu, 23 Sep 2021 19:32:20 GMT
server
cloudflare
etag
W/"0"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=X5uT6FPVnfh2zcEnj5cSTPG7W4mnzFexzYsu7jI0AOyRNYrxovxF3JI7MjWbK%2B%2BxKvgq7TP15bERBudcsplM18T7jDjb2nUrnEBAj%2FfvRz0yxPyX%2BjJJdBNY9%2BfCEcDO"}],"group":"cf-nel","max_age":604800}
content-type
image/webp
cache-control
max-age=31536000
accept-ranges
bytes
cf-ray
6a3cd5192bd4ee03-CDG
link
<http://en.ntunhs.net/images/img06.gif>; rel="canonical"
expires
Fri, 23 Sep 2022 19:32:20 GMT
display.php
www.greatdexchange.com/a/ 		6 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.greatdexchange.com/a/display.php?r=1079261
Requested by
Host: en.ntunhs.net
URL: https://en.ntunhs.net/IPInfo/EN/index.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.201.103.0 , Ascension Island, ASN15169 (GOOGLE, US),
Reverse DNS
0.103.201.35.bc.googleusercontent.com
Software
openresty /
Resource Hash
a77af61be768ce1227a9a844088c78a98b3cd0cc522592b60dc59a9a7c1c07c8

Request headers

Referer
https://en.ntunhs.net/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Intervention
<https://www.chromestatus.com/feature/5718547946799104>; level="warning"

Response headers

access-control-allow-origin
*
date
Mon, 25 Oct 2021 16:30:57 GMT
content-encoding
gzip
server
openresty
alt-svc
clear
via
1.1 google
content-type
application/javascript; charset=utf-8
banners
mybetterdl.com/adServe/
Redirect Chain
  • https://p93920.clksite.com/adServe/banners?tid=93920_153711_0
  • https://mybetterdl.com/adServe/banners?tid=93920_153711_0
80 KB
31 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://mybetterdl.com/adServe/banners?tid=93920_153711_0
Requested by
Host: en.ntunhs.net
URL: https://en.ntunhs.net/IPInfo/EN/index.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
173.192.101.24 Dallas, United States, ASN36351 (SOFTLAYER, US),
Reverse DNS
18.65.c0ad.ip4.static.sl-reverse.com
Software
nginx /
Resource Hash
07239c47249d1274fd82766fa758789951780a6c31921863cc0a321e65d22ec4

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://en.ntunhs.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 25 Oct 2021 16:30:58 GMT
content-encoding
gzip
server
nginx
vary
Accept-Encoding
content-type
text/javascript;charset=utf-8
cache-control
no-cache
expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

location
https://mybetterdl.com/adServe/banners?tid=93920_153711_0
date
Mon, 25 Oct 2021 16:30:57 GMT
server
nginx
content-length
162
content-type
text/html
BidVertiser.dbm
bdv.bidvertiser.com/ 		9 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://bdv.bidvertiser.com/BidVertiser.dbm?pid=556857&bid=1397212
Requested by
Host: en.ntunhs.net
URL: https://en.ntunhs.net/IPInfo/EN/index.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.241.51.109 San Jose, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-241-51-109.us-west-1.compute.amazonaws.com
Software
/
Resource Hash
0dab6095a7e07c26dc21102cfb0e3e81eda68ed0681d34b23719bd31bc188539

Request headers

Referer
https://en.ntunhs.net/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Intervention
<https://www.chromestatus.com/feature/5718547946799104>; level="warning"

Response headers

Pragma
no-cache
Expires
-1
Cache-Control
no-store
Connection
close
Content-Length
9014
Content-Type
text/javascript
display.php
www.greatdexchange.com/ad/ Frame 855D 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://www.greatdexchange.com/ad/display.php?stamat=m%257C%252Cs43JqYjdrB1dAN0dEdHP3xP.0df%252CZMkKdRAQlkuDbgTABrav5K8yP3pyR5AunZtdoHL5fpKm8KpSHx7xvAUrAnGED5GPJu9p-A-7vN4oFEBUjdFrY2A5k54K7jgryPZH6P8-qok%252C&cbur=0.12828758133882334&cbtitle=All%20IP%20address%20information&cbiframe=0&cbWidth=1600&cbHeight=1200&cbdescription=A%20complete%20database%20for%20IP%2FDN%2FWhois%20lookup.&cbkeywords=%20domain%20name%20lookup%2C%20IP%20address%20lookup%2C%20Whois%2C%20DNS%2C%20Domain%20Name%2C%20ip%20address%2C%20IP%2C%20search%20domain%20name%2C%20global%20domain%20name%20search%2C%20ip%20domain%20name%2C%20whois%20IP%2C%20IP%2FDomain%2C%20domain%20name%20tracker%2C%20ip%20tracker%2C%20track%20domain%2C%20track%20ip%2C%20IP%20to%20domain%2C%20domain%20to%20IP%2C%20google%20map&cbref=
Requested by
Host: www.greatdexchange.com
URL: https://www.greatdexchange.com/a/display.php?r=1079261
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.201.103.0 , Ascension Island, ASN15169 (GOOGLE, US),
Reverse DNS
0.103.201.35.bc.googleusercontent.com
Software
openresty /
Resource Hash

Request headers

:method
GET
:authority
www.greatdexchange.com
:scheme
https
:path
/ad/display.php?stamat=m%257C%252Cs43JqYjdrB1dAN0dEdHP3xP.0df%252CZMkKdRAQlkuDbgTABrav5K8yP3pyR5AunZtdoHL5fpKm8KpSHx7xvAUrAnGED5GPJu9p-A-7vN4oFEBUjdFrY2A5k54K7jgryPZH6P8-qok%252C&cbur=0.12828758133882334&cbtitle=All%20IP%20address%20information&cbiframe=0&cbWidth=1600&cbHeight=1200&cbdescription=A%20complete%20database%20for%20IP%2FDN%2FWhois%20lookup.&cbkeywords=%20domain%20name%20lookup%2C%20IP%20address%20lookup%2C%20Whois%2C%20DNS%2C%20Domain%20Name%2C%20ip%20address%2C%20IP%2C%20search%20domain%20name%2C%20global%20domain%20name%20search%2C%20ip%20domain%20name%2C%20whois%20IP%2C%20IP%2FDomain%2C%20domain%20name%20tracker%2C%20ip%20tracker%2C%20track%20domain%2C%20track%20ip%2C%20IP%20to%20domain%2C%20domain%20to%20IP%2C%20google%20map&cbref=
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://en.ntunhs.net/
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://en.ntunhs.net/

Response headers

server
openresty
date
Mon, 25 Oct 2021 16:30:57 GMT
access-control-allow-origin
*
via
1.1 google
alt-svc
clear
banners
mybetterdl.com/adServe/
Redirect Chain
  • https://clksite.com/adServe/banners?tid=93920_153711_2&pause=5
  • https://mybetterdl.com/adServe/banners?tid=93920_153711_2&pause=5
79 KB
31 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://mybetterdl.com/adServe/banners?tid=93920_153711_2&pause=5
Requested by
Host: en.ntunhs.net
URL: https://en.ntunhs.net/IPInfo/EN/index.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
173.192.101.24 Dallas, United States, ASN36351 (SOFTLAYER, US),
Reverse DNS
18.65.c0ad.ip4.static.sl-reverse.com
Software
nginx /
Resource Hash
dcabc0ad3d847168838f767b84c6aee7796f6538909fb0970362613e1bf59590

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://en.ntunhs.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 25 Oct 2021 16:30:58 GMT
content-encoding
gzip
server
nginx
vary
Accept-Encoding
content-type
text/javascript;charset=utf-8
cache-control
no-cache
expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

location
https://mybetterdl.com/adServe/banners?tid=93920_153711_2&pause=5
date
Mon, 25 Oct 2021 16:30:58 GMT
server
nginx
content-length
162
content-type
text/html
bidvertiser.dbm
bdv.bidvertiser.com/ 		0
328 B 		Script
General
Check archive.org
Download Go to
Full URL
https://bdv.bidvertiser.com/bidvertiser.dbm?pid=556857&bid=1397212&RD=5175958457427&DIF=2
Requested by
Host: bdv.bidvertiser.com
URL: https://bdv.bidvertiser.com/BidVertiser.dbm?pid=556857&bid=1397212
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.241.51.109 San Jose, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-241-51-109.us-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://en.ntunhs.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Content-Len
0
Date
Monday, 25-Oct-2021 16:30:58 GMT
Cache-Control
no-store
Last-Modified
Sunday, 25-Oct-2020 16:30:58 GMT
CONNECTION
Close
P3P
policyref="http://www.bidvertiser.com/bdv/bidvertiser/p3p.xml", CP="NOI DEV PSA PSD IVA OTP OUR OTR IND OTC"
Content-Type
text/javascript; charset=utf-8
Cookie set BidVertiser.dbm
bdv.bidvertiser.com/ Frame 2A8C 		5 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://bdv.bidvertiser.com/BidVertiser.dbm?pid=556857&bid=1397212&RD=5329892478765&DIF=1&bd_ref_v=en.ntunhs.net&tref=1&win_name=null&docref=&jsrand=5329892478765&js1loc=-&loctitle=%20IP
Requested by
Host: bdv.bidvertiser.com
URL: https://bdv.bidvertiser.com/BidVertiser.dbm?pid=556857&bid=1397212
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.241.51.109 San Jose, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-241-51-109.us-west-1.compute.amazonaws.com
Software
/
Resource Hash
506908098a3901656ef54aa3aee26d38c9171abf9d843a277aa757fb5b535152

Request headers

Host
bdv.bidvertiser.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://en.ntunhs.net/
Accept-Encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://en.ntunhs.net/

Response headers

Date
Monday, 25-Oct-2021 16:30:58 GMT
Cache-Control
no-store
Last-Modified
Sunday, 25-Oct-2020 16:30:58 GMT
Set-Cookie
bdv_c10p=369; domain=.bidvertiser.com; path=/; expires=Tue, 26-Oct-2021 16:30:58 GMT bdv_c10p=1_1_1; domain=.bidvertiser.com; path=/; expires=Tue, 26-Oct-2021 16:30:58 GMT
P3P
policyref="http://www.bidvertiser.com/bdv/bidvertiser/p3p.xml", CP="NOI DEV PSA PSD IVA OTP OUR OTR IND OTC"
Content-Type
text/html; charset=utf-8
Content-Len
5319
CONNECTION
Close
display.php
www.greatdexchange.com/ad/ Frame A0B7 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://www.greatdexchange.com/ad/display.php?stamat=m%257C%252Cs43JqYjdrB1dAN0dEdHP3xP.0df%252CZMkKdRAQlkuDbgTABrav5K8yP3pyR5AunZtdoHL5fpKm8KpSHx7xvAUrAnGED5GPJu9p-A-7vN4oFEBUjdFrY2A5k54K7jgryPZH6P8-qok%252C&cbur=0.7123920862441193&cbtitle=All%20IP%20address%20information&cbiframe=0&cbWidth=1600&cbHeight=1200&cbdescription=A%20complete%20database%20for%20IP%2FDN%2FWhois%20lookup.&cbkeywords=%20domain%20name%20lookup%2C%20IP%20address%20lookup%2C%20Whois%2C%20DNS%2C%20Domain%20Name%2C%20ip%20address%2C%20IP%2C%20search%20domain%20name%2C%20global%20domain%20name%20search%2C%20ip%20domain%20name%2C%20whois%20IP%2C%20IP%2FDomain%2C%20domain%20name%20tracker%2C%20ip%20tracker%2C%20track%20domain%2C%20track%20ip%2C%20IP%20to%20domain%2C%20domain%20to%20IP%2C%20google%20map&cbref=
Requested by
Host: www.greatdexchange.com
URL: https://www.greatdexchange.com/a/display.php?r=1079261
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.201.103.0 , Ascension Island, ASN15169 (GOOGLE, US),
Reverse DNS
0.103.201.35.bc.googleusercontent.com
Software
openresty /
Resource Hash

Request headers

:method
GET
:authority
www.greatdexchange.com
:scheme
https
:path
/ad/display.php?stamat=m%257C%252Cs43JqYjdrB1dAN0dEdHP3xP.0df%252CZMkKdRAQlkuDbgTABrav5K8yP3pyR5AunZtdoHL5fpKm8KpSHx7xvAUrAnGED5GPJu9p-A-7vN4oFEBUjdFrY2A5k54K7jgryPZH6P8-qok%252C&cbur=0.7123920862441193&cbtitle=All%20IP%20address%20information&cbiframe=0&cbWidth=1600&cbHeight=1200&cbdescription=A%20complete%20database%20for%20IP%2FDN%2FWhois%20lookup.&cbkeywords=%20domain%20name%20lookup%2C%20IP%20address%20lookup%2C%20Whois%2C%20DNS%2C%20Domain%20Name%2C%20ip%20address%2C%20IP%2C%20search%20domain%20name%2C%20global%20domain%20name%20search%2C%20ip%20domain%20name%2C%20whois%20IP%2C%20IP%2FDomain%2C%20domain%20name%20tracker%2C%20ip%20tracker%2C%20track%20domain%2C%20track%20ip%2C%20IP%20to%20domain%2C%20domain%20to%20IP%2C%20google%20map&cbref=
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://en.ntunhs.net/
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://en.ntunhs.net/

Response headers

server
openresty
date
Mon, 25 Oct 2021 16:30:58 GMT
access-control-allow-origin
*
via
1.1 google
alt-svc
clear
BidVertiser.dbm
bdv.bidvertiser.com/ 		9 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://bdv.bidvertiser.com/BidVertiser.dbm?pid=556857&bid=1397212
Requested by
Host: en.ntunhs.net
URL: https://en.ntunhs.net/IPInfo/EN/index.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.241.51.109 San Jose, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-241-51-109.us-west-1.compute.amazonaws.com
Software
/
Resource Hash
0dab6095a7e07c26dc21102cfb0e3e81eda68ed0681d34b23719bd31bc188539

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://en.ntunhs.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Pragma
no-cache
Expires
-1
Cache-Control
no-store
Connection
close
Content-Length
9014
Content-Type
text/javascript
ui_tag_80.2-1.js
p93920.mycdn.co/banners/script/ 		176 KB
53 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://p93920.mycdn.co/banners/script/ui_tag_80.2-1.js
Requested by
Host: p93920.clksite.com
URL: https://p93920.clksite.com/adServe/banners?tid=93920_153711_0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
94.31.29.128 , United Kingdom, ASN6461 (ZAYO-6461, US),
Reverse DNS
94.31.29.128.IPYX-077437-ZYO.above.net
Software
NetDNA-cache/2.2 /
Resource Hash
8a1e59ae28b7169b8dd533eab297b904d2417a1cba84e57be30d71e7bd717feb

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://en.ntunhs.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Mon, 25 Oct 2021 16:30:58 GMT
content-encoding
gzip
last-modified
Mon, 24 Jun 2019 11:33:16 GMT
server
NetDNA-cache/2.2
etag
W/"5d10b4fc-2c04a"
vary
Accept-Encoding
x-cache
HIT
content-type
application/javascript
cache-control
max-age=31104000
expires
Thu, 20 Oct 2022 16:30:58 GMT
it-ui-comp-17.css
p93920.mycdn.co/uicomp/styles/dist/80.2-1/ 		23 KB
5 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://p93920.mycdn.co/uicomp/styles/dist/80.2-1/it-ui-comp-17.css
Requested by
Host: p93920.mycdn.co
URL: https://p93920.mycdn.co/banners/script/ui_tag_80.2-1.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
94.31.29.128 , United Kingdom, ASN6461 (ZAYO-6461, US),
Reverse DNS
94.31.29.128.IPYX-077437-ZYO.above.net
Software
NetDNA-cache/2.2 /
Resource Hash
2e43a4dba40cfdbd5a628c6b10c4f53fff5c8b04e1b838eddb1d710dc165c002

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://en.ntunhs.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Mon, 25 Oct 2021 16:30:58 GMT
content-encoding
gzip
last-modified
Mon, 24 Jun 2019 11:33:23 GMT
server
NetDNA-cache/2.2
etag
W/"5d10b503-5df7"
vary
Accept-Encoding, Accept-Encoding
x-cache
HIT
content-type
text/css
cache-control
max-age=31104000
expires
Thu, 20 Oct 2022 16:30:58 GMT
findBanner
mybetterdl.com/adServe/banners/ 		978 B
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://mybetterdl.com/adServe/banners/findBanner?num=1&keyword=%20domain%20name%20lookup%2C%20IP%20address%20lookup%2C%20Whois%2C%20DNS%2C%20Domain%20Name%2C%20ip%20address%2C%20IP%2C&tid=93920_153711_0&type=js&ar=b&ts=c&ito=https%3A%2F%2Fp93920.mycdn.co&bs=17&referrer=https%3A%2F%2Fen.ntunhs.net%2FIPInfo%2FEN%2Findex.html&ap=cmp%3DBANNER%26evp%3Dw_Wj54-Mm6R-btvhYvn1Jrr-sMNgHtTcJjKiWE4LQROKdfPFv4dDRvgXWuJqA6s-%26sjv%3D132.1%26ctid%3D0%26th%3D1200%26tw%3D1600%26inco%3D0%26tip%3DAll%2520IP%2520address%2520information&pid=93920&popeye=bXg9bnVsbCZteT1udWxsJmN4PW51bGwmY3k9bnVsbCZ3PTE2MDAmaD0xMjAwJmM9MSZzPTEmdD0xJmk9MCZvPTAmc29fZmI9LTEmc29fZ289LTEmc29fZ3A9LTEmc29fdHc9LTEmc3A9MDAwMDAwMDAwMDEwMDAwMDAwMDAwMDAmbW1fbW49MCZtbV9hcz0wJm1tX2FkPTAmbW1fbXQ9MCZtbV9zYz0wJm1tX3NkYz0wJm5jcnM9NA%3D%3D&olive=1&callback=ITCagvp1eiysg
Requested by
Host: p93920.mycdn.co
URL: https://p93920.mycdn.co/banners/script/ui_tag_80.2-1.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
173.192.101.24 Dallas, United States, ASN36351 (SOFTLAYER, US),
Reverse DNS
18.65.c0ad.ip4.static.sl-reverse.com
Software
nginx /
Resource Hash
fe3f06f5eabf63f8e14305eec2ba633ccbaa5d70ef559a0cd4ba59f465cf90b8

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://en.ntunhs.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 25 Oct 2021 16:30:58 GMT
content-encoding
gzip
server
nginx
vary
Accept-Encoding
p3p
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
cache-control
no-cache
content-type
text/javascript;charset=utf-8
expires
Thu, 01 Jan 1970 00:00:00 GMT
bounce-tag_80.2-1.js
p93920.mycdn.co/banners/bounce/ 		48 KB
18 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://p93920.mycdn.co/banners/bounce/bounce-tag_80.2-1.js
Requested by
Host: clksite.com
URL: https://clksite.com/adServe/banners?tid=93920_153711_2&pause=5
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
94.31.29.128 , United Kingdom, ASN6461 (ZAYO-6461, US),
Reverse DNS
94.31.29.128.IPYX-077437-ZYO.above.net
Software
NetDNA-cache/2.2 /
Resource Hash
8782279b1ac7286e4167d1d1a72f05a90df10b4e476a222b9c5123601f5f84da

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://en.ntunhs.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Mon, 25 Oct 2021 16:30:58 GMT
content-encoding
gzip
last-modified
Mon, 24 Jun 2019 11:33:16 GMT
server
NetDNA-cache/2.2
etag
W/"5d10b4fc-be2b"
vary
Accept-Encoding
x-cache
HIT
content-type
application/javascript
cache-control
max-age=31104000
expires
Thu, 20 Oct 2022 16:30:58 GMT
it-banner-frame.css
p93920.mycdn.co/uicomp/styles/dist/80.2-1/ Frame B054 		2 KB
924 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://p93920.mycdn.co/uicomp/styles/dist/80.2-1/it-banner-frame.css
Requested by
Host: p93920.mycdn.co
URL: https://p93920.mycdn.co/banners/script/ui_tag_80.2-1.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
94.31.29.128 , United Kingdom, ASN6461 (ZAYO-6461, US),
Reverse DNS
94.31.29.128.IPYX-077437-ZYO.above.net
Software
NetDNA-cache/2.2 /
Resource Hash
f5cee4255bdd9370d50ce0499da2cea95831d5f39eb7a90461a83798d414ad51

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Mon, 25 Oct 2021 16:30:58 GMT
content-encoding
gzip
last-modified
Mon, 24 Jun 2019 11:33:23 GMT
server
NetDNA-cache/2.2
etag
W/"5d10b503-858"
vary
Accept-Encoding, Accept-Encoding
x-cache
HIT
content-type
text/css
cache-control
max-age=31104000
expires
Thu, 20 Oct 2022 16:30:58 GMT
findBanner
mybetterdl.com/adServe/banners/ 		911 B
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://mybetterdl.com/adServe/banners/findBanner?num=1&keyword=%20domain%20name%20lookup%2C%20IP%20address%20lookup%2C%20Whois%2C%20DNS%2C%20Domain%20Name%2C%20ip%20address%2C%20IP%2C&tid=93920_153711_0&type=js&ar=b&ts=c&ito=https%3A%2F%2Fp93920.mycdn.co&bs=17&referrer=https%3A%2F%2Fen.ntunhs.net%2FIPInfo%2FEN%2Findex.html&ap=cmp%3DBANNER%26evp%3Dw_Wj54-Mm6R-btvhYvn1Jrr-sMNgHtTcJjKiWE4LQROKdfPFv4dDRvgXWuJqA6s-%26sjv%3D132.1%26ctid%3D0%26th%3D1200%26tw%3D1600%26inco%3D0%26tip%3DAll%2520IP%2520address%2520information&pid=93920&popeye=bXg9bnVsbCZteT1udWxsJmN4PW51bGwmY3k9bnVsbCZ3PTE2MDAmaD0xMjAwJmM9MSZzPTEmdD0xJmk9MCZvPTAmc29fZmI9LTEmc29fZ289LTEmc29fZ3A9LTEmc29fdHc9LTEmc3A9MDAwMDAwMDAwMDEwMDAwMDAwMDAwMDAmbW1fbW49MCZtbV9hcz0wJm1tX2FkPTAmbW1fbXQ9MCZtbV9zYz0wJm1tX3NkYz0wJm5jcnM9NA%3D%3D&olive=1&callback=ITC3duau7raed9
Requested by
Host: p93920.mycdn.co
URL: https://p93920.mycdn.co/banners/script/ui_tag_80.2-1.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
173.192.101.24 Dallas, United States, ASN36351 (SOFTLAYER, US),
Reverse DNS
18.65.c0ad.ip4.static.sl-reverse.com
Software
nginx /
Resource Hash
e1f54bc648236694089e57cde5c6127193ed1a7231aa309f171b603f422e7868

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://en.ntunhs.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 25 Oct 2021 16:30:58 GMT
content-encoding
gzip
server
nginx
vary
Accept-Encoding
p3p
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
cache-control
no-cache
content-type
text/javascript;charset=utf-8
expires
Thu, 01 Jan 1970 00:00:00 GMT
lam_17_en_2.gif
p93920.mycdn.co/ext/onn/lam/ Frame B054 		7 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://p93920.mycdn.co/ext/onn/lam/lam_17_en_2.gif
Requested by
Host: en.ntunhs.net
URL: https://en.ntunhs.net/IPInfo/EN/index.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
94.31.29.128 , United Kingdom, ASN6461 (ZAYO-6461, US),
Reverse DNS
94.31.29.128.IPYX-077437-ZYO.above.net
Software
NetDNA-cache/2.2 /
Resource Hash
b083e795327ec3d91dfbe4d0ea3ee652d19e1491dcc575db9cfc1a1f8dea5bac

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Mon, 25 Oct 2021 16:30:58 GMT
last-modified
Mon, 31 Dec 2018 09:56:51 GMT
server
NetDNA-cache/2.2
etag
"5c29e7e3-1a98"
x-cache
HIT
content-type
image/gif
cache-control
max-age=31104000
accept-ranges
bytes
content-length
6808
expires
Thu, 20 Oct 2022 16:30:58 GMT
default.css
d2b9l3u54v5v39.cloudfront.net/css/ Frame 2A8C 		1 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://d2b9l3u54v5v39.cloudfront.net/css/default.css
Requested by
Host: bdv.bidvertiser.com
URL: https://bdv.bidvertiser.com/BidVertiser.dbm?pid=556857&bid=1397212&RD=5329892478765&DIF=1&bd_ref_v=en.ntunhs.net&tref=1&win_name=null&docref=&jsrand=5329892478765&js1loc=-&loctitle=%20IP
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.121.84 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Microsoft-IIS/10.0 /
Resource Hash
27306e4a14ab04d39e59d9d73d6fac0fca90bbab3da5d9358c0000b9119c90af

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://bdv.bidvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Mon, 25 Oct 2021 06:16:33 GMT
content-encoding
gzip
last-modified
Mon, 21 Sep 2015 08:25:40 GMT
server
Microsoft-IIS/10.0
age
36873
etag
"70d0ec1947f4d01:0"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
text/css
via
1.1 f7e6fd9466c5c2a3b15f0fb077de1afa.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA60-P2
accept-ranges
bytes
content-length
682
x-amz-cf-id
jZVBYld72Hfq_81djHHJaW33kSe1fVlPGSqh7Y5hEbtLcop6KMYhIg==
278x334.css
d2b9l3u54v5v39.cloudfront.net/css/ Frame 2A8C 		3 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://d2b9l3u54v5v39.cloudfront.net/css/278x334.css?cbst=2
Requested by
Host: bdv.bidvertiser.com
URL: https://bdv.bidvertiser.com/BidVertiser.dbm?pid=556857&bid=1397212&RD=5329892478765&DIF=1&bd_ref_v=en.ntunhs.net&tref=1&win_name=null&docref=&jsrand=5329892478765&js1loc=-&loctitle=%20IP
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.121.84 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Microsoft-IIS/10.0 /
Resource Hash
fe8bfa9fa17ceceaa5409472f51d712185ac0442c84747df85af7b7b68e4ea0d

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://bdv.bidvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Mon, 25 Oct 2021 02:43:22 GMT
content-encoding
gzip
last-modified
Thu, 18 Jan 2018 16:21:03 GMT
server
Microsoft-IIS/10.0
age
49655
etag
"e29fe0557890d31:0"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
text/css
via
1.1 f7e6fd9466c5c2a3b15f0fb077de1afa.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA60-P2
accept-ranges
bytes
content-length
921
x-amz-cf-id
izm2UkyeRcEIv3GeZc-b4UoEi-LU5RM9bm9uPfA58mJTnRRc3CcIsQ==
bdv_fsthd.js
d2b9l3u54v5v39.cloudfront.net/activejs/ Frame 2A8C 		1 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://d2b9l3u54v5v39.cloudfront.net/activejs/bdv_fsthd.js
Requested by
Host: bdv.bidvertiser.com
URL: https://bdv.bidvertiser.com/BidVertiser.dbm?pid=556857&bid=1397212&RD=5329892478765&DIF=1&bd_ref_v=en.ntunhs.net&tref=1&win_name=null&docref=&jsrand=5329892478765&js1loc=-&loctitle=%20IP
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.121.84 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Microsoft-IIS/10.0 /
Resource Hash
871bcbf1631eba9d4218fddb8dd96a075fdf33725e1ff991b345808c15c66617

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://bdv.bidvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Mon, 25 Oct 2021 00:52:37 GMT
via
1.1 f7e6fd9466c5c2a3b15f0fb077de1afa.cloudfront.net (CloudFront)
last-modified
Thu, 14 Jan 2021 11:27:17 GMT
server
Microsoft-IIS/10.0
age
56300
etag
"977ef3668ead61:0"
x-cache
Hit from cloudfront
content-type
application/javascript
x-amz-cf-pop
FRA60-P2
accept-ranges
bytes
content-length
1199
x-amz-cf-id
zjNKUZhR6JxP-btCRVR0HFkslTFJ056uKqQejwhgslffSZkzH1SY4w==
display.php
www.greatdexchange.com/ad/ Frame 543E 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://www.greatdexchange.com/ad/display.php?stamat=m%257C%252Cs43JqYjdrB1dAN0dEdHP3xP.0df%252CZMkKdRAQlkuDbgTABrav5K8yP3pyR5AunZtdoHL5fpKm8KpSHx7xvAUrAnGED5GPJu9p-A-7vN4oFEBUjdFrY2A5k54K7jgryPZH6P8-qok%252C&cbur=0.15244190770843535&cbtitle=All%20IP%20address%20information&cbiframe=0&cbWidth=1600&cbHeight=1200&cbdescription=A%20complete%20database%20for%20IP%2FDN%2FWhois%20lookup.&cbkeywords=%20domain%20name%20lookup%2C%20IP%20address%20lookup%2C%20Whois%2C%20DNS%2C%20Domain%20Name%2C%20ip%20address%2C%20IP%2C%20search%20domain%20name%2C%20global%20domain%20name%20search%2C%20ip%20domain%20name%2C%20whois%20IP%2C%20IP%2FDomain%2C%20domain%20name%20tracker%2C%20ip%20tracker%2C%20track%20domain%2C%20track%20ip%2C%20IP%20to%20domain%2C%20domain%20to%20IP%2C%20google%20map&cbref=
Requested by
Host: www.greatdexchange.com
URL: https://www.greatdexchange.com/a/display.php?r=1079261
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.201.103.0 , Ascension Island, ASN15169 (GOOGLE, US),
Reverse DNS
0.103.201.35.bc.googleusercontent.com
Software
openresty /
Resource Hash

Request headers

:method
GET
:authority
www.greatdexchange.com
:scheme
https
:path
/ad/display.php?stamat=m%257C%252Cs43JqYjdrB1dAN0dEdHP3xP.0df%252CZMkKdRAQlkuDbgTABrav5K8yP3pyR5AunZtdoHL5fpKm8KpSHx7xvAUrAnGED5GPJu9p-A-7vN4oFEBUjdFrY2A5k54K7jgryPZH6P8-qok%252C&cbur=0.15244190770843535&cbtitle=All%20IP%20address%20information&cbiframe=0&cbWidth=1600&cbHeight=1200&cbdescription=A%20complete%20database%20for%20IP%2FDN%2FWhois%20lookup.&cbkeywords=%20domain%20name%20lookup%2C%20IP%20address%20lookup%2C%20Whois%2C%20DNS%2C%20Domain%20Name%2C%20ip%20address%2C%20IP%2C%20search%20domain%20name%2C%20global%20domain%20name%20search%2C%20ip%20domain%20name%2C%20whois%20IP%2C%20IP%2FDomain%2C%20domain%20name%20tracker%2C%20ip%20tracker%2C%20track%20domain%2C%20track%20ip%2C%20IP%20to%20domain%2C%20domain%20to%20IP%2C%20google%20map&cbref=
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://en.ntunhs.net/
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://en.ntunhs.net/

Response headers

server
openresty
date
Mon, 25 Oct 2021 16:30:59 GMT
access-control-allow-origin
*
via
1.1 google
alt-svc
clear
BidVertiser.dbm
bdv.bidvertiser.com/ 		9 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://bdv.bidvertiser.com/BidVertiser.dbm?pid=556857&bid=1397212
Requested by
Host: en.ntunhs.net
URL: https://en.ntunhs.net/IPInfo/EN/index.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.241.51.109 San Jose, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-241-51-109.us-west-1.compute.amazonaws.com
Software
/
Resource Hash
0dab6095a7e07c26dc21102cfb0e3e81eda68ed0681d34b23719bd31bc188539

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://en.ntunhs.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Pragma
no-cache
Expires
-1
Cache-Control
no-store
Connection
close
Content-Length
9014
Content-Type
text/javascript
it-banner-frame.css
p93920.mycdn.co/uicomp/styles/dist/80.2-1/ Frame 453C 		2 KB
924 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://p93920.mycdn.co/uicomp/styles/dist/80.2-1/it-banner-frame.css
Requested by
Host: p93920.mycdn.co
URL: https://p93920.mycdn.co/banners/script/ui_tag_80.2-1.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
94.31.29.128 , United Kingdom, ASN6461 (ZAYO-6461, US),
Reverse DNS
94.31.29.128.IPYX-077437-ZYO.above.net
Software
NetDNA-cache/2.2 /
Resource Hash
f5cee4255bdd9370d50ce0499da2cea95831d5f39eb7a90461a83798d414ad51

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Mon, 25 Oct 2021 16:30:58 GMT
content-encoding
gzip
last-modified
Mon, 24 Jun 2019 11:33:23 GMT
server
NetDNA-cache/2.2
etag
W/"5d10b503-858"
vary
Accept-Encoding, Accept-Encoding
x-cache
HIT
content-type
text/css
cache-control
max-age=31104000
expires
Thu, 20 Oct 2022 16:30:58 GMT
fallback_17x_en.jpg
p93920.mycdn.co/ext/onn/clean/ Frame 453C 		16 KB
16 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://p93920.mycdn.co/ext/onn/clean/fallback_17x_en.jpg
Requested by
Host: en.ntunhs.net
URL: https://en.ntunhs.net/IPInfo/EN/index.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
94.31.29.128 , United Kingdom, ASN6461 (ZAYO-6461, US),
Reverse DNS
94.31.29.128.IPYX-077437-ZYO.above.net
Software
NetDNA-cache/2.2 /
Resource Hash
ab55dbc5cea96ae6448ae8f9cee76548642cb44c8004840bd499c00ef1504498

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Mon, 25 Oct 2021 16:30:59 GMT
last-modified
Mon, 05 Feb 2018 08:27:38 GMT
server
NetDNA-cache/2.2
etag
"5a78157a-3f24"
x-cache
HIT
content-type
image/jpeg
cache-control
max-age=31104000
accept-ranges
bytes
content-length
16164
expires
Thu, 20 Oct 2022 16:30:59 GMT
findBanner
mybetterdl.com/adServe/banners/ 		911 B
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://mybetterdl.com/adServe/banners/findBanner?num=1&keyword=%20domain%20name%20lookup%2C%20IP%20address%20lookup%2C%20Whois%2C%20DNS%2C%20Domain%20Name%2C%20ip%20address%2C%20IP%2C&tid=93920_153711_0&type=js&ar=b&ts=c&ito=https%3A%2F%2Fp93920.mycdn.co&bs=17&referrer=https%3A%2F%2Fen.ntunhs.net%2FIPInfo%2FEN%2Findex.html&ap=cmp%3DBANNER%26evp%3Dw_Wj54-Mm6R-btvhYvn1Jrr-sMNgHtTcJjKiWE4LQROKdfPFv4dDRvgXWuJqA6s-%26sjv%3D132.1%26ctid%3D0%26th%3D1200%26tw%3D1600%26inco%3D0%26tip%3DAll%2520IP%2520address%2520information&pid=93920&popeye=bXg9bnVsbCZteT1udWxsJmN4PW51bGwmY3k9bnVsbCZ3PTE2MDAmaD0xMjAwJmM9MSZzPTEmdD0zJmk9MCZvPTAmc29fZmI9LTEmc29fZ289LTEmc29fZ3A9LTEmc29fdHc9LTEmc3A9MDAwMDAwMDAwMDEwMDAwMDAwMDAwMDAmbW1fbW49MCZtbV9hcz0wJm1tX2FkPTAmbW1fbXQ9MCZtbV9zYz0wJm1tX3NkYz0wJm5jcnM9NA%3D%3D&olive=1&callback=ITC2s2i56jim7w
Requested by
Host: p93920.mycdn.co
URL: https://p93920.mycdn.co/banners/script/ui_tag_80.2-1.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
173.192.101.24 Dallas, United States, ASN36351 (SOFTLAYER, US),
Reverse DNS
18.65.c0ad.ip4.static.sl-reverse.com
Software
nginx /
Resource Hash
73a5f96ff76328d169a033b44f742034dcdca6490ff65c7a2128b689587b2a44

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://en.ntunhs.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 25 Oct 2021 16:30:59 GMT
content-encoding
gzip
server
nginx
vary
Accept-Encoding
p3p
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
cache-control
no-cache
content-type
text/javascript;charset=utf-8
expires
Thu, 01 Jan 1970 00:00:00 GMT
Cookie set BidVertiser.dbm
bdv.bidvertiser.com/ Frame 514C 		5 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://bdv.bidvertiser.com/BidVertiser.dbm?pid=556857&bid=1397212&RD=4823298364558&DIF=1&bd_ref_v=en.ntunhs.net&tref=1&win_name=null&docref=&jsrand=4823298364558&js1loc=-&loctitle=%20IP
Requested by
Host: bdv.bidvertiser.com
URL: https://bdv.bidvertiser.com/BidVertiser.dbm?pid=556857&bid=1397212
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.241.51.109 San Jose, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-241-51-109.us-west-1.compute.amazonaws.com
Software
/
Resource Hash
506908098a3901656ef54aa3aee26d38c9171abf9d843a277aa757fb5b535152

Request headers

Host
bdv.bidvertiser.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://en.ntunhs.net/
Accept-Encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://en.ntunhs.net/

Response headers

Date
Monday, 25-Oct-2021 16:30:59 GMT
Cache-Control
no-store
Last-Modified
Sunday, 25-Oct-2020 16:30:59 GMT
Set-Cookie
bdv_c10p=369; domain=.bidvertiser.com; path=/; expires=Tue, 26-Oct-2021 16:30:59 GMT bdv_c10p=1_1_1; domain=.bidvertiser.com; path=/; expires=Tue, 26-Oct-2021 16:30:59 GMT
P3P
policyref="http://www.bidvertiser.com/bdv/bidvertiser/p3p.xml", CP="NOI DEV PSA PSD IVA OTP OUR OTR IND OTC"
Content-Type
text/html; charset=utf-8
Content-Len
5319
CONNECTION
Close
it-banner-frame.css
p93920.mycdn.co/uicomp/styles/dist/80.2-1/ Frame B5DC 		2 KB
924 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://p93920.mycdn.co/uicomp/styles/dist/80.2-1/it-banner-frame.css
Requested by
Host: p93920.mycdn.co
URL: https://p93920.mycdn.co/banners/script/ui_tag_80.2-1.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
94.31.29.128 , United Kingdom, ASN6461 (ZAYO-6461, US),
Reverse DNS
94.31.29.128.IPYX-077437-ZYO.above.net
Software
NetDNA-cache/2.2 /
Resource Hash
f5cee4255bdd9370d50ce0499da2cea95831d5f39eb7a90461a83798d414ad51

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Mon, 25 Oct 2021 16:30:59 GMT
content-encoding
gzip
last-modified
Mon, 24 Jun 2019 11:33:23 GMT
server
NetDNA-cache/2.2
etag
W/"5d10b503-858"
vary
Accept-Encoding, Accept-Encoding
x-cache
HIT
content-type
text/css
cache-control
max-age=31104000
expires
Thu, 20 Oct 2022 16:30:59 GMT
fallback_17x_en.jpg
p93920.mycdn.co/ext/onn/clean/ Frame B5DC 		16 KB
16 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://p93920.mycdn.co/ext/onn/clean/fallback_17x_en.jpg
Requested by
Host: en.ntunhs.net
URL: https://en.ntunhs.net/IPInfo/EN/index.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
94.31.29.128 , United Kingdom, ASN6461 (ZAYO-6461, US),
Reverse DNS
94.31.29.128.IPYX-077437-ZYO.above.net
Software
NetDNA-cache/2.2 /
Resource Hash
ab55dbc5cea96ae6448ae8f9cee76548642cb44c8004840bd499c00ef1504498

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Mon, 25 Oct 2021 16:30:59 GMT
last-modified
Mon, 05 Feb 2018 08:27:38 GMT
server
NetDNA-cache/2.2
etag
"5a78157a-3f24"
x-cache
HIT
content-type
image/jpeg
cache-control
max-age=31104000
accept-ranges
bytes
content-length
16164
expires
Thu, 20 Oct 2022 16:30:59 GMT
default.css
d2b9l3u54v5v39.cloudfront.net/css/ Frame 514C 		1 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://d2b9l3u54v5v39.cloudfront.net/css/default.css
Requested by
Host: bdv.bidvertiser.com
URL: https://bdv.bidvertiser.com/BidVertiser.dbm?pid=556857&bid=1397212&RD=4823298364558&DIF=1&bd_ref_v=en.ntunhs.net&tref=1&win_name=null&docref=&jsrand=4823298364558&js1loc=-&loctitle=%20IP
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.121.84 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Microsoft-IIS/10.0 /
Resource Hash
27306e4a14ab04d39e59d9d73d6fac0fca90bbab3da5d9358c0000b9119c90af

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://bdv.bidvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Mon, 25 Oct 2021 06:16:33 GMT
content-encoding
gzip
last-modified
Mon, 21 Sep 2015 08:25:40 GMT
server
Microsoft-IIS/10.0
age
36874
etag
"70d0ec1947f4d01:0"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
text/css
via
1.1 f7e6fd9466c5c2a3b15f0fb077de1afa.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA60-P2
accept-ranges
bytes
content-length
682
x-amz-cf-id
NbC0QsWKIMAnQwJ_ozpHXtEPz0kxZSNGezGc7V_X9XwBwIytbXtH2w==
278x334.css
d2b9l3u54v5v39.cloudfront.net/css/ Frame 514C 		3 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://d2b9l3u54v5v39.cloudfront.net/css/278x334.css?cbst=2
Requested by
Host: bdv.bidvertiser.com
URL: https://bdv.bidvertiser.com/BidVertiser.dbm?pid=556857&bid=1397212&RD=4823298364558&DIF=1&bd_ref_v=en.ntunhs.net&tref=1&win_name=null&docref=&jsrand=4823298364558&js1loc=-&loctitle=%20IP
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.121.84 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Microsoft-IIS/10.0 /
Resource Hash
fe8bfa9fa17ceceaa5409472f51d712185ac0442c84747df85af7b7b68e4ea0d

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://bdv.bidvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Mon, 25 Oct 2021 02:43:22 GMT
content-encoding
gzip
last-modified
Thu, 18 Jan 2018 16:21:03 GMT
server
Microsoft-IIS/10.0
age
49656
etag
"e29fe0557890d31:0"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
text/css
via
1.1 f7e6fd9466c5c2a3b15f0fb077de1afa.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA60-P2
accept-ranges
bytes
content-length
921
x-amz-cf-id
ytfJW1-7wc9tEAcZFACIw2QPz81UJN-2kWXZgrOnscgOtoLTYINo5Q==
bdv_fsthd.js
d2b9l3u54v5v39.cloudfront.net/activejs/ Frame 514C 		1 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://d2b9l3u54v5v39.cloudfront.net/activejs/bdv_fsthd.js
Requested by
Host: bdv.bidvertiser.com
URL: https://bdv.bidvertiser.com/BidVertiser.dbm?pid=556857&bid=1397212&RD=4823298364558&DIF=1&bd_ref_v=en.ntunhs.net&tref=1&win_name=null&docref=&jsrand=4823298364558&js1loc=-&loctitle=%20IP
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.121.84 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Microsoft-IIS/10.0 /
Resource Hash
871bcbf1631eba9d4218fddb8dd96a075fdf33725e1ff991b345808c15c66617

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://bdv.bidvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Mon, 25 Oct 2021 00:52:37 GMT
via
1.1 f7e6fd9466c5c2a3b15f0fb077de1afa.cloudfront.net (CloudFront)
last-modified
Thu, 14 Jan 2021 11:27:17 GMT
server
Microsoft-IIS/10.0
age
56301
etag
"977ef3668ead61:0"
x-cache
Hit from cloudfront
content-type
application/javascript
x-amz-cf-pop
FRA60-P2
accept-ranges
bytes
content-length
1199
x-amz-cf-id
8rxHM2uKESL-irJRQj6qFY5m2hdBqN4qMyUxzJnWikp_FNQugvVNTw==
AngleCamEN2.png
en.ntunhs.net/ad/ 		24 KB
25 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://en.ntunhs.net/ad/AngleCamEN2.png
Requested by
Host: en.ntunhs.net
URL: https://en.ntunhs.net/IPInfo/EN/index.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.21.8.118 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9a5d5e64128f409b394dc3c8807089e99b24f9724c834b31461c6400c6655147
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

:path
/ad/AngleCamEN2.png
pragma
no-cache
cookie
rhid_c=0
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
en.ntunhs.net
referer
https://en.ntunhs.net/IPInfo/EN/index.html
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://en.ntunhs.net/IPInfo/EN/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Mon, 25 Oct 2021 16:31:00 GMT
x-content-type-options
nosniff
cf-cache-status
REVALIDATED
x-original-content-length
29361
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
25086
server
cloudflare
etag
W/"PSA-aj-Vc4EiQaVf0"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=V5i2sVm03RycIFWLsgdR1%2FlkdTyG1k9dsqKto7RS3S0yiUeH3wcE1sqHZ8uEw7tt9JUBKkUSsgROgsmNlkL5OEOa2inbCx32Uh8cK8HQSXFtpf9ZoZ2IcfWYJpkm%2BXKV"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=1800
accept-ranges
bytes
cf-ray
6a3cd5271834ee03-CDG
expires
Mon, 25 Oct 2021 16:30:07 GMT
search.png
en.ntunhs.net/ad/ 		26 KB
26 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://en.ntunhs.net/ad/search.png
Requested by
Host: en.ntunhs.net
URL: https://en.ntunhs.net/IPInfo/EN/index.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.21.8.118 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d413a612e2c207b35736597212e46ac6e029d9c49df6c9b5152e0980b9a9d66c
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

:path
/ad/search.png
pragma
no-cache
cookie
rhid_c=0
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
en.ntunhs.net
referer
https://en.ntunhs.net/IPInfo/EN/index.html
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://en.ntunhs.net/IPInfo/EN/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Mon, 25 Oct 2021 16:31:00 GMT
x-content-type-options
nosniff
cf-cache-status
REVALIDATED
x-original-content-length
28599
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
26336
server
cloudflare
etag
W/"PSA-aj-zf5uFdYUfe"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=OKnVakczkxenuV5ORm7aVUvGtZjXJwHh6ZWhPohBF6VqohpZypf4d39XPH7JHHU9VGaZd5ViXFPw2SpqH%2BJasiTWK4Svx50qnvsTYiaF3Ywe8Q8dXYRTh0zNLBhuD4hj"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=1800
accept-ranges
bytes
cf-ray
6a3cd5271836ee03-CDG
expires
Mon, 25 Oct 2021 15:17:39 GMT
language.png
en.ntunhs.net/ad/ 		52 KB
53 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://en.ntunhs.net/ad/language.png
Requested by
Host: en.ntunhs.net
URL: https://en.ntunhs.net/IPInfo/EN/index.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.21.8.118 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
26a71b56b2b21ba875367287ce83440fe06da5dd8270bc46b2bffb0045921cca
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

:path
/ad/language.png
pragma
no-cache
cookie
rhid_c=0
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
en.ntunhs.net
referer
https://en.ntunhs.net/IPInfo/EN/index.html
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://en.ntunhs.net/IPInfo/EN/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Mon, 25 Oct 2021 16:31:00 GMT
x-content-type-options
nosniff
cf-cache-status
REVALIDATED
x-original-content-length
54636
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
53710
server
cloudflare
etag
W/"PSA-aj-CBguAPd6hs"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=LRo3VtsBefPkYx7OuP%2FJyNsVfTe0Gv2iUzjfJ6yIpKaYlvsATlLlQD82dABOHjFmYxHTtJiosb%2FXlkZfYb9%2B9sZRZpJSXX66C0jubkMAzjbPYepLSut7Qj7Hnw59ZF9w"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=1800
accept-ranges
bytes
cf-ray
6a3cd5271839ee03-CDG
expires
Mon, 25 Oct 2021 15:02:06 GMT
ximg04.gif.pagespeed.ic.Qn6LPHKUHi.webp
en.ntunhs.net/images/ 		82 B
746 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://en.ntunhs.net/images/ximg04.gif.pagespeed.ic.Qn6LPHKUHi.webp
Requested by
Host: en.ntunhs.net
URL: https://en.ntunhs.net/js/A.style.css.pagespeed.cf.-GKIhUPb9k.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.21.8.118 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9c5edb41fcd2f0b554544379b048f2d2ead8ba2db0b0743e7d0857488e355858

Request headers

:path
/images/ximg04.gif.pagespeed.ic.Qn6LPHKUHi.webp
pragma
no-cache
cookie
rhid_c=0
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
en.ntunhs.net
referer
https://en.ntunhs.net/js/A.style.css.pagespeed.cf.-GKIhUPb9k.css
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://en.ntunhs.net/js/A.style.css.pagespeed.cf.-GKIhUPb9k.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Mon, 25 Oct 2021 16:31:00 GMT
vary
Accept-Encoding
cf-cache-status
MISS
x-original-content-length
96
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
82
last-modified
Mon, 25 Oct 2021 15:22:07 GMT
server
cloudflare
etag
W/"0"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=1bJDoPdwuqVtYJDTqj9OUtxZ76xqgrhP8KynVuqUnRl4Gmx0zrYdHHlYUu5NNTFzBUURre72XdKu1abPzeapQSNoOaBoIZc%2Bglts6QaRZrIbXr78qY1srNuYm5BeRPVz"}],"group":"cf-nel","max_age":604800}
content-type
image/webp
cache-control
max-age=31536000
accept-ranges
bytes
cf-ray
6a3cd527183dee03-CDG
link
<http://en.ntunhs.net/images/img04.gif>; rel="canonical"
expires
Tue, 25 Oct 2022 15:22:07 GMT
Cookie set BidVertiser.dbm
bdv.bidvertiser.com/ Frame 6EA7 		5 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://bdv.bidvertiser.com/BidVertiser.dbm?pid=556857&bid=1397212&RD=5317702522882&DIF=1&bd_ref_v=en.ntunhs.net&tref=1&win_name=null&docref=&jsrand=5317702522882&js1loc=-&loctitle=%20IP
Requested by
Host: bdv.bidvertiser.com
URL: https://bdv.bidvertiser.com/BidVertiser.dbm?pid=556857&bid=1397212
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.241.51.109 San Jose, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-241-51-109.us-west-1.compute.amazonaws.com
Software
/
Resource Hash
506908098a3901656ef54aa3aee26d38c9171abf9d843a277aa757fb5b535152

Request headers

Host
bdv.bidvertiser.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://en.ntunhs.net/
Accept-Encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://en.ntunhs.net/

Response headers

Date
Monday, 25-Oct-2021 16:31:00 GMT
Cache-Control
no-store
Last-Modified
Sunday, 25-Oct-2020 16:31:00 GMT
Set-Cookie
bdv_c10p=369; domain=.bidvertiser.com; path=/; expires=Tue, 26-Oct-2021 16:31:00 GMT bdv_c10p=1_1_1; domain=.bidvertiser.com; path=/; expires=Tue, 26-Oct-2021 16:31:00 GMT
P3P
policyref="http://www.bidvertiser.com/bdv/bidvertiser/p3p.xml", CP="NOI DEV PSA PSD IVA OTP OUR OTR IND OTC"
Content-Type
text/html; charset=utf-8
Content-Len
5319
CONNECTION
Close
default.css
d2b9l3u54v5v39.cloudfront.net/css/ Frame 6EA7 		1 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://d2b9l3u54v5v39.cloudfront.net/css/default.css
Requested by
Host: bdv.bidvertiser.com
URL: https://bdv.bidvertiser.com/BidVertiser.dbm?pid=556857&bid=1397212&RD=5317702522882&DIF=1&bd_ref_v=en.ntunhs.net&tref=1&win_name=null&docref=&jsrand=5317702522882&js1loc=-&loctitle=%20IP
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.121.84 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Microsoft-IIS/10.0 /
Resource Hash
27306e4a14ab04d39e59d9d73d6fac0fca90bbab3da5d9358c0000b9119c90af

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://bdv.bidvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Mon, 25 Oct 2021 06:16:33 GMT
content-encoding
gzip
last-modified
Mon, 21 Sep 2015 08:25:40 GMT
server
Microsoft-IIS/10.0
age
36876
etag
"70d0ec1947f4d01:0"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
text/css
via
1.1 f7e6fd9466c5c2a3b15f0fb077de1afa.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA60-P2
accept-ranges
bytes
content-length
682
x-amz-cf-id
hPMqgTRfk2EKMUXtN-MrCmtr2F470J9t_HfI6uQfAVXCqgmMmKnV_A==
278x334.css
d2b9l3u54v5v39.cloudfront.net/css/ Frame 6EA7 		3 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://d2b9l3u54v5v39.cloudfront.net/css/278x334.css?cbst=2
Requested by
Host: bdv.bidvertiser.com
URL: https://bdv.bidvertiser.com/BidVertiser.dbm?pid=556857&bid=1397212&RD=5317702522882&DIF=1&bd_ref_v=en.ntunhs.net&tref=1&win_name=null&docref=&jsrand=5317702522882&js1loc=-&loctitle=%20IP
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.121.84 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Microsoft-IIS/10.0 /
Resource Hash
fe8bfa9fa17ceceaa5409472f51d712185ac0442c84747df85af7b7b68e4ea0d

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://bdv.bidvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Mon, 25 Oct 2021 02:43:22 GMT
content-encoding
gzip
last-modified
Thu, 18 Jan 2018 16:21:03 GMT
server
Microsoft-IIS/10.0
age
49658
etag
"e29fe0557890d31:0"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
text/css
via
1.1 f7e6fd9466c5c2a3b15f0fb077de1afa.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA60-P2
accept-ranges
bytes
content-length
921
x-amz-cf-id
ERsUstV_8rk5bH0TPKCyJEztyxP-DOc8h39JEyUAFAYLlvX0smMmWg==
bdv_fsthd.js
d2b9l3u54v5v39.cloudfront.net/activejs/ Frame 6EA7 		1 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://d2b9l3u54v5v39.cloudfront.net/activejs/bdv_fsthd.js
Requested by
Host: bdv.bidvertiser.com
URL: https://bdv.bidvertiser.com/BidVertiser.dbm?pid=556857&bid=1397212&RD=5317702522882&DIF=1&bd_ref_v=en.ntunhs.net&tref=1&win_name=null&docref=&jsrand=5317702522882&js1loc=-&loctitle=%20IP
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.121.84 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Microsoft-IIS/10.0 /
Resource Hash
871bcbf1631eba9d4218fddb8dd96a075fdf33725e1ff991b345808c15c66617

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://bdv.bidvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Mon, 25 Oct 2021 00:52:37 GMT
via
1.1 f7e6fd9466c5c2a3b15f0fb077de1afa.cloudfront.net (CloudFront)
last-modified
Thu, 14 Jan 2021 11:27:17 GMT
server
Microsoft-IIS/10.0
age
56303
etag
"977ef3668ead61:0"
x-cache
Hit from cloudfront
content-type
application/javascript
x-amz-cf-pop
FRA60-P2
accept-ranges
bytes
content-length
1199
x-amz-cf-id
eNkApTj6CS4OhOLh28D4IsKqefwy0wOax-xlBTVtNBLiKWuvmPgyYw==
mod_pagespeed_beacon
en.ntunhs.net/ 		0
507 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://en.ntunhs.net/mod_pagespeed_beacon?url=http%3A%2F%2Fen.ntunhs.net%2FIPInfo%2FEN%2Findex.html
Requested by
Host: en.ntunhs.net
URL: https://en.ntunhs.net/IPInfo/EN/index.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.21.8.118 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-fetch-mode
cors
origin
https://en.ntunhs.net
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
sec-fetch-dest
empty
cookie
rhid_c=0
content-length
41
:path
/mod_pagespeed_beacon?url=http%3A%2F%2Fen.ntunhs.net%2FIPInfo%2FEN%2Findex.html
pragma
no-cache
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
content-type
application/x-www-form-urlencoded
accept
*/*
cache-control
no-cache
:authority
en.ntunhs.net
referer
https://en.ntunhs.net/IPInfo/EN/index.html
:scheme
https
sec-fetch-site
same-origin
:method
POST
Referer
https://en.ntunhs.net/IPInfo/EN/index.html
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

date
Mon, 25 Oct 2021 16:31:01 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=wol0sHAGnTdm7y53s0u6VCJfqvLlP23RPn0lpE2IA6DjQdGZHOyi5H3KmL2Q%2B0PWXUiWYZAfHWNcbXtiPwWl3DU7zMTqEtel7yOds9ilwR%2Ba61GhkNAmYwO978MZlxwi"}],"group":"cf-nel","max_age":604800}
cache-control
max-age=0, no-cache
cf-ray
6a3cd52f7ca9ee03-CDG
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400

Verdicts & Comments Add Verdict or Comment

103 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| 4 object| 5 object| 6 object| 7 object| 8 object| 9 object| 10 object| onbeforexrselect boolean| originAgentCluster string| mod_pagespeed_HSWP9g5H70 string| mod_pagespeed_nVkrV_lJ8A number| SW number| SH number| SD object| pagespeed string| mod_pagespeed_C2582D3yf4 string| mod_pagespeed_4rq88P57Or string| mod_pagespeed_v7cPBEgqQK function| inIframe function| checkDocumentBody function| documentAsyncWriteElementFromHtml function| ReopenUrlBuilder object| browser object| builder string| url string| content function| L1ss function| l8T number| w5YYYY function| F1ss object| _$cmp object| _$pt function| F4cc function| setImmediate function| clearImmediate object| _rhat4 string| _p string| BDVHDRFUNCS number| statechanged object| bdvscripts object| myScript string| myScriptSrc object| docscripts number| bdvfound number| docscripts_index string| tmpScriptSrc string| queryString string| dec_pid string| dec_bid number| doppdano object| mybvD string| nocachen undefined| bvdbgwrbnr object| _mq number| BDVADCNT object| bdvcheckBody string| ifrdom object| _anmq string| BDVINJFUNC string| loctitle number| tref string| win_name string| docref string| currjs1loc string| trcref number| locfoundmeta object| bvlockeywords object| bvkwarray object| bvmeta number| bvx number| bvy undefined| bvtttilemx number| kw2try number| gapp object| bdvmntppchk object| bdvmntsldchk string| bdvbnr2_rnd object| bdvfrstobjwrp object| bdvsndobj object| params string| method function| getQuerystring3 function| bdvfixqs function| bdvbnrsetCookie function| bdvbnrgetCookie function| bdv_setifrmsize function| bdvprocess number| sndmx1397212 undefined| __residual undefined| __abstract undefined| __optimize function| Edd2906Ae488 function| _bp object| rhpt18926 function| _$ object| myiframe object| ADs function| RandomADs object| d

3 Cookies

Domain/Path Name / Value
.mybetterdl.com/adServe Name: capdata
Value: 490218s.1_1635179459%7C714719s.1_1635179458%7C643145s.1_1635179458
en.ntunhs.net/ Name: rhid_c
Value: 0
.mybetterdl.com/ Name: rhid
Value: 79960490475

10 Console Messages

Source Level URL
Text
javascript warning
Message:
A parser-blocking, cross site (i.e. different eTLD+1) script, https://www.greatdexchange.com/a/display.php?r=1079261, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
javascript warning
Message:
A parser-blocking, cross site (i.e. different eTLD+1) script, https://www.greatdexchange.com/a/display.php?r=1079261, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
javascript warning
Message:
A parser-blocking, cross site (i.e. different eTLD+1) script, https://p93920.clksite.com/adServe/banners?tid=93920_153711_0, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
javascript warning
Message:
A parser-blocking, cross site (i.e. different eTLD+1) script, https://bdv.bidvertiser.com/BidVertiser.dbm?pid=556857&bid=1397212, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
javascript warning
Message:
A parser-blocking, cross site (i.e. different eTLD+1) script, https://www.greatdexchange.com/a/display.php?r=1079261, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
javascript warning
Message:
A parser-blocking, cross site (i.e. different eTLD+1) script, https://p93920.clksite.com/adServe/banners?tid=93920_153711_0, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
javascript warning
Message:
A parser-blocking, cross site (i.e. different eTLD+1) script, https://bdv.bidvertiser.com/BidVertiser.dbm?pid=556857&bid=1397212, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
javascript warning
Message:
A parser-blocking, cross site (i.e. different eTLD+1) script, https://www.greatdexchange.com/a/display.php?r=1079261, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
javascript warning
Message:
A parser-blocking, cross site (i.e. different eTLD+1) script, https://p93920.clksite.com/adServe/banners?tid=93920_153711_0, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
javascript warning
Message:
A parser-blocking, cross site (i.e. different eTLD+1) script, https://bdv.bidvertiser.com/BidVertiser.dbm?pid=556857&bid=1397212, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

bdv.bidvertiser.com
clksite.com
d2b9l3u54v5v39.cloudfront.net
en.ntunhs.net
mybetterdl.com
p93920.clksite.com
p93920.mycdn.co
tracker.ntunhs.net
www.greatdexchange.com
104.21.8.118
173.192.101.24
18.66.121.84
35.201.103.0
54.241.51.109
94.31.29.128
07239c47249d1274fd82766fa758789951780a6c31921863cc0a321e65d22ec4
0dab6095a7e07c26dc21102cfb0e3e81eda68ed0681d34b23719bd31bc188539
1487124cc03b9f8bf440b8fa727cafe299a564fabefbf4e923df210352f0da99
26a71b56b2b21ba875367287ce83440fe06da5dd8270bc46b2bffb0045921cca
27306e4a14ab04d39e59d9d73d6fac0fca90bbab3da5d9358c0000b9119c90af
2e43a4dba40cfdbd5a628c6b10c4f53fff5c8b04e1b838eddb1d710dc165c002
3f3cfb3edcca5285b4753ed44519f2cc1e167a068e2d558c4542a141b3edd3ad
506908098a3901656ef54aa3aee26d38c9171abf9d843a277aa757fb5b535152
50c5aaf8fce8f2b07b928eaa46ab4f7b0fa1c50b72b1a2a8c61f496e5bb5502e
5e5eb667363388fc2b477594a410afd53abc3c33021b40de140fe52a16e836f9
60c41d8b4f88460344083f31cdf52f55c55df9a05fcbab462968a413e27546e8
73a5f96ff76328d169a033b44f742034dcdca6490ff65c7a2128b689587b2a44
871bcbf1631eba9d4218fddb8dd96a075fdf33725e1ff991b345808c15c66617
8782279b1ac7286e4167d1d1a72f05a90df10b4e476a222b9c5123601f5f84da
8a1e59ae28b7169b8dd533eab297b904d2417a1cba84e57be30d71e7bd717feb
9a5d5e64128f409b394dc3c8807089e99b24f9724c834b31461c6400c6655147
9c5edb41fcd2f0b554544379b048f2d2ead8ba2db0b0743e7d0857488e355858
a77af61be768ce1227a9a844088c78a98b3cd0cc522592b60dc59a9a7c1c07c8
a9d300afcd9d8841abe499285cb03c3b2e2e6d66ecb0d028d2bba64c77246d47
ab55dbc5cea96ae6448ae8f9cee76548642cb44c8004840bd499c00ef1504498
b083e795327ec3d91dfbe4d0ea3ee652d19e1491dcc575db9cfc1a1f8dea5bac
d413a612e2c207b35736597212e46ac6e029d9c49df6c9b5152e0980b9a9d66c
dcabc0ad3d847168838f767b84c6aee7796f6538909fb0970362613e1bf59590
de88f686fd14ecca7e6addc021de16209e8cda948a9d3eb9f8d492ac9bd08f75
e1f54bc648236694089e57cde5c6127193ed1a7231aa309f171b603f422e7868
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
f2eb56db064f8970ff0fa9e08dea4cc2c811bdced753e18829550f1efc67a9bd
f5cee4255bdd9370d50ce0499da2cea95831d5f39eb7a90461a83798d414ad51
fe08d8b9b5cce12bc7d204500e5665add3225795e02b445c0cdaf6fe6be42c21
fe3f06f5eabf63f8e14305eec2ba633ccbaa5d70ef559a0cd4ba59f465cf90b8
fe8bfa9fa17ceceaa5409472f51d712185ac0442c84747df85af7b7b68e4ea0d