link.uhc.fr.nf Open in urlscan Pro
45.87.41.89 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://www.link.uhc.fr.nf/
Effective URL:
https://link.uhc.fr.nf/
Submission: On March 24 via api (March 24th 2024, 6:22:46 pm UTC) from US — Scanned from FR

Summary HTTP 55 Redirects Links 1 Behaviour Indicators

Summary

This website contacted 24 IPs in 4 countries across 24 domains to perform 55 HTTP transactions. The main IP is 45.87.41.89, located in Groningen, Netherlands and belongs to SPECTRAIP SpectraIP B.V., NL. The main domain is link.uhc.fr.nf.
TLS certificate: Issued by R3 on March 23rd 2024. Valid for: 3 months.

This is the only time link.uhc.fr.nf was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 2	45.87.41.89 45.87.41.89	62068 (SPECTRAIP...) (SPECTRAIP SpectraIP B.V.)
1	2a00:1450:400... 2a00:1450:4001:831::200a	15169 (GOOGLE) (GOOGLE)
2	2606:4700::68... 2606:4700::6812:acf	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2606:4700::68... 2606:4700::6811:180e	13335 (CLOUDFLAR...) (CLOUDFLARENET)
4	2606:4700:303... 2606:4700:3030::6815:b3d	13335 (CLOUDFLAR...) (CLOUDFLARENET)
7	2a00:1450:400... 2a00:1450:4001:831::2008	15169 (GOOGLE) (GOOGLE)
6	2a00:1450:400... 2a00:1450:4001:809::200e	15169 (GOOGLE) (GOOGLE)
1 1	2606:4700:303... 2606:4700:3030::6815:251b	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3	2a06:98c1:312... 2a06:98c1:3121::3	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3	2001:4860:480... 2001:4860:4802:32::36	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:400c:c00::9c	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:806::2003	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:808::2004	15169 (GOOGLE) (GOOGLE)
1	2a06:98c1:312... 2a06:98c1:3120::3	13335 (CLOUDFLAR...) (CLOUDFLARENET)
5	5.45.74.150 5.45.74.150	58061 (SCALAXY-AS) (SCALAXY-AS)
4	2606:4700:303... 2606:4700:3035::ac43:8726	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a02:b4a:1:7:... 2a02:b4a:1:7::9273:1	39572 (ADVANCEDH...) (ADVANCEDHOSTERS-AS)
1	2a02:b4a:1:7:... 2a02:b4a:1:7::5647:1	39572 (ADVANCEDH...) (ADVANCEDHOSTERS-AS)
1	2a00:1450:400... 2a00:1450:4001:830::2002	15169 (GOOGLE) (GOOGLE)
1	2a02:b4a:1:7:... 2a02:b4a:1:7::9274:1	39572 (ADVANCEDH...) (ADVANCEDHOSTERS-AS)
1 1	2606:4700:303... 2606:4700:3033::6815:5e4b	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	50.7.24.35 50.7.24.35	174 (COGENT-174) (COGENT-174)
1	2606:4700:303... 2606:4700:3035::ac43:be41	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	109.206.168.17 109.206.168.17	50245 (SERVEREL-AS) (SERVEREL-AS)
2 2	109.206.162.121 109.206.162.121	50245 (SERVEREL-AS) (SERVEREL-AS)
2	136.243.32.106 136.243.32.106	24940 (HETZNER-AS) (HETZNER-AS)
55	24

2 45.87.41.89 (Groningen, Netherlands) 1 redirects

ASN62068 (SPECTRAIP SpectraIP B.V., NL)
PTR: static.45-87-41-89.spectraip.net

www.link.uhc.fr.nf	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
link.uhc.fr.nf	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:831::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

ajax.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700::6812:acf (United States)

ASN13335 (CLOUDFLARENET, US)

maxcdn.bootstrapcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700::6811:180e (United States)

ASN13335 (CLOUDFLARENET, US)

cdnjs.cloudflare.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2606:4700:3030::6815:b3d (United States)

ASN13335 (CLOUDFLARENET, US)

fastcdn.jdi5.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
counter.jdi5.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
imgcdn1.jdi5.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2a00:1450:4001:831::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a00:1450:4001:809::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:3030::6815:251b (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

tinyfast.xyz	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a06:98c1:3121::3 (United States)

ASN13335 (CLOUDFLARENET, US)

www1.btc747.xyz	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2001:4860:4802:32::36 (United States)

ASN15169 (GOOGLE, US)

region1.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
region1.analytics.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:400c:c00::9c (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:806::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.fr	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:808::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a06:98c1:3120::3 (United States)

ASN13335 (CLOUDFLARENET, US)

nwwais.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 5.45.74.150 (Dronten, Netherlands)

ASN58061 (SCALAXY-AS, LV)
PTR: zmta28.corpresponse.com

greenfox.ink	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2606:4700:3035::ac43:8726 (United States)

ASN13335 (CLOUDFLARENET, US)

1337x1.wb4.xyz	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:b4a:1:7::9273:1 (Netherlands)

ASN39572 (ADVANCEDHOSTERS-AS, NL)

tdmrfw.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:b4a:1:7::5647:1 (Netherlands)

ASN39572 (ADVANCEDHOSTERS-AS, NL)

wivyiz.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:830::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:b4a:1:7::9274:1 (Netherlands)

ASN39572 (ADVANCEDHOSTERS-AS, NL)

ptxhzp.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:3033::6815:5e4b (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

revive.stats.rip	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 50.7.24.35 (Halfweg, Netherlands)

ASN174 (COGENT-174, US)

amd-cdn-1.absole-catenaliggette-i-282.site	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:3035::ac43:be41 (United States)

ASN13335 (CLOUDFLARENET, US)

px.greenfox.ink	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 109.206.168.17 (Amsterdam, Netherlands)

ASN50245 (SERVEREL-AS, US)
PTR: 109.206.168.17.serverel.net

jswww.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 109.206.162.121 (Amsterdam, Netherlands) 2 redirects

ASN50245 (SERVEREL-AS, US)
PTR: 121.162.serverel.net

imcod.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 136.243.32.106 (Berlin, Germany)

ASN24940 (HETZNER-AS, DE)
PTR: push-house-cdn-206.t.push.house

img.cdn.house	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
8	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 101 region1.google-analytics.com — Cisco Umbrella Rank: 1728	62 KB
7	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 114	578 KB
6	greenfox.ink greenfox.ink — Cisco Umbrella Rank: 231696 px.greenfox.ink — Cisco Umbrella Rank: 266068	9 KB
4	wb4.xyz 1337x1.wb4.xyz	30 KB
4	jdi5.com fastcdn.jdi5.com — Cisco Umbrella Rank: 911383 counter.jdi5.com — Cisco Umbrella Rank: 818031 imgcdn1.jdi5.com	5 KB
3	btc747.xyz www1.btc747.xyz	3 KB
2	cdn.house img.cdn.house — Cisco Umbrella Rank: 8133	7 KB
2	imcod.net 2 redirects imcod.net — Cisco Umbrella Rank: 12399	846 B
2	google.fr www.google.fr — Cisco Umbrella Rank: 14198	515 B
2	google.com region1.analytics.google.com — Cisco Umbrella Rank: 2066 www.google.com — Cisco Umbrella Rank: 5	453 B
2	doubleclick.net stats.g.doubleclick.net — Cisco Umbrella Rank: 195	396 B
2	cloudflare.com cdnjs.cloudflare.com — Cisco Umbrella Rank: 387	82 KB
2	bootstrapcdn.com maxcdn.bootstrapcdn.com — Cisco Umbrella Rank: 1828	27 KB
2	fr.nf 1 redirects www.link.uhc.fr.nf link.uhc.fr.nf	3 KB
1	jswww.net jswww.net — Cisco Umbrella Rank: 913130	16 KB
1	absole-catenaliggette-i-282.site amd-cdn-1.absole-catenaliggette-i-282.site — Cisco Umbrella Rank: 234352	46 KB
1	stats.rip 1 redirects revive.stats.rip — Cisco Umbrella Rank: 134653	589 B
1	ptxhzp.com ptxhzp.com — Cisco Umbrella Rank: 70902
1	googlesyndication.com pagead2.googlesyndication.com — Cisco Umbrella Rank: 143
1	wivyiz.com wivyiz.com — Cisco Umbrella Rank: 63218
1	tdmrfw.com tdmrfw.com — Cisco Umbrella Rank: 62075	157 B
1	nwwais.com nwwais.com — Cisco Umbrella Rank: 155756	25 KB
1	tinyfast.xyz 1 redirects tinyfast.xyz — Cisco Umbrella Rank: 905199	466 B
1	googleapis.com ajax.googleapis.com — Cisco Umbrella Rank: 716	30 KB
55	24

	Domain	Requested by
7	www.googletagmanager.com	link.uhc.fr.nf www.googletagmanager.com www.google-analytics.com www1.btc747.xyz 1337x1.wb4.xyz
6	www.google-analytics.com	counter.jdi5.com www.google-analytics.com link.uhc.fr.nf www.googletagmanager.com
5	greenfox.ink	www1.btc747.xyz greenfox.ink
4	1337x1.wb4.xyz	www1.btc747.xyz 1337x1.wb4.xyz
3	www1.btc747.xyz	link.uhc.fr.nf
2	img.cdn.house	srcdoc
2	imcod.net	2 redirects
2	www.google.fr	link.uhc.fr.nf
2	stats.g.doubleclick.net	www.google-analytics.com www.googletagmanager.com
2	region1.google-analytics.com	www.googletagmanager.com
2	counter.jdi5.com	link.uhc.fr.nf counter.jdi5.com
2	cdnjs.cloudflare.com	link.uhc.fr.nf cdnjs.cloudflare.com
2	maxcdn.bootstrapcdn.com	link.uhc.fr.nf
1	jswww.net	1337x1.wb4.xyz
1	px.greenfox.ink
1	amd-cdn-1.absole-catenaliggette-i-282.site
1	revive.stats.rip	1 redirects
1	ptxhzp.com	nwwais.com
1	pagead2.googlesyndication.com	nwwais.com
1	wivyiz.com	nwwais.com
1	tdmrfw.com	nwwais.com
1	nwwais.com	www1.btc747.xyz
1	www.google.com	link.uhc.fr.nf
1	region1.analytics.google.com	www.googletagmanager.com
1	imgcdn1.jdi5.com	link.uhc.fr.nf
1	tinyfast.xyz	1 redirects
1	fastcdn.jdi5.com	link.uhc.fr.nf
1	ajax.googleapis.com	link.uhc.fr.nf
1	link.uhc.fr.nf
1	www.link.uhc.fr.nf	1 redirects
55	30

This site contains links to these domains. Also see Links.

Domain
t.me

Subject Issuer	Validity	Valid
link.uhc.fr.nf R3	`2024-03-23` - `2024-06-21`	3 months	crt.sh
upload.video.google.com GTS CA 1C3	`2024-02-26` - `2024-05-20`	3 months	crt.sh
bootstrapcdn.com GTS CA 1P5	`2024-01-28` - `2024-04-27`	3 months	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2023-07-03` - `2024-07-02`	a year	crt.sh
jdi5.com GTS CA 1P5	`2024-03-13` - `2024-06-11`	3 months	crt.sh
*.google-analytics.com GTS CA 1C3	`2024-02-26` - `2024-05-20`	3 months	crt.sh
btc747.xyz E1	`2024-01-26` - `2024-04-25`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2024-02-26` - `2024-05-20`	3 months	crt.sh
*.google.fr GTS CA 1C3	`2024-02-26` - `2024-05-20`	3 months	crt.sh
www.google.com GTS CA 1C3	`2024-02-26` - `2024-05-20`	3 months	crt.sh
nwwais.com GTS CA 1P5	`2024-03-20` - `2024-06-18`	3 months	crt.sh
greenfox.ink R3	`2024-01-19` - `2024-04-18`	3 months	crt.sh
wb4.xyz GTS CA 1P5	`2024-02-16` - `2024-05-16`	3 months	crt.sh
tdmrfw.com R3	`2024-01-17` - `2024-04-16`	3 months	crt.sh
wivyiz.com R3	`2024-01-18` - `2024-04-17`	3 months	crt.sh
ptxhzp.com R3	`2024-01-18` - `2024-04-17`	3 months	crt.sh
jswww.net R3	`2024-02-06` - `2024-05-06`	3 months	crt.sh

This page contains 4 frames:

Primary Page: https://link.uhc.fr.nf/
Frame ID: 5EDA8555F91414F167C064DF709708E4
Requests: 25 HTTP requests in this frame

Frame: https://www1.btc747.xyz/2024/03/joe-biden-met-with-wes-edens-and-doc.html
Frame ID: A369541FF559BED114604D9663190EA1
Requests: 19 HTTP requests in this frame

Frame: https://1337x1.wb4.xyz/2019/05/nehari-recipe.html
Frame ID: D0CD67C9CCFDAFAF7969E906FDE72D5F
Requests: 8 HTTP requests in this frame

Frame: https://img.cdn.house/i/1/e7ZHVOgntf01GID9yToqvMxHtBXfZheXA62C8OPfqbBMYcGPCcu86ulm4j8G3Q1-0Iw1S-WwHQLStH6B9pwIiRmKxu52GdSgeTNtQAK_q4aN0YVbF4SgrDjinO43wrsCSf7hf3JzDj_RsTAovFWGoPml6rAGCEYpi63W2Sj4n6EcQJ9mGU4qTM-g5kTnWck=
Frame ID: 8EB361800CBB9F67E2852E229C6345D3
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

link.uhc.fr.nf

Page URL History Show full URLs

http://www.link.uhc.fr.nf/ HTTP 302
https://link.uhc.fr.nf/ Page URL

Detected technologies

Bootstrap (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]*?bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.css
bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js

Font Awesome (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+(?:([\d.]+)/)?(?:css/)?font-awesome(?:\.min)?\.css
<link[^>]* href=[^>]*?(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtag/js

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

/([\d.]+)/jquery(?:\.min)?\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

55
Requests

91 %
HTTPS

77 %
IPv6

24
Domains

30
Subdomains

24
IPs

4
Countries

960 kB
Transfer

2432 kB
Size

10
Cookies

1 Outgoing links

These are links going to different origins than the main page.

URL: https://t.me/
Title: Join Us On Telegram

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://www.link.uhc.fr.nf/ HTTP 302
https://link.uhc.fr.nf/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 9

https://tinyfast.xyz/red2.php?rand=zH23fc50bede941d0251e3034aa3a3f5d7&id=27 HTTP 302
https://www1.btc747.xyz/submit.php

Request Chain 45

https://revive.stats.rip/?type=2&service=test&advertiser=BATERY_PageBanners&custom=43519b58b68d940f8734726dfed6c5c9|1|aino.sbs&atype=2&banner=BATERY_ipl&redirect=https%3A%2F%2Famd-cdn-1.absole-catenaliggette-i-282.site%2Fcontent%2Fstream%2FBatery%2F500x200_ipl_2024_22_march.jpg HTTP 302
https://amd-cdn-1.absole-catenaliggette-i-282.site/content/stream/Batery/500x200_ipl_2024_22_march.jpg

Request Chain 51

https://imcod.net/b2/l/i/icon?asid=3288688236pQcnNbeq&cid=1&did=ZkdkY3o&eid=10592&n=bcab2c5b58c0cbae4def4d14&nid=1&sid=CUMWNbWwAQ1dQi%2FMPG59G%2BuGX5DxSCKfzdNNYaC5Zp7AIAiGtsAK902dfka3%2BmcM5VB8R5oMxHbZzJnDXiHEMEK9zKyLNO0ut0dd6yH8MSgERh2%2BEGGsC82P3cJfiqlmR9ktOMPc%2FMBUAf35ipUqsoRYi5eoTTZKUHuChxJohGRJBXW1MXmDgW1Gn9e31DuRYZnikqOaGRFFErGrgrKo%2FAa9n%2FBc3Y244LPTnTRzkSXJP4WK5wcRh7n3UN7dZLcSgGnyeYGvuvLLkWy9YZfhKdBKkZRqAzvDYBhyGjhmj2ne0g0ZtCdMt0I5rIflPs89bmEpgHfl4IM0yjCPv8%2Bx054v4Djp3v%2BQcmuPbvU7jZurZrjtWThceRVKgfmw6Dcx%2Fte9FIaoaarLq%2FvSI2Fee9QmyNv4szY4oQkMxKpngpJbwct%2BkJfT5DOfz5IGYc6nTBgJmFVkhC4jdfKJJMyrlhckNpfK%2BnHtbNO9UjqI3ikLjs9ds5xI86A797Ti23wGNnK%2BegzEryyHwm2wATz4qt5tnI1kvqKq0bV1mG563yVw3bFtJ7tBGAXt9P%2FVez3JB4dQDbD1Am72VA0hkOM3MrEE5gsY2D0HTcHkTkTKJK2vtoqy%2BgP%2FOikCPm5tMMVMOZkk7ZMWBiR4QWwraLexwTW0hupLc8vClMVm2D0B0CKkI%2BaC%2Fn0rrtD%2BcuKKzT9HYnR8QHZuV0F%2FEx7lrQH4YZPadQm5jdpFRjP8ni0V7idAkr3k7fvQ3m%2F6y4%2BajnfPrSePP7N%2B%2FPhDn%2FvRbheT1lvUxhHUGXetOOb6jjlOpknmq9ZEo%2FVOaSJ78zAuuV17OMSp%2B0M93M%2BivDY7lias6l6IpJQ9tNydVvPHiEaq%2BMJYe9v14M%2FDLLgQ%2BUvI%2BSCDf6G2ky52qwRCC9FGHpFe1NgEcsRpsPNGRCeDMPay384dUxq4N1Ll8hQMxpRxzvoYgHWcF4FRfqXkis7j%2Fwe50vPf%2BEsuajQZgrtFPqlW4NyvloyVP8sJNNTGBGIRcLBRk0XybpH55tMb7MIKjIjbh3q6c0%2FrWkGhsIPVqVAwIoVM8UtqLD%2FvEx2oiTvoApz6Way5qtKM4lvLNzPvu2sXLos1DJLtq92e4Tz4%2BAEOAF9TbL2SWeK2BmbU%2B1BL1P1c9Ek9mXBCxw2bcVPKsTn6BRo1RBaIontmSbvlLGf67iVue7oxdW67WhE8PPSVoGtdSDAolobEu93jJmNWS%2FaRbzA7M0vYT8mQLyaRU%2B%2BM3q4NXpyxizlIY9RCYI9iL9GdU4NTLrIXy%2BbY0AMjZbde99bd3SVW2D0i%2FaU9Y2G4we6ZpmNg68ZWl5UxrgbaCfsyys569n2WrAzQKFSouo7ej3PaVkjLQj6uYAzGcxgPtY8WlGwC0htWRenhGOG9DF0C8KisHRyu99JEwLlzrIntaIyIrR58%2FqxJdzqR%2BzMHYiENhsRIAQy4i5M1MudRVe7COF6BPURMfiagLkOQZaHSwvSUYIDdPL6kYmy6dN84CqPLW78EvpUEVx2reNCAvMi8mBk7%2FMcMhfERxoneg1HP4Gde2YKC1cKHunvzWo0GQXuyKpEsfGTXTw8z7XB7nyUZ27xfwUoFo6gOm3xZio6z%2BqUynLmDSb2k7DsaGyaepJG%2BPnxRn%2B4u8PTU6WvyxyII9rAnjdg0IsMd8g%2FYXN3mIrbN0cFEOcAq4s6VvBON82vr5YYSc%2F8rWhEluXJ2Q0Ql3lXSuYet2d8BMyRDiSrUuWxWGZ%2F0jypRrCbnBpW351%2FJiWnhwGZ0nt%2BBjEVky8WYP2qdE%2F3wtd%2Bzqxzgzf8FO5nz2FZYOXa49vddkFRiHK3dqc719%2FvBCmqz4ABB5BpcZL%2BU62hBspKkA5xRF80h0H4WxpfkjweklwzJ9mUcgGMgVewwMtR0d7kmK%2BTvwxcIX6M8VxqLUHnwBvJfVul6lf3A30za9Aap0VNQ%2FD5Hel4owMRAHBjv3SUjk%2FJduSst4BtDXPJieiTwH71G23AFados2FZwYBSapjhuLzLvL3Kaw%2B0of2Oa9vJHB57%2F1qVMY59Axkz%2BUcw&ssid=3288688236pQcnNbeq&ts=1711304564&ttl=7200&v=v5.11.2 HTTP 302
https://img.cdn.house/i/1/e7ZHVOgntf01GID9yToqvMxHtBXfZheXA62C8OPfqbBMYcGPCcu86ulm4j8G3Q1-0Iw1S-WwHQLStH6B9pwIiRmKxu52GdSgeTNtQAK_q4aN0YVbF4SgrDjinO43wrsCSf7hf3JzDj_RsTAovFWGoPml6rAGCEYpi63W2Sj4n6EcQJ9mGU4qTM-g5kTnWck=

Request Chain 52

https://imcod.net/b2/l/i/icon?asid=3288688236eBytDkMq&cid=1&did=fE1tRHM&eid=10592&n=b43ee62f8b15fa33f4ddf60c&nid=1&sid=teqc2gxj23xLhX61Bspj3Yt%2B3KW7Rga51yiMkIREDTx5qb62DgDkQtypIQ5gC566lSsLYS4JAAxk7tk7TdjLrv16Fm9pf84TlTZKujnYAMmLRd9ebsOMcwOEk28wfj79r6rq63D13KCfgiky3cw%2BISWSO41UNt8HccCfI4xSQDUirEAylZHSV4QOkKF3Ejoj9Gy01iEkRBWXd7aQ7xEc3iKRfO%2FLug72tLfYOYJL1ZP2fYibFwBWLNK2zWQ2jtgrOdkEiCjYsjbAqySEtCGmjqOx%2FBn82b4EzIW%2B9j96NrNTJCUk7RJITydisKjkHJsBYPw2WF3Mrnu06hXI2wFcMkxf6AHEiiAWRDFNnS%2FzdL2adDz2%2BZgrtKmHM1tIYj0f7oLIyDDQ8UYi485WP7zgXZReycZRtqBZRvVjf5PU1cZQFGCuNAxrJhuOHpHNCF3ef%2Fes5KiBKBhemyUFV73%2FTNPc1t2aKuBHmelyc3iJCk5BmvQpn9inaJ0vILx1T%2FAldz%2BNGX%2BP74ApoE4Pj23ggKC7Un682BqvuJghD%2BXcubFBTSRYk85Tov5jTK38RnkNN4hQXMtuDJHgGz0x7l0eYPA3A1n6t2K6BgZZTlS6%2BnDVM8XLYzgzbATMFUVSTW62mwjMcYCJ6yJj0BDo5WQHwezDNicLjPCE%2Fg7A%2Bp7%2F8eWBz0FR0BlVa%2BJHAvOfVRxsnwzYu3mBPKkHutXlB1kFycYZ0P9UinI8nQzsGBi68qlgZgZw%2BnxfIarGlGiUnfP7e2kuNQbhC%2FNElpV0dAnR81eHQy%2FIg17HkDUMBwqeB4zgSUGRVBJnZ%2BOq2aagOh5pkLtTyyGGrkg4aRv7wVBIFxh1sry1kHiGjRWuIKvdyEBpJFyzRj3AvPv4JxOUAAJ7%2FOCCknlQgLTSncATgbXzt2dt1dt1IDqCjCvrqtSpbL4SdeSH3TiOYT32RMq9FCpeMU%2B%2B12GhCxnRDUl7G0psyLrdOI2%2BeLvXJbkOGc4j%2F6KXs4fuMU1j0qSiyT%2BrwRtlI2Kzw33q1JGB5ehTfokiaM%2FM%2B2oHIMl91nhhsU21NJdJuLejKFuKNrMxt7x%2BHIXKgdZ4unQETWwrEBXk7ki8Klt3FWHVHcQFiHBW9DnlIsOX4RiqmWYxbWVgXnKS2cB3OapIJABtCKZcRVeXdhBBVHqnpUmdO9I1i13VPbmzYLA9jxhkZq2%2FGHpad2%2FEA4ugm4jNpN5VAtNn%2BO0d6j%2FFqKgOx9wT5XOcV4n0zcUCKqHpjAIfBJpkFrXiYTn9Cl86ZjZ4K5o5MrZLSLmgze4MjE3a6gLhGPNUZagrgPAVfeSx9uT5uqbKWEu69BBu4nOxYrct1rA0Ep2bIW3zbpKabxT8AdGJPdN4fVLvSRoi0zvb9ryPSsBcfQbvaRNdR4ZI%2BgI0kPjrP6Qh3CJ0fbY9IlPWAfXeO2EHgxp%2BN5hCAzXWxii3XurWebHsNaa8060zGbt69nom9Yt794JLgWXJsHCTpiQ%2FHgR85lBKfaHQB23B36aAlvObLSAKlXEx9MPbVnyyQZrhmwKGByzgOJSARJwk2GDpUYZY4p07s9A%2BHfVeUJKoM9asHgVGQQo1e0g50%2FugqcwTZoCsJ0HNNDbCj7pipKWeY%2F2MngLgtoNUktGI8UbxxofQ%2BEywibwMaoNu8c3kccJquJn47fHHQVIUQs48W%2F%2BuGIOFXcOIUavhOIyXTLeaTVhNoDD03WYyh5BEmJzH8XUATU91yyzszkL60P1U3fYnThFURzGMFNxsoxeGyEv2yGKTnHg%2Bnj4jvfP%2F75OVGzmf6dZYcaeKs%2BzFlfhceLLJApGZhFWCrKR1LHnzrEz%2BeEsUuYo8AJxHirNMoeRG54q3hSynxTuJbso%2FVNqCzHmqTre3Cw3rDEJXm3Frgfs6ishRJaXZJoYl7qt%2FLHDl4lGtUiXfpX8Y49umKFQloT26QTcYfVAamXGObKKUYFztRiDpl%2F4Ud231n39devlzrs0aPR8Q5ysfGWnWZ%2FNt07NTBqqTjSQk2nTIiLlmiBJu5SYqnEMZ6MrD8ewOd4X%2BVXNaEbo&ssid=3288688236eBytDkMq&ts=1711304564&ttl=7200&v=v5.11.2 HTTP 302
https://img.cdn.house/i/1/RQ0KxWvcNABMfBHrTPNiQ9B8RyJ0ZnEZFhZRAyDznuUlBGiroXh8yvizhw7i8PqYw8tl8yy1Czv9YaBJeKBfaaxVzEpCeC8UpToUuWcAayM63iojLeIFCXDND8nhmKZPyucZm4KU4GZNAVQCcFd9jogVWG0aykudvUuPRQF_aQYw3zPQULOa3HR7qvaRbmY=

55 HTTP transactions
-1 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1

200
OK

Primary Request / Show response
link.uhc.fr.nf/
Redirect Chain

http://www.link.uhc.fr.nf/
https://link.uhc.fr.nf/

7 KB
3 KB

356ms
262ms

Document
text/html

45.87.41.89
SPECTRAIP Spectra...

General

Check archive.org

Show headers Download Go to

Full URL: https://link.uhc.fr.nf/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 45.87.41.89 Groningen, Netherlands, ASN62068 (SPECTRAIP SpectraIP B.V., NL),
Reverse DNS: static.45-87-41-89.spectraip.net
Software: nginx /
Resource Hash: 3f66bdcd6040eabbf557be6bdf019ed229ca76b8d4320eb10f4a6d88a0aa8f3a

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36
accept-language: fr-FR,fr;q=0.9

Response headers

Cache-Control: no-store, no-cache, must-revalidate
Content-Encoding: gzip
Content-Type: text/html; charset=UTF-8
Date: Sun, 24 Mar 2024 18:22:42 GMT
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Pragma: no-cache
Server: nginx
Transfer-Encoding: chunked
Vary: Accept-Encoding

Redirect headers

Connection: keep-alive
Content-Length: 0
Content-Type: text/html; charset=UTF-8
Date: Sun, 24 Mar 2024 18:22:41 GMT
Location: https://link.uhc.fr.nf/
Server: nginx

GET
H2 200 jquery.min.js Show response
ajax.googleapis.com/ajax/libs/jquery/3.3.1/ 85 KB
30 KB 97ms
30ms Script
text/javascript 2a00:1450:4001:831::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ajax.googleapis.com/ajax/libs/jquery/3.3.1/jquery.min.js

Requested by

Host: link.uhc.fr.nf
URL: https://link.uhc.fr.nf/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

160a426ff2894252cd7cebbdd6d6b7da8fcd319c65b70468f10b6690c45d02ef

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://link.uhc.fr.nf/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Sun, 24 Mar 2024 10:14:03 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 29319
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 30399
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 19:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="hosted-libraries-pushers"
vary: Accept-Encoding
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges: bytes
timing-allow-origin: *
expires: Mon, 24 Mar 2025 10:14:03 GMT

GET
H2 200 font-awesome.min.css
maxcdn.bootstrapcdn.com/font-awesome/4.5.0/css/ 27 KB
6 KB 82ms
35ms Stylesheet
text/css 2606:4700::6812:acf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://maxcdn.bootstrapcdn.com/font-awesome/4.5.0/css/font-awesome.min.css

Requested by

Host: link.uhc.fr.nf
URL: https://link.uhc.fr.nf/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:acf , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ddd92f10ad162c7449eff0acaf40598c05b1111739587edb75e5326b6697c5d5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://link.uhc.fr.nf/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Sun, 24 Mar 2024 18:22:42 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: br
cdn-edgestorageid: 1187
age: 1118297
cdn-cachedat: 11/26/2023 18:55:32
cdn-pullzone: 252412
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
last-modified: Mon, 25 Jan 2021 22:04:54 GMT
cdn-proxyver: 1.04
cdn-requestpullcode: 200
server: cloudflare
etag: W/"4fbd15cb6047af93373f4f895639c8bf"
vary: Accept-Encoding
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cdn-cache: HIT
cdn-uid: b1941f61-b576-4f40-80de-5677acb38f74
cache-control: public, max-age=31919000
cdn-requestid: f72c912a91eac1cb82014249d0b7d811
timing-allow-origin: *
cdn-requestcountrycode: FR
cdn-status: 200
cf-ray: 8698b02a4b6f2a14-CDG
cdn-requestpullsuccess: True

GET
H2 200 font-awesome.min.css
cdnjs.cloudflare.com/ajax/libs/font-awesome/4.7.0/css/ 30 KB
6 KB 75ms
30ms Stylesheet
text/css 2606:4700::6811:180e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/font-awesome/4.7.0/css/font-awesome.min.css

Requested by

Host: link.uhc.fr.nf
URL: https://link.uhc.fr.nf/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:180e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

799aeb25cc0373fdee0e1b1db7ad6c2f6a0e058dfadaa3379689f583213190bd

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://link.uhc.fr.nf/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Sun, 24 Mar 2024 18:22:42 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
age: 145234
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 5631
last-modified: Mon, 04 May 2020 16:10:07 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb03e5f-7918"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=bjLt%2Bo12IDEDVrhZZ3nrqUf8X2iZ5vW5L0rUR7De7e%2BpwjjlkeSCcN6vzPShqOqb7zueHCBIRpodF8G%2FK6Ly%2FOgkwEv9R6Dl%2Fwh1HgVCfaLd0gQf6qE%2FmuC%2FvDQmfVeRBrMU737%2F4PHusKrPwWad9tOQ"}],"group":"cf-nel","max_age":604800}
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 8698b02a3e5c6f1a-CDG
expires: Fri, 14 Mar 2025 18:22:42 GMT

GET
H2 200 bootstrap.min.css
maxcdn.bootstrapcdn.com/bootstrap/3.4.1/css/ 119 KB
20 KB 80ms
33ms Stylesheet
text/css 2606:4700::6812:acf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://maxcdn.bootstrapcdn.com/bootstrap/3.4.1/css/bootstrap.min.css

Requested by

Host: link.uhc.fr.nf
URL: https://link.uhc.fr.nf/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:acf , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

6d92dfc1700fd38cd130ad818e23bc8aef697f815b2ea5face2b5dfad22f2e11

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://link.uhc.fr.nf/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Sun, 24 Mar 2024 18:22:42 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: br
cdn-edgestorageid: 1074
age: 1130650
cdn-cachedat: 10/31/2023 20:14:24
cdn-pullzone: 252412
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
last-modified: Mon, 25 Jan 2021 22:04:00 GMT
cdn-proxyver: 1.04
cdn-requestpullcode: 200
server: cloudflare
etag: W/"7f89537eaf606bff49f5cc1a7c24dbca"
vary: Accept-Encoding
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cdn-cache: HIT
cdn-uid: b1941f61-b576-4f40-80de-5677acb38f74
cache-control: public, max-age=31919000
cdn-requestid: dae22ca512c47a2f5ffdb5a789e9f414
timing-allow-origin: *
cdn-requestcountrycode: FR
cdn-status: 200
cf-ray: 8698b02a4b712a14-CDG
cdn-requestpullsuccess: True

GET
H2 200 style.css
fastcdn.jdi5.com/css/allahrakkha.wapkiz.com/ 6 KB
2 KB 91ms
31ms Stylesheet
text/css 2606:4700:3030::6815:b3d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://fastcdn.jdi5.com/css/allahrakkha.wapkiz.com/style.css
Requested by: Host: link.uhc.fr.nf
URL: https://link.uhc.fr.nf/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3030::6815:b3d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PHP/7.4.33
Resource Hash: 74e97309e0e48fab9313ec0892d90ed8c9aa859d25e131f186e49d66e016690e

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://link.uhc.fr.nf/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Sun, 24 Mar 2024 18:22:42 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 50539
cf-polished: origSize=5883
x-powered-by: PHP/7.4.33
alt-svc: h3=":443"; ma=86400
cf-bgj: minify
last-modified: Sun, 24 Mar 2024 04:20:23 GMT
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=4i%2BS9wcfqqEZIc0HKGz0SMb%2BCcTK3D%2FcuFmDgMJxk26ctkNgpP8Z8eecOtKCl1viDC3Chb%2Fh4%2BD0afF1C1HsvqMc3E%2ByF%2B8OSAuIVxJCm89HuXK1e8R4dki1FMR8xq5T72onRqjy2G60QB4w6pCS"}],"group":"cf-nel","max_age":604800}
content-type: text/css;charset=UTF-8
access-control-allow-origin: *
cache-control: max-age=2678400
cf-ray: 8698b02a5e3cd34b-CDG

GET
H2 200 online.js Show response
counter.jdi5.com/ 3 KB
2 KB 94ms
34ms Script
application/javascript 2606:4700:3030::6815:b3d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://counter.jdi5.com/online.js
Requested by: Host: link.uhc.fr.nf
URL: https://link.uhc.fr.nf/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3030::6815:b3d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 024567767cf06d1279bc0c4fa98581bf8ece442aef4700cd19e8eb3b4a9d522a

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://link.uhc.fr.nf/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Sun, 24 Mar 2024 18:22:42 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 634834
cf-polished: origSize=4470
alt-svc: h3=":443"; ma=86400
cf-bgj: minify
last-modified: Fri, 07 Oct 2022 16:12:30 GMT
server: cloudflare
etag: W/"63404fee-1176"
vary: Accept-Encoding, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=yxNIPlefJDd7DVYYVYxAs3mQhARxhTwrCtvsJofuzJ%2F2tONgF6ms8ziPDMiiNWX2iQU4INcnoVlzVIrJXSyzXcOFbVdGtDOwPN6ulVablMteBRSoOzaLVUmH87vjvnZRpmsme1Kyy5FAQk4g2qUI"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=43200
cf-ray: 8698b02a5e016ee4-CDG
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 293 KB
98 KB 106ms
40ms Script
application/javascript 2a00:1450:4001:831::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-P0LJR3FHEL

Requested by

Host: link.uhc.fr.nf
URL: https://link.uhc.fr.nf/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

08b44ec0129ac544b69db7dd0f064261099dbfdf4f46925d0c2e4ec57997c49b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://link.uhc.fr.nf/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Sun, 24 Mar 2024 18:22:42 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 100224
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Sun, 24 Mar 2024 18:22:42 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 52 KB
21 KB 95ms
29ms Script
text/javascript 2a00:1450:4001:809::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: counter.jdi5.com
URL: https://counter.jdi5.com/online.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://link.uhc.fr.nf/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Sun, 24 Mar 2024 17:38:42 GMT
last-modified: Tue, 12 Dec 2023 18:09:08 GMT
server: Golfe2
age: 2640
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20994
expires: Sun, 24 Mar 2024 19:38:42 GMT

GET
H2 200 fc.php Show response
counter.jdi5.com/ 49 B
565 B 43ms
42ms Script
application/x-javascript 2606:4700:3030::6815:b3d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://counter.jdi5.com/fc.php?id=89cdaf32668c1107df49efe9230d6518&ua=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F122.0.6261.128%20Safari%2F537.36&ref=&pn=https%3A%2F%2Flink.uhc.fr.nf%2F&wh=1600x1200&rand=100

Requested by

Host: counter.jdi5.com
URL: https://counter.jdi5.com/online.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3030::6815:b3d , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

51c6a5046513f0ee347242b4ceefaf3170927af9ee6e691768a2aa281da3982f

Security Headers

Name	Value
X-Xss-Protection	1; mode=block

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://link.uhc.fr.nf/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Sun, 24 Mar 2024 18:22:42 GMT
content-encoding: gzip
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=xtLggsIT0%2BGpK3wgn6qguU8QGGtE5flT3HKti%2Fa5geZ64%2BLn%2FGzgUWuBbBOBfpZRzY3jitQztl6IWWKB4LPWhBGLGgRtA94MyL8EFt0PuRnXmhPjzexGs%2FEJsdTO4Yo0xGAd8RGfTGEQdi09GI%2FH"}],"group":"cf-nel","max_age":604800}
content-type: application/x-javascript
cache-control: max-age=2592000
cf-ray: 8698b02ade796ee4-CDG
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
expires: Tue, 23 Apr 2024 18:22:42 GMT

GET
H2

200

submit.php Show response
www1.btc747.xyz/ Frame A369
Redirect Chain

https://tinyfast.xyz/red2.php?rand=zH23fc50bede941d0251e3034aa3a3f5d7&id=27
https://www1.btc747.xyz/submit.php

357 B
634 B

336ms
246ms

Document
text/html

2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www1.btc747.xyz/submit.php
Requested by: Host: link.uhc.fr.nf
URL: https://link.uhc.fr.nf/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PHP/7.4.33
Resource Hash: 5204b2513f54f975e4446c5a4228ed8393dcbb5e509f473e85277d11fb9ccd44

Request headers

Referer: https://link.uhc.fr.nf/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36
accept-language: fr-FR,fr;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 8698b02c0ed62a79-CDG
content-encoding: br
content-type: text/html; charset=UTF-8
date: Sun, 24 Mar 2024 18:22:42 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=AqWY0sjoAufNLnIHM8x9POElNiY17Nd6mL58EVps4VynS871Yv52kqx%2BLgKFvoOajAgxKggxU%2B4wZEaCGEiqPsucs99GkPd4VfGqY6km4X2ejm9RRx8xOhxw1q8JG99vB18mj12IP%2FC8Lzn%2BHUc%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
x-powered-by: PHP/7.4.33

Redirect headers

alt-svc: h3=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 8698b02b3a5e2a04-CDG
content-type: text/html; charset=UTF-8
date: Sun, 24 Mar 2024 18:22:42 GMT
location: https://www1.btc747.xyz/submit.php
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=4SEKNts5Ibb3pOWuAnlwsmLJiRpicdm0huUvf9OiHcz%2FLwNf9loPYUITc69CPeQ1r5SWvImsFTNCO0jWbSA8CGSK6%2BDmh8n4aUwETL619muMA8BQGP0K%2Ben65r2mS%2Fdz6FDjI0oqqShwHGE%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
x-powered-by: PHP/7.4.33

GET
H3 200 fontawesome-webfont.woff2
cdnjs.cloudflare.com/ajax/libs/font-awesome/4.7.0/fonts/ 75 KB
76 KB 54ms
30ms Font
application/octet-stream 2606:4700::6811:180e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/font-awesome/4.7.0/fonts/fontawesome-webfont.woff2?v=4.7.0

Requested by

Host: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/font-awesome/4.7.0/css/font-awesome.min.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6811:180e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

Referer: https://cdnjs.cloudflare.com/ajax/libs/font-awesome/4.7.0/css/font-awesome.min.css
Origin: https://link.uhc.fr.nf
accept-language: fr-FR,fr;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Sun, 24 Mar 2024 18:22:42 GMT
strict-transport-security: max-age=15780000
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 146376
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 77160
last-modified: Mon, 04 May 2020 16:10:07 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb03e5f-12d68"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=BDvUYsXW25sYciD0JFVIQepomHnTzbnHlAbethVMHLfCnETqEjAbB6P4Ly20giwFtzP4En%2BmKXRLG9va7SnhvTmJ5gSqkDR2JrbQsI6pyDcta7rD0agoDz1iqdmrrIKJGW1Oep%2F4cakJsOQ%2B69o3TmWX"}],"group":"cf-nel","max_age":604800}
content-type: application/octet-stream; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 8698b02afca600d4-CDG
expires: Fri, 14 Mar 2025 18:22:42 GMT

GET
H2 200 EF0808.png
imgcdn1.jdi5.com/img/ 133 B
511 B 41ms
32ms Image
image/png 2606:4700:3030::6815:b3d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://imgcdn1.jdi5.com/img/EF0808.png
Requested by: Host: link.uhc.fr.nf
URL: https://link.uhc.fr.nf/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3030::6815:b3d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PHP/5.6.40
Resource Hash: 94f541dbfdef1a8128c164c852a4d6e5e28c1802806c015d2039f1380cae9ce1

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://link.uhc.fr.nf/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Sun, 24 Mar 2024 18:22:42 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1118291
x-powered-by: PHP/5.6.40
alt-svc: h3=":443"; ma=86400
content-length: 133
last-modified: Mon, 11 Mar 2024 19:44:31 GMT
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=WleIb7tI71XNHtm2Bl6yIyRdc32HZPsWuRpuUHbkxcT1FH72IUiWFwXAhNY7kF2FSk5xAtd323T04svaVPfPlf8uoPKkUzkP0rABecNVDkJGtHpXoHz2xWyGuB8okHjmK1TpB92ZkU3Dtis44YBO"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 8698b02b2ec46ee4-CDG
expires: Tue, 11 Mar 2025 19:44:31 GMT

POST
H2 200 collect Show response
www.google-analytics.com/j/ 16 B
222 B 37ms
36ms XHR
text/plain 2a00:1450:4001:809::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j101&a=2134009706&t=pageview&_s=1&dl=https%3A%2F%2Flink.uhc.fr.nf%2F&ul=en-us&de=UTF-8&dt=link.uhc.fr.nf&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=IEBAAEABAAAAACAAI~&jid=596397408&gjid=687624424&cid=714948470.1711304562&tid=UA-46789381-10&_gid=1624083910.1711304562&_r=1&_slc=1&z=1517818206

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

549f8289905f59c82a3d55643d6f2868f3589a4ff2b067ad9f8c830daff502cb

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://link.uhc.fr.nf/
accept-language: fr-FR,fr;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Sun, 24 Mar 2024 18:22:42 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://link.uhc.fr.nf
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 16
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 184 KB
67 KB 40ms
39ms Script
application/javascript 2a00:1450:4001:831::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=UA-46789381-60&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-P0LJR3FHEL

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

11c91ace83e71ab94baad8cfe9ecda80f4249df8aa7361edce0455fa7bc32b0d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://link.uhc.fr.nf/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Sun, 24 Mar 2024 18:22:42 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 68684
x-xss-protection: 0
last-modified: Sun, 24 Mar 2024 18:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Sun, 24 Mar 2024 18:22:42 GMT

POST
H2 204 collect
region1.google-analytics.com/g/ 0
245 B 77ms
28ms Ping
text/plain 2001:4860:4802:32::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.google-analytics.com/g/collect?v=2&tid=G-P0LJR3FHEL&gtm=45je43k0v867598820za200&_p=1711304562363&gcd=13l3l3l2l1&npa=1&dma_cps=sypham&dma=1&cid=714948470.1711304562&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&pscdl=noapi&_s=1&sid=1711304562&sct=1&seg=0&dl=https%3A%2F%2Flink.uhc.fr.nf%2F&dt=link.uhc.fr.nf&en=page_view&_fv=1&_ss=1&_ee=1&tfd=807
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-P0LJR3FHEL
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://link.uhc.fr.nf/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 24 Mar 2024 18:22:42 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://link.uhc.fr.nf
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 4 B
349 B 80ms
27ms XHR
text/plain 2a00:1450:400c:c00::9c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j101&tid=UA-46789381-10&cid=714948470.1711304562&jid=596397408&gjid=687624424&_gid=1624083910.1711304562&_u=IEBAAEAAAAAAACAAI~&z=1215738501

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c00::9c Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

533036bd37d4d87bd4e3cad3010f2a29d00f24ffc34bb5b22598951c44d91452

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://link.uhc.fr.nf/
accept-language: fr-FR,fr;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
date: Sun, 24 Mar 2024 18:22:42 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://link.uhc.fr.nf
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 296 KB
100 KB 46ms
46ms Script
application/javascript 2a00:1450:4001:831::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-HYY21FHH92&cx=c&_slc=1

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

ee9b7a645251dfb78db9a580492090b4bd602eeccbb2f3f32ccd4d97add8d60d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://link.uhc.fr.nf/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Sun, 24 Mar 2024 18:22:42 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 101779
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Sun, 24 Mar 2024 18:22:42 GMT

POST
H2 204 collect
region1.google-analytics.com/g/ 0
45 B 72ms
29ms Ping
text/plain 2001:4860:4802:32::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.google-analytics.com/g/collect?v=2&tid=G-P0LJR3FHEL&gtm=45je43k0v867598820za200&_p=1711304562363&gcd=13l3l3l2l1&npa=1&dma_cps=sypham&dma=1&cid=714948470.1711304562&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&pscdl=noapi&_s=2&sid=1711304562&sct=1&seg=0&dl=https%3A%2F%2Flink.uhc.fr.nf%2F&dt=link.uhc.fr.nf&en=link.uhc.fr.nf&_ee=1&ep.event_category=link.uhc.fr.nf&ep.event_label=link.uhc.fr.nf&_et=1&tfd=812
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-P0LJR3FHEL
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://link.uhc.fr.nf/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 24 Mar 2024 18:22:42 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://link.uhc.fr.nf
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 200 collect Show response
www.google-analytics.com/j/ 1 B
21 B 37ms
37ms XHR
text/plain 2a00:1450:4001:809::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j101&a=2134009706&t=pageview&_s=1&dl=https%3A%2F%2Flink.uhc.fr.nf%2F&ul=en-us&de=UTF-8&dt=link.uhc.fr.nf&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=aEDAAUABAAAAACAAI~&jid=1469300613&gjid=404139756&cid=714948470.1711304562&tid=UA-46789381-60&_gid=1624083910.1711304562&_r=1&gtm=457e43k0z8867598820za200&gcd=13l3l3l2l1&dma_cps=sypham&dma=1&jsscut=1&npa=1&z=2000809418

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://link.uhc.fr.nf/
accept-language: fr-FR,fr;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Sun, 24 Mar 2024 18:22:42 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://link.uhc.fr.nf
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 collect
www.google-analytics.com/ 35 B
55 B 30ms
30ms Image
image/gif 2a00:1450:4001:809::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j101&a=2134009706&t=event&_s=2&dl=https%3A%2F%2Flink.uhc.fr.nf%2F&ul=en-us&de=UTF-8&dt=link.uhc.fr.nf&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=link.uhc.fr.nf&ea=link.uhc.fr.nf&el=link.uhc.fr.nf&_u=aEDAAUABAAAAACAAI~&jid=&gjid=&cid=714948470.1711304562&tid=UA-46789381-60&_gid=1624083910.1711304562&gtm=457e43k0za200&gcd=13l3l3l2l1&dma_cps=sypham&dma=1&jsscut=1&cg1=link.uhc.fr.nf&npa=1&z=6734099

Requested by

Host: link.uhc.fr.nf
URL: https://link.uhc.fr.nf/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://link.uhc.fr.nf/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 24 Mar 2024 07:52:05 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 37837
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

POST
H2 204 collect
region1.analytics.google.com/g/ 0
45 B 33ms
32ms Ping
text/plain 2001:4860:4802:32::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.analytics.google.com/g/collect?v=2&tid=G-HYY21FHH92&gtm=45je43k0v9128476500za200&_p=1711304562363&_gaz=1&gcd=13l3l3l2l2&npa=0&dma_cps=sypham&dma=1&ul=en-us&sr=1600x1200&cid=714948470.1711304562&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&pscdl=noapi&_eu=ABAI&_s=1&dl=https%3A%2F%2Flink.uhc.fr.nf%2F&dt=link.uhc.fr.nf&sid=1711304562&sct=1&seg=0&en=page_view&_fv=1&_ss=1&_ee=1&tfd=899
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-HYY21FHH92&cx=c&_slc=1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://link.uhc.fr.nf/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 24 Mar 2024 18:22:42 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://link.uhc.fr.nf
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 collect
stats.g.doubleclick.net/g/ 0
47 B 27ms
26ms Ping
text/plain 2a00:1450:400c:c00::9c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://stats.g.doubleclick.net/g/collect?v=2&tid=G-HYY21FHH92&cid=714948470.1711304562&gtm=45je43k0v9128476500za200&aip=1&dma=1&dma_cps=sypham&gcd=13l3l3l2l2&npa=0
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-HYY21FHH92&cx=c&_slc=1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:400c:c00::9c Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://link.uhc.fr.nf/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 24 Mar 2024 18:22:42 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://link.uhc.fr.nf
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.fr/ads/ 42 B
107 B 123ms
56ms Image
image/gif 2a00:1450:4001:806::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.fr/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-HYY21FHH92&cid=714948470.1711304562&gtm=45je43k0v9128476500za200&aip=1&dma=1&dma_cps=sypham&gcd=13l3l3l2l2&npa=0&z=34765823

Requested by

Host: link.uhc.fr.nf
URL: https://link.uhc.fr.nf/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://link.uhc.fr.nf/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 24 Mar 2024 18:22:42 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.com/ads/ 42 B
408 B 127ms
60ms Image
image/gif 2a00:1450:4001:808::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j101&tid=UA-46789381-10&cid=714948470.1711304562&jid=596397408&_u=IEBAAEAAAAAAACAAI~&z=1865446431

Requested by

Host: link.uhc.fr.nf
URL: https://link.uhc.fr.nf/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://link.uhc.fr.nf/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 24 Mar 2024 18:22:42 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.fr/ads/ 42 B
408 B 119ms
55ms Image
image/gif 2a00:1450:4001:806::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.fr/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j101&tid=UA-46789381-10&cid=714948470.1711304562&jid=596397408&_u=IEBAAEAAAAAAACAAI~&z=1865446431

Requested by

Host: link.uhc.fr.nf
URL: https://link.uhc.fr.nf/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://link.uhc.fr.nf/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 24 Mar 2024 18:22:42 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 / Show response
www1.btc747.xyz/ Frame A369 388 B
558 B 43ms
43ms Document
text/html 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www1.btc747.xyz/
Requested by: Host: link.uhc.fr.nf
URL: https://link.uhc.fr.nf/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PHP/7.4.33
Resource Hash: c3113877222cc83f76221d4f7cd05d6e48ebe7b41a8e07f727a1d5e925afa6b3

Request headers

Content-Type: application/x-www-form-urlencoded
Origin: https://www1.btc747.xyz
Referer: https://www1.btc747.xyz/submit.php
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36
accept-language: fr-FR,fr;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 8698b02da8f72a79-CDG
content-encoding: br
content-type: text/html; charset=UTF-8
date: Sun, 24 Mar 2024 18:22:42 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=AQcOAG%2BXuA7E0UNMCFy4nU%2B42wW%2FQdc8TarJVjaLi7VhIP6smFx3hj2kOLTzG72RIXBR10qXZNlHtlXOC3O9a1Z2NSoRp18LuGViTf6tMVi5iZeaxlX1L5k3ih4A16CZq2KauJ0woPo1R%2FXuZmc%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
x-powered-by: PHP/7.4.33

POST
H3 200 joe-biden-met-with-wes-edens-and-doc.html Show response
www1.btc747.xyz/2024/03/ Frame A369 4 KB
2 KB 43ms
43ms Document
text/html 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www1.btc747.xyz/2024/03/joe-biden-met-with-wes-edens-and-doc.html
Requested by: Host: link.uhc.fr.nf
URL: https://link.uhc.fr.nf/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PHP/7.4.33
Resource Hash: 20cb585371c2cc6379beec5badae09e709e714f446db521107f45c1d2b61f1ca

Request headers

Content-Type: application/x-www-form-urlencoded
Origin: https://www1.btc747.xyz
Referer: https://www1.btc747.xyz/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36
accept-language: fr-FR,fr;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 8698b02dfa86014f-CDG
content-encoding: br
content-type: text/html; charset=UTF-8
date: Sun, 24 Mar 2024 18:22:42 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=bLCOB22SsRosQecMJ2K0sw2QKAArJphPT9f%2BGDoYWl84zxonmkrCNi%2BUuyi9%2B3FWcB2o%2F0DxytEQuNVDkvGks4Ewpi%2BAY0YEle3giMerBLloMqfsAorr3Nmt%2BKVPANH4%2BlSuOpMxKzHhwlcFDPE%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
x-powered-by: PHP/7.4.33

GET
H3 200 js Show response
www.googletagmanager.com/gtag/ Frame A369 196 KB
71 KB 45ms
44ms Script
application/javascript 2a00:1450:4001:831::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=UA-46789381-59

Requested by

Host: www1.btc747.xyz
URL: https://www1.btc747.xyz/2024/03/joe-biden-met-with-wes-edens-and-doc.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

7cb70dc7c45adf4f56a8c6d6665667b551969d3a89f40a16b1668d7145452f33

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://www1.btc747.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Sun, 24 Mar 2024 18:22:42 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 72831
x-xss-protection: 0
last-modified: Sun, 24 Mar 2024 18:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Sun, 24 Mar 2024 18:22:42 GMT

GET
H2 200 waWQiOjEwNTEyMDUsInNpZCI6MTIyNDAxNiwid2lkIjo0NjUwNTMsInNyYyI6Mn0=eyJ.js Show response
nwwais.com/pw/ Frame A369 66 KB
25 KB 91ms
33ms Script
application/javascript 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://nwwais.com/pw/waWQiOjEwNTEyMDUsInNpZCI6MTIyNDAxNiwid2lkIjo0NjUwNTMsInNyYyI6Mn0=eyJ.js
Requested by: Host: www1.btc747.xyz
URL: https://www1.btc747.xyz/2024/03/joe-biden-met-with-wes-edens-and-doc.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d47abc16c25a872cdb6e2494db0b9a8f4ce5edaa585bc5f4e6eb704c6f3ca019

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://www1.btc747.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Sun, 24 Mar 2024 18:22:42 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Sun, 24 Mar 2024 17:49:10 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
e-tag: d52f59a7db87abd19a873a74591150b6
age: 2012
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=ZaC9Zv5kcyeIwhiz1KTexthAeqvG1SWQZkA6vZWO1q1jrhIViZLybYYWVqU586Fj6RP3JfUc8svDJA2uFmdqHEsaF3AWwgEISbI5tJnmZQQVqgo9azGas9YYC%2FlT15KsHqxZxB1UuG7m"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: https://aino.sbs
cache-control: max-age=14400
cf-ray: 8698b02eab976f84-CDG
alt-svc: h3=":443"; ma=86400

GET
H/1.1 200
OK asyncjs.php Show response
greenfox.ink/d/ Frame A369 4 KB
5 KB 89ms
26ms Script
text/javascript 5.45.74.150
SCALAXY-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://greenfox.ink/d/asyncjs.php
Requested by: Host: www1.btc747.xyz
URL: https://www1.btc747.xyz/2024/03/joe-biden-met-with-wes-edens-and-doc.html
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 5.45.74.150 Dronten, Netherlands, ASN58061 (SCALAXY-AS, LV),
Reverse DNS: zmta28.corpresponse.com
Software: nginx/1.22.1 / PHP/8.0.30
Resource Hash: aad5623efaae82ad301a146d1437b18fff9885db2a872538bc5f885a7632fb89

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://www1.btc747.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

Date: Sun, 24 Mar 2024 18:22:42 GMT
Server: nginx/1.22.1
X-Powered-By: PHP/8.0.30
ETag: 1d63e790351363d29b61f9cf59b98fad
Transfer-Encoding: chunked
Content-Type: text/javascript;charset=UTF-8
P3P: CP="CUR ADM OUR NOR STA NID"
Cache-Control: private, max-age=3600
Connection: keep-alive
Expire: Sun, 24 Mar 2024 19:22:42 GMT

GET
H2 200 submit.php Show response
1337x1.wb4.xyz/ Frame D0CD 1 KB
951 B 99ms
41ms Document
text/html 2606:4700:3035::ac43:8726
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://1337x1.wb4.xyz/submit.php
Requested by: Host: www1.btc747.xyz
URL: https://www1.btc747.xyz/2024/03/joe-biden-met-with-wes-edens-and-doc.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3035::ac43:8726 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PHP/7.4.33
Resource Hash: 99262cf14b9cc66dc28995a10253b7025649240b73a10bbc57f8d0cfd471bf56

Request headers

Referer: https://www1.btc747.xyz/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36
accept-language: fr-FR,fr;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 8698b02eab9ed598-CDG
content-encoding: br
content-type: text/html; charset=UTF-8
date: Sun, 24 Mar 2024 18:22:43 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=cntonD3aE7azZ02%2FXq8ei%2F11itPABAXIq5MEZlKAC8SkRM2tt9X09Vn%2F5ThQQB1WEFfIIXaAOk%2BNu%2Fs3Sk%2FnYwea4bBiDTfGL7MBy54Ro7mC6zxP%2F4vFuL5amTnWHdcV2DWozyH7VkeMnw4DUQ%3D%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
x-powered-by: PHP/7.4.33

GET
H3 200 js Show response
www.googletagmanager.com/gtag/ Frame A369 240 KB
85 KB 48ms
48ms Script
application/javascript 2a00:1450:4001:831::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-4SD8J57M3L&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-46789381-59

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

3e63db8de63b14e33363603338ff95a3fd148c3fb167263969d51c54fdcd6164

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://www1.btc747.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Sun, 24 Mar 2024 18:22:43 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 87340
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Sun, 24 Mar 2024 18:22:43 GMT

GET
H3 200 analytics.js Show response
www.google-analytics.com/ Frame A369 52 KB
21 KB 31ms
30ms Script
text/javascript 2a00:1450:4001:809::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-46789381-59

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://www1.btc747.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Sun, 24 Mar 2024 17:38:42 GMT
last-modified: Tue, 12 Dec 2023 18:09:08 GMT
server: Golfe2
age: 2641
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20994
expires: Sun, 24 Mar 2024 19:38:42 GMT

GET
BLOB 200
OK 6bdb4ece-e991-495a-9258-f4d829a1c254
https://www1.btc747.xyz/ Frame A369 91 B
0 Other
application/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://www1.btc747.xyz/6bdb4ece-e991-495a-9258-f4d829a1c254
Requested by: Host: www1.btc747.xyz
URL: https://www1.btc747.xyz/2024/03/joe-biden-met-with-wes-edens-and-doc.html
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 2d054b502d829accd15ff9cb78d1431df1c3ec2c67ca18d4008d2cbc973c6384

Request headers

accept-language: fr-FR,fr;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

Content-Length: 91
Content-Type: application/javascript

POST
H2 200 / Show response
1337x1.wb4.xyz/ Frame D0CD 1 KB
840 B 41ms
41ms Document
text/html 2606:4700:3035::ac43:8726
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://1337x1.wb4.xyz/
Requested by: Host: www1.btc747.xyz
URL: https://www1.btc747.xyz/2024/03/joe-biden-met-with-wes-edens-and-doc.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3035::ac43:8726 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PHP/7.4.33
Resource Hash: 006092c933ff4b473ce50704a96f9956324c12bf67b0c362e932506e94ec257e

Request headers

Content-Type: application/x-www-form-urlencoded
Origin: https://1337x1.wb4.xyz
Referer: https://1337x1.wb4.xyz/submit.php
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36
accept-language: fr-FR,fr;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 8698b02efbdbd598-CDG
content-encoding: br
content-type: text/html; charset=UTF-8
date: Sun, 24 Mar 2024 18:22:43 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=9fYtGeKJHYq4EydzVqlUMhIizhHdaR09K5XMw%2BLZtUsDiOgZcgu4cHXXNZEKHhPV53aw%2BK9KC9TvVBQQUb5dkEBk1L1qmCunE%2BYhzJaTFXg1IhHYAArEdOEwH0l5I2w8dNgcP%2FZLiniH1vSBcg%3D%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
x-powered-by: PHP/7.4.33

GET
H2 200 wnload Show response
tdmrfw.com/ Frame A369 0
157 B 88ms
29ms Fetch
application/javascript 2a02:b4a:1:7::9273:1
ADVANCEDHOSTERS-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://tdmrfw.com/wnload?a=1&e=aeyJwaWQiOjEwNTEyMDUsInNpZCI6MTIyNDAxNiwid2lkIjo0NjUwNTMsImQiOiJhaW5vLnNicyIsImxpIjoyfQ==&tz=1&if=1&u=aHR0cHM6Ly93d3cxLmJ0Yzc0Ny54eXovMjAyNC8wMy9qb2UtYmlkZW4tbWV0LXdpdGgtd2VzLWVkZW5zLWFuZC1kb2MuaHRtbA==&inc=0
Requested by: Host: nwwais.com
URL: https://nwwais.com/pw/waWQiOjEwNTEyMDUsInNpZCI6MTIyNDAxNiwid2lkIjo0NjUwNTMsInNyYyI6Mn0=eyJ.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server: 2a02:b4a:1:7::9273:1 , Netherlands, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software: nginx/1.18.0 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://www1.btc747.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

access-control-allow-origin: *
date: Sun, 24 Mar 2024 18:22:43 GMT
access-control-allow-credentials: true
server: nginx/1.18.0
accept-ch: Sec-CH-UA-Platform-Version
content-length: 0
content-type: application/javascript; charset=utf-8

GET
H2 200 admc
wivyiz.com/ Frame A369 0
0 87ms
27ms Fetch 2a02:b4a:1:7::5647:1
ADVANCEDHOSTERS-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://wivyiz.com/admc?a=2&pid=1051205&sid=1224016&wid=465053&fp=03371f26a11ad10db7f2a96c81045726&f=8&tz=1
Requested by: Host: nwwais.com
URL: https://nwwais.com/pw/waWQiOjEwNTEyMDUsInNpZCI6MTIyNDAxNiwid2lkIjo0NjUwNTMsInNyYyI6Mn0=eyJ.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server: 2a02:b4a:1:7::5647:1 , Netherlands, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software: nginx/1.18.0 /
Resource Hash

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://www1.btc747.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

access-control-allow-origin: https://www1.btc747.xyz
date: Sun, 24 Mar 2024 18:22:43 GMT
access-control-allow-credentials: true
server: nginx/1.18.0
accept-ch: Sec-CH-UA-Platform-Version
content-length: 0

POST
H3 200 nehari-recipe.html Show response
1337x1.wb4.xyz/2019/05/ Frame D0CD 3 KB
2 KB 51ms
51ms Document
text/html 2606:4700:3035::ac43:8726
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://1337x1.wb4.xyz/2019/05/nehari-recipe.html
Requested by: Host: www1.btc747.xyz
URL: https://www1.btc747.xyz/2024/03/joe-biden-met-with-wes-edens-and-doc.html
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3035::ac43:8726 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PHP/7.4.33
Resource Hash: e4d01ebe4df425bffcb612268fcc70b3cb8ecc1bc7bf3097669a818c739d0401

Request headers

Content-Type: application/x-www-form-urlencoded
Origin: https://1337x1.wb4.xyz
Referer: https://1337x1.wb4.xyz/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36
accept-language: fr-FR,fr;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 8698b02f4ffa3ce7-CDG
content-encoding: br
content-type: text/html; charset=UTF-8
date: Sun, 24 Mar 2024 18:22:43 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=mjSgUwYyAdjQb68azC6K8BHA5v9chDH6qqAKcSPvepuDeD3YTmJ8KsKURMz%2B9fHDwoTTGQ3lfwOUepVMEQFR3EzX35Zbc1RMoacOAqTgda8Ml9PtYzvZgozseIkRxL0vz1mDE5DeIO2ch%2F3kyQ%3D%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
x-powered-by: PHP/7.4.33

HEAD
H2 200 adsbygoogle.js
pagead2.googlesyndication.com/pagead/js/ Frame A369 0
0 142ms
74ms Fetch
text/javascript 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Requested by

Host: nwwais.com
URL: https://nwwais.com/pw/waWQiOjEwNTEyMDUsInNpZCI6MTIyNDAxNiwid2lkIjo0NjUwNTMsInNyYyI6Mn0=eyJ.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://www1.btc747.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Sun, 24 Mar 2024 18:22:43 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 51036
x-xss-protection: 0
server: cafe
etag: 9264833250828055067
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
link: <https://googleads.g.doubleclick.net>; rel="preconnect"; crossorigin
expires: Sun, 24 Mar 2024 18:22:43 GMT

GET
H3 200 js Show response
www.googletagmanager.com/gtag/ Frame D0CD 196 KB
71 KB 44ms
44ms Script
application/javascript 2a00:1450:4001:831::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=UA-46789381-49

Requested by

Host: 1337x1.wb4.xyz
URL: https://1337x1.wb4.xyz/2019/05/nehari-recipe.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

03422cce4aa073003846c68a6f4548de16ab9dda1561cde99b07c67e7c989c8a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://1337x1.wb4.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Sun, 24 Mar 2024 18:22:43 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 72887
x-xss-protection: 0
last-modified: Sun, 24 Mar 2024 18:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Sun, 24 Mar 2024 18:22:43 GMT

GET
H3 200 script.js Show response
1337x1.wb4.xyz/ Frame D0CD 90 KB
27 KB 31ms
31ms Script
application/javascript 2606:4700:3035::ac43:8726
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://1337x1.wb4.xyz/script.js?t=202422418
Requested by: Host: 1337x1.wb4.xyz
URL: https://1337x1.wb4.xyz/2019/05/nehari-recipe.html
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3035::ac43:8726 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PHP/7.4.33
Resource Hash: bb81c521c328cf4dce09e15b0f34795e68d447f46a0c4007084689d10b6f20e1

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://1337x1.wb4.xyz/2019/05/nehari-recipe.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Sun, 24 Mar 2024 18:22:43 GMT
content-encoding: br
cf-cache-status: HIT
cf-bgj: minify
last-modified: Sun, 24 Mar 2024 16:57:11 GMT
server: cloudflare
age: 5132
x-powered-by: PHP/7.4.33
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=%2BJr8T2rxzobGFD9dbnO7JAtvjAhjWdFQvru7O99y7%2FnWhwJqnqWIiQgjkqzIPbcKVnEeRyVgu89OKsPYzfXg88L54Ho1ZLaUgj7eW0D3JR8z4tR%2FRqHNO0jPj6Su2KdcF6vBjd4Pykktnk7Sgg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=14400
cf-ray: 8698b02fa8453ce7-CDG
alt-svc: h3=":443"; ma=86400

GET
H3 200 js Show response
www.googletagmanager.com/gtag/ Frame D0CD 240 KB
85 KB 48ms
48ms Script
application/javascript 2a00:1450:4001:831::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-32THDDHNK8&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-46789381-49

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

b5c5759b58eb5ba296d87e33179638c29a7bac5f08b8f72435a83f1661c1431a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://1337x1.wb4.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Sun, 24 Mar 2024 18:22:43 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 87358
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Sun, 24 Mar 2024 18:22:43 GMT

GET
H3 200 analytics.js Show response
www.google-analytics.com/ Frame D0CD 52 KB
21 KB 29ms
29ms Script
text/javascript 2a00:1450:4001:809::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-46789381-49

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://1337x1.wb4.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Sun, 24 Mar 2024 17:38:42 GMT
last-modified: Tue, 12 Dec 2023 18:09:08 GMT
server: Golfe2
age: 2641
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20994
expires: Sun, 24 Mar 2024 19:38:42 GMT

GET
H2 200 abs
ptxhzp.com/ Frame A369 0
0 87ms
26ms Fetch 2a02:b4a:1:7::9274:1
ADVANCEDHOSTERS-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ptxhzp.com/abs?f=8&wid=465053&di=nwwais.com&dl=tdmrfw.com&d=www1.btc747.xyz&lok=1&abf=0
Requested by: Host: nwwais.com
URL: https://nwwais.com/pw/waWQiOjEwNTEyMDUsInNpZCI6MTIyNDAxNiwid2lkIjo0NjUwNTMsInNyYyI6Mn0=eyJ.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server: 2a02:b4a:1:7::9274:1 , Netherlands, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software: nginx/1.18.0 /
Resource Hash

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://www1.btc747.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

access-control-allow-origin: *
date: Sun, 24 Mar 2024 18:22:43 GMT
access-control-allow-credentials: true
server: nginx/1.18.0
accept-ch: Sec-CH-UA-Platform-Version
content-length: 0

GET
H/1.1 200
OK asyncspc.php Show response
greenfox.ink/d/ Frame A369 6 KB
3 KB 26ms
26ms XHR
application/json 5.45.74.150
SCALAXY-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://greenfox.ink/d/asyncspc.php?zones=6%7C7%7C10&prefix=revive-0-&cphost=43519b58b68d940f8734726dfed6c5c9%7C1%7Caino.sbs&loc=https%3A%2F%2Fwww1.btc747.xyz%2F2024%2F03%2Fjoe-biden-met-with-wes-edens-and-doc.html&referer=https%3A%2F%2Fwww1.btc747.xyz%2F
Requested by: Host: greenfox.ink
URL: https://greenfox.ink/d/asyncjs.php
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 5.45.74.150 Dronten, Netherlands, ASN58061 (SCALAXY-AS, LV),
Reverse DNS: zmta28.corpresponse.com
Software: nginx/1.22.1 / PHP/8.0.30
Resource Hash: 7737c235304fa8a32d6a2edfa6a61b54b4d50de48a68553e786f9f3c277bcf06

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://www1.btc747.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

Pragma: no-cache
Date: Sun, 24 Mar 2024 18:22:43 GMT
Content-Encoding: gzip
Server: nginx/1.22.1
X-Powered-By: PHP/8.0.30
Transfer-Encoding: chunked
Vary: Accept-Encoding
Content-Type: application/json
P3P: CP="CUR ADM OUR NOR STA NID"
Access-Control-Allow-Origin: https://www1.btc747.xyz
Cache-Control: no-cache, no-store, must-revalidate
Access-Control-Allow-Credentials: true
Connection: keep-alive
Expires: 0

GET
H2

200

500x200_ipl_2024_22_march.jpg
amd-cdn-1.absole-catenaliggette-i-282.site/content/stream/Batery/ Frame A369
Redirect Chain

https://revive.stats.rip/?type=2&service=test&advertiser=BATERY_PageBanners&custom=43519b58b68d940f8734726dfed6c5c9|1|aino.sbs&atype=2&banner=BATERY_ipl&redirect=https%3A%2F%2Famd-cdn-1.absole-cate...
https://amd-cdn-1.absole-catenaliggette-i-282.site/content/stream/Batery/500x200_ipl_2024_22_march.jpg

46 KB
46 KB

94ms
29ms

Image
image/jpeg

50.7.24.35
COGENT-174

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://amd-cdn-1.absole-catenaliggette-i-282.site/content/stream/Batery/500x200_ipl_2024_22_march.jpg
Protocol: H2
Server: 50.7.24.35 Halfweg, Netherlands, ASN174 (COGENT-174, US),
Reverse DNS
Software: nginx /
Resource Hash: 49223161e0b9a2832de2e5841ff7219ecbd3f1947c2da8f3377967e880c01b08

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://www1.btc747.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Sun, 24 Mar 2024 18:22:43 GMT
last-modified: Sun, 24 Mar 2024 14:06:40 GMT
server: nginx
etag: "66003370-b823"
access-control-allow-methods: GET, POST, OPTIONS
content-type: image/jpeg
access-control-allow-origin: *
accept-ranges: bytes
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Accept-Encoding
content-length: 47139

Redirect headers

date: Sun, 24 Mar 2024 18:22:43 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=B97U6CJcTWC%2BcpcPsEHVLDOPtEU2MfP12UNPEsK%2FxYxmAyPWK9bp152qPikmhNfXfqPXxUuY%2B4S1XgIB0yU4FKX8AtZUaxAD9PG8vym0KpZp3vRjfGCQJ4n4AbA6cx8bp3bQD%2FzQL9TMH%2BDDKGgE"}],"group":"cf-nel","max_age":604800}
content-type: text/html; charset=UTF-8
location: https://amd-cdn-1.absole-catenaliggette-i-282.site/content/stream/Batery/500x200_ipl_2024_22_march.jpg
cf-ray: 8698b0311e8c6f82-CDG
alt-svc: h3=":443"; ma=86400

GET
H2 200 pixel.gif
px.greenfox.ink/ Frame A369 42 B
606 B 157ms
99ms Image
image/gif 2606:4700:3035::ac43:be41
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.greenfox.ink/pixel.gif?ad_type=1&banner=4&advertiser=1&cp_host=43519b58b68d940f8734726dfed6c5c9|1|aino.sbs&event_type=1&rand=bbb608510f
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3035::ac43:be41 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://www1.btc747.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Sun, 24 Mar 2024 18:22:43 GMT
cf-cache-status: BYPASS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=jE9TlxautajVRSwTH4DG6zImzSh0fbD6FNwMMqw2kS92bgnZ0XX%2Bo0wSWMPKjhc0eVQZdLBcFhNc%2BThTCxT%2FnfDuYC5k%2Bxj5ZipQLfXx5EIW8Rpyvhty%2F0nLAC%2B7J%2F%2BhQ4LnQtRotkujpZNuf9c%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
cache-control: no-cache, no-store, must-revalidate
accept-ranges: bytes
cf-ray: 8698b03118d1022f-CDG
alt-svc: h3=":443"; ma=86400
content-length: 42

GET
H/1.1 200
OK lg.php
greenfox.ink/d/ Frame A369 43 B
523 B 30ms
30ms Image
image/gif 5.45.74.150
SCALAXY-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://greenfox.ink/d/lg.php?bannerid=4&campaignid=1&zoneid=6&loc=https%3A%2F%2Fwww1.btc747.xyz%2F2024%2F03%2Fjoe-biden-met-with-wes-edens-and-doc.html&referer=https%3A%2F%2Fwww1.btc747.xyz%2F&cb=bbb608510f
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 5.45.74.150 Dronten, Netherlands, ASN58061 (SCALAXY-AS, LV),
Reverse DNS: zmta28.corpresponse.com
Software: nginx/1.22.1 / PHP/8.0.30
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://www1.btc747.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

Pragma: no-cache
Date: Sun, 24 Mar 2024 18:22:43 GMT
Server: nginx/1.22.1
X-Powered-By: PHP/8.0.30
Transfer-Encoding: chunked
Content-Type: image/gif
Access-Control-Allow-Origin: *
P3P: CP="CUR ADM OUR NOR STA NID"
Cache-Control: no-cache, no-store, must-revalidate
Connection: keep-alive
Expires: 0

GET
H/1.1 200
OK lg.php
greenfox.ink/d/ Frame A369 43 B
523 B 59ms
28ms Image
image/gif 5.45.74.150
SCALAXY-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://greenfox.ink/d/lg.php?bannerid=0&campaignid=0&zoneid=7&loc=https%3A%2F%2Fwww1.btc747.xyz%2F2024%2F03%2Fjoe-biden-met-with-wes-edens-and-doc.html&referer=https%3A%2F%2Fwww1.btc747.xyz%2F&cb=bcf86e47dc
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 5.45.74.150 Dronten, Netherlands, ASN58061 (SCALAXY-AS, LV),
Reverse DNS: zmta28.corpresponse.com
Software: nginx/1.22.1 / PHP/8.0.30
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://www1.btc747.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

Pragma: no-cache
Date: Sun, 24 Mar 2024 18:22:43 GMT
Server: nginx/1.22.1
X-Powered-By: PHP/8.0.30
Transfer-Encoding: chunked
Content-Type: image/gif
Access-Control-Allow-Origin: *
P3P: CP="CUR ADM OUR NOR STA NID"
Cache-Control: no-cache, no-store, must-revalidate
Connection: keep-alive
Expires: 0

GET
H/1.1 200
OK lg.php
greenfox.ink/d/ Frame A369 43 B
523 B 81ms
29ms Image
image/gif 5.45.74.150
SCALAXY-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://greenfox.ink/d/lg.php?bannerid=45&campaignid=14&zoneid=10&loc=https%3A%2F%2Fwww1.btc747.xyz%2F2024%2F03%2Fjoe-biden-met-with-wes-edens-and-doc.html&referer=https%3A%2F%2Fwww1.btc747.xyz%2F&cb=e4378d2cff
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 5.45.74.150 Dronten, Netherlands, ASN58061 (SCALAXY-AS, LV),
Reverse DNS: zmta28.corpresponse.com
Software: nginx/1.22.1 / PHP/8.0.30
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://www1.btc747.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

Pragma: no-cache
Date: Sun, 24 Mar 2024 18:22:43 GMT
Server: nginx/1.22.1
X-Powered-By: PHP/8.0.30
Transfer-Encoding: chunked
Content-Type: image/gif
Access-Control-Allow-Origin: *
P3P: CP="CUR ADM OUR NOR STA NID"
Cache-Control: no-cache, no-store, must-revalidate
Connection: keep-alive
Expires: 0

GET
H/1.1 200
OK w.js Show response
jswww.net/ Frame D0CD 16 KB
16 KB 207ms
150ms Script
text/javascript 109.206.168.17
SERVEREL-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://jswww.net/w.js?isr=1&wtoken=98963dc7-1c2d-49d5-bc4b-859b47dfca0e&u=726385&t=2068&sid=1337x1.wb4.xyz&r=0.10053704108915662
Requested by: Host: 1337x1.wb4.xyz
URL: https://1337x1.wb4.xyz/script.js?t=202422418
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 109.206.168.17 Amsterdam, Netherlands, ASN50245 (SERVEREL-AS, US),
Reverse DNS: 109.206.168.17.serverel.net
Software: binder-v5.11.2 /
Resource Hash: 42b78ed51a2a88eb07997118c198eca30f9a2a04de256e606a1f8deae1cf5e1a

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://1337x1.wb4.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Sun, 24 Mar 2024 18:22:43 GMT
x-response-code: 20200
server: binder-v5.11.2
access-control-allow-methods: GET, POST
content-type: text/javascript
access-control-allow-origin: *
access-control-expose-headers: *
access-control-allow-headers: *
content-length: 15872

GET
H2

200

e7ZHVOgntf01GID9yToqvMxHtBXfZheXA62C8OPfqbBMYcGPCcu86ulm4j8G3Q1-0Iw1S-WwHQLStH6B9pwIiRmKxu52GdSgeTNtQAK_q4aN0YVbF4SgrDjinO43wrsCSf7hf3JzDj_RsTAovFWGoPml6rAGCEYpi63W2Sj4n6EcQJ9mGU4qTM-g5kTnWck=
img.cdn.house/i/1/ Frame 8EB3
Redirect Chain

https://imcod.net/b2/l/i/icon?asid=3288688236pQcnNbeq&cid=1&did=ZkdkY3o&eid=10592&n=bcab2c5b58c0cbae4def4d14&nid=1&sid=CUMWNbWwAQ1dQi%2FMPG59G%2BuGX5DxSCKfzdNNYaC5Zp7AIAiGtsAK902dfka3%2BmcM5VB8R5oM...
https://img.cdn.house/i/1/e7ZHVOgntf01GID9yToqvMxHtBXfZheXA62C8OPfqbBMYcGPCcu86ulm4j8G3Q1-0Iw1S-WwHQLStH6B9pwIiRmKxu52GdSgeTNtQAK_q4aN0YVbF4SgrDjinO43wrsCSf7hf3JzDj_RsTAovFWGoPml6rAGCEYpi63W2Sj4n6E...

3 KB
3 KB

107ms
33ms

Image
image/webp

136.243.32.106
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img.cdn.house/i/1/e7ZHVOgntf01GID9yToqvMxHtBXfZheXA62C8OPfqbBMYcGPCcu86ulm4j8G3Q1-0Iw1S-WwHQLStH6B9pwIiRmKxu52GdSgeTNtQAK_q4aN0YVbF4SgrDjinO43wrsCSf7hf3JzDj_RsTAovFWGoPml6rAGCEYpi63W2Sj4n6EcQJ9mGU4qTM-g5kTnWck=
Requested by: Host: srcdoc
URL: about:srcdoc
Protocol: H2
Server: 136.243.32.106 Berlin, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: push-house-cdn-206.t.push.house
Software: nginx /
Resource Hash: 7df81347d74047f417a57172a07925490681b4677c25220933975db76c2b2e08

Request headers

accept-language: fr-FR,fr;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Sun, 24 Mar 2024 18:22:45 GMT
cache-control: no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
last-modified: Sun, 14 Jan 2024 09:16:55 GMT
server: nginx
accept-ranges: bytes
content-length: 3224
content-type: image/webp

Redirect headers

location: https://img.cdn.house/i/1/e7ZHVOgntf01GID9yToqvMxHtBXfZheXA62C8OPfqbBMYcGPCcu86ulm4j8G3Q1-0Iw1S-WwHQLStH6B9pwIiRmKxu52GdSgeTNtQAK_q4aN0YVbF4SgrDjinO43wrsCSf7hf3JzDj_RsTAovFWGoPml6rAGCEYpi63W2Sj4n6EcQJ9mGU4qTM-g5kTnWck=
date: Sun, 24 Mar 2024 18:22:44 GMT
referrer-policy: no-referrer, no-referrer
server: dspclick-v3.12.3
content-length: 0

GET
H2

200

RQ0KxWvcNABMfBHrTPNiQ9B8RyJ0ZnEZFhZRAyDznuUlBGiroXh8yvizhw7i8PqYw8tl8yy1Czv9YaBJeKBfaaxVzEpCeC8UpToUuWcAayM63iojLeIFCXDND8nhmKZPyucZm4KU4GZNAVQCcFd9jogVWG0aykudvUuPRQF_aQYw3zPQULOa3HR7qvaRbmY=
img.cdn.house/i/1/ Frame 8EB3
Redirect Chain

https://imcod.net/b2/l/i/icon?asid=3288688236eBytDkMq&cid=1&did=fE1tRHM&eid=10592&n=b43ee62f8b15fa33f4ddf60c&nid=1&sid=teqc2gxj23xLhX61Bspj3Yt%2B3KW7Rga51yiMkIREDTx5qb62DgDkQtypIQ5gC566lSsLYS4JAAxk...
https://img.cdn.house/i/1/RQ0KxWvcNABMfBHrTPNiQ9B8RyJ0ZnEZFhZRAyDznuUlBGiroXh8yvizhw7i8PqYw8tl8yy1Czv9YaBJeKBfaaxVzEpCeC8UpToUuWcAayM63iojLeIFCXDND8nhmKZPyucZm4KU4GZNAVQCcFd9jogVWG0aykudvUuPRQF_aQY...

3 KB
4 KB

107ms
32ms

Image
image/webp

136.243.32.106
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img.cdn.house/i/1/RQ0KxWvcNABMfBHrTPNiQ9B8RyJ0ZnEZFhZRAyDznuUlBGiroXh8yvizhw7i8PqYw8tl8yy1Czv9YaBJeKBfaaxVzEpCeC8UpToUuWcAayM63iojLeIFCXDND8nhmKZPyucZm4KU4GZNAVQCcFd9jogVWG0aykudvUuPRQF_aQYw3zPQULOa3HR7qvaRbmY=
Requested by: Host: srcdoc
URL: about:srcdoc
Protocol: H2
Server: 136.243.32.106 Berlin, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: push-house-cdn-206.t.push.house
Software: nginx /
Resource Hash: 77f2353fc45a425580c0d78f00eab8a1a81c7264d99804ff6ebd8adfb0a6430a

Request headers

accept-language: fr-FR,fr;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Sun, 24 Mar 2024 18:22:45 GMT
cache-control: no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
last-modified: Sun, 14 Jan 2024 09:16:55 GMT
server: nginx
accept-ranges: bytes
content-length: 3480
content-type: image/webp

Redirect headers

location: https://img.cdn.house/i/1/RQ0KxWvcNABMfBHrTPNiQ9B8RyJ0ZnEZFhZRAyDznuUlBGiroXh8yvizhw7i8PqYw8tl8yy1Czv9YaBJeKBfaaxVzEpCeC8UpToUuWcAayM63iojLeIFCXDND8nhmKZPyucZm4KU4GZNAVQCcFd9jogVWG0aykudvUuPRQF_aQYw3zPQULOa3HR7qvaRbmY=
date: Sun, 24 Mar 2024 18:22:44 GMT
referrer-policy: no-referrer, no-referrer
server: dspclick-v3.12.3
content-length: 0

Verdicts & Comments Add Verdict or Comment

22 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

10 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.link.uhc.fr.nf/	1969-12-31 23:59:59	Name: link_uhc_fr_nf Value: usv9fg0vhl7r1pde6qofrsrql3
.fr.nf/	1970-01-20 19:23:10	Name: _gid Value: GA1.2.1624083910.1711304562
.fr.nf/	1970-01-20 19:21:44	Name: _gat Value: 1
.fr.nf/	1970-01-21 04:57:44	Name: _ga_P0LJR3FHEL Value: GS1.1.1711304562.1.0.1711304562.0.0.0
.fr.nf/	1970-01-21 04:57:44	Name: _ga Value: GA1.2.714948470.1711304562
.fr.nf/	1970-01-20 19:21:44	Name: _gat_gtag_UA_46789381_60 Value: 1
.fr.nf/	1970-01-21 04:57:44	Name: _ga_HYY21FHH92 Value: GS1.2.1711304562.1.0.1711304562.60.0.0
greenfox.ink/	1969-12-31 23:59:59	Name: OAGEO Value: 2%7CFR%7CEU%7C1%7C%7C%7C48.8582%7C2.3387%7C500%7CEurope%2FParis%7C%7C%7C%7C%7C%7C%7C%7C%7C%7C%7C%7C%7C%7C%7C%7C%7C
greenfox.ink/	1970-01-21 04:07:20	Name: OAID Value: 5b0dedf71b96c7880dd11dfbf5a1a732
.px.greenfox.ink/	1970-01-21 04:07:20	Name: unq-user-id Value: aaaaaaaaaa

13 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
other	warning	URL: https://link.uhc.fr.nf/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://link.uhc.fr.nf/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://link.uhc.fr.nf/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://link.uhc.fr.nf/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://link.uhc.fr.nf/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://link.uhc.fr.nf/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://link.uhc.fr.nf/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://link.uhc.fr.nf/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://link.uhc.fr.nf/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://link.uhc.fr.nf/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://link.uhc.fr.nf/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://link.uhc.fr.nf/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://link.uhc.fr.nf/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

1337x1.wb4.xyz
ajax.googleapis.com
amd-cdn-1.absole-catenaliggette-i-282.site
cdnjs.cloudflare.com
counter.jdi5.com
fastcdn.jdi5.com
greenfox.ink
imcod.net
img.cdn.house
imgcdn1.jdi5.com
jswww.net
link.uhc.fr.nf
maxcdn.bootstrapcdn.com
nwwais.com
pagead2.googlesyndication.com
ptxhzp.com
px.greenfox.ink
region1.analytics.google.com
region1.google-analytics.com
revive.stats.rip
stats.g.doubleclick.net
tdmrfw.com
tinyfast.xyz
wivyiz.com
www.google-analytics.com
www.google.com
www.google.fr
www.googletagmanager.com
www.link.uhc.fr.nf
www1.btc747.xyz
109.206.162.121
109.206.168.17
136.243.32.106
2001:4860:4802:32::36
2606:4700:3030::6815:251b
2606:4700:3030::6815:b3d
2606:4700:3033::6815:5e4b
2606:4700:3035::ac43:8726
2606:4700:3035::ac43:be41
2606:4700::6811:180e
2606:4700::6812:acf
2a00:1450:4001:806::2003
2a00:1450:4001:808::2004
2a00:1450:4001:809::200e
2a00:1450:4001:830::2002
2a00:1450:4001:831::2008
2a00:1450:4001:831::200a
2a00:1450:400c:c00::9c
2a02:b4a:1:7::5647:1
2a02:b4a:1:7::9273:1
2a02:b4a:1:7::9274:1
2a06:98c1:3120::3
2a06:98c1:3121::3
45.87.41.89
5.45.74.150
50.7.24.35
006092c933ff4b473ce50704a96f9956324c12bf67b0c362e932506e94ec257e
024567767cf06d1279bc0c4fa98581bf8ece442aef4700cd19e8eb3b4a9d522a
03422cce4aa073003846c68a6f4548de16ab9dda1561cde99b07c67e7c989c8a
08b44ec0129ac544b69db7dd0f064261099dbfdf4f46925d0c2e4ec57997c49b
11c91ace83e71ab94baad8cfe9ecda80f4249df8aa7361edce0455fa7bc32b0d
160a426ff2894252cd7cebbdd6d6b7da8fcd319c65b70468f10b6690c45d02ef
20cb585371c2cc6379beec5badae09e709e714f446db521107f45c1d2b61f1ca
2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe
2d054b502d829accd15ff9cb78d1431df1c3ec2c67ca18d4008d2cbc973c6384
3e63db8de63b14e33363603338ff95a3fd148c3fb167263969d51c54fdcd6164
3f66bdcd6040eabbf557be6bdf019ed229ca76b8d4320eb10f4a6d88a0aa8f3a
42b78ed51a2a88eb07997118c198eca30f9a2a04de256e606a1f8deae1cf5e1a
49223161e0b9a2832de2e5841ff7219ecbd3f1947c2da8f3377967e880c01b08
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
51c6a5046513f0ee347242b4ceefaf3170927af9ee6e691768a2aa281da3982f
5204b2513f54f975e4446c5a4228ed8393dcbb5e509f473e85277d11fb9ccd44
533036bd37d4d87bd4e3cad3010f2a29d00f24ffc34bb5b22598951c44d91452
549f8289905f59c82a3d55643d6f2868f3589a4ff2b067ad9f8c830daff502cb
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
6d92dfc1700fd38cd130ad818e23bc8aef697f815b2ea5face2b5dfad22f2e11
74e97309e0e48fab9313ec0892d90ed8c9aa859d25e131f186e49d66e016690e
7737c235304fa8a32d6a2edfa6a61b54b4d50de48a68553e786f9f3c277bcf06
77f2353fc45a425580c0d78f00eab8a1a81c7264d99804ff6ebd8adfb0a6430a
799aeb25cc0373fdee0e1b1db7ad6c2f6a0e058dfadaa3379689f583213190bd
7cb70dc7c45adf4f56a8c6d6665667b551969d3a89f40a16b1668d7145452f33
7df81347d74047f417a57172a07925490681b4677c25220933975db76c2b2e08
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
94f541dbfdef1a8128c164c852a4d6e5e28c1802806c015d2039f1380cae9ce1
99262cf14b9cc66dc28995a10253b7025649240b73a10bbc57f8d0cfd471bf56
aad5623efaae82ad301a146d1437b18fff9885db2a872538bc5f885a7632fb89
b5c5759b58eb5ba296d87e33179638c29a7bac5f08b8f72435a83f1661c1431a
b6bf10e51c920ae454dd55098ef0e7e2d56812fe93dfbbf77f1d6c2f07a80519
bb81c521c328cf4dce09e15b0f34795e68d447f46a0c4007084689d10b6f20e1
c3113877222cc83f76221d4f7cd05d6e48ebe7b41a8e07f727a1d5e925afa6b3
d47abc16c25a872cdb6e2494db0b9a8f4ce5edaa585bc5f4e6eb704c6f3ca019
ddd92f10ad162c7449eff0acaf40598c05b1111739587edb75e5326b6697c5d5
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e4d01ebe4df425bffcb612268fcc70b3cb8ecc1bc7bf3097669a818c739d0401
ee9b7a645251dfb78db9a580492090b4bd602eeccbb2f3f32ccd4d97add8d60d
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

link.uhc.fr.nf Open in urlscan Pro 45.87.41.89 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

55 Requests

91 %HTTPS

77 %IPv6

24 Domains

30 Subdomains

24 IPs

4 Countries

960 kBTransfer

2432 kBSize

10 Cookies

1 Outgoing links

Page URL History

Redirected requests

55 HTTP transactions Everything HTML Script AJAX CSS Image Expand all -1 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

link.uhc.fr.nf Open in urlscan Pro
45.87.41.89 Public Scan

Screenshot
Live screenshot

Full Image

55
Requests

91 %
HTTPS

77 %
IPv6

24
Domains

30
Subdomains

24
IPs

4
Countries

960 kB
Transfer

2432 kB
Size

10
Cookies

55 HTTP transactions
-1 data transactions