r.brstej.com Open in urlscan Pro
2606:4700:20::681a:68d Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://www.brstej.com/
Effective URL:
https://r.brstej.com/index.php?t=a73d866e01
Submission: On January 17 via api (January 17th 2021, 5:51:06 pm UTC) from TW

Summary HTTP 99 Redirects Links 1 Behaviour Indicators

Summary

This website contacted 31 IPs in 6 countries across 27 domains to perform 99 HTTP transactions. The main IP is 2606:4700:20::681a:68d, located in United States and belongs to CLOUDFLARENET, US. The main domain is r.brstej.com.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on July 22nd 2020. Valid for: a year.

This is the only time r.brstej.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
5 26	2606:4700:20:... 2606:4700:20::681a:68d	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	23.111.9.35 23.111.9.35	33438 (HIGHWINDS2) (HIGHWINDS2)
17	2606:4700:10:... 2606:4700:10::ac43:17e4	13335 (CLOUDFLAR...) (CLOUDFLARENET)
8	2606:4700::68... 2606:4700::6810:8516	13335 (CLOUDFLAR...) (CLOUDFLARENET)
4	139.45.197.9 139.45.197.9	9002 (RETN-AS) (RETN-AS)
1	172.255.6.144 172.255.6.144	7979 (SERVERS-COM) (SERVERS-COM)
1	2606:4700::68... 2606:4700::6810:a823	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a00:1450:400... 2a00:1450:4001:803::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:806::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:818::2008	15169 (GOOGLE) (GOOGLE)
2	2001:4de0:ac1... 2001:4de0:ac19::1:b:3a	20446 (HIGHWINDS3) (HIGHWINDS3)
1	2606:4700::68... 2606:4700::6810:135e	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2001:4de0:ac1... 2001:4de0:ac19::1:b:3b	20446 (HIGHWINDS3) (HIGHWINDS3)
1	142.250.74.194 142.250.74.194	15169 (GOOGLE) (GOOGLE)
1	99.86.7.129 99.86.7.129	16509 (AMAZON-02) (AMAZON-02)
1	2a00:1450:400... 2a00:1450:4001:819::200a	15169 (GOOGLE) (GOOGLE)
5	87.245.235.35 87.245.235.35	9002 (RETN-AS) (RETN-AS)
2	2a00:1450:400... 2a00:1450:4001:815::200e	15169 (GOOGLE) (GOOGLE)
1	99.86.7.23 99.86.7.23	16509 (AMAZON-02) (AMAZON-02)
1	2a00:1450:400... 2a00:1450:400c:c00::9b	15169 (GOOGLE) (GOOGLE)
6	2a00:1450:400... 2a00:1450:4001:802::2004	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:802::2003	15169 (GOOGLE) (GOOGLE)
1	139.45.195.92 139.45.195.92	9002 (RETN-AS) (RETN-AS)
2	139.45.196.197 139.45.196.197	9002 (RETN-AS) (RETN-AS)
5	139.45.196.41 139.45.196.41	9002 (RETN-AS) (RETN-AS)
1	139.45.195.106 139.45.195.106	9002 (RETN-AS) (RETN-AS)
1	2606:4700:20:... 2606:4700:20::681a:97b	13335 (CLOUDFLAR...) (CLOUDFLARENET)
4	2606:4700:10:... 2606:4700:10::ac43:a62	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	139.45.195.254 139.45.195.254	9002 (RETN-AS) (RETN-AS)
2	139.45.195.176 139.45.195.176	9002 (RETN-AS) (RETN-AS)
99	31

26 2606:4700:20::681a:68d (United States) 5 redirects

ASN13335 (CLOUDFLARENET, US)

www.brstej.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
r.brstej.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
m.brstej.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 23.111.9.35 (Phoenix, United States)

ASN33438 (HIGHWINDS2, US)

use.fontawesome.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

17 2606:4700:10::ac43:17e4 (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.statically.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 2606:4700::6810:8516 (United States)

ASN13335 (CLOUDFLARENET, US)

live.demand.supply	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 139.45.197.9 (Ascension Island)

ASN9002 (RETN-AS, GB)

graizoah.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 172.255.6.144 (Netherlands)

ASN7979 (SERVERS-COM, US)

sitefeytout.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6810:a823 (United States)

ASN13335 (CLOUDFLARENET, US)

ajax.cloudflare.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:803::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:806::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:818::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2001:4de0:ac19::1:b:3a (Netherlands)

ASN20446 (HIGHWINDS3, US)

maxcdn.bootstrapcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
netdna.bootstrapcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6810:135e (United States)

ASN13335 (CLOUDFLARENET, US)

cdnjs.cloudflare.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2001:4de0:ac19::1:b:3b (Netherlands)

ASN20446 (HIGHWINDS3, US)

code.jquery.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.74.194 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s02-in-f2.1e100.net

securepubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 99.86.7.129 (Seattle, United States)

ASN16509 (AMAZON-02, US)
PTR: server-99-86-7-129.fra6.r.cloudfront.net

certify-js.alexametrics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:819::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 87.245.235.35 (United Kingdom)

ASN9002 (RETN-AS, GB)

in-page-push.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:815::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 99.86.7.23 (Seattle, United States)

ASN16509 (AMAZON-02, US)
PTR: server-99-86-7-23.fra6.r.cloudfront.net

certify.alexametrics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400c:c00::9b (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a00:1450:4001:802::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:802::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 139.45.195.92 (Ascension Island)

ASN9002 (RETN-AS, GB)

abdurantom.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 139.45.196.197 (Ascension Island)

ASN9002 (RETN-AS, GB)

pushagim.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 139.45.196.41 (Ascension Island)

ASN9002 (RETN-AS, GB)

cdn.itphanpytor.club	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 139.45.195.106 (Ascension Island)

ASN9002 (RETN-AS, GB)

my.rtmark.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:20::681a:97b (United States)

ASN13335 (CLOUDFLARENET, US)

static.lalaping.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2606:4700:10::ac43:a62 (United States)

ASN13335 (CLOUDFLARENET, US)

littlecdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 139.45.195.254 (Ascension Island)

ASN9002 (RETN-AS, GB)

o.wowreality.info	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 139.45.195.176 (Ascension Island)

ASN9002 (RETN-AS, GB)

onstunkyr.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
26	brstej.com 5 redirects www.brstej.com r.brstej.com m.brstej.com	189 KB
17	statically.io cdn.statically.io	1 MB
8	demand.supply live.demand.supply	26 KB
6	google.com www.google.com	35 KB
5	itphanpytor.club cdn.itphanpytor.club	123 KB
5	in-page-push.com in-page-push.com	31 KB
4	littlecdn.com littlecdn.com	20 KB
4	graizoah.com graizoah.com	22 KB
2	onstunkyr.com onstunkyr.com	964 B
2	wowreality.info o.wowreality.info	399 B
2	pushagim.com pushagim.com	33 KB
2	google-analytics.com www.google-analytics.com	19 KB
2	alexametrics.com certify-js.alexametrics.com certify.alexametrics.com	5 KB
2	doubleclick.net securepubads.g.doubleclick.net stats.g.doubleclick.net	97 KB
2	jquery.com code.jquery.com	34 KB
2	bootstrapcdn.com maxcdn.bootstrapcdn.com netdna.bootstrapcdn.com	27 KB
2	cloudflare.com ajax.cloudflare.com cdnjs.cloudflare.com	11 KB
2	fontawesome.com use.fontawesome.com	87 KB
1	lalaping.com static.lalaping.com	33 KB
1	rtmark.net my.rtmark.net	770 B
1	abdurantom.com abdurantom.com	1 KB
1	google.de www.google.de	107 B
1	googleapis.com fonts.googleapis.com	999 B
1	googletagmanager.com www.googletagmanager.com	39 KB
1	googletagservices.com www.googletagservices.com	18 KB
1	googlesyndication.com pagead2.googlesyndication.com	47 KB
1	sitefeytout.com sitefeytout.com	1016 B
99	27

	Domain	Requested by
23	r.brstej.com	2 redirects r.brstej.com ajax.cloudflare.com
17	cdn.statically.io	r.brstej.com
8	live.demand.supply	r.brstej.com live.demand.supply
6	www.google.com
5	cdn.itphanpytor.club	in-page-push.com cdn.itphanpytor.club
5	in-page-push.com	r.brstej.com in-page-push.com
4	littlecdn.com	in-page-push.com
4	graizoah.com	r.brstej.com graizoah.com
2	onstunkyr.com
2	o.wowreality.info	static.lalaping.com
2	pushagim.com	in-page-push.com pushagim.com
2	www.google-analytics.com	www.googletagmanager.com www.google-analytics.com
2	code.jquery.com	ajax.cloudflare.com
2	m.brstej.com	2 redirects
2	use.fontawesome.com	r.brstej.com use.fontawesome.com
1	static.lalaping.com	cdn.itphanpytor.club
1	my.rtmark.net	pushagim.com
1	abdurantom.com	in-page-push.com
1	www.google.de
1	stats.g.doubleclick.net	www.google-analytics.com
1	certify.alexametrics.com
1	netdna.bootstrapcdn.com	r.brstej.com
1	fonts.googleapis.com	r.brstej.com
1	certify-js.alexametrics.com	r.brstej.com
1	securepubads.g.doubleclick.net	www.googletagservices.com
1	cdnjs.cloudflare.com	ajax.cloudflare.com
1	maxcdn.bootstrapcdn.com	ajax.cloudflare.com
1	www.googletagmanager.com	ajax.cloudflare.com
1	www.googletagservices.com	live.demand.supply
1	pagead2.googlesyndication.com	live.demand.supply
1	ajax.cloudflare.com	r.brstej.com
1	sitefeytout.com	r.brstej.com
1	www.brstej.com	1 redirects
99	33

This site contains links to these domains. Also see Links.

Domain
kooora4us.com

Subject Issuer	Validity	Valid
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2020-07-22` - `2021-07-22`	a year	crt.sh
*.fontawesome.com DigiCert TLS RSA SHA256 2020 CA1	`2020-11-13` - `2021-12-14`	a year	crt.sh
demand.supply Cloudflare Inc ECC CA-3	`2020-05-22` - `2021-05-22`	a year	crt.sh
graizoah.com R3	`2020-12-11` - `2021-03-11`	3 months	crt.sh
sitefeytout.com R3	`2020-12-22` - `2021-03-22`	3 months	crt.sh
ajax.cloudflare.com DigiCert ECC Secure Server CA	`2020-08-11` - `2022-08-16`	2 years	crt.sh
*.g.doubleclick.net GTS CA 1O1	`2020-12-15` - `2021-03-09`	3 months	crt.sh
*.google-analytics.com GTS CA 1O1	`2020-12-15` - `2021-03-09`	3 months	crt.sh
*.bootstrapcdn.com Sectigo RSA Domain Validation Secure Server CA	`2020-09-22` - `2021-10-12`	a year	crt.sh
jquery.org Sectigo RSA Domain Validation Secure Server CA	`2020-10-06` - `2021-10-16`	a year	crt.sh
certify-js.alexametrics.com Amazon	`2020-07-12` - `2021-08-12`	a year	crt.sh
upload.video.google.com GTS CA 1O1	`2020-12-15` - `2021-03-09`	3 months	crt.sh
in-page-push.com Let's Encrypt Authority X3	`2020-11-23` - `2021-02-21`	3 months	crt.sh
certify.alexametrics.com Amazon	`2020-07-12` - `2021-08-12`	a year	crt.sh
www.google.com GTS CA 1O1	`2020-12-15` - `2021-03-09`	3 months	crt.sh
www.google.de GTS CA 1O1	`2020-12-15` - `2021-03-09`	3 months	crt.sh
abdurantom.com Sectigo RSA Domain Validation Secure Server CA	`2020-03-17` - `2021-03-18`	a year	crt.sh
pushagim.com R3	`2020-12-22` - `2021-03-22`	3 months	crt.sh
itphanpytor.club R3	`2021-01-13` - `2021-04-13`	3 months	crt.sh
*.rtmark.net Sectigo RSA Domain Validation Secure Server CA	`2020-10-27` - `2021-11-26`	a year	crt.sh
*.google.com GTS CA 1O1	`2020-12-15` - `2021-03-09`	3 months	crt.sh
o.wowreality.info Let's Encrypt Authority X3	`2020-11-13` - `2021-02-11`	3 months	crt.sh
onstunkyr.com R3	`2021-01-03` - `2021-04-03`	3 months	crt.sh

This page contains 3 frames:

Primary Page: https://r.brstej.com/index.php?t=a73d866e01
Frame ID: D0F4E6F166E5AF152EAF37D1263BA816
Requests: 92 HTTP requests in this frame

Frame: https://graizoah.com/fac.php
Frame ID: 0A0E36A8C5FB2DAC679C8662747EA781
Requests: 1 HTTP requests in this frame

Frame: https://littlecdn.com/contents/s/cb/9f/b9/f83edb61067b798e603a72771e/0805408441928.png
Frame ID: B2169D1905A7843C8D06ABE50FF7CAC7
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page URL History Show full URLs

https://www.brstej.com/ HTTP 301
https://r.brstej.com/ HTTP 302
https://r.brstej.com/index.html HTTP 302
https://r.brstej.com/index.php?t=a73d866e01 Page URL

Detected technologies

CloudFlare (CDN) Expand

Overall confidence: 100%
Detected patterns

headers server /^cloudflare$/i

Font Awesome (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

html /<link[^>]* href=[^>]+(?:([\d.]+)\/)?(?:css\/)?font-awesome(?:\.min)?\.css/i

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

script /google-analytics\.com\/(?:ga|urchin|analytics)\.js/i

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

html /<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com/i

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

script /jquery[.-]([\d.]*\d)[^/]*\.js/i
script /jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?/i

Page Statistics

99
Requests

100 %
HTTPS

57 %
IPv6

27
Domains

33
Subdomains

31
IPs

6
Countries

1954 kB
Transfer

3694 kB
Size

4
Cookies

1 Outgoing links

These are links going to different origins than the main page.

URL: https://kooora4us.com/yalla-shoot/
Title: يلا شوت – yalla shoot

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://www.brstej.com/ HTTP 301
https://r.brstej.com/ HTTP 302
https://r.brstej.com/index.html HTTP 302
https://r.brstej.com/index.php?t=a73d866e01 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 9

https://m.brstej.com/2666.jpg HTTP 301
https://r.brstej.com/2666.jpg

Request Chain 43

https://m.brstej.com/morez.png HTTP 301
https://r.brstej.com/morez.png

99 HTTP transactions
1 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request index.php Show response
r.brstej.com/
Redirect Chain

https://www.brstej.com/
https://r.brstej.com/
https://r.brstej.com/index.html
https://r.brstej.com/index.php?t=a73d866e01

551 KB
74 KB

57ms
56ms

Document
text/html

2606:4700:20::681a:68d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://r.brstej.com/index.php?t=a73d866e01

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:68d , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

0007b581f224d0ccdc368cbb9d51450b2f7657fd47654c703b079dd616579958

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

:method: GET
:authority: r.brstej.com
:scheme: https
:path: /index.php?t=a73d866e01
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: none
sec-fetch-mode: navigate
sec-fetch-user: ?1
sec-fetch-dest: document
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: __cfduid=dc327e1ce028371e5ed3a985e65f67a4c1610905841
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 17 Jan 2021 17:50:41 GMT
content-type: text/html; charset=UTF-8
vary: Accept-Encoding
expires: Thu, 19 Nov 1981 08:52:00 GMT
cache-control: no-store, no-cache, must-revalidate
pragma: no-cache
x-frame-options: SAMEORIGIN
set-cookie: PHPSESSID=34f58cf378d97f53498e29ae0fbfc37c; path=/
last-modified: Tue, 20 Jan 2037 04:20:42 GMT
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
x-nginx-upstream-cache-status: MISS
x-server-powered-by: Magictor.com
cf-cache-status: DYNAMIC
cf-request-id: 07b311887f000005e4db8de000000001
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=ptS%2FToRpCSTvw4A724gDl3AU8JyvR3fWAlw1tGm%2F%2BEbKLAq7b7ezIKliwcJ5%2Fh7WNoWgPpnyrBAc3pdyEbTD4zvvVhz2MgucI1HW%2BsLSbNqEidLVf1T9prE%3D"}],"group":"cf-nel","max_age":604800}
nel: {"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 6131eb873d1205e4-FRA
content-encoding: br

Redirect headers

date: Sun, 17 Jan 2021 17:50:41 GMT
content-type: text/html; charset=UTF-8
location: index.php?t=a73d866e01
cache-control: max-age=2592000
expires: Mon, 15 Feb 2021 22:48:05 GMT
last-modified: Tue, 20 Jan 2037 04:20:42 GMT
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
x-nginx-upstream-cache-status: HIT
x-server-powered-by: Magictor.com
cf-cache-status: DYNAMIC
cf-request-id: 07b311885c000005e4b8278000000001
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=fjebR%2BQCYO1NPkSqacKiiyEsIKsoD6Rq5%2Bi7n%2F2OyWFykqHFLsfsVPH2OnESBnNvA%2BXhAkHdmD12jvBSRalLk09rgNQjgL2Xac%2FpfH8Jija6UTlyXKG0vBI%3D"}],"group":"cf-nel","max_age":604800}
nel: {"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 6131eb86fc2a05e4-FRA

GET
H2 200 all.css
use.fontawesome.com/releases/v5.8.2/css/ 54 KB
14 KB 143ms
43ms Stylesheet
text/css 23.111.9.35
HIGHWINDS2

General

Check archive.org

Show headers Download Go to

Full URL: https://use.fontawesome.com/releases/v5.8.2/css/all.css
Requested by: Host: r.brstej.com
URL: https://r.brstej.com/index.php?t=a73d866e01
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 23.111.9.35 Phoenix, United States, ASN33438 (HIGHWINDS2, US),
Reverse DNS
Software: NetDNA-cache/2.2 /
Resource Hash: 06d6e10886ed7de5561acab1935bce1c46174baa9cbd0bcb319aa3b69594131f

Request headers

Origin: https://r.brstej.com
Referer: https://r.brstej.com/index.php?t=a73d866e01
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 17 Jan 2021 17:50:42 GMT
content-encoding: gzip
last-modified: Tue, 07 May 2019 16:50:11 GMT
server: NetDNA-cache/2.2
etag: W/"77cbad34e5ce95e70847b074e05faeab"
vary: Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
access-control-allow-methods: GET
content-type: text/css
access-control-allow-origin: *
access-control-max-age: 3000
cache-control: max-age=31556926
x-cache: HIT

GET
H2 200 2.png
r.brstej.com/ 5 KB
6 KB 16ms
15ms Image
image/webp 2606:4700:20::681a:68d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://r.brstej.com/2.png

Requested by

Host: r.brstej.com
URL: https://r.brstej.com/index.php?t=a73d866e01

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:68d , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ba9515e3bb22fa3c9c822bd21dc49415290eb968b1995ddf09c5716c37d86f27

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://r.brstej.com/index.php?t=a73d866e01
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 17 Jan 2021 17:50:41 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 161224
cf-polished: origFmt=png, origSize=7680
x-server-powered-by: Magictor.com
content-disposition: inline; filename="2.webp"
content-length: 5380
x-xss-protection: 1; mode=block
x-nginx-upstream-cache-status: STALE
last-modified: Tue, 20 Jan 2037 04:20:42 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=tYDgn%2Fh6MOi15M7UwvsVYqWfjo8Olr3ocHdBqw0Er6pcZF8ioWxC15OvwLtMYaYNuBeGa8Xjhn%2BUa82SU1DdHjFYO4frR%2Fhp6FK6r0JrECL1a3KIH0zxBtI%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
expires: Tue, 16 Mar 2021 21:03:37 GMT
cache-control: max-age=5184000
cf-request-id: 07b31188c8000005e4e92db000000001
accept-ranges: bytes
cf-ray: 6131eb87aec005e4-FRA
cf-bgj: imgq:85,h2pri

GET
H2 200 f6a7a1b4.jpg
cdn.statically.io/img/r.brstej.com/f=webp,q=80/uploads/articles/ 47 KB
48 KB 57ms
32ms Image
image/webp 2606:4700:10::ac43:17e4
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.statically.io/img/r.brstej.com/f=webp,q=80/uploads/articles/f6a7a1b4.jpg

Requested by

Host: r.brstej.com
URL: https://r.brstej.com/index.php?t=a73d866e01

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::ac43:17e4 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ecd695498482a304d077a4f408aef9fca43e6b9e31dc64d8f837ca23797f64e2

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://r.brstej.com/index.php?t=a73d866e01
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 17 Jan 2021 17:50:41 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
age: 938823
x-cache: HIT
vary: Accept, Accept-Encoding
content-length: 48448
cf-request-id: 07b31188eb0000e00b629dd000000001
x-served-by: cache-fra19128-FRA
timing-allow-origin: *
server: cloudflare
etag: "stlySMkRGAFZ7_bWRSh-2lJh4w"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: image/webp
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31536000, immutable
accept-ranges: bytes
cf-ray: 6131eb87df1ce00b-FRA
link: <https://r.brstej.com/uploads/articles/f6a7a1b4.jpg>; rel="canonical"

GET
H2 200 acdae5b5.jpg
cdn.statically.io/img/r.brstej.com/f=webp,q=80/uploads/articles/ 69 KB
69 KB 57ms
32ms Image
image/webp 2606:4700:10::ac43:17e4
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.statically.io/img/r.brstej.com/f=webp,q=80/uploads/articles/acdae5b5.jpg

Requested by

Host: r.brstej.com
URL: https://r.brstej.com/index.php?t=a73d866e01

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::ac43:17e4 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

794375b4a5a964e264d685e5b9d1004b91cf3865311d74e17308b24cb4db1ce1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://r.brstej.com/index.php?t=a73d866e01
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 17 Jan 2021 17:50:41 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
age: 1205042
x-cache: HIT
vary: Accept, Accept-Encoding
content-length: 70672
cf-request-id: 07b31188eb0000e00bb2863000000001
x-served-by: cache-fra19145-FRA
timing-allow-origin: *
server: cloudflare
etag: "stlyncLjuHPZRbHd-QCLSdOsJQ"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: image/webp
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31536000, immutable
accept-ranges: bytes
cf-ray: 6131eb87df1ee00b-FRA
link: <https://r.brstej.com/uploads/articles/acdae5b5.jpg>; rel="canonical"

GET
H2 200 e40964a9.jpg
cdn.statically.io/img/r.brstej.com/f=webp,q=80/uploads/articles/ 47 KB
48 KB 46ms
21ms Image
image/webp 2606:4700:10::ac43:17e4
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.statically.io/img/r.brstej.com/f=webp,q=80/uploads/articles/e40964a9.jpg

Requested by

Host: r.brstej.com
URL: https://r.brstej.com/index.php?t=a73d866e01

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::ac43:17e4 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b5e17bb9b4eb72b5e7f67b00c9aeb07751e128efb1e00a7ffa40d600c955db6b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://r.brstej.com/index.php?t=a73d866e01
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 17 Jan 2021 17:50:41 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
age: 1319193
x-cache: HIT
vary: Accept, Accept-Encoding
content-length: 48576
cf-request-id: 07b31188ec0000e00b45138000000001
x-served-by: cache-fra19172-FRA
timing-allow-origin: *
server: cloudflare
etag: "stly5xljqjR2YggcNWDBQ71BCQ"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: image/webp
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31536000, immutable
accept-ranges: bytes
cf-ray: 6131eb87df20e00b-FRA
link: <https://r.brstej.com/uploads/articles/e40964a9.jpg>; rel="canonical"

GET
H2 200 2bdff54a.jpg
cdn.statically.io/img/r.brstej.com/f=webp,q=80/uploads/articles/ 78 KB
78 KB 48ms
23ms Image
image/webp 2606:4700:10::ac43:17e4
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.statically.io/img/r.brstej.com/f=webp,q=80/uploads/articles/2bdff54a.jpg

Requested by

Host: r.brstej.com
URL: https://r.brstej.com/index.php?t=a73d866e01

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::ac43:17e4 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e815c87acc2288959ffb190cbacbf1b2bde1184b24c7dd8869411a303087b412

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://r.brstej.com/index.php?t=a73d866e01
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 17 Jan 2021 17:50:41 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
age: 1634815
x-cache: HIT
vary: Accept, Accept-Encoding
content-length: 79724
cf-request-id: 07b31188ec0000e00b4badc000000001
x-served-by: cache-fra19169-FRA
timing-allow-origin: *
server: cloudflare
etag: "stlyLQTCu0K_4GenwfuxZrz4dQ"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: image/webp
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31536000, immutable
accept-ranges: bytes
cf-ray: 6131eb87df22e00b-FRA
link: <https://r.brstej.com/uploads/articles/2bdff54a.jpg>; rel="canonical"

GET
H2 200 a4287c86.jpg
cdn.statically.io/img/r.brstej.com/f=webp,q=80/uploads/articles/ 68 KB
69 KB 56ms
31ms Image
image/webp 2606:4700:10::ac43:17e4
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.statically.io/img/r.brstej.com/f=webp,q=80/uploads/articles/a4287c86.jpg

Requested by

Host: r.brstej.com
URL: https://r.brstej.com/index.php?t=a73d866e01

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::ac43:17e4 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c4b7a1329b8da630e85a73f5b951dd83340a31c0d442e4e0875d1a9bd5bb4a6e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://r.brstej.com/index.php?t=a73d866e01
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 17 Jan 2021 17:50:41 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
age: 1645061
x-cache: HIT
vary: Accept, Accept-Encoding
content-length: 70074
cf-request-id: 07b31188ec0000e00bc59c1000000001
x-served-by: cache-fra19176-FRA
timing-allow-origin: *
server: cloudflare
etag: "stlytfTiV1vRvqDKm3YfUr9jYQ"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: image/webp
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31536000, immutable
accept-ranges: bytes
cf-ray: 6131eb87df24e00b-FRA
link: <https://r.brstej.com/uploads/articles/a4287c86.jpg>; rel="canonical"

GET
H2 200 288d50a6.jpg
cdn.statically.io/img/r.brstej.com/f=webp,q=80/uploads/articles/ 53 KB
53 KB 62ms
38ms Image
image/webp 2606:4700:10::ac43:17e4
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.statically.io/img/r.brstej.com/f=webp,q=80/uploads/articles/288d50a6.jpg

Requested by

Host: r.brstej.com
URL: https://r.brstej.com/index.php?t=a73d866e01

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::ac43:17e4 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

91097a61df68840c4651234b5410577b5ba5b77174486e0e8a8eac31a3062da0

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://r.brstej.com/index.php?t=a73d866e01
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 17 Jan 2021 17:50:41 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
age: 1385971
x-cache: HIT
vary: Accept, Accept-Encoding
content-length: 54148
cf-request-id: 07b31188ed0000e00b432e7000000001
x-served-by: cache-fra19138-FRA
timing-allow-origin: *
server: cloudflare
etag: "stlywhP_HwXqBZMo6IhLuEOM8A"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: image/webp
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31536000, immutable
accept-ranges: bytes
cf-ray: 6131eb87df26e00b-FRA
link: <https://r.brstej.com/uploads/articles/288d50a6.jpg>; rel="canonical"

GET
H2 200 bb5937e78-1.jpg
cdn.statically.io/img/r.brstej.com/f=webp,q=80/uploads/thumbs/ 11 KB
11 KB 25ms
25ms Image
image/webp 2606:4700:10::ac43:17e4
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.statically.io/img/r.brstej.com/f=webp,q=80/uploads/thumbs/bb5937e78-1.jpg

Requested by

Host: r.brstej.com
URL: https://r.brstej.com/index.php?t=a73d866e01

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::ac43:17e4 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

1575340831e6fb7b0a52c8e57c5283b0c6398ce1276332034d1425969ccf618a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://r.brstej.com/index.php?t=a73d866e01
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 17 Jan 2021 17:50:41 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
age: 1229136
x-cache: HIT
vary: Accept, Accept-Encoding
content-length: 11444
cf-request-id: 07b31188f20000e00b8093e000000001
x-served-by: cache-fra19183-FRA
timing-allow-origin: *
server: cloudflare
etag: "stlyR0ucCn2Y9XidEoJTDF_nkw"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: image/webp
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31536000, immutable
accept-ranges: bytes
cf-ray: 6131eb87ef45e00b-FRA
link: <https://r.brstej.com/uploads/thumbs/bb5937e78-1.jpg>; rel="canonical"

GET
H2

200

2666.jpg
r.brstej.com/
Redirect Chain

https://m.brstej.com/2666.jpg
https://r.brstej.com/2666.jpg

11 KB
12 KB

19ms
18ms

Image
image/webp

2606:4700:20::681a:68d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://r.brstej.com/2666.jpg

Requested by

Host: r.brstej.com
URL: https://r.brstej.com/index.php?t=a73d866e01

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:68d , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

1fe3f15367d4983e9e2d0ab7de87e181936b7ff8a7e1e4a1cba8593fe113f7c4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://r.brstej.com/index.php?t=a73d866e01
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 17 Jan 2021 17:50:41 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 166304
cf-polished: qual=85, origFmt=jpeg, origSize=18434
x-server-powered-by: Magictor.com
content-disposition: inline; filename="2666.webp"
content-length: 11616
x-xss-protection: 1; mode=block
x-nginx-upstream-cache-status: STALE
last-modified: Tue, 20 Jan 2037 04:20:42 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=8Rb5JFyXRvFiNV%2FokU3yLWRIKgV%2BWiS%2F6gAmQguo0MdSJObn5U8cEcnvzNL0wpP85me%2FuYNF58GO%2BDoNRBEv%2BMO2cNML4V04RiMykUtFy2tUK7vckLvvUT0%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
expires: Tue, 16 Mar 2021 19:38:57 GMT
cache-control: max-age=5184000
cf-request-id: 07b31188ee000005e4de893000000001
accept-ranges: bytes
cf-ray: 6131eb87ef9a05e4-FRA
cf-bgj: imgq:85,h2pri

Redirect headers

date: Sun, 17 Jan 2021 17:50:41 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 953254
x-server-powered-by: Magictor.com
cf-request-id: 07b31188df000005e4faa86000000001
x-nginx-upstream-cache-status: STALE
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=l3ZPHgml853yJ4Zse%2Fe95SFzsktzm27NJdYdkorHmHBve8atKAH1nhLasvqqpy7LNrq6DrYQC0JjDNBQR0bFnyMCvkYaqViEeB%2F3K92wPrXXMRjQYu50f5M%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/html; charset=iso-8859-1
location: https://r.brstej.com/2666.jpg
x-xss-protection: 1; mode=block
cache-control: max-age=5184000
cf-ray: 6131eb87cf3a05e4-FRA
expires: Sun, 07 Mar 2021 17:03:07 GMT

GET
H2 200 ajax.php
r.brstej.com/ 42 B
403 B 27ms
26ms Image
image/gif 2606:4700:20::681a:68d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://r.brstej.com/ajax.php?p=stats&do=show&aid=5&at=1

Requested by

Host: r.brstej.com
URL: https://r.brstej.com/index.php?t=a73d866e01

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:68d , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b2c78c910f5ea29e3a9d223dabc203c055c8708b1fe7d83788b490638126db4d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://r.brstej.com/index.php?t=a73d866e01
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 17 Jan 2021 17:50:41 GMT
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
nel: {"report_to":"cf-nel","max_age":604800}
x-server-powered-by: Magictor.com
cf-request-id: 07b31188d6000005e4e5b05000000001
x-nginx-upstream-cache-status: BYPASS
pragma: no-cache
last-modified: Tue, 20 Jan 2037 04:20:42 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-frame-options: SAMEORIGIN
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=7QrgTzpR0S6tFZgc9aUYpF47uOlKUFU1FHg7Wb7Mj6g6l4pbuL8EHNOXnRX8bbmmocoNZuIiRJzw0PximaMTubLqkXrxC1oOwkyrsp%2B4NcpSI00a647F9oM%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
x-xss-protection: 1; mode=block
cache-control: must-revalidate
cf-ray: 6131eb87bf0a05e4-FRA
expires: Wed, 5 Feb 1986 06:06:06 GMT

GET
H2 200 ajax.php
r.brstej.com/ 42 B
328 B 38ms
38ms Image
image/gif 2606:4700:20::681a:68d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://r.brstej.com/ajax.php?p=stats&do=show&aid=902&at=1

Requested by

Host: r.brstej.com
URL: https://r.brstej.com/index.php?t=a73d866e01

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:68d , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b2c78c910f5ea29e3a9d223dabc203c055c8708b1fe7d83788b490638126db4d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://r.brstej.com/index.php?t=a73d866e01
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 17 Jan 2021 17:50:41 GMT
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
nel: {"report_to":"cf-nel","max_age":604800}
x-server-powered-by: Magictor.com
cf-request-id: 07b31188d6000005e4081a5000000001
x-nginx-upstream-cache-status: BYPASS
pragma: no-cache
last-modified: Tue, 20 Jan 2037 04:20:42 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-frame-options: SAMEORIGIN
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=q%2F0c%2BIjAWNZQYFc%2FdRgXmlq1bhMoNHqIFxky3dwMT7oovVQ5wvCHaKKqLtYCvQ%2F8DH4S7AzH1lKw5CYiA4gePccWGJOj52xgmq%2Bx50942wNhnZ08dP4BAJ8%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
x-xss-protection: 1; mode=block
cache-control: must-revalidate
cf-ray: 6131eb87bf0f05e4-FRA
expires: Wed, 5 Feb 1986 06:06:06 GMT

GET
H2 200 ajax.php
r.brstej.com/ 42 B
363 B 45ms
44ms Image
image/gif 2606:4700:20::681a:68d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://r.brstej.com/ajax.php?p=stats&do=show&aid=2&at=1

Requested by

Host: r.brstej.com
URL: https://r.brstej.com/index.php?t=a73d866e01

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:68d , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b2c78c910f5ea29e3a9d223dabc203c055c8708b1fe7d83788b490638126db4d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://r.brstej.com/index.php?t=a73d866e01
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 17 Jan 2021 17:50:41 GMT
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
nel: {"report_to":"cf-nel","max_age":604800}
x-server-powered-by: Magictor.com
cf-request-id: 07b31188db000005e4d5230000000001
x-nginx-upstream-cache-status: BYPASS
pragma: no-cache
last-modified: Tue, 20 Jan 2037 04:20:42 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-frame-options: SAMEORIGIN
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=VRiFOkqkB11VnxpC0gOin81n9uf5cHMJSmhDPtiNpdPw%2BQ67EMQQadVKoWxFpRue%2F9aVYw3ni7Ad%2BvE8NPx7vZmESrJxi6Evr3DB%2BjJgbxOp%2Fvrk9qwE59U%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
x-xss-protection: 1; mode=block
cache-control: must-revalidate
cf-ray: 6131eb87cf2b05e4-FRA
expires: Wed, 5 Feb 1986 06:06:06 GMT

GET
H2 200 up.js Show response
live.demand.supply/ 4 KB
3 KB 84ms
67ms Script
application/javascript 2606:4700::6810:8516
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://live.demand.supply/up.js
Requested by: Host: r.brstej.com
URL: https://r.brstej.com/index.php?t=a73d866e01
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6810:8516 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 44fed47d58ccae0d0fe625418cd5a606f41cdaf17f3abca0e3e77c09dc640be2

Request headers

Referer: https://r.brstej.com/index.php?t=a73d866e01
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-nf-request-id: 3fa905df-86bf-4569-b1a0-b540724602d9-17068452
date: Sun, 17 Jan 2021 17:50:41 GMT
content-encoding: br
cf-cache-status: HIT
age: 306
cf-polished: origSize=3897
cf-request-id: 07b31188f500002c42892c5000000001
timing-allow-origin: *
cf-bgj: minify
server: cloudflare
etag: W/"d2b7f8e3dbd33efcaa491fa12c8b63e2-df"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=1200,must-revalidate,stale-while-revalidate=3600
cf-ray: 6131eb87ec972c42-FRA
link: </impl.v12.0.0.js>; rel=preload; as=script,</p2/v12-0-0?url=r.brstej.com%2Findex.php%3Ft%3Da73d866e01>; rel=preload; as=script
cf-h2-pushed: </impl.v12.0.0.js>,</p2/v12-0-0?url=r.brstej.com%2Findex.php%3Ft%3Da73d866e01>

GET
H/1.1 200
OK apu.php Show response
graizoah.com/ 60 KB
22 KB 240ms
72ms Script
application/javascript 139.45.197.9
RETN-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://graizoah.com/apu.php?zoneid=2617099

Requested by

Host: r.brstej.com
URL: https://r.brstej.com/index.php?t=a73d866e01

Protocol

HTTP/1.1

Security

TLS 1.2, RSA, AES_128_CBC

Server

139.45.197.9 , Ascension Island, ASN9002 (RETN-AS, GB),

Reverse DNS

Software

nginx /

Resource Hash

9f0a455542f18b843664a53534383c337faf7e97e956295e07cacb2f74d75dbf

Security Headers

Name	Value
Strict-Transport-Security	max-age=1
X-Content-Type-Options	nosniff

Request headers

Referer: https://r.brstej.com/index.php?t=a73d866e01
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Sun, 17 Jan 2021 17:50:42 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Transfer-Encoding: chunked
Connection: keep-alive
X-Trace-Id: cf7055eb58cd927a46357e4a61036a41
Pragma: no-cache
Server: nginx
Strict-Transport-Security: max-age=1
Access-Control-Allow-Methods: GET, POST, OPTIONS
Content-Type: application/javascript
Access-Control-Allow-Origin: *
Cache-Control: no-transform, no-store, no-cache, must-revalidate, max-age=0
Access-Control-Allow-Credentials: true
Timing-Allow-Origin: *, *
Access-Control-Allow-Headers: Accept, Content-Type, Content-Length, Accept-Encoding
Expires: Tue, 11 Jan 1994 10:00:00 GMT

GET
H/1.1 200
OK 25991 Show response
sitefeytout.com/fNjKEPT3GAkcN/ 0
1016 B 234ms
52ms Script
text/html 172.255.6.144
SERVERS-COM

General

Check archive.org

Show headers Download Go to

Full URL: https://sitefeytout.com/fNjKEPT3GAkcN/25991
Requested by: Host: r.brstej.com
URL: https://r.brstej.com/index.php?t=a73d866e01
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_CBC
Server: 172.255.6.144 , Netherlands, ASN7979 (SERVERS-COM, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://r.brstej.com/index.php?t=a73d866e01
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Sun, 17 Jan 2021 17:50:42 GMT
Content-Encoding: gzip
Server: nginx
Vary: Accept-Encoding
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Keep-Alive: timeout=20

GET
H2 200 rocket-loader.min.js Show response
ajax.cloudflare.com/cdn-cgi/scripts/7089c43e/cloudflare-static/ 12 KB
5 KB 31ms
12ms Script
application/javascript 2606:4700::6810:a823
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://ajax.cloudflare.com/cdn-cgi/scripts/7089c43e/cloudflare-static/rocket-loader.min.js

Requested by

Host: r.brstej.com
URL: https://r.brstej.com/index.php?t=a73d866e01

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:a823 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b08cdbc2d30e656a86b20f8342428d5863f70f4b30135b4f4061f754ce932f5e

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Referer: https://r.brstej.com/index.php?t=a73d866e01
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 17 Jan 2021 17:50:41 GMT
content-encoding: gzip
x-content-type-options: nosniff
nel: {"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
cf-request-id: 07b31189170000dfc3c9aed000000001
last-modified: Wed, 13 Jan 2021 10:12:06 GMT
server: cloudflare
x-frame-options: DENY
etag: W/"5ffec776-3016"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15780000; includeSubDomains
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=jPfhLhGwivw5rjygEFRmPf0w577Mw%2FwnlcX9htEFJbHp%2BNz3q%2F064YEJIZH8XOrxDjt4AGztm5vwjyHyAF%2B7WIm9XpXvFv4BTyqZ%2FnWnKnRejFWEfxXYVGkNAaqZRnST"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=172800, public
cf-ray: 6131eb882c50dfc3-FRA
expires: Tue, 19 Jan 2021 17:50:41 GMT

GET
H2 200 impl.v12.0.0.js Show response
live.demand.supply/ 74 KB
22 KB 24ms
0ms Script
application/javascript 2606:4700::6810:8516
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://live.demand.supply/impl.v12.0.0.js
Requested by: Host: r.brstej.com
URL: https://r.brstej.com/index.php?t=a73d866e01
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6810:8516 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ee5183f1d32296f0ecb7e79bf5c3e8fcb8ccfa71152e26a961d8ed15573f2727

Request headers

Referer: https://r.brstej.com/index.php?t=a73d866e01
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-nf-request-id: 62bcfb3b-5d07-4d7d-abb6-07b61656d154-9028470
date: Sun, 17 Jan 2021 17:50:41 GMT
content-encoding: br
cf-cache-status: HIT
age: 1950790
cf-polished: origSize=76121
cf-ray: 6131eb884dbe2c42-FRA
cf-request-id: 07b311893300002c42fcb7e000000001
cf-bgj: minify
server: cloudflare
etag: W/"59a0c7278705e13b48ba1efb99d6914c-ssl-df"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=2592000,immutable,stale-if-error=604800
timing-allow-origin: *

GET
H2 200 v12-0-0 Show response
live.demand.supply/p2/ 156 B
243 B 26ms
0ms Script
application/json 2606:4700::6810:8516
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://live.demand.supply/p2/v12-0-0?url=r.brstej.com%2Findex.php%3Ft%3Da73d866e01
Requested by: Host: r.brstej.com
URL: https://r.brstej.com/index.php?t=a73d866e01
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6810:8516 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: fb94b462f27f138f78bc2f58584c8e4377ea23828ec4bf2de9a76b624419b6d0

Request headers

Referer: https://r.brstej.com/index.php?t=a73d866e01
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 17 Jan 2021 17:50:41 GMT
content-encoding: br
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/json;charset=utf-8
access-control-allow-origin: *
cache-control: max-age=3600, s-maxage=7200, stale-while-revalidate=3600, stale-if-error=84600
cf-ray: 6131eb884dc12c42-FRA
cf-request-id: 07b311893300002c42c1199000000001

POST
H2 200 / Show response
live.demand.supply/e/e.js/ 3 B
103 B 33ms
18ms XHR
text/plain 2606:4700::6810:8516
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://live.demand.supply/e/e.js/?e=ll&d=94&cs=c
Requested by: Host: live.demand.supply
URL: https://live.demand.supply/up.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6810:8516 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 27badc983df1780b60c2b3fa9d3a19a00e46aac798451f0febdca52920faaddf

Request headers

Referer: https://r.brstej.com/index.php?t=a73d866e01
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 17 Jan 2021 17:50:42 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/plain;charset=UTF-8
access-control-allow-origin: *
cf-ray: 6131eb88bd8de007-FRA
content-length: 3
cf-request-id: 07b31189720000e00707205000000001

GET
H2 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 133 KB
47 KB 24ms
23ms Script
text/javascript 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Requested by

Host: live.demand.supply
URL: https://live.demand.supply/up.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

34f6573f8ad85246932ff4cc59aa5dec3f2117a5b85a7ea9fc38b6de279397f9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://r.brstej.com/index.php?t=a73d866e01
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 17 Jan 2021 17:50:42 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 47568
x-xss-protection: 0
server: cafe
etag: 3101847616964972039
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Sun, 17 Jan 2021 17:50:42 GMT

GET
H2 200 gpt.js Show response
www.googletagservices.com/tag/js/ 54 KB
18 KB 41ms
40ms Script
text/javascript 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/tag/js/gpt.js

Requested by

Host: live.demand.supply
URL: https://live.demand.supply/up.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

44c66997daf4d313e329041df8e19c875a622b3733cb0b83d8cd38bc38185cbc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://r.brstej.com/index.php?t=a73d866e01
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 17 Jan 2021 17:50:42 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "757 / 49 of 1000 / last-modified: 1610752623"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 18752
x-xss-protection: 0
expires: Sun, 17 Jan 2021 17:50:42 GMT

GET
H2 200 ds.2.html Show response
live.demand.supply/ 413 B
618 B 30ms
17ms XHR
text/html 2606:4700::6810:8516
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://live.demand.supply/ds.2.html
Requested by: Host: live.demand.supply
URL: https://live.demand.supply/up.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6810:8516 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: bdd1579c84daab8cdd1e5a4f71b546c9eaa6a76418f83e0215c573523614c309

Request headers

Referer: https://r.brstej.com/index.php?t=a73d866e01
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-nf-request-id: 0ea355be-599d-4acc-a94f-87e7d9ec8165-13089274
date: Sun, 17 Jan 2021 17:50:42 GMT
content-encoding: br
cf-cache-status: HIT
server: cloudflare
timing-allow-origin: *
age: 1950773
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
cache-control: max-age=2592000,immutable,stale-if-error=604800
cf-ray: 6131eb88bd90e007-FRA
cf-request-id: 07b31189730000e007fe0ff000000001

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 96 KB
39 KB 52ms
26ms Script
application/javascript 2a00:1450:4001:818::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=UA-123341585-1

Requested by

Host: ajax.cloudflare.com
URL: https://ajax.cloudflare.com/cdn-cgi/scripts/7089c43e/cloudflare-static/rocket-loader.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:818::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

6d77fe2c5655b81e55cf5a4a3a5706a59b7acb2b05448027c55839e51ea5c772

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Referer: https://r.brstej.com/index.php?t=a73d866e01
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 17 Jan 2021 17:50:42 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 38971
x-xss-protection: 0
last-modified: Sun, 17 Jan 2021 15:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Sun, 17 Jan 2021 17:50:42 GMT

GET
H2 200 jquery.cropit.js Show response
r.brstej.com/templates/echo/js/ 27 KB
7 KB 24ms
20ms Script
text/javascript 2606:4700:20::681a:68d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://r.brstej.com/templates/echo/js/jquery.cropit.js

Requested by

Host: ajax.cloudflare.com
URL: https://ajax.cloudflare.com/cdn-cgi/scripts/7089c43e/cloudflare-static/rocket-loader.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:68d , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b8a0d09df5a79e5e9494b3061eeff55883870c66714879886348c5095faa7840

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://r.brstej.com/index.php?t=a73d866e01
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 17 Jan 2021 17:50:42 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 953438
x-server-powered-by: Magictor.com
cf-bgj: minify
cf-request-id: 07b311896d000005e4e8944000000001
x-nginx-upstream-cache-status: HIT
last-modified: Tue, 20 Jan 2037 04:20:42 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=d5%2Fq0Tzbk%2FVWU1QzCGJjcwSqHdPnmjD2oNm7QHNxffBIHihEcp43VRoZDLyM86bxj5Qlp5J5d9qqs4Mm6HhIaydAwiVU4PKUq9gtTJxmovmesF2xPf%2FocQo%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/javascript;charset=UTF-8
x-xss-protection: 1; mode=block
cache-control: max-age=2678400
cf-ray: 6131eb88aa3f05e4-FRA
expires: Fri, 05 Feb 2021 17:00:04 GMT

GET
H2 200 jquery.readmore.js Show response
r.brstej.com/templates/echo/js/ 3 KB
2 KB 19ms
16ms Script
text/javascript 2606:4700:20::681a:68d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://r.brstej.com/templates/echo/js/jquery.readmore.js

Requested by

Host: ajax.cloudflare.com
URL: https://ajax.cloudflare.com/cdn-cgi/scripts/7089c43e/cloudflare-static/rocket-loader.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:68d , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e75fb4b26aa2ded1e757268828d3d759c05a85d92db75cd6b491f3f4cb6af769

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://r.brstej.com/index.php?t=a73d866e01
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 17 Jan 2021 17:50:42 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 953438
cf-polished: origSize=3422
x-server-powered-by: Magictor.com
cf-bgj: minify
cf-request-id: 07b311896d000005e4092fc000000001
x-nginx-upstream-cache-status: HIT
last-modified: Tue, 20 Jan 2037 04:20:42 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=IpDhFBfmBXiN9FqSPIHqO2NbmKbv4bD7%2Fbwy72wniae36l74itiGTPolgRHHoAKP8FgdExYB9PQ1gIgiCYaxf%2FoL%2BRpqgShyUd3JYL3AL%2B%2BnD%2FGYIGdaPhk%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/javascript;charset=UTF-8
x-xss-protection: 1; mode=block
cache-control: max-age=2678400
cf-ray: 6131eb88aa4005e4-FRA
expires: Fri, 05 Feb 2021 17:00:04 GMT

GET
H2 200 jquery.plugins.b.js Show response
r.brstej.com/templates/echo/js/ 9 KB
4 KB 18ms
15ms Script
text/javascript 2606:4700:20::681a:68d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://r.brstej.com/templates/echo/js/jquery.plugins.b.js

Requested by

Host: ajax.cloudflare.com
URL: https://ajax.cloudflare.com/cdn-cgi/scripts/7089c43e/cloudflare-static/rocket-loader.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:68d , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

9ea6b351a675e3bc0e648d6d41bafd700a5944f6e54778fe6beac548210c241a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://r.brstej.com/index.php?t=a73d866e01
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 17 Jan 2021 17:50:42 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 953438
cf-polished: origSize=9509
x-server-powered-by: Magictor.com
cf-bgj: minify
cf-request-id: 07b311896d000005e42593a000000001
x-nginx-upstream-cache-status: HIT
last-modified: Tue, 20 Jan 2037 04:20:42 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=YCn%2Fgp7miGw2hdGXcHZev0xn1u3GOKObYuJfyd6xiwONZRNkiiMP%2BeeZ302ypG%2Bb7lXvf8IdFdue7O3yaSyvuLFwU0v3vCHBmR24Xw%2BubuJNlgPleZMJ2%2Bo%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/javascript;charset=UTF-8
x-xss-protection: 1; mode=block
cache-control: max-age=2678400
cf-ray: 6131eb88aa4105e4-FRA
expires: Fri, 05 Feb 2021 17:00:04 GMT

GET
H2 200 jasny-bootstrap.min.js Show response
r.brstej.com/templates/echo/js/ 20 KB
5 KB 24ms
21ms Script
text/javascript 2606:4700:20::681a:68d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://r.brstej.com/templates/echo/js/jasny-bootstrap.min.js

Requested by

Host: ajax.cloudflare.com
URL: https://ajax.cloudflare.com/cdn-cgi/scripts/7089c43e/cloudflare-static/rocket-loader.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:68d , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e7ad856551c720cb7c6a24a8bf4a9d6b6b24c24f07109cde96366338e53a4ff8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://r.brstej.com/index.php?t=a73d866e01
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 17 Jan 2021 17:50:42 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 953438
x-server-powered-by: Magictor.com
cf-request-id: 07b311896d000005e4b8995000000001
x-nginx-upstream-cache-status: HIT
last-modified: Tue, 20 Jan 2037 04:20:42 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=UHJbjX9GETO9xK63CWlrfDPYMsKVN9E6e5UKzfEaGGLZfPDCXfX8xTov%2BQAI6QWxS2W7c3YgBRi7BV1Czvo2%2B34ztRIGxgL0q%2FVm7aWqHiQ304Hmx1DgMVM%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/javascript;charset=UTF-8
x-xss-protection: 1; mode=block
cache-control: max-age=2678400
cf-ray: 6131eb88aa4305e4-FRA
expires: Fri, 05 Feb 2021 17:00:04 GMT

GET
H2 200 melody.dev.js Show response
r.brstej.com/templates/echo/js/ 5 KB
2 KB 23ms
20ms Script
text/javascript 2606:4700:20::681a:68d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://r.brstej.com/templates/echo/js/melody.dev.js

Requested by

Host: ajax.cloudflare.com
URL: https://ajax.cloudflare.com/cdn-cgi/scripts/7089c43e/cloudflare-static/rocket-loader.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:68d , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c112a7633fcc9bf504030e0b6ac650aba21ed1198a5db17d74ddfd38ab3e248d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://r.brstej.com/index.php?t=a73d866e01
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 17 Jan 2021 17:50:42 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 953438
cf-polished: origSize=7677
x-server-powered-by: Magictor.com
cf-bgj: minify
cf-request-id: 07b311896d000005e4bcbb8000000001
x-nginx-upstream-cache-status: HIT
last-modified: Tue, 20 Jan 2037 04:20:42 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=OqXb47x%2BJOn%2FWUFD73jmufGt5iJX%2BU2AQKkjdGHRqHt6Qciw3GsPbzLweV7QsgmlvD10gGWq2ZeVhriVlVx%2BW%2F6DPf0%2BmaURuLTee3pYxPjkFQoltB9wBUk%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/javascript;charset=UTF-8
x-xss-protection: 1; mode=block
cache-control: max-age=2678400
cf-ray: 6131eb88aa4505e4-FRA
expires: Fri, 05 Feb 2021 17:00:04 GMT

GET
H2 200 melody.dev.js Show response
r.brstej.com/js/ 15 KB
4 KB 24ms
21ms Script
text/javascript 2606:4700:20::681a:68d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://r.brstej.com/js/melody.dev.js

Requested by

Host: ajax.cloudflare.com
URL: https://ajax.cloudflare.com/cdn-cgi/scripts/7089c43e/cloudflare-static/rocket-loader.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:68d , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

244926b75ad193faf7a694c602d5819576e2d953dc43849395dedfa841f5ea53

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://r.brstej.com/index.php?t=a73d866e01
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 17 Jan 2021 17:50:42 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 953438
cf-polished: origSize=23108
x-server-powered-by: Magictor.com
cf-bgj: minify
cf-request-id: 07b311896e000005e41cb40000000001
x-nginx-upstream-cache-status: HIT
last-modified: Tue, 20 Jan 2037 04:20:42 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=bbwzcX9POPBAfkviyBda96oqlKo3MMw3o3gvflfmvK2m1LI%2FIlu2gVRLLU2UBZ7H%2BdHhg6uoZkAjNrrkAbfkSQLs6d08q0InqQspPEvXXs4kt2H4jnNU1vA%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/javascript;charset=UTF-8
x-xss-protection: 1; mode=block
cache-control: max-age=2678400
cf-ray: 6131eb88aa4705e4-FRA
expires: Fri, 05 Feb 2021 17:00:04 GMT

GET
H2 200 bootstrap-notify.min.js Show response
r.brstej.com/js/ 8 KB
3 KB 21ms
19ms Script
text/javascript 2606:4700:20::681a:68d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://r.brstej.com/js/bootstrap-notify.min.js

Requested by

Host: ajax.cloudflare.com
URL: https://ajax.cloudflare.com/cdn-cgi/scripts/7089c43e/cloudflare-static/rocket-loader.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:68d , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

a13a07b242c80b57e0cbbacc6cfedb538d4d331ff1f9dff370519ec57407e450

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://r.brstej.com/index.php?t=a73d866e01
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 17 Jan 2021 17:50:42 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 953438
x-server-powered-by: Magictor.com
cf-request-id: 07b3118970000005e4d5248000000001
x-nginx-upstream-cache-status: HIT
last-modified: Tue, 20 Jan 2037 04:20:42 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=EJqC42Zm%2BlNjuFjQFbkU6q1wdSD9oqa1e41sZK9yP2VM2tJUzIOOxdbBhv34udtv%2BjqKkXIxDmi2dilH1jNDk1NDsEelb7SCV7kcR1Jj7FZTpib%2Fr3Mccis%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/javascript;charset=UTF-8
x-xss-protection: 1; mode=block
cache-control: max-age=2678400
cf-ray: 6131eb88aa4805e4-FRA
expires: Fri, 05 Feb 2021 17:00:04 GMT

GET
H2 200 jquery.typewatch.js Show response
r.brstej.com/js/ 1 KB
908 B 22ms
19ms Script
text/javascript 2606:4700:20::681a:68d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://r.brstej.com/js/jquery.typewatch.js

Requested by

Host: ajax.cloudflare.com
URL: https://ajax.cloudflare.com/cdn-cgi/scripts/7089c43e/cloudflare-static/rocket-loader.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:68d , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

04fd6ef5911c31cc109fa5cc24010a975df2fae28d156ccbfc849b7e844c11c8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://r.brstej.com/index.php?t=a73d866e01
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 17 Jan 2021 17:50:42 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 953438
cf-polished: origSize=1745
x-server-powered-by: Magictor.com
cf-bgj: minify
cf-request-id: 07b3118970000005e41a935000000001
x-nginx-upstream-cache-status: HIT
last-modified: Tue, 20 Jan 2037 04:20:42 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=QS9Bsa0LUG4ZDoKp%2BtHwR284yMuGpJQfJpuoWo7csz8tL5gF6k48%2BEA2DSxGNYGrj3ofXckmuoQsqlniPltiHA5f5OIK0nofOrfrPfWK5OLwj8nhpuodCxc%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/javascript;charset=UTF-8
x-xss-protection: 1; mode=block
cache-control: max-age=2678400
cf-ray: 6131eb88aa5d05e4-FRA
expires: Fri, 05 Feb 2021 17:00:04 GMT

GET
H2 200 jquery.plugins.a.js Show response
r.brstej.com/templates/echo/js/ 9 KB
4 KB 26ms
24ms Script
text/javascript 2606:4700:20::681a:68d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://r.brstej.com/templates/echo/js/jquery.plugins.a.js

Requested by

Host: ajax.cloudflare.com
URL: https://ajax.cloudflare.com/cdn-cgi/scripts/7089c43e/cloudflare-static/rocket-loader.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:68d , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d36a4d2e1e3ec14aa6fd41115d053a533999f0337d0f48859de361199f7359cb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://r.brstej.com/index.php?t=a73d866e01
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 17 Jan 2021 17:50:42 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 953438
cf-polished: origSize=9792
x-server-powered-by: Magictor.com
cf-bgj: minify
cf-request-id: 07b3118973000005e4aea9c000000001
x-nginx-upstream-cache-status: HIT
last-modified: Tue, 20 Jan 2037 04:20:42 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=blJYW2JxZPGTjbllrDiXg4gD6sYs%2Fh90Ys7K5x6zqWDhSidSHv9DqG5G5EkHQuQqRqJs2aQJuLdIyncZpXBQg5pGRBVv5tq%2BdmEcnD17Fx8tMitCA25HAvY%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/javascript;charset=UTF-8
x-xss-protection: 1; mode=block
cache-control: max-age=2678400
cf-ray: 6131eb88aa6005e4-FRA
expires: Fri, 05 Feb 2021 17:00:04 GMT

GET
H2 200 theme.js Show response
r.brstej.com/templates/echo/js/ 43 KB
13 KB 28ms
26ms Script
text/javascript 2606:4700:20::681a:68d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://r.brstej.com/templates/echo/js/theme.js

Requested by

Host: ajax.cloudflare.com
URL: https://ajax.cloudflare.com/cdn-cgi/scripts/7089c43e/cloudflare-static/rocket-loader.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:68d , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

35ff635a9e7b42762a78b36632593544829e2573d6ee8045aa14d01a7622b0fb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://r.brstej.com/index.php?t=a73d866e01
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 17 Jan 2021 17:50:42 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 953438
cf-polished: origSize=44718
x-server-powered-by: Magictor.com
cf-bgj: minify
cf-request-id: 07b3118973000005e41cb41000000001
x-nginx-upstream-cache-status: HIT
last-modified: Tue, 20 Jan 2037 04:20:42 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=azmviu8PjhtezFecKx2yFBcCt2CnR9upFDWyHoN0qpx00U81z1NKg3nBHoHDvNaktEut1cPxo%2B8ZLOcMwWer1MBFvbWP%2BMDndfzSMe2RstpRmnqBBxU9WQ4%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/javascript;charset=UTF-8
x-xss-protection: 1; mode=block
cache-control: max-age=2678400
cf-ray: 6131eb88aa6e05e4-FRA
expires: Fri, 05 Feb 2021 17:00:04 GMT

GET
H2 200 bootstrap.bundle.min.js Show response
maxcdn.bootstrapcdn.com/bootstrap/4.5.2/js/ 79 KB
21 KB 10ms
8ms Script
text/javascript 2001:4de0:ac19::1:b:3a
HIGHWINDS3

General

Check archive.org

Show headers Download Go to

Full URL

https://maxcdn.bootstrapcdn.com/bootstrap/4.5.2/js/bootstrap.bundle.min.js

Requested by

Host: ajax.cloudflare.com
URL: https://ajax.cloudflare.com/cdn-cgi/scripts/7089c43e/cloudflare-static/rocket-loader.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2001:4de0:ac19::1:b:3a , Netherlands, ASN20446 (HIGHWINDS3, US),

Reverse DNS

Software

Resource Hash

f67b782ec5a62c8fcedb89535bcf48cc02ae06a119e3b97fe2b875fad1ff358f

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://r.brstej.com/index.php?t=a73d866e01
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 17 Jan 2021 17:50:42 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Thu, 06 Aug 2020 16:43:44 GMT
etag: "1596732224"
vary: Accept-Encoding
x-cache: HIT
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
content-length: 21668

GET
H2 200 popper.min.js Show response
cdnjs.cloudflare.com/ajax/libs/popper.js/1.14.7/umd/ 21 KB
7 KB 37ms
35ms Script
application/javascript 2606:4700::6810:135e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/popper.js/1.14.7/umd/popper.min.js

Requested by

Host: ajax.cloudflare.com
URL: https://ajax.cloudflare.com/cdn-cgi/scripts/7089c43e/cloudflare-static/rocket-loader.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:135e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

66f3a07e1fa9b64a686b66381e4458dbc8abf3dbbff954720c4eec07b84411c2

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

Referer: https://r.brstej.com/index.php?t=a73d866e01
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 17 Jan 2021 17:50:42 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 1950791
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding
content-length: 6646
cf-request-id: 07b311896b00002bc67a1f1000000001
timing-allow-origin: *
last-modified: Mon, 04 May 2020 16:15:37 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb03fa9-520c"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15780000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=xivRUJN91I2kBMBMMvpjNyMmJbTNM1VxEiow6UsqW2NOkjdIU2ORdtHqv3heAYemDUzCbnSPLSxqxuZlnuss3vJg7epS9lgJ9491tw67N%2BKqT2rriZGv6Xp0%2BhADmiht3A%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
cf-ray: 6131eb88af7e2bc6-FRA
expires: Fri, 07 Jan 2022 17:50:42 GMT

GET
H2 200 slick.min.js Show response
r.brstej.com/templates/echo/js/ 40 KB
10 KB 28ms
26ms Script
text/javascript 2606:4700:20::681a:68d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://r.brstej.com/templates/echo/js/slick.min.js

Requested by

Host: ajax.cloudflare.com
URL: https://ajax.cloudflare.com/cdn-cgi/scripts/7089c43e/cloudflare-static/rocket-loader.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:68d , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

34e8e27e1679a10fa7dd6192389f38fb491e89a482aea9690dd4c10538cc10bf

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://r.brstej.com/index.php?t=a73d866e01
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 17 Jan 2021 17:50:42 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 953377
x-server-powered-by: Magictor.com
cf-request-id: 07b3118974000005e4e92f7000000001
x-nginx-upstream-cache-status: STALE
last-modified: Tue, 20 Jan 2037 04:20:42 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=%2BGltiF98FvXW8U65kXCmGz2mEtUULqxwQSsCIu%2Fv%2FqOSJpnoGIK7BbpQ2OPQSNe0plUefWCiDU52HS2n3REQxaVm2v0Lsw2j%2FeefaxuwvGi4dHMp33ecBmk%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/javascript;charset=UTF-8
x-xss-protection: 1; mode=block
cache-control: max-age=2678400
cf-ray: 6131eb88aa7105e4-FRA
expires: Fri, 05 Feb 2021 17:01:05 GMT

GET
H2 200 jquery-migrate-1.2.1.min.js Show response
code.jquery.com/ 7 KB
3 KB 11ms
10ms Script
application/javascript 2001:4de0:ac19::1:b:3b
HIGHWINDS3

General

Check archive.org

Show headers Download Go to

Full URL: https://code.jquery.com/jquery-migrate-1.2.1.min.js
Requested by: Host: ajax.cloudflare.com
URL: https://ajax.cloudflare.com/cdn-cgi/scripts/7089c43e/cloudflare-static/rocket-loader.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4de0:ac19::1:b:3b , Netherlands, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software: nginx /
Resource Hash: 1e67d8dbcca1f6fd94e077c85c2fb40fa1c2756c99238daa8da882144260a68d

Request headers

Referer: https://r.brstej.com/index.php?t=a73d866e01
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 17 Jan 2021 17:50:42 GMT
content-encoding: gzip
last-modified: Fri, 24 Oct 2014 00:16:08 GMT
server: nginx
etag: W/"54499a48-1c1f"
vary: Accept-Encoding
x-hw: 1610905842.dop226.fr8.t,1610905842.cds243.fr8.hn,1610905842.cds161.fr8.c
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=315360000, public
accept-ranges: bytes
content-length: 3063

GET
H2 200 icon-play-32.png
r.brstej.com/templates/echo/img/ 642 B
1 KB 34ms
31ms Image
image/webp 2606:4700:20::681a:68d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://r.brstej.com/templates/echo/img/icon-play-32.png

Requested by

Host: r.brstej.com
URL: https://r.brstej.com/index.php?t=a73d866e01

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:68d , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b273ce445e4ad18cced4ad20b8ac8a935467a0be5e61f19db2eb1143e72e05fd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://r.brstej.com/index.php?t=a73d866e01
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 17 Jan 2021 17:50:42 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 162365
cf-polished: origFmt=png, origSize=795
x-server-powered-by: Magictor.com
content-disposition: inline; filename="icon-play-32.webp"
content-length: 642
x-xss-protection: 1; mode=block
x-nginx-upstream-cache-status: STALE
last-modified: Tue, 20 Jan 2037 04:20:42 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=sYzf8c0PJ5576aNYxRrwPSp52LYZ1uFX8RgkUxGBrMBSLrhbbJfWBwAKOt0aO3TptFg3MHn29eckihp%2FBF%2Bz%2BZApl2MP22VowqPPDnrsOAxSPEYaCcEKXVk%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
expires: Tue, 16 Mar 2021 20:44:37 GMT
cache-control: max-age=5184000
cf-request-id: 07b3118985000005e4048d1000000001
accept-ranges: bytes
cf-ray: 6131eb88dacd05e4-FRA
cf-bgj: imgq:85,h2pri

GET
H2 200 play.png
r.brstej.com/ 408 B
804 B 16ms
13ms Image
image/webp 2606:4700:20::681a:68d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://r.brstej.com/play.png

Requested by

Host: r.brstej.com
URL: https://r.brstej.com/index.php?t=a73d866e01

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:68d , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

dcfc8b3e3d5f8ddf192fc9305748e69bfe610cd50645470be0a433b70bc0d866

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://r.brstej.com/index.php?t=a73d866e01
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 17 Jan 2021 17:50:42 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 161757
cf-polished: origFmt=png, origSize=460
x-server-powered-by: Magictor.com
content-disposition: inline; filename="play.webp"
content-length: 408
x-xss-protection: 1; mode=block
x-nginx-upstream-cache-status: STALE
last-modified: Tue, 20 Jan 2037 04:20:42 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=zFbRwu22dXu89xO5yxfyTVue%2B3IbLf14RLkZYChPUizet%2FqzCUERxecj5UMOhTmzjT8LAQwe6z%2Fvy0Bd1FFN0Fq3c0tzAQG4JYbiBSeHtd2189r3CWNVp9E%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
expires: Tue, 16 Mar 2021 20:54:45 GMT
cache-control: max-age=5184000
cf-request-id: 07b3118985000005e4d524b000000001
accept-ranges: bytes
cf-ray: 6131eb88dad005e4-FRA
cf-bgj: imgq:85,h2pri

GET
H2 200 Droid.Arabic.Kufi.ttf
r.brstej.com/templates/echo/css/fonts/ 80 KB
38 KB 22ms
20ms Font
font/ttf 2606:4700:20::681a:68d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://r.brstej.com/templates/echo/css/fonts/Droid.Arabic.Kufi.ttf

Requested by

Host: r.brstej.com
URL: https://r.brstej.com/index.php?t=a73d866e01

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:68d , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

31c6665135ae41b092153cd6480be82fad706ca9bd465784be70c00b8643308d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Origin: https://r.brstej.com
Referer: https://r.brstej.com/index.php?t=a73d866e01
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 17 Jan 2021 17:50:42 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 953437
x-server-powered-by: Magictor.com
cf-request-id: 07b3118975000005e42593b000000001
x-nginx-upstream-cache-status: HIT
last-modified: Tue, 20 Jan 2037 04:20:42 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=tIZ4mESREGzutBttNUOUeVBfhDOfbajWsLICIGdEKSZd5sZ3bk1qNacuYXvkZIMa%2Bw3g7%2FqWGm92F8ojYCNOo8H7ZV%2FmhG5rbKsB6CQN9fBPPcIHIjys2f8%3D"}],"group":"cf-nel","max_age":604800}
content-type: font/ttf
access-control-allow-origin: *
x-xss-protection: 1; mode=block
cache-control: max-age=5184000
cf-ray: 6131eb88ba7405e4-FRA
expires: Sun, 07 Mar 2021 17:00:05 GMT

GET
H2 200 fa-solid-900.woff2
use.fontawesome.com/releases/v5.8.2/webfonts/ 73 KB
73 KB 45ms
44ms Font
font/woff2 23.111.9.35
HIGHWINDS2

General

Check archive.org

Show headers Download Go to

Full URL: https://use.fontawesome.com/releases/v5.8.2/webfonts/fa-solid-900.woff2
Requested by: Host: use.fontawesome.com
URL: https://use.fontawesome.com/releases/v5.8.2/css/all.css
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 23.111.9.35 Phoenix, United States, ASN33438 (HIGHWINDS2, US),
Reverse DNS
Software: NetDNA-cache/2.2 /
Resource Hash: 0fe6a4357505cb0d3ca8ba0671ad57df6b7410ca02cb8065eed58e2c0381e640

Request headers

Origin: https://r.brstej.com
Referer: https://use.fontawesome.com/releases/v5.8.2/css/all.css
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 17 Jan 2021 17:50:42 GMT
last-modified: Tue, 07 May 2019 16:51:05 GMT
server: NetDNA-cache/2.2
etag: "64b3e814a66c2719b15abf8f7998bd73"
vary: Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
access-control-allow-methods: GET
content-type: font/woff2
access-control-allow-origin: *
access-control-max-age: 3000
cache-control: max-age=31556926
x-cache: HIT
accept-ranges: bytes
content-length: 74328

GET
H2 200 4963f8b2.jpg
cdn.statically.io/img/r.brstej.com/f=webp,q=80/uploads/articles/ 147 KB
147 KB 17ms
13ms Image
image/webp 2606:4700:10::ac43:17e4
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.statically.io/img/r.brstej.com/f=webp,q=80/uploads/articles/4963f8b2.jpg

Requested by

Host: r.brstej.com
URL: https://r.brstej.com/index.php?t=a73d866e01

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::ac43:17e4 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

19e280c31aafb81cf2b27dc261c959ccccaa4020e66ca67687c1945497a921d3

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://r.brstej.com/index.php?t=a73d866e01
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 17 Jan 2021 17:50:42 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
age: 1065635
x-cache: HIT
vary: Accept, Accept-Encoding
content-length: 150394
cf-request-id: 07b31189b60000e00bb2874000000001
x-served-by: cache-fra19136-FRA
timing-allow-origin: *
server: cloudflare
etag: "stlygweBr8_2J3bkDkZplWbUuQ"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: image/webp
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31536000, immutable
accept-ranges: bytes
cf-ray: 6131eb892a2ce00b-FRA
link: <https://r.brstej.com/uploads/articles/4963f8b2.jpg>; rel="canonical"

GET
H2

200

morez.png
r.brstej.com/
Redirect Chain

https://m.brstej.com/morez.png
https://r.brstej.com/morez.png

1 KB
2 KB

21ms
20ms

Image
image/webp

2606:4700:20::681a:68d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://r.brstej.com/morez.png

Requested by

Host: r.brstej.com
URL: https://r.brstej.com/index.php?t=a73d866e01

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:68d , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c2798ae99ee79ab0b6c4d7a9cbaf6a7ad94953a06f9dbfe609b042274ff6b517

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://r.brstej.com/index.php?t=a73d866e01
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 17 Jan 2021 17:50:42 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 162430
cf-polished: origFmt=png, origSize=2520
x-server-powered-by: Magictor.com
content-disposition: inline; filename="morez.webp"
content-length: 1220
x-xss-protection: 1; mode=block
x-nginx-upstream-cache-status: STALE
last-modified: Tue, 20 Jan 2037 04:20:42 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=Q%2B5SNlr6%2Bc3mVpMGkWfpvhSWJicoBpxlWjAg1X4HgktqOpVS%2F037HJDpuJ6tYZLG5jfhGVy5%2F9Qqh05NoMKRbJeeuIx45%2Fm1Bfu6osFvIKknzsAmKpRo7Vo%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
expires: Tue, 16 Mar 2021 20:43:32 GMT
cache-control: max-age=5184000
cf-request-id: 07b31189fa000005e409315000000001
accept-ranges: bytes
cf-ray: 6131eb898cf105e4-FRA
cf-bgj: imgq:85,h2pri

Redirect headers

date: Sun, 17 Jan 2021 17:50:42 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 953246
x-server-powered-by: Magictor.com
cf-request-id: 07b31189b5000005e4c9a9a000000001
x-nginx-upstream-cache-status: STALE
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=LMDnSG3uOOc%2BmNGQBuJVYejJqWY86po40%2FTMYfczERxxLSvU38l%2FX1mlVGf6bysO3IgL%2Fgg8OYXnWqZozd1WL%2BnSwJ33C5NDjxM5pTa6pt46qzkiRHQZRfY%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/html; charset=iso-8859-1
location: https://r.brstej.com/morez.png
x-xss-protection: 1; mode=block
cache-control: max-age=5184000
cf-ray: 6131eb892bcb05e4-FRA
expires: Sun, 07 Mar 2021 17:03:16 GMT

GET
H2 200 7fe73986.jpg
cdn.statically.io/img/r.brstej.com/f=webp,q=80/uploads/articles/ 64 KB
65 KB 28ms
25ms Image
image/webp 2606:4700:10::ac43:17e4
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.statically.io/img/r.brstej.com/f=webp,q=80/uploads/articles/7fe73986.jpg

Requested by

Host: r.brstej.com
URL: https://r.brstej.com/index.php?t=a73d866e01

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::ac43:17e4 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

33ff72e36ce92015d825dd2208a08da1329b265e7fe14420d85210276af984bb

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://r.brstej.com/index.php?t=a73d866e01
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 17 Jan 2021 17:50:42 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
age: 1014842
x-cache: HIT
vary: Accept, Accept-Encoding
content-length: 65994
cf-request-id: 07b31189b60000e00bbc2f5000000001
x-served-by: cache-fra19142-FRA
timing-allow-origin: *
server: cloudflare
etag: "stlysf0tZd9pBd-wECQAfZp-mQ"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: image/webp
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31536000, immutable
accept-ranges: bytes
cf-ray: 6131eb892a2de00b-FRA
link: <https://r.brstej.com/uploads/articles/7fe73986.jpg>; rel="canonical"

GET
H2 200 6682ba34.jpg
cdn.statically.io/img/r.brstej.com/f=webp,q=80/uploads/articles/ 159 KB
159 KB 18ms
16ms Image
image/webp 2606:4700:10::ac43:17e4
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.statically.io/img/r.brstej.com/f=webp,q=80/uploads/articles/6682ba34.jpg

Requested by

Host: r.brstej.com
URL: https://r.brstej.com/index.php?t=a73d866e01

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::ac43:17e4 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

70b2abc8e51e5fa6a89941763bbe595533d958d9e3bab12f8c6d2f12fd074bfd

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://r.brstej.com/index.php?t=a73d866e01
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 17 Jan 2021 17:50:42 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
age: 1559399
x-cache: HIT
vary: Accept, Accept-Encoding
content-length: 162594
cf-request-id: 07b31189b60000e00b6992f000000001
x-served-by: cache-fra19181-FRA
timing-allow-origin: *
server: cloudflare
etag: "stly0HVA1vFQJdGAIY5xhP_mjQ"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: image/webp
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31536000, immutable
accept-ranges: bytes
cf-ray: 6131eb892a2ee00b-FRA
link: <https://r.brstej.com/uploads/articles/6682ba34.jpg>; rel="canonical"

GET
H2 200 d1535664e-1.jpg
cdn.statically.io/img/r.brstej.com/f=webp,q=80/uploads/thumbs/ 13 KB
13 KB 30ms
27ms Image
image/webp 2606:4700:10::ac43:17e4
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.statically.io/img/r.brstej.com/f=webp,q=80/uploads/thumbs/d1535664e-1.jpg

Requested by

Host: r.brstej.com
URL: https://r.brstej.com/index.php?t=a73d866e01

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::ac43:17e4 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

00aa910fad524302331ee516ef61c92b4371c6dac74dacc0e8a8c9edcf2e1c7d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://r.brstej.com/index.php?t=a73d866e01
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 17 Jan 2021 17:50:42 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
age: 1559398
x-cache: HIT
vary: Accept, Accept-Encoding
content-length: 12882
cf-request-id: 07b31189b70000e00b85ae5000000001
x-served-by: cache-fra19172-FRA
timing-allow-origin: *
server: cloudflare
etag: "stlyHg8xd8jhM49lsX1tiNHEPA"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: image/webp
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31536000, immutable
accept-ranges: bytes
cf-ray: 6131eb892a2fe00b-FRA
link: <https://r.brstej.com/uploads/thumbs/d1535664e-1.jpg>; rel="canonical"

GET
H2 200 53648fff.jpg
cdn.statically.io/img/r.brstej.com/f=webp,q=80/uploads/articles/ 59 KB
59 KB 26ms
24ms Image
image/webp 2606:4700:10::ac43:17e4
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.statically.io/img/r.brstej.com/f=webp,q=80/uploads/articles/53648fff.jpg

Requested by

Host: r.brstej.com
URL: https://r.brstej.com/index.php?t=a73d866e01

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::ac43:17e4 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e16dbcc0acf0f0f9963030e3b8d843d74ab0b8c6a992e4bc5acd8d3754ddcf55

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://r.brstej.com/index.php?t=a73d866e01
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 17 Jan 2021 17:50:42 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
age: 1516319
x-cache: HIT
vary: Accept, Accept-Encoding
content-length: 60146
cf-request-id: 07b31189b70000e00bb7a9b000000001
x-served-by: cache-fra19128-FRA
timing-allow-origin: *
server: cloudflare
etag: "stlyCkVSQVMlaHxKkBMplHQ-nA"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: image/webp
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31536000, immutable
accept-ranges: bytes
cf-ray: 6131eb892a30e00b-FRA
link: <https://r.brstej.com/uploads/articles/53648fff.jpg>; rel="canonical"

GET
H2 200 615136cf.jpg
cdn.statically.io/img/r.brstej.com/f=webp,q=80/uploads/articles/ 80 KB
80 KB 20ms
18ms Image
image/webp 2606:4700:10::ac43:17e4
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.statically.io/img/r.brstej.com/f=webp,q=80/uploads/articles/615136cf.jpg

Requested by

Host: r.brstej.com
URL: https://r.brstej.com/index.php?t=a73d866e01

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::ac43:17e4 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

6a89003be43e59c232661a12af708b5279e808d5c315a7f7158ae3c9cef96c59

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://r.brstej.com/index.php?t=a73d866e01
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 17 Jan 2021 17:50:42 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
age: 2087687
x-cache: HIT
vary: Accept, Accept-Encoding
content-length: 81734
cf-request-id: 07b31189b90000e00b629f1000000001
x-served-by: cache-fra19142-FRA
timing-allow-origin: *
server: cloudflare
etag: "stlyqk5Xx001hHwplKZTmkw9RA"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: image/webp
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31536000, immutable
accept-ranges: bytes
cf-ray: 6131eb892a32e00b-FRA
link: <https://r.brstej.com/uploads/articles/615136cf.jpg>; rel="canonical"

GET
H2 200 68dacc96.jpg
cdn.statically.io/img/r.brstej.com/f=webp,q=80/uploads/articles/ 39 KB
39 KB 51ms
49ms Image
image/webp 2606:4700:10::ac43:17e4
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.statically.io/img/r.brstej.com/f=webp,q=80/uploads/articles/68dacc96.jpg

Requested by

Host: r.brstej.com
URL: https://r.brstej.com/index.php?t=a73d866e01

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::ac43:17e4 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

7f6bea6a30a248543923c5fa1943005eef54de8928f0f8ce7ddd264032aa520a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://r.brstej.com/index.php?t=a73d866e01
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 17 Jan 2021 17:50:42 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
age: 900654
x-cache: HIT
vary: Accept, Accept-Encoding
content-length: 39724
cf-request-id: 07b31189b70000e00bc59d4000000001
x-served-by: cache-fra19127-FRA
timing-allow-origin: *
server: cloudflare
etag: "stlyvzDUzizwHd812uddVfHFpw"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: image/webp
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31536000, immutable
accept-ranges: bytes
cf-ray: 6131eb892a33e00b-FRA
link: <https://r.brstej.com/uploads/articles/68dacc96.jpg>; rel="canonical"

GET
H2 200 d354b974.jpg
cdn.statically.io/img/r.brstej.com/f=webp,q=80/uploads/articles/ 26 KB
26 KB 20ms
19ms Image
image/webp 2606:4700:10::ac43:17e4
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.statically.io/img/r.brstej.com/f=webp,q=80/uploads/articles/d354b974.jpg

Requested by

Host: r.brstej.com
URL: https://r.brstej.com/index.php?t=a73d866e01

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::ac43:17e4 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

853ab86acc74598f0a9d649a308cd709cba1717f51ce2b8d87986d108794cb81

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://r.brstej.com/index.php?t=a73d866e01
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 17 Jan 2021 17:50:42 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
age: 900327
x-cache: HIT
vary: Accept, Accept-Encoding
content-length: 26208
cf-request-id: 07b31189b80000e00b7b209000000001
x-served-by: cache-fra19155-FRA
timing-allow-origin: *
server: cloudflare
etag: "stly-eD-qzmhtlU8vIccCQLz-A"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: image/webp
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31536000, immutable
accept-ranges: bytes
cf-ray: 6131eb892a35e00b-FRA
link: <https://r.brstej.com/uploads/articles/d354b974.jpg>; rel="canonical"

GET
H2 200 59414fb8.jpg
cdn.statically.io/img/r.brstej.com/f=webp,q=80/uploads/articles/ 53 KB
53 KB 28ms
27ms Image
image/jpeg 2606:4700:10::ac43:17e4
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.statically.io/img/r.brstej.com/f=webp,q=80/uploads/articles/59414fb8.jpg

Requested by

Host: r.brstej.com
URL: https://r.brstej.com/index.php?t=a73d866e01

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::ac43:17e4 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ba62f48e594b434ccdc466b1870d3c8cd6774327a279b7d5e950a274bf9334a3

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://r.brstej.com/index.php?t=a73d866e01
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 17 Jan 2021 17:50:42 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
age: 93329
vary: Accept-Encoding
content-length: 54131
cf-request-id: 07b31189bc0000e00b838a6000000001
x-served-by: cache-fra19163-FRA
timing-allow-origin: *
cf-bgj: h2pri
server: cloudflare
etag: "stlyyVxc3eu3QC_qzBZSW1LGjg"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31536000, immutable
accept-ranges: bytes
cf-ray: 6131eb892a37e00b-FRA
link: <https://r.brstej.com/uploads/articles/59414fb8.jpg>; rel="canonical"

GET
H2 200 1d8cf67a.jpg
cdn.statically.io/img/r.brstej.com/f=webp,q=80/uploads/articles/ 36 KB
37 KB 20ms
19ms Image
image/webp 2606:4700:10::ac43:17e4
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.statically.io/img/r.brstej.com/f=webp,q=80/uploads/articles/1d8cf67a.jpg

Requested by

Host: r.brstej.com
URL: https://r.brstej.com/index.php?t=a73d866e01

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::ac43:17e4 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

486b69b0d91bb6c1d58df9c8995cdbb8a3dcaede6deb68fc9273bbc2f64b613f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://r.brstej.com/index.php?t=a73d866e01
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 17 Jan 2021 17:50:42 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
age: 1002883
x-cache: HIT
vary: Accept, Accept-Encoding
content-length: 37276
cf-request-id: 07b31189b90000e00b408df000000001
x-served-by: cache-fra19165-FRA
timing-allow-origin: *
server: cloudflare
etag: "stlygDPQOuVdfCr9NrVEA53TPg"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: image/webp
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31536000, immutable
accept-ranges: bytes
cf-ray: 6131eb892a3ae00b-FRA
link: <https://r.brstej.com/uploads/articles/1d8cf67a.jpg>; rel="canonical"

GET
H2 200 pubads_impl_2021010903.js Show response
securepubads.g.doubleclick.net/gpt/ 275 KB
97 KB 132ms
132ms Script
text/javascript 142.250.74.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021010903.js

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.74.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s02-in-f2.1e100.net

Software

sffe /

Resource Hash

9daba360fcb1a652044af1056d44769ef7e71b010f2492989bfd583158be0ea0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://r.brstej.com/index.php?t=a73d866e01
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 17 Jan 2021 17:50:42 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Sun, 10 Jan 2021 01:35:23 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, immutable, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 99142
x-xss-protection: 0
expires: Sun, 17 Jan 2021 17:50:42 GMT

GET
H/1.1 200
OK fac.php
graizoah.com/ Frame 0A0E 0
0 117ms
117ms Document
text/html 139.45.197.9
RETN-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://graizoah.com/fac.php

Requested by

Host: graizoah.com
URL: https://graizoah.com/apu.php?zoneid=2617099

Protocol

HTTP/1.1

Security

TLS 1.2, RSA, AES_128_CBC

Server

139.45.197.9 , Ascension Island, ASN9002 (RETN-AS, GB),

Reverse DNS

Software

nginx /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=1
X-Content-Type-Options	nosniff

Request headers

Host: graizoah.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: https://r.brstej.com/index.php?t=a73d866e01
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Cookie: OAID=20fd5f4ed78b49f2b6eb22a068684362; oaidts=1610905842
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://r.brstej.com/index.php?t=a73d866e01

Response headers

Server: nginx
Date: Sun, 17 Jan 2021 17:50:42 GMT
Content-Type: text/html; charset=utf8
Content-Length: 203
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Allow-Credentials: true
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Headers: Accept, Content-Type, Content-Length, Accept-Encoding
Pragma: no-cache
Cache-Control: no-transform, no-store, no-cache, must-revalidate, max-age=0
Expires: Tue, 11 Jan 1994 10:00:00 GMT
Timing-Allow-Origin: * *
X-Trace-Id: 2ceea791def222f4aa05756c71de1151
Strict-Transport-Security: max-age=1
X-Content-Type-Options: nosniff

OPTIONS
H/1.1 204
No Content options
graizoah.com/ Frame 0
0 350ms
70ms Other 139.45.197.9
RETN-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://graizoah.com/options?option_args=CIvenwESIDIwZmQ1ZjRlZDc4YjQ5ZjJiNmViMjJhMDY4Njg0MzYyGipodHRwOi8vZ3JhaXpvYWguY29tL2FwdS5waHA_em9uZWlkPTI2MTcwOTkiK2h0dHBzOi8vci5icnN0ZWouY29tL2luZGV4LnBocD90PWE3M2Q4NjZlMDEyJDFmZTA5NjAyLTViOWYtNDdhZi1iN2Q3LWZkNGVmODc0NDEwMg==

Protocol

HTTP/1.1

Server

139.45.197.9 , Ascension Island, ASN9002 (RETN-AS, GB),

Reverse DNS

Software

nginx /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=1
X-Content-Type-Options	nosniff

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Origin: https://r.brstej.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

Server: nginx
Date: Sun, 17 Jan 2021 17:50:42 GMT
Connection: keep-alive
Access-Control-Allow-Origin: https://r.brstej.com
Access-Control-Allow-Credentials: true
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Headers: Accept, Content-Type, Content-Length, Accept-Encoding
Pragma: no-cache
Cache-Control: no-transform, no-store, no-cache, must-revalidate, max-age=0
Expires: Tue, 11 Jan 1994 10:00:00 GMT
Timing-Allow-Origin: * *
Strict-Transport-Security: max-age=1
X-Content-Type-Options: nosniff

POST
H/1.1 200
OK options Show response
graizoah.com/ 0
679 B 63ms
63ms XHR
text/html 139.45.197.9
RETN-AS

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host: graizoah.com
URL: https://graizoah.com/apu.php?zoneid=2617099

Protocol

HTTP/1.1

Security

TLS 1.2, RSA, AES_128_CBC

Server

139.45.197.9 , Ascension Island, ASN9002 (RETN-AS, GB),

Reverse DNS

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=1
X-Content-Type-Options	nosniff

Request headers

Referer: https://r.brstej.com/index.php?t=a73d866e01
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-type: application/json

Response headers

Date: Sun, 17 Jan 2021 17:50:42 GMT
X-Content-Type-Options: nosniff
Connection: keep-alive
Content-Length: 0
X-Trace-Id: 643fcf2746e0bfe1d1caf091baf2d297
Pragma: no-cache
Server: nginx
Strict-Transport-Security: max-age=1
Access-Control-Allow-Methods: GET, POST, OPTIONS
Content-Type: text/html; charset=utf8
Access-Control-Allow-Origin: https://r.brstej.com
Cache-Control: no-transform, no-store, no-cache, must-revalidate, max-age=0
Access-Control-Allow-Credentials: true
Timing-Allow-Origin: *, *
Access-Control-Allow-Headers: Accept, Content-Type, Content-Length, Accept-Encoding
Expires: Tue, 11 Jan 1994 10:00:00 GMT

GET
H2 200 jquery-3.5.1.min.js Show response
code.jquery.com/ 87 KB
30 KB 24ms
10ms Script
application/javascript 2001:4de0:ac19::1:b:3b
HIGHWINDS3

General

Check archive.org

Show headers Download Go to

Full URL: https://code.jquery.com/jquery-3.5.1.min.js
Requested by: Host: ajax.cloudflare.com
URL: https://ajax.cloudflare.com/cdn-cgi/scripts/7089c43e/cloudflare-static/rocket-loader.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4de0:ac19::1:b:3b , Netherlands, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software: nginx /
Resource Hash: f7f6a5894f1d19ddad6fa392b2ece2c5e578cbf7da4ea805b6885eb6985b6e3d

Request headers

Origin: https://r.brstej.com
Referer: https://r.brstej.com/index.php?t=a73d866e01
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 17 Jan 2021 17:50:42 GMT
content-encoding: gzip
last-modified: Mon, 04 May 2020 23:02:39 GMT
server: nginx
etag: W/"5eb09f0f-15d84"
vary: Accept-Encoding
x-hw: 1610905842.dop215.fr8.t,1610905842.cds207.fr8.hn,1610905842.cds142.fr8.c
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=315360000, public
accept-ranges: bytes
content-length: 30879

GET
H/1.1 200
OK atrk.js Show response
certify-js.alexametrics.com/ 4 KB
5 KB 147ms
147ms Script
text/javascript 99.86.7.129
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://certify-js.alexametrics.com/atrk.js
Requested by: Host: r.brstej.com
URL: https://r.brstej.com/index.php?t=a73d866e01
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 99.86.7.129 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-99-86-7-129.fra6.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 90451ba3e82cd9db02f0ca76bd45d0ab5ef7e90a49da4215903cb7f08471e2e7

Request headers

Referer: https://r.brstej.com/index.php?t=a73d866e01
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Tue, 29 Sep 2020 00:34:48 GMT
Via: 1.1 d357d5d597708d2b41e0fea397aa2620.cloudfront.net (CloudFront)
Connection: keep-alive
Last-Modified: Sat, 16 Mar 2019 16:01:33 GMT
Server: AmazonS3
Age: 9566155
ETag: "96c08723796affab377d9bb08d631cd0"
X-Cache: Hit from cloudfront
Content-Type: text/javascript
Cache-Control: max-age=26920000
X-Amz-Cf-Pop: FRA6-C1
Accept-Ranges: bytes
Content-Length: 4264
X-Amz-Cf-Id: xqHL86xXMhKaeO3sG7ZoMuFDZC1ojGhF-6Tg9dPjhByqNYEgsiX85A==

GET
H2 200 css
fonts.googleapis.com/ 11 KB
999 B 15ms
14ms Stylesheet
text/css 2a00:1450:4001:819::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto:400,300,500,700|Noticia+Text:400,400italic,700

Requested by

Host: r.brstej.com
URL: https://r.brstej.com/index.php?t=a73d866e01

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:819::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

fc78f17ea109f65491fcdca4f690ef6df71abc448a7949976d73f302821a1e8d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://r.brstej.com/index.php?t=a73d866e01
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Sun, 17 Jan 2021 17:50:42 GMT
server: ESF
date: Sun, 17 Jan 2021 17:50:42 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sun, 17 Jan 2021 17:50:42 GMT

GET
H2 200 font-awesome.min.css
netdna.bootstrapcdn.com/font-awesome/4.4.0/css/ 26 KB
6 KB 10ms
8ms Stylesheet
text/css 2001:4de0:ac19::1:b:3a
HIGHWINDS3

General

Check archive.org

Show headers Download Go to

Full URL

https://netdna.bootstrapcdn.com/font-awesome/4.4.0/css/font-awesome.min.css

Requested by

Host: r.brstej.com
URL: https://r.brstej.com/index.php?t=a73d866e01

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2001:4de0:ac19::1:b:3a , Netherlands, ASN20446 (HIGHWINDS3, US),

Reverse DNS

Software

Resource Hash

936ffccdc35bc55221e669d0e76034af76ba8c080c1b1149144dbbd3b5311829

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://r.brstej.com/index.php?t=a73d866e01
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 17 Jan 2021 17:50:42 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Wed, 12 Dec 2018 18:35:19 GMT
etag: "1544639719"
vary: Accept-Encoding
x-cache: HIT
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
content-length: 6079

GET
DATA 200
OK truncated
/ 66 B
0 Image
image/webp

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: b71c20271d9c80d1a71aa0ab9935281c4fa8ac404533f1a0747d7fb03fc68e79

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type: image/webp

GET
H/1.1 200
OK 3002587 Show response
in-page-push.com/400/ 78 KB
28 KB 323ms
130ms Script
application/javascript 87.245.235.35
RETN-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://in-page-push.com/400/3002587

Requested by

Host: r.brstej.com
URL: https://r.brstej.com/index.php?t=a73d866e01

Protocol

HTTP/1.1

Security

TLS 1.2, RSA, AES_128_CBC

Server

87.245.235.35 , United Kingdom, ASN9002 (RETN-AS, GB),

Reverse DNS

Software

nginx /

Resource Hash

5f48a3f6230ccc89e1de0a9cb8c8ca9fa3c31b13ac997add0024b59103a52a79

Security Headers

Name	Value
Strict-Transport-Security	max-age=1
X-Content-Type-Options	nosniff

Request headers

Referer: https://r.brstej.com/index.php?t=a73d866e01
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

X-Trace-Id: 71c97834fe2fbfc1685e024b7c048e52
Pragma: no-cache
Date: Sun, 17 Jan 2021 17:50:42 GMT
Content-Encoding: gzip
Vary: Origin
Server: nginx
Strict-Transport-Security: max-age=1
Content-Type: application/javascript
Cache-Control: no-cache, no-store, no-transform, must-revalidate, private, max-age=0
Transfer-Encoding: chunked
Connection: keep-alive
Timing-Allow-Origin: *
X-Content-Type-Options: nosniff
Expires: Wed, 31 Dec 1969 19:00:00 EST

POST
H2 200 / Show response
live.demand.supply/x/ 3 B
82 B 37ms
36ms XHR
text/plain 2606:4700::6810:8516
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://live.demand.supply/x/?ce=fs
Requested by: Host: live.demand.supply
URL: https://live.demand.supply/impl.v12.0.0.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6810:8516 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 27badc983df1780b60c2b3fa9d3a19a00e46aac798451f0febdca52920faaddf

Request headers

Referer: https://r.brstej.com/index.php?t=a73d866e01
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 17 Jan 2021 17:50:42 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/plain;charset=UTF-8
access-control-allow-origin: *
cf-ray: 6131eb8c986ee007-FRA
content-length: 3
cf-request-id: 07b3118be50000e00708229000000001

POST
H2 200 / Show response
live.demand.supply/x/ 3 B
82 B 29ms
29ms XHR
text/plain 2606:4700::6810:8516
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://live.demand.supply/x/?ce=um
Requested by: Host: live.demand.supply
URL: https://live.demand.supply/impl.v12.0.0.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6810:8516 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 27badc983df1780b60c2b3fa9d3a19a00e46aac798451f0febdca52920faaddf

Request headers

Referer: https://r.brstej.com/index.php?t=a73d866e01
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 17 Jan 2021 17:50:42 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/plain;charset=UTF-8
access-control-allow-origin: *
cf-ray: 6131eb8c9873e007-FRA
content-length: 3
cf-request-id: 07b3118be40000e007d2b2c000000001

POST
H2 200 / Show response
live.demand.supply/x/ 3 B
82 B 29ms
29ms XHR
text/plain 2606:4700::6810:8516
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://live.demand.supply/x/?ce=od&pp=BODY
Requested by: Host: live.demand.supply
URL: https://live.demand.supply/impl.v12.0.0.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6810:8516 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 27badc983df1780b60c2b3fa9d3a19a00e46aac798451f0febdca52920faaddf

Request headers

Referer: https://r.brstej.com/index.php?t=a73d866e01
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 17 Jan 2021 17:50:42 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/plain;charset=UTF-8
access-control-allow-origin: *
cf-ray: 6131eb8ca876e007-FRA
content-length: 3
cf-request-id: 07b3118be40000e007f790c000000001

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 46 KB
18 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:815::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-123341585-1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:815::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

e441c3e2771625ba05630ab464275136a82c99650ee2145ca5aa9853bedeb01b

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://r.brstej.com/index.php?t=a73d866e01
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Fri, 23 Oct 2020 03:00:57 GMT
server: Golfe2
age: 1870
date: Sun, 17 Jan 2021 17:19:32 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 18817
expires: Sun, 17 Jan 2021 19:19:32 GMT

GET
H/1.1 200
OK atrk.gif
certify.alexametrics.com/ 43 B
551 B 74ms
74ms Image
image/gif 99.86.7.23
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://certify.alexametrics.com/atrk.gif?frame_height=1200&frame_width=1600&iframe=0&title=%D9%85%D9%88%D9%82%D8%B9%20%D8%A8%D8%B1%D8%B3%D8%AA%D9%8A%D8%AC%20-%20%D9%85%D8%B4%D8%A7%D9%87%D8%AF%D8%A9%20%D9%85%D8%B3%D9%84%D8%B3%D9%84%D8%A7%D8%AA%20%D9%83%D8%A7%D9%85%D9%84%D8%A9&time=1610905842778&time_zone_offset=-60&screen_params=1600x1200x24&java_enabled=0&cookie_enabled=1&ref_url=&host_url=https%3A%2F%2Fr.brstej.com%2Findex.php%3Ft%3Da73d866e01&random_number=7610069864&sess_cookie=25f2120b1771178745a91094b43&sess_cookie_flag=1&user_cookie=25f2120b1771178745a91094b43&user_cookie_flag=1&dynamic=true&domain=brstej.com&account=0sCWu1DlQy20Y8&jsv=20130128&user_lang=en-US
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 99.86.7.23 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-99-86-7-23.fra6.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7

Request headers

Referer: https://r.brstej.com/index.php?t=a73d866e01
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Sat, 16 Jan 2021 18:53:23 GMT
Via: 1.1 7fcb41b117930690c299be9cec4a977a.cloudfront.net (CloudFront)
Last-Modified: Mon, 17 Jan 2011 20:41:40 GMT
Server: AmazonS3
Age: 82640
ETag: "221d8352905f2c38b3cb2bd191d630b0"
X-Cache: Hit from cloudfront
Content-Type: image/gif
Connection: keep-alive
Accept-Ranges: bytes
X-Amz-Cf-Pop: FRA6-C1
x-amz-meta-alexa-last-modified: 20110117123941
Content-Length: 43
X-Amz-Cf-Id: qzrvmtbk6QdEcRNf0c9sjdZDu3_zS7sxji6Sq400rmQ2fT9sOJttPA==

POST
H3-Q050 200 collect Show response
www.google-analytics.com/j/ 2 B
64 B 13ms
13ms XHR
text/plain 2a00:1450:4001:815::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j87&a=523198702&t=pageview&_s=1&dl=https%3A%2F%2Fr.brstej.com%2Findex.php%3Ft%3Da73d866e01&ul=en-us&de=UTF-8&dt=%D9%85%D9%88%D9%82%D8%B9%20%D8%A8%D8%B1%D8%B3%D8%AA%D9%8A%D8%AC%20-%20%D9%85%D8%B4%D8%A7%D9%87%D8%AF%D8%A9%20%D9%85%D8%B3%D9%84%D8%B3%D9%84%D8%A7%D8%AA%20%D9%83%D8%A7%D9%85%D9%84%D8%A9&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=IEBAAUABAAAAAC~&jid=1123688359&gjid=1990341206&cid=1846047120.1610905843&tid=UA-123341585-1&_gid=107523783.1610905843&_r=1&gtm=2ou161&z=2024446572

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:815::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://r.brstej.com/index.php?t=a73d866e01
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Sun, 17 Jan 2021 17:50:42 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://r.brstej.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 4 B
86 B 16ms
16ms XHR
text/plain 2a00:1450:400c:c00::9b
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j87&tid=UA-123341585-1&cid=1846047120.1610905843&jid=1123688359&gjid=1990341206&_gid=107523783.1610905843&_u=IEBAAUAAAAAAAC~&z=884942081

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c00::9b Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://r.brstej.com/index.php?t=a73d866e01
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
date: Sun, 17 Jan 2021 17:50:42 GMT
content-type: text/plain
access-control-allow-origin: https://r.brstej.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.com/ads/ 42 B
107 B 31ms
30ms Image
image/gif 2a00:1450:4001:802::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j87&tid=UA-123341585-1&cid=1846047120.1610905843&jid=1123688359&_u=IEBAAUAAAAAAAC~&z=951187189

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://r.brstej.com/index.php?t=a73d866e01
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 17 Jan 2021 17:50:42 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.de/ads/ 42 B
107 B 29ms
29ms Image
image/gif 2a00:1450:4001:802::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j87&tid=UA-123341585-1&cid=1846047120.1610905843&jid=1123688359&_u=IEBAAUAAAAAAAC~&z=951187189

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://r.brstej.com/index.php?t=a73d866e01
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 17 Jan 2021 17:50:42 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK apu.php Show response
abdurantom.com/ 382 B
1 KB 317ms
69ms Script
application/javascript 139.45.195.92
RETN-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://abdurantom.com/apu.php?zoneid=3390705

Requested by

Host: in-page-push.com
URL: https://in-page-push.com/400/3002587

Protocol

HTTP/1.1

Security

TLS 1.2, RSA, AES_128_CBC

Server

139.45.195.92 , Ascension Island, ASN9002 (RETN-AS, GB),

Reverse DNS

Software

nginx /

Resource Hash

81672ed6c6c5ce836eb8db6169514e7a1b9c8bcc8bc7196a5dcb4299b3723d3a

Security Headers

Name	Value
Strict-Transport-Security	max-age=1
X-Content-Type-Options	nosniff

Request headers

Referer: https://r.brstej.com/index.php?t=a73d866e01
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Sun, 17 Jan 2021 17:50:43 GMT
X-Content-Type-Options: nosniff
Connection: keep-alive
Content-Length: 382
X-Trace-Id: 5aa4cde1ef24151bf6bc87b832483a4e
Pragma: no-cache
Server: nginx
Strict-Transport-Security: max-age=1
Access-Control-Allow-Methods: GET, POST, OPTIONS
Content-Type: application/javascript
Access-Control-Allow-Origin: *
Cache-Control: no-transform, no-store, no-cache, must-revalidate, max-age=0
Access-Control-Allow-Credentials: true
Timing-Allow-Origin: *, *
Access-Control-Allow-Headers: Accept, Content-Type, Content-Length, Accept-Encoding
Expires: Tue, 11 Jan 1994 10:00:00 GMT

GET
H2 200 extra.min.js Show response
pushagim.com/pfe/current/ 110 KB
32 KB 190ms
68ms Script
application/javascript 139.45.196.197
RETN-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://pushagim.com/pfe/current/extra.min.js?z=3475873
Requested by: Host: in-page-push.com
URL: https://in-page-push.com/400/3002587
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 139.45.196.197 , Ascension Island, ASN9002 (RETN-AS, GB),
Reverse DNS
Software: nginx /
Resource Hash: fd8d439d0afeb14089aab1effcdf42c595681f74f98cc08b8fa7858bb5b0f31d

Request headers

Referer: https://r.brstej.com/index.php?t=a73d866e01
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 17 Jan 2021 17:50:43 GMT
content-encoding: gzip
last-modified: Thu, 10 Dec 2020 13:35:40 GMT
server: nginx
etag: W/"5fd2242c-1b886"
content-type: application/javascript
cache-control: no-cache
access-control-allow-credentials: true

GET
H2 200 1 Show response
cdn.itphanpytor.club/ 7 KB
4 KB 191ms
66ms Script
text/javascript 139.45.196.41
RETN-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.itphanpytor.club/1?z=3360969
Requested by: Host: in-page-push.com
URL: https://in-page-push.com/400/3002587
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 139.45.196.41 , Ascension Island, ASN9002 (RETN-AS, GB),
Reverse DNS
Software: nginx /
Resource Hash: e975ac4dfe774a5e8d4d9de67b779e98e27ef727b26e35c918663fbf5fc09b42

Request headers

Referer: https://r.brstej.com/index.php?t=a73d866e01
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 17 Jan 2021 17:50:43 GMT
content-encoding: gzip
x-sc: vQDg-3G5THEauIedfQRoEasgINkyqq2VOQi40cUu9ZOpE2fCiqRp1XJvoemtWGJtlYMmyikskC25eWKxXnp3NDk83N4=
server: nginx
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
content-type: text/javascript
access-control-allow-origin
access-control-expose-headers: X-Sc
cache-control: no-store, no-cache, must-revalidate, max-age=0
access-control-allow-credentials: true
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, X-Sc, CVERSION, VERSION
expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H2 200 23633299569aba28addd71d2a16696e2 Show response
cdn.itphanpytor.club/27/ 361 KB
119 KB 78ms
77ms Script
application/javascript 139.45.196.41
RETN-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.itphanpytor.club/27/23633299569aba28addd71d2a16696e2

Requested by

Host: cdn.itphanpytor.club
URL: https://cdn.itphanpytor.club/1?z=3360969

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

139.45.196.41 , Ascension Island, ASN9002 (RETN-AS, GB),

Reverse DNS

Software

nginx /

Resource Hash

7762a6b5e77fd8084621432f1642e17b1f64723ba64d1cbf56bcebdabf8fa95c

Security Headers

Name	Value
Strict-Transport-Security	max-age=1
X-Content-Type-Options	nosniff

Request headers

Referer: https://r.brstej.com/index.php?t=a73d866e01
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 17 Jan 2021 17:50:43 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Fri, 25 Dec 2020 07:41:01 GMT
server: nginx
strict-transport-security: max-age=1
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
content-type: application/javascript
access-control-allow-origin
cache-control: max-age:290304000, public
access-control-allow-credentials: true
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, X-Sc, CVERSION, VERSION
expires: Fri, 24 Jan 2081 07:41:01 GMT

GET
H2 200 38 Show response
cdn.itphanpytor.club/42/ 0
495 B 192ms
191ms Script
text/plain 139.45.196.41
RETN-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.itphanpytor.club/42/38?z=3360969
Requested by: Host: cdn.itphanpytor.club
URL: https://cdn.itphanpytor.club/1?z=3360969
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 139.45.196.41 , Ascension Island, ASN9002 (RETN-AS, GB),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://r.brstej.com/index.php?t=a73d866e01
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 17 Jan 2021 17:50:43 GMT
server: nginx
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
access-control-allow-origin
access-control-expose-headers: X-Sc
cache-control: no-store, no-cache, must-revalidate, max-age=0
access-control-allow-credentials: true
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, X-Sc, CVERSION, VERSION
content-length: 0
expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H/1.1 200
OK 3002587 Show response
in-page-push.com/500/ 1 KB
2 KB 62ms
62ms XHR
application/javascript 87.245.235.35
RETN-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://in-page-push.com/500/3002587?excludes=&oaid=02e3dc7254e845ffb430d0ea5e66ee73&fs=0&cf=0&sw=1600&sh=1200&sah=1200&wx=0&wy=0&ww=1600&wh=1200&cw=1600&wiw=1600&wih=1200&wfc=1&pl=https%3A%2F%2Fr.brstej.com%2Findex.php%3Ft%3Da73d866e01&drf=&np=0&pt=0&nb=1&ng=1&ix=0&nw=1&tb=false

Requested by

Host: in-page-push.com
URL: https://in-page-push.com/400/3002587

Protocol

HTTP/1.1

Security

TLS 1.2, RSA, AES_128_CBC

Server

87.245.235.35 , United Kingdom, ASN9002 (RETN-AS, GB),

Reverse DNS

Software

nginx /

Resource Hash

2138df0045f824d644d80b0ac1095617a4e003b3313366a05d764523768e7a1e

Security Headers

Name	Value
Strict-Transport-Security	max-age=1
X-Content-Type-Options	nosniff

Request headers

Referer: https://r.brstej.com/index.php?t=a73d866e01
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: application/json

Response headers

Date: Sun, 17 Jan 2021 17:50:43 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Transfer-Encoding: chunked
Connection: keep-alive
X-Trace-Id: 85b0773fc7e4034c697d8358f9465d86
Pragma: no-cache
Server: nginx
Vary: Origin
Strict-Transport-Security: max-age=1
Content-Type: application/javascript
Access-Control-Allow-Origin: https://r.brstej.com
Access-Control-Expose-Headers: Link
Cache-Control: no-cache, no-store, no-transform, must-revalidate, private, max-age=0
Access-Control-Allow-Credentials: true
Timing-Allow-Origin: *
Expires: Wed, 31 Dec 1969 19:00:00 EST

OPTIONS
H/1.1 200
OK 3002587
in-page-push.com/500/ Frame 0
0 235ms
58ms Other 87.245.235.35
RETN-AS

General

Check archive.org

Show headers Download Go to

Full URL

Protocol

HTTP/1.1

Server

87.245.235.35 , United Kingdom, ASN9002 (RETN-AS, GB),

Reverse DNS

Software

nginx /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=1
X-Content-Type-Options	nosniff

Request headers

Accept: */*
Access-Control-Request-Method: GET
Access-Control-Request-Headers: content-type
Origin: https://r.brstej.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

Server: nginx
Date: Sun, 17 Jan 2021 17:50:43 GMT
Content-Length: 0
Connection: keep-alive
Access-Control-Allow-Credentials: true
Access-Control-Allow-Headers: Content-Type
Access-Control-Allow-Methods: GET
Access-Control-Allow-Origin: https://r.brstej.com
Access-Control-Max-Age: 300
Vary: Origin Access-Control-Request-Method Access-Control-Request-Headers
Strict-Transport-Security: max-age=1
X-Content-Type-Options: nosniff
Timing-Allow-Origin: *

GET
H/1.1 200
OK gid.js Show response
my.rtmark.net/ 65 B
770 B 79ms
78ms Fetch
application/json 139.45.195.106
RETN-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://my.rtmark.net/gid.js?pub=0&userId=&zoneId=3475873&checkDuplicate=true&ymid=&var=

Requested by

Host: pushagim.com
URL: https://pushagim.com/pfe/current/extra.min.js?z=3475873

Protocol

HTTP/1.1

Security

TLS 1.2, RSA, AES_128_CBC

Server

139.45.195.106 , Ascension Island, ASN9002 (RETN-AS, GB),

Reverse DNS

Software

nginx /

Resource Hash

2ce65f2a978263817f456aa7e2473f7871dd9210cd646d7ea762fdca0684b06b

Security Headers

Name	Value
Strict-Transport-Security	max-age=1
X-Content-Type-Options	nosniff

Request headers

Referer: https://r.brstej.com/index.php?t=a73d866e01
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Sun, 17 Jan 2021 17:50:43 GMT
X-Content-Type-Options: nosniff
Server: nginx
Strict-Transport-Security: max-age=1
Access-Control-Allow-Methods: POST, GET, OPTIONS, PUT, DELETE
Content-Type: application/json; charset=utf-8
Access-Control-Allow-Origin: https://r.brstej.com
Access-Control-Expose-Headers: Authorization
Access-Control-Allow-Credentials: true
Connection: keep-alive
Timing-Allow-Origin: *, *
Access-Control-Allow-Headers: Accept, Content-Type, Content-Length, Accept-Encoding, Authorization,X-CSRF-Token
Content-Length: 65

GET
H2 200 zone Show response
pushagim.com/ 795 B
1 KB 189ms
66ms Fetch
application/json 139.45.196.197
RETN-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://pushagim.com/zone?pub=0&zone_id=3475873&is_mobile=false&domain=r.brstej.com&var=&ymid=&var_3=

Requested by

Host: pushagim.com
URL: https://pushagim.com/pfe/current/extra.min.js?z=3475873

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

139.45.196.197 , Ascension Island, ASN9002 (RETN-AS, GB),

Reverse DNS

Software

nginx /

Resource Hash

158c84149e16596824010ad41bf6f0ac9cf67a9d809dbf66ff4937e61845fbae

Security Headers

Name	Value
Strict-Transport-Security	max-age=1
X-Content-Type-Options	nosniff

Request headers

Referer: https://r.brstej.com/index.php?t=a73d866e01
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-trace-id: 1f38b07380480607e841f3e833fe538d
date: Sun, 17 Jan 2021 17:50:43 GMT
x-content-type-options: nosniff
server: nginx
strict-transport-security: max-age=1
content-type: application/json; charset=utf-8
access-control-allow-origin: https://r.brstej.com
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
content-length: 795

OPTIONS
H2 204 9
cdn.itphanpytor.club/ Frame 0
0 194ms
70ms Other 139.45.196.41
RETN-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.itphanpytor.club/9?z=3360969&ng=1&ix=0&pt=0&np=1&gp=-1&bp=-1&nw=1&nb=1&sw=1600&sh=1200&pl=https%3A%2F%2Fr.brstej.com%2Findex.php%3Ft%3Da73d866e01&wy=0&wx=0&ww=1600&wh=1200&cw=1600&wiw=1600&wih=1200&wfc=1&sah=1200&drf=&hil=2&ist=0
Protocol: H2
Server: 139.45.196.41 , Ascension Island, ASN9002 (RETN-AS, GB),
Reverse DNS
Software: nginx /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Origin: https://r.brstej.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

server: nginx
date: Sun, 17 Jan 2021 17:50:43 GMT
access-control-allow-credentials: true
access-control-allow-origin: https://r.brstej.com
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, X-Sc, CVERSION, VERSION
pragma: no-cache
cache-control: no-store, no-cache, must-revalidate, max-age=0
expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H2 200 online.js Show response
static.lalaping.com/ 84 KB
33 KB 69ms
38ms Script
application/javascript 2606:4700:20::681a:97b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://static.lalaping.com/online.js?ver=2.0.0
Requested by: Host: cdn.itphanpytor.club
URL: https://cdn.itphanpytor.club/27/23633299569aba28addd71d2a16696e2
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:97b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 40e9c0f2ebc41712958541bee3b48aa744ef21a0ff1efc5c87d5d683e8f128e3

Request headers

Referer: https://r.brstej.com/index.php?t=a73d866e01
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 17 Jan 2021 17:50:43 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Mon, 23 Nov 2020 17:10:39 GMT
server: cloudflare
age: 951
etag: W/"5fbbed0f-14f3c"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=5AaFoCoI%2FHXnqJoeREWyLCQ8XG6Pph0VHNB6LRdw9BavrUEl%2BM8yLf6puMSNbSincfCiB4Gl2NNK93w853b3w5V1okihbZVwMKHu5s1JuT9uyyBH%2Bq%2BBCsSlEFr8XghK"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=14400
nel: {"report_to":"cf-nel","max_age":604800}
cf-ray: 6131eb91ca31c28b-FRA
cf-request-id: 07b3118f1b0000c28b752d0000000001

POST
H2 204 9 Show response
cdn.itphanpytor.club/ 0
507 B 74ms
73ms XHR
text/plain 139.45.196.41
RETN-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.itphanpytor.club/9?z=3360969&ng=1&ix=0&pt=0&np=1&gp=-1&bp=-1&nw=1&nb=1&sw=1600&sh=1200&pl=https%3A%2F%2Fr.brstej.com%2Findex.php%3Ft%3Da73d866e01&wy=0&wx=0&ww=1600&wh=1200&cw=1600&wiw=1600&wih=1200&wfc=1&sah=1200&drf=&hil=2&ist=0
Requested by: Host: cdn.itphanpytor.club
URL: https://cdn.itphanpytor.club/27/23633299569aba28addd71d2a16696e2
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 139.45.196.41 , Ascension Island, ASN9002 (RETN-AS, GB),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://r.brstej.com/index.php?t=a73d866e01
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: application/json

Response headers

pragma: no-cache
date: Sun, 17 Jan 2021 17:50:43 GMT
server: nginx
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
access-control-allow-origin: https://r.brstej.com
access-control-expose-headers: X-Sc
cache-control: no-store, no-cache, must-revalidate, max-age=0
access-control-allow-credentials: true
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, X-Sc, CVERSION, VERSION
expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H3-Q050 200 googlelogo_color_120x44dp.png
www.google.com/images/branding/googlelogo/2x/ 5 KB
5 KB 20ms
18ms Image
image/png 2a00:1450:4001:802::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/images/branding/googlelogo/2x/googlelogo_color_120x44dp.png

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

29c50fa4422ac0a690af5b0987dee6a030a7eeaafa9dda8543cf022368f545aa

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://r.brstej.com/index.php?t=a73d866e01
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 17 Jan 2021 17:50:43 GMT
x-content-type-options: nosniff
last-modified: Tue, 22 Oct 2019 18:30:00 GMT
server: sffe
content-type: image/png
cache-control: private, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5087
x-xss-protection: 0
expires: Sun, 17 Jan 2021 17:50:43 GMT

GET
H3-Q050 200 googlelogo_color_272x92dp.png
www.google.com/images/branding/googlelogo/1x/ 6 KB
6 KB 21ms
20ms Image
image/png 2a00:1450:4001:802::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/images/branding/googlelogo/1x/googlelogo_color_272x92dp.png

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5776cd87617eacec3bc00ebcf530d1924026033eda852f706c1a675a98915826

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://r.brstej.com/index.php?t=a73d866e01
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 17 Jan 2021 17:50:43 GMT
x-content-type-options: nosniff
last-modified: Tue, 22 Oct 2019 18:30:00 GMT
server: sffe
content-type: image/png
cache-control: private, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5969
x-xss-protection: 0
expires: Sun, 17 Jan 2021 17:50:43 GMT

GET
H3-Q050 200 googlelogo_color_272x92dp.png
www.google.com/images/branding/googlelogo/2x/ 13 KB
13 KB 19ms
18ms Image
image/png 2a00:1450:4001:802::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/images/branding/googlelogo/2x/googlelogo_color_272x92dp.png

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

262084257c2103702ef8a25705e3f8dbc1fa3823103ad7b954d54bdb77e6d89d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://r.brstej.com/index.php?t=a73d866e01
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 17 Jan 2021 17:50:43 GMT
x-content-type-options: nosniff
last-modified: Tue, 22 Oct 2019 18:30:00 GMT
server: sffe
content-type: image/png
cache-control: private, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13504
x-xss-protection: 0
expires: Sun, 17 Jan 2021 17:50:43 GMT

GET
H3-Q050 200 googlelogo_color_160x56dp.png
www.google.com/images/branding/googlelogo/2x/ 7 KB
7 KB 18ms
17ms Image
image/png 2a00:1450:4001:802::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/images/branding/googlelogo/2x/googlelogo_color_160x56dp.png

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

9e611fba6a87626e60f74d361f0c94d1ba226bc0726a05791f40ddb7fbba2c4f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://r.brstej.com/index.php?t=a73d866e01
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 17 Jan 2021 17:50:43 GMT
x-content-type-options: nosniff
last-modified: Tue, 22 Oct 2019 18:30:00 GMT
server: sffe
content-type: image/png
cache-control: private, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7048
x-xss-protection: 0
expires: Sun, 17 Jan 2021 17:50:43 GMT

GET
H3-Q050 200 googlelogo_color_90x40dp.png
www.google.com/images/branding/googlelogo/2x/ 4 KB
4 KB 20ms
19ms Image
image/png 2a00:1450:4001:802::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/images/branding/googlelogo/2x/googlelogo_color_90x40dp.png

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a9cac8d49feccd603bac334c92c1e7dd5a829a1c01d4130550e8c9c0d9c72f7b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://r.brstej.com/index.php?t=a73d866e01
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 17 Jan 2021 17:50:43 GMT
x-content-type-options: nosniff
last-modified: Tue, 22 Oct 2019 18:30:00 GMT
server: sffe
content-type: image/png
cache-control: private, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3934
x-xss-protection: 0
expires: Sun, 17 Jan 2021 17:50:43 GMT

GET
H2 200 0805408441928.png
littlecdn.com/contents/s/cb/9f/b9/f83edb61067b798e603a72771e/ 3 KB
4 KB 33ms
18ms Image
image/png 2606:4700:10::ac43:a62
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://littlecdn.com/contents/s/cb/9f/b9/f83edb61067b798e603a72771e/0805408441928.png
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::ac43:a62 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: cf1562c77987e7f1708ac3c6fdf7604f8c8169df061f89d9c7daeaafc1990f5f

Request headers

Referer: https://r.brstej.com/index.php?t=a73d866e01
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 17 Jan 2021 17:50:43 GMT
cf-cache-status: HIT
age: 3451
content-length: 3225
cf-request-id: 07b3118f7100003244339ed000000001
last-modified: Sun, 28 Apr 2019 17:29:22 GMT
server: cloudflare
etag: "5cc5e2f2-c99"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS, HEAD
content-type: image/png
access-control-allow-origin: *
access-control-expose-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 6131eb924b413244-FRA
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range

OPTIONS
H/1.1 200
OK add
o.wowreality.info/api/log/ Frame 0
0 171ms
57ms Other 139.45.195.254
RETN-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://o.wowreality.info/api/log/add
Protocol: HTTP/1.1
Server: 139.45.195.254 , Ascension Island, ASN9002 (RETN-AS, GB),
Reverse DNS
Software: nginx /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Origin: https://r.brstej.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

Server: nginx
Date: Sun, 17 Jan 2021 17:50:44 GMT
Content-Length: 0
Connection: keep-alive
Access-Control-Allow-Credentials: true
Access-Control-Allow-Headers: Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-Forwarded-For
Access-Control-Allow-Methods: POST, GET, OPTIONS, PUT, DELETE
Access-Control-Allow-Origin: https://r.brstej.com

POST
H/1.1 200
OK add Show response
o.wowreality.info/api/log/ 0
399 B 203ms
100ms XHR
text/plain 139.45.195.254
RETN-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://o.wowreality.info/api/log/add
Requested by: Host: static.lalaping.com
URL: https://static.lalaping.com/online.js?ver=2.0.0
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 139.45.195.254 , Ascension Island, ASN9002 (RETN-AS, GB),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://r.brstej.com/index.php?t=a73d866e01
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-type: application/json

Response headers

Date: Sun, 17 Jan 2021 17:50:45 GMT
Server: nginx
Access-Control-Allow-Methods: POST, GET, OPTIONS, PUT, DELETE
Access-Control-Allow-Origin: https://r.brstej.com
Access-Control-Allow-Credentials: true
Connection: keep-alive
Access-Control-Allow-Headers: Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-Forwarded-For
Content-Length: 0

GET
H/1.1 200
OK b7Z6kHCSC4RLDxMLy5A_ksoAlkrdTab4HOEirj0Bn_KTxnSzjetYCluarDL2oraxlnLnHzffGkg5K51LPWBI5GfHFVSrM3JPiGlDIjDhDBbuTdLZ8qBe61DBWBFi5516l6VN1ts1hAeB7mzPMkQh_aRkgN8uxCmjay4l_M4Pmb0FLAis5M4MfZl20Pe777OlVAVMZ...
onstunkyr.com/impression/ 43 B
482 B 289ms
51ms Image
image/gif 139.45.195.176
RETN-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://onstunkyr.com/impression/b7Z6kHCSC4RLDxMLy5A_ksoAlkrdTab4HOEirj0Bn_KTxnSzjetYCluarDL2oraxlnLnHzffGkg5K51LPWBI5GfHFVSrM3JPiGlDIjDhDBbuTdLZ8qBe61DBWBFi5516l6VN1ts1hAeB7mzPMkQh_aRkgN8uxCmjay4l_M4Pmb0FLAis5M4MfZl20Pe777OlVAVMZq_yt2cF9yCs6gsXgCVm7WxqgTNoUYHbWhawnnPD-EyrrjOwAG9WTgEaj59_Wj8mtCbascex7Wy0zE3FNWqa90g36B3sje8OEY0NVzqUd_Wp6cv0Uw==?z=3002587&fs=0&cf=0&sw=1600&sh=1200&sah=1200&wx=0&wy=0&ww=1600&wh=1200&cw=1600&wiw=1600&wih=1200&wfc=1&pl=https%3A%2F%2Fr.brstej.com%2Findex.php%3Ft%3Da73d866e01&drf=&np=0&pt=0&nb=1&ng=1&ix=0&nw=1&tb=false

Protocol

HTTP/1.1

Security

TLS 1.2, RSA, AES_128_CBC

Server

139.45.195.176 , Ascension Island, ASN9002 (RETN-AS, GB),

Reverse DNS

Software

nginx /

Resource Hash

4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Security Headers

Name	Value
Strict-Transport-Security	max-age=1
X-Content-Type-Options	nosniff

Request headers

Referer: https://r.brstej.com/index.php?t=a73d866e01
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

X-Trace-Id: 97fac94e853942e93374649bcf4ccbd3
Pragma: no-cache
Date: Sun, 17 Jan 2021 17:50:53 GMT
X-Content-Type-Options: nosniff
Server: nginx
Strict-Transport-Security: max-age=1
Content-Type: image/gif
Cache-Control: no-cache, no-store, no-transform, must-revalidate, private, max-age=0
Connection: keep-alive
Timing-Allow-Origin: *
Vary: Origin
Content-Length: 43
Expires: Wed, 31 Dec 1969 19:00:00 EST

GET
H2 200 0805408441928.png
littlecdn.com/contents/s/cb/9f/b9/f83edb61067b798e603a72771e/ Frame B216 3 KB
3 KB 74ms
74ms Image
image/png 2606:4700:10::ac43:a62
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://littlecdn.com/contents/s/cb/9f/b9/f83edb61067b798e603a72771e/0805408441928.png
Requested by: Host: in-page-push.com
URL: https://in-page-push.com/400/3002587
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::ac43:a62 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: cf1562c77987e7f1708ac3c6fdf7604f8c8169df061f89d9c7daeaafc1990f5f

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 17 Jan 2021 17:50:53 GMT
cf-cache-status: HIT
age: 3461
content-length: 3225
cf-request-id: 07b311b4b2000032446c0ce000000001
last-modified: Sun, 28 Apr 2019 17:29:22 GMT
server: cloudflare
etag: "5cc5e2f2-c99"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS, HEAD
content-type: image/png
access-control-allow-origin: *
access-control-expose-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 6131ebcd98d83244-FRA
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range

GET
H/1.1 200
OK 3002587 Show response
in-page-push.com/500/ 1005 B
2 KB 124ms
46ms XHR
application/javascript 87.245.235.35
RETN-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://in-page-push.com/500/3002587?excludes=6428786&oaid=02e3dc7254e845ffb430d0ea5e66ee73&fs=0&cf=0&sw=1600&sh=1200&sah=1200&wx=0&wy=0&ww=1600&wh=1200&cw=1600&wiw=1600&wih=1200&wfc=2&pl=https%3A%2F%2Fr.brstej.com%2Findex.php%3Ft%3Da73d866e01&drf=&np=0&pt=0&nb=1&ng=1&ix=0&nw=1&tb=false

Requested by

Host: in-page-push.com
URL: https://in-page-push.com/400/3002587

Protocol

HTTP/1.1

Security

TLS 1.2, RSA, AES_128_CBC

Server

87.245.235.35 , United Kingdom, ASN9002 (RETN-AS, GB),

Reverse DNS

Software

nginx /

Resource Hash

a8037bffbec049b0219356481e65f2cc7ebf4cfdba65f218759905a60c398b1c

Security Headers

Name	Value
Strict-Transport-Security	max-age=1
X-Content-Type-Options	nosniff

Request headers

Referer: https://r.brstej.com/index.php?t=a73d866e01
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: application/json

Response headers

Date: Sun, 17 Jan 2021 17:50:53 GMT
Strict-Transport-Security: max-age=1
X-Content-Type-Options: nosniff
Connection: keep-alive
Content-Length: 1005
X-Trace-Id: 891b24a1163fb80a876dc3fec8458c27
Pragma: no-cache
Server: nginx
Vary: Origin
Content-Type: application/javascript
Access-Control-Allow-Origin: https://r.brstej.com
Access-Control-Expose-Headers: Link
Cache-Control: no-cache, no-store, no-transform, must-revalidate, private, max-age=0
Access-Control-Allow-Credentials: true
Timing-Allow-Origin: *
Expires: Wed, 31 Dec 1969 19:00:00 EST

OPTIONS
H/1.1 200
OK 3002587
in-page-push.com/500/ Frame 0
0 161ms
51ms Other 87.245.235.35
RETN-AS

General

Check archive.org

Show headers Download Go to

Full URL

Protocol

HTTP/1.1

Server

87.245.235.35 , United Kingdom, ASN9002 (RETN-AS, GB),

Reverse DNS

Software

nginx /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=1
X-Content-Type-Options	nosniff

Request headers

Accept: */*
Access-Control-Request-Method: GET
Access-Control-Request-Headers: content-type
Origin: https://r.brstej.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

Server: nginx
Date: Sun, 17 Jan 2021 17:50:53 GMT
Content-Length: 0
Connection: keep-alive
Access-Control-Allow-Credentials: true
Access-Control-Allow-Headers: Content-Type
Access-Control-Allow-Methods: GET
Access-Control-Allow-Origin: https://r.brstej.com
Access-Control-Max-Age: 300
Vary: Origin Access-Control-Request-Method Access-Control-Request-Headers
Strict-Transport-Security: max-age=1
X-Content-Type-Options: nosniff
Timing-Allow-Origin: *

GET
H2 200 0276441336168.png
littlecdn.com/contents/s/2a/a3/91/e7f052d79c0c021ef2fff38db2/ 6 KB
7 KB 42ms
42ms Image
image/png 2606:4700:10::ac43:a62
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://littlecdn.com/contents/s/2a/a3/91/e7f052d79c0c021ef2fff38db2/0276441336168.png
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::ac43:a62 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0b3e928c0bf59b7e48ad949290f60585d1cbe2f43fe80aa8b560af4c7ff5d159

Request headers

Referer: https://r.brstej.com/index.php?t=a73d866e01
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 17 Jan 2021 17:50:53 GMT
cf-cache-status: HIT
age: 3989
content-length: 6498
cf-request-id: 07b311b66a0000324484199000000001
last-modified: Fri, 07 Feb 2020 15:37:35 GMT
server: cloudflare
etag: "5e3d843f-1962"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS, HEAD
content-type: image/png
access-control-allow-origin: *
access-control-expose-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 6131ebd0897a3244-FRA
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range

GET
H/1.1 200
OK 6aDo-WpWSH2n9Kly0ci4axf31C7IiovBAtSRvNXrVodVdLXD5DqK8KMGr5JgAaw5z8iZiL23q9FknU-KpQ-AGrkdaQYau4o9TqcUNuB6EPdmH2LZoifVB8-zsGaXDC0Oevc5Bm1oMJijis4U30Pa_1ZWaDoc_X2o9BS6RSx7pPsXnmG0QhvZREvj75Q=
onstunkyr.com/impression/ 43 B
482 B 43ms
43ms Image
image/gif 139.45.195.176
RETN-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://onstunkyr.com/impression/6aDo-WpWSH2n9Kly0ci4axf31C7IiovBAtSRvNXrVodVdLXD5DqK8KMGr5JgAaw5z8iZiL23q9FknU-KpQ-AGrkdaQYau4o9TqcUNuB6EPdmH2LZoifVB8-zsGaXDC0Oevc5Bm1oMJijis4U30Pa_1ZWaDoc_X2o9BS6RSx7pPsXnmG0QhvZREvj75Q=?z=3002587&fs=0&cf=0&sw=1600&sh=1200&sah=1200&wx=0&wy=0&ww=1600&wh=1200&cw=1600&wiw=1600&wih=1200&wfc=2&pl=https%3A%2F%2Fr.brstej.com%2Findex.php%3Ft%3Da73d866e01&drf=&np=0&pt=0&nb=1&ng=1&ix=0&nw=1&tb=false

Protocol

HTTP/1.1

Security

TLS 1.2, RSA, AES_128_CBC

Server

139.45.195.176 , Ascension Island, ASN9002 (RETN-AS, GB),

Reverse DNS

Software

nginx /

Resource Hash

4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Security Headers

Name	Value
Strict-Transport-Security	max-age=1
X-Content-Type-Options	nosniff

Request headers

Referer: https://r.brstej.com/index.php?t=a73d866e01
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

X-Trace-Id: df436784fd394b98ce152716c478c1c4
Pragma: no-cache
Date: Sun, 17 Jan 2021 17:50:58 GMT
X-Content-Type-Options: nosniff
Server: nginx
Strict-Transport-Security: max-age=1
Content-Type: image/gif
Cache-Control: no-cache, no-store, no-transform, must-revalidate, private, max-age=0
Connection: keep-alive
Timing-Allow-Origin: *
Vary: Origin
Content-Length: 43
Expires: Wed, 31 Dec 1969 19:00:00 EST

GET
H2 200 0276441336168.png
littlecdn.com/contents/s/2a/a3/91/e7f052d79c0c021ef2fff38db2/ Frame B216 6 KB
7 KB 25ms
25ms Image
image/png 2606:4700:10::ac43:a62
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://littlecdn.com/contents/s/2a/a3/91/e7f052d79c0c021ef2fff38db2/0276441336168.png
Requested by: Host: in-page-push.com
URL: https://in-page-push.com/400/3002587
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::ac43:a62 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0b3e928c0bf59b7e48ad949290f60585d1cbe2f43fe80aa8b560af4c7ff5d159

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 17 Jan 2021 17:50:58 GMT
cf-cache-status: HIT
age: 3994
content-length: 6498
cf-request-id: 07b311c8020000324410948000000001
last-modified: Fri, 07 Feb 2020 15:37:35 GMT
server: cloudflare
etag: "5e3d843f-1962"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS, HEAD
content-type: image/png
access-control-allow-origin: *
access-control-expose-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 6131ebeccca33244-FRA
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range

Verdicts & Comments Add Verdict or Comment

98 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

4 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
r.brstej.com/	1969-12-31 23:59:59	Name: PHPSESSID Value: 34f58cf378d97f53498e29ae0fbfc37c
graizoah.com/	1970-01-20 00:14:01	Name: oaidts Value: 1610905842
graizoah.com/	1970-01-20 00:14:01	Name: OAID Value: 20fd5f4ed78b49f2b6eb22a068684362
.brstej.com/	1970-01-19 16:11:37	Name: __cfduid Value: dc327e1ce028371e5ed3a985e65f67a4c1610905841

2 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
console-api	warning	URL: https://live.demand.supply/impl.v12.0.0.js(Line 10) Message: Please consider placing the demand.supply script inside the <head> tag of your site. Currently, that script seems to be placed outside <head>. warning
console-api	log	URL: https://abdurantom.com/apu.php?zoneid=3390705(Line 1) Message: 0x50005

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

abdurantom.com
ajax.cloudflare.com
cdn.itphanpytor.club
cdn.statically.io
cdnjs.cloudflare.com
certify-js.alexametrics.com
certify.alexametrics.com
code.jquery.com
fonts.googleapis.com
graizoah.com
in-page-push.com
littlecdn.com
live.demand.supply
m.brstej.com
maxcdn.bootstrapcdn.com
my.rtmark.net
netdna.bootstrapcdn.com
o.wowreality.info
onstunkyr.com
pagead2.googlesyndication.com
pushagim.com
r.brstej.com
securepubads.g.doubleclick.net
sitefeytout.com
static.lalaping.com
stats.g.doubleclick.net
use.fontawesome.com
www.brstej.com
www.google-analytics.com
www.google.com
www.google.de
www.googletagmanager.com
www.googletagservices.com
139.45.195.106
139.45.195.176
139.45.195.254
139.45.195.92
139.45.196.197
139.45.196.41
139.45.197.9
142.250.74.194
172.255.6.144
2001:4de0:ac19::1:b:3a
2001:4de0:ac19::1:b:3b
23.111.9.35
2606:4700:10::ac43:17e4
2606:4700:10::ac43:a62
2606:4700:20::681a:68d
2606:4700:20::681a:97b
2606:4700::6810:135e
2606:4700::6810:8516
2606:4700::6810:a823
2a00:1450:4001:802::2003
2a00:1450:4001:802::2004
2a00:1450:4001:803::2002
2a00:1450:4001:806::2002
2a00:1450:4001:815::200e
2a00:1450:4001:818::2008
2a00:1450:4001:819::200a
2a00:1450:400c:c00::9b
87.245.235.35
99.86.7.129
99.86.7.23
0007b581f224d0ccdc368cbb9d51450b2f7657fd47654c703b079dd616579958
00aa910fad524302331ee516ef61c92b4371c6dac74dacc0e8a8c9edcf2e1c7d
04fd6ef5911c31cc109fa5cc24010a975df2fae28d156ccbfc849b7e844c11c8
06d6e10886ed7de5561acab1935bce1c46174baa9cbd0bcb319aa3b69594131f
0b3e928c0bf59b7e48ad949290f60585d1cbe2f43fe80aa8b560af4c7ff5d159
0fe6a4357505cb0d3ca8ba0671ad57df6b7410ca02cb8065eed58e2c0381e640
1575340831e6fb7b0a52c8e57c5283b0c6398ce1276332034d1425969ccf618a
158c84149e16596824010ad41bf6f0ac9cf67a9d809dbf66ff4937e61845fbae
19e280c31aafb81cf2b27dc261c959ccccaa4020e66ca67687c1945497a921d3
1e67d8dbcca1f6fd94e077c85c2fb40fa1c2756c99238daa8da882144260a68d
1fe3f15367d4983e9e2d0ab7de87e181936b7ff8a7e1e4a1cba8593fe113f7c4
2138df0045f824d644d80b0ac1095617a4e003b3313366a05d764523768e7a1e
244926b75ad193faf7a694c602d5819576e2d953dc43849395dedfa841f5ea53
262084257c2103702ef8a25705e3f8dbc1fa3823103ad7b954d54bdb77e6d89d
27badc983df1780b60c2b3fa9d3a19a00e46aac798451f0febdca52920faaddf
29c50fa4422ac0a690af5b0987dee6a030a7eeaafa9dda8543cf022368f545aa
2ce65f2a978263817f456aa7e2473f7871dd9210cd646d7ea762fdca0684b06b
31c6665135ae41b092153cd6480be82fad706ca9bd465784be70c00b8643308d
33ff72e36ce92015d825dd2208a08da1329b265e7fe14420d85210276af984bb
34e8e27e1679a10fa7dd6192389f38fb491e89a482aea9690dd4c10538cc10bf
34f6573f8ad85246932ff4cc59aa5dec3f2117a5b85a7ea9fc38b6de279397f9
35ff635a9e7b42762a78b36632593544829e2573d6ee8045aa14d01a7622b0fb
40e9c0f2ebc41712958541bee3b48aa744ef21a0ff1efc5c87d5d683e8f128e3
44c66997daf4d313e329041df8e19c875a622b3733cb0b83d8cd38bc38185cbc
44fed47d58ccae0d0fe625418cd5a606f41cdaf17f3abca0e3e77c09dc640be2
486b69b0d91bb6c1d58df9c8995cdbb8a3dcaede6deb68fc9273bbc2f64b613f
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
5776cd87617eacec3bc00ebcf530d1924026033eda852f706c1a675a98915826
5f48a3f6230ccc89e1de0a9cb8c8ca9fa3c31b13ac997add0024b59103a52a79
66f3a07e1fa9b64a686b66381e4458dbc8abf3dbbff954720c4eec07b84411c2
6a89003be43e59c232661a12af708b5279e808d5c315a7f7158ae3c9cef96c59
6d77fe2c5655b81e55cf5a4a3a5706a59b7acb2b05448027c55839e51ea5c772
70b2abc8e51e5fa6a89941763bbe595533d958d9e3bab12f8c6d2f12fd074bfd
7762a6b5e77fd8084621432f1642e17b1f64723ba64d1cbf56bcebdabf8fa95c
794375b4a5a964e264d685e5b9d1004b91cf3865311d74e17308b24cb4db1ce1
7f6bea6a30a248543923c5fa1943005eef54de8928f0f8ce7ddd264032aa520a
81672ed6c6c5ce836eb8db6169514e7a1b9c8bcc8bc7196a5dcb4299b3723d3a
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
853ab86acc74598f0a9d649a308cd709cba1717f51ce2b8d87986d108794cb81
89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7
90451ba3e82cd9db02f0ca76bd45d0ab5ef7e90a49da4215903cb7f08471e2e7
91097a61df68840c4651234b5410577b5ba5b77174486e0e8a8eac31a3062da0
936ffccdc35bc55221e669d0e76034af76ba8c080c1b1149144dbbd3b5311829
9daba360fcb1a652044af1056d44769ef7e71b010f2492989bfd583158be0ea0
9e611fba6a87626e60f74d361f0c94d1ba226bc0726a05791f40ddb7fbba2c4f
9ea6b351a675e3bc0e648d6d41bafd700a5944f6e54778fe6beac548210c241a
9f0a455542f18b843664a53534383c337faf7e97e956295e07cacb2f74d75dbf
a13a07b242c80b57e0cbbacc6cfedb538d4d331ff1f9dff370519ec57407e450
a8037bffbec049b0219356481e65f2cc7ebf4cfdba65f218759905a60c398b1c
a9cac8d49feccd603bac334c92c1e7dd5a829a1c01d4130550e8c9c0d9c72f7b
b08cdbc2d30e656a86b20f8342428d5863f70f4b30135b4f4061f754ce932f5e
b273ce445e4ad18cced4ad20b8ac8a935467a0be5e61f19db2eb1143e72e05fd
b2c78c910f5ea29e3a9d223dabc203c055c8708b1fe7d83788b490638126db4d
b5e17bb9b4eb72b5e7f67b00c9aeb07751e128efb1e00a7ffa40d600c955db6b
b71c20271d9c80d1a71aa0ab9935281c4fa8ac404533f1a0747d7fb03fc68e79
b8a0d09df5a79e5e9494b3061eeff55883870c66714879886348c5095faa7840
ba62f48e594b434ccdc466b1870d3c8cd6774327a279b7d5e950a274bf9334a3
ba9515e3bb22fa3c9c822bd21dc49415290eb968b1995ddf09c5716c37d86f27
bdd1579c84daab8cdd1e5a4f71b546c9eaa6a76418f83e0215c573523614c309
c112a7633fcc9bf504030e0b6ac650aba21ed1198a5db17d74ddfd38ab3e248d
c2798ae99ee79ab0b6c4d7a9cbaf6a7ad94953a06f9dbfe609b042274ff6b517
c4b7a1329b8da630e85a73f5b951dd83340a31c0d442e4e0875d1a9bd5bb4a6e
cf1562c77987e7f1708ac3c6fdf7604f8c8169df061f89d9c7daeaafc1990f5f
d36a4d2e1e3ec14aa6fd41115d053a533999f0337d0f48859de361199f7359cb
dcfc8b3e3d5f8ddf192fc9305748e69bfe610cd50645470be0a433b70bc0d866
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
e16dbcc0acf0f0f9963030e3b8d843d74ab0b8c6a992e4bc5acd8d3754ddcf55
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e441c3e2771625ba05630ab464275136a82c99650ee2145ca5aa9853bedeb01b
e75fb4b26aa2ded1e757268828d3d759c05a85d92db75cd6b491f3f4cb6af769
e7ad856551c720cb7c6a24a8bf4a9d6b6b24c24f07109cde96366338e53a4ff8
e815c87acc2288959ffb190cbacbf1b2bde1184b24c7dd8869411a303087b412
e975ac4dfe774a5e8d4d9de67b779e98e27ef727b26e35c918663fbf5fc09b42
ecd695498482a304d077a4f408aef9fca43e6b9e31dc64d8f837ca23797f64e2
ee5183f1d32296f0ecb7e79bf5c3e8fcb8ccfa71152e26a961d8ed15573f2727
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f67b782ec5a62c8fcedb89535bcf48cc02ae06a119e3b97fe2b875fad1ff358f
f7f6a5894f1d19ddad6fa392b2ece2c5e578cbf7da4ea805b6885eb6985b6e3d
fb94b462f27f138f78bc2f58584c8e4377ea23828ec4bf2de9a76b624419b6d0
fc78f17ea109f65491fcdca4f690ef6df71abc448a7949976d73f302821a1e8d
fd8d439d0afeb14089aab1effcdf42c595681f74f98cc08b8fa7858bb5b0f31d

r.brstej.com Open in urlscan Pro 2606:4700:20::681a:68d Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page URL History Show full URLs

Detected technologies

Page Statistics

99 Requests

100 %HTTPS

57 %IPv6

27 Domains

33 Subdomains

31 IPs

6 Countries

1954 kBTransfer

3694 kBSize

4 Cookies

1 Outgoing links

Page URL History

Redirected requests

99 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 1 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

r.brstej.com Open in urlscan Pro
2606:4700:20::681a:68d Public Scan

Screenshot
Live screenshot

Full Image

99
Requests

100 %
HTTPS

57 %
IPv6

27
Domains

33
Subdomains

31
IPs

6
Countries

1954 kB
Transfer

3694 kB
Size

4
Cookies

99 HTTP transactions
1 data transactions