tainhachay.us Open in urlscan Pro
2606:4700:3033::6815:f54 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://tainhachay.us/
Submission: On December 06 via automatic, source rescanner (December 6th 2021, 11:00:08 pm UTC) — Scanned from US

Summary HTTP 125 Redirects Links 2 Behaviour Indicators

Summary

This website contacted 25 IPs in 4 countries across 31 domains to perform 125 HTTP transactions. The main IP is 2606:4700:3033::6815:f54, located in United States and belongs to CLOUDFLARENET, US. The main domain is tainhachay.us.
TLS certificate: Issued by R3 on December 6th 2021. Valid for: 3 months.

This is the only time tainhachay.us was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
3	2606:4700:303... 2606:4700:3033::6815:f54	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3	2606:4700::68... 2606:4700::6812:bcf	13335 (CLOUDFLAR...) (CLOUDFLARENET)
4	2607:f8b0:400... 2607:f8b0:4006:817::200a	15169 (GOOGLE) (GOOGLE)
2	2606:4700:303... 2606:4700:3036::ac43:9c4b	13335 (CLOUDFLAR...) (CLOUDFLARENET)
4	2606:4700:303... 2606:4700:3036::ac43:c555	13335 (CLOUDFLAR...) (CLOUDFLARENET)
8	2607:f8b0:400... 2607:f8b0:4006:81e::2008	15169 (GOOGLE) (GOOGLE)
5	163.172.215.201 163.172.215.201	12876 (Online SAS) (Online SAS)
6	2606:4700:303... 2606:4700:3032::6815:28ba	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2607:f8b0:400... 2607:f8b0:4006:81d::200a	15169 (GOOGLE) (GOOGLE)
12	136.243.4.18 136.243.4.18	24940 (HETZNER-AS) (HETZNER-AS)
4	2a02:b4a:1:7:... 2a02:b4a:1:7::9166:1	39572 (ADVANCEDH...) (ADVANCEDHOSTERS-AS)
3	2606:4700::68... 2606:4700::6810:85e5	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3	2607:f8b0:400... 2607:f8b0:4006:823::2003	15169 (GOOGLE) (GOOGLE)
12	2607:f8b0:400... 2607:f8b0:4006:807::200e	15169 (GOOGLE) (GOOGLE)
3 3	2606:4700:303... 2606:4700:3030::ac43:d46f	13335 (CLOUDFLAR...) (CLOUDFLARENET)
9	2606:4700:303... 2606:4700:3037::ac43:9bec	13335 (CLOUDFLAR...) (CLOUDFLARENET)
9	45.133.44.25 45.133.44.25	7018 (ATT-INTER...) (ATT-INTERNET4)
2	2607:f8b0:402... 2607:f8b0:4023:1404::9d	15169 (GOOGLE) (GOOGLE)
4	45.133.44.24 45.133.44.24	39572 (ADVANCEDH...) (ADVANCEDHOSTERS-AS)
2	168.119.25.18 168.119.25.18	24940 (HETZNER-AS) (HETZNER-AS)
2	2607:f8b0:400... 2607:f8b0:4006:81d::2004	15169 (GOOGLE) (GOOGLE)
3 3	2a01:4f8:252:... 2a01:4f8:252:564d::2	24940 (HETZNER-AS) (HETZNER-AS)
1 1	2a02:128:7:52... 2a02:128:7:5242::2	50245 (SERVEREL-AS) (SERVEREL-AS)
3 3	2a02:128:7:52... 2a02:128:7:5241::2	50245 (SERVEREL-AS) (SERVEREL-AS)
5	2606:4700:303... 2606:4700:3036::6815:2206	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2600:9000:21e... 2600:9000:21ea:2200:15:c747:87c0:21	16509 (AMAZON-02) (AMAZON-02)
2	2606:50c0:800... 2606:50c0:8001::153	54113 (FASTLY) (FASTLY)
1 1	45.14.224.146 45.14.224.146	() ()
1	2606:4700:303... 2606:4700:3038::6815:ea45	() ()
125	25

3 2606:4700:3033::6815:f54 (United States)

ASN13335 (CLOUDFLARENET, US)

tainhachay.us	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2606:4700::6812:bcf (United States)

ASN13335 (CLOUDFLARENET, US)

netdna.bootstrapcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2607:f8b0:4006:817::200a (United States)

ASN15169 (GOOGLE, US)

ajax.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700:3036::ac43:9c4b (United States)

ASN13335 (CLOUDFLARENET, US)

fastcdn.jdi5.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
imgcdn1.jdi5.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2606:4700:3036::ac43:c555 (United States)

ASN13335 (CLOUDFLARENET, US)

yqmxfz.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 2607:f8b0:4006:81e::2008 (United States)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 163.172.215.201 (Amsterdam, Netherlands)

ASN12876 (Online SAS, FR)
PTR: 163-172-215-201.rev.poneytelecom.eu

cs.u-on.eu	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2606:4700:3032::6815:28ba (United States)

ASN13335 (CLOUDFLARENET, US)

counter.jdi5.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
fastcdn.jdi5.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
imgcdn1.jdi5.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2607:f8b0:4006:81d::200a (United States)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

12 136.243.4.18 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.18.4.243.136.clients.your-server.de

ad.a-ads.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
static.a-ads.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a02:b4a:1:7::9166:1 (Netherlands)

ASN39572 (ADVANCEDHOSTERS-AS, NL)

yfetyg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2606:4700::6810:85e5 (United States)

ASN13335 (CLOUDFLARENET, US)

cloudflare.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2607:f8b0:4006:823::2003 (United States)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

12 2607:f8b0:4006:807::200e (United States)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2606:4700:3030::ac43:d46f (United States) 3 redirects

ASN13335 (CLOUDFLARENET, US)

ad.jetx.info	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 2606:4700:3037::ac43:9bec (United States)

ASN13335 (CLOUDFLARENET, US)

1337x2.xyz	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 45.133.44.25 (Philadelphia, United States)

ASN7018 (ATT-INTERNET4, US)

js.wpadmngr.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
js.cabnnr.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
12007250.pix-cdn.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2607:f8b0:4023:1404::9d (Columbus, United States)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 45.133.44.24 (Philadelphia, United States)

ASN39572 (ADVANCEDHOSTERS-AS, NL)

na.nawpush.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
js.wpushsdk.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 168.119.25.18 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.18.25.119.168.clients.your-server.de

metricswpsh.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2607:f8b0:4006:81d::2004 (United States)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a01:4f8:252:564d::2 (Germany) 3 redirects

ASN24940 (HETZNER-AS, DE)

rtbbnr.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:128:7:5242::2 (Czech Republic) 1 redirects

ASN50245 (SERVEREL-AS, NL)

tcimp.zog.link	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a02:128:7:5241::2 (Czech Republic) 3 redirects

ASN50245 (SERVEREL-AS, NL)

tb.baimgfroggd.site	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2606:4700:3036::6815:2206 (United States)

ASN13335 (CLOUDFLARENET, US)

stream.vast.wtf	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2600:9000:21ea:2200:15:c747:87c0:21 (United States)

ASN16509 (AMAZON-02, US)

d1esebcdm6wx7j.cloudfront.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:50c0:8001::153 (United States)

ASN54113 (FASTLY, US)

afarkas.github.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 45.14.224.146 (None, ) 1 redirects

ASN- ()

nghetaitruyen.aino.pk	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:3038::6815:ea45 (None, )

ASN- ()

dl7.wapkizfile.info	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
12	google-analytics.com www.google-analytics.com	79 KB
12	a-ads.com ad.a-ads.com static.a-ads.com	504 KB
9	1337x2.xyz 1337x2.xyz	8 KB
8	googletagmanager.com www.googletagmanager.com	333 KB
8	jdi5.com fastcdn.jdi5.com counter.jdi5.com imgcdn1.jdi5.com	11 KB
6	wpadmngr.com js.wpadmngr.com	58 KB
6	googleapis.com ajax.googleapis.com fonts.googleapis.com	185 KB
5	vast.wtf stream.vast.wtf	1 MB
5	u-on.eu cs.u-on.eu	3 KB
4	yfetyg.com yfetyg.com	509 B
4	yqmxfz.com yqmxfz.com	223 KB
3	baimgfroggd.site 3 redirects tb.baimgfroggd.site	2 KB
3	rtbbnr.com 3 redirects rtbbnr.com	1 KB
3	jetx.info 3 redirects ad.jetx.info	2 KB
3	gstatic.com fonts.gstatic.com	43 KB
3	cloudflare.com cloudflare.com	1 KB
3	bootstrapcdn.com netdna.bootstrapcdn.com	54 KB
3	tainhachay.us tainhachay.us	23 KB
2	github.io afarkas.github.io	7 KB
2	cloudfront.net d1esebcdm6wx7j.cloudfront.net	593 B
2	google.com www.google.com	608 B
2	cabnnr.com js.cabnnr.com	9 KB
2	wpushsdk.com js.wpushsdk.com	9 KB
2	metricswpsh.com metricswpsh.com	385 B
2	nawpush.com na.nawpush.com	1 KB
2	doubleclick.net stats.g.doubleclick.net	506 B
1	wapkizfile.info dl7.wapkizfile.info	25 KB
1	aino.pk 1 redirects nghetaitruyen.aino.pk	598 B
1	pix-cdn.org 12007250.pix-cdn.org	21 KB
1	zog.link 1 redirects tcimp.zog.link	308 B
0	javcosplay.com Failed vs.javcosplay.com Failed
125	31

	Domain	Requested by
12	www.google-analytics.com	counter.jdi5.com www.googletagmanager.com www.google-analytics.com tainhachay.us
9	1337x2.xyz	tainhachay.us
8	www.googletagmanager.com	tainhachay.us www.googletagmanager.com 1337x2.xyz
6	js.wpadmngr.com	yqmxfz.com js.wpadmngr.com
6	static.a-ads.com	ad.a-ads.com
6	ad.a-ads.com	tainhachay.us
5	stream.vast.wtf	js.cabnnr.com stream.vast.wtf tainhachay.us
5	cs.u-on.eu	tainhachay.us
4	yfetyg.com	yqmxfz.com
4	counter.jdi5.com	tainhachay.us counter.jdi5.com
4	yqmxfz.com	tainhachay.us 1337x2.xyz
4	ajax.googleapis.com	tainhachay.us
3	tb.baimgfroggd.site	3 redirects
3	rtbbnr.com	3 redirects
3	ad.jetx.info	3 redirects
3	fonts.gstatic.com	fonts.googleapis.com
3	cloudflare.com	yqmxfz.com
3	netdna.bootstrapcdn.com	tainhachay.us netdna.bootstrapcdn.com
3	tainhachay.us	tainhachay.us
2	afarkas.github.io	1337x2.xyz
2	d1esebcdm6wx7j.cloudfront.net	yqmxfz.com
2	imgcdn1.jdi5.com	tainhachay.us counter.jdi5.com
2	www.google.com	tainhachay.us
2	js.cabnnr.com	js.wpadmngr.com
2	js.wpushsdk.com	js.wpadmngr.com
2	metricswpsh.com	js.wpadmngr.com
2	na.nawpush.com	js.wpadmngr.com
2	stats.g.doubleclick.net	www.google-analytics.com
2	fonts.googleapis.com	fastcdn.jdi5.com
2	fastcdn.jdi5.com	tainhachay.us
1	dl7.wapkizfile.info	tainhachay.us
1	nghetaitruyen.aino.pk	1 redirects
1	12007250.pix-cdn.org	stream.vast.wtf
1	tcimp.zog.link	1 redirects
0	vs.javcosplay.com Failed	stream.vast.wtf
125	35

This site contains links to these domains. Also see Links.

Domain
cs.u-on.eu
rutgon.me

Subject Issuer	Validity	Valid
*.tainhachay.us R3	`2021-12-06` - `2022-03-06`	3 months	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2021-03-01` - `2022-02-28`	a year	crt.sh
upload.video.google.com GTS CA 1C3	`2021-11-01` - `2022-01-24`	3 months	crt.sh
*.google-analytics.com GTS CA 1C3	`2021-11-01` - `2022-01-24`	3 months	crt.sh
cs.u-on.eu R3	`2021-10-24` - `2022-01-22`	3 months	crt.sh
*.a-ads.com Sectigo ECC Domain Validation Secure Server CA	`2020-12-02` - `2022-01-02`	a year	crt.sh
yfetyg.com R3	`2021-10-19` - `2022-01-17`	3 months	crt.sh
cloudflare.com Cloudflare Inc ECC CA-3	`2021-06-04` - `2022-06-03`	a year	crt.sh
*.gstatic.com GTS CA 1C3	`2021-11-08` - `2022-01-31`	3 months	crt.sh
js.wpadmngr.com R3	`2021-11-18` - `2022-02-16`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2021-11-01` - `2022-01-24`	3 months	crt.sh
na.nawpush.com R3	`2021-10-14` - `2022-01-12`	3 months	crt.sh
notification.tubecup.net R3	`2021-11-30` - `2022-02-28`	3 months	crt.sh
js.wpushsdk.com R3	`2021-11-18` - `2022-02-16`	3 months	crt.sh
js.cabnnr.com R3	`2021-10-29` - `2022-01-27`	3 months	crt.sh
www.google.com GTS CA 1C3	`2021-11-01` - `2022-01-24`	3 months	crt.sh
*.cloudfront.net Amazon	`2021-03-19` - `2022-03-17`	a year	crt.sh
www.github.com DigiCert SHA2 High Assurance Server CA	`2020-05-06` - `2022-04-14`	2 years	crt.sh
12007250.pix-cdn.org R3	`2021-12-01` - `2022-03-01`	3 months	crt.sh

This page contains 16 frames:

Primary Page: https://tainhachay.us/
Frame ID: 7DFE8A4EDC4E81444B56590A62537A5F
Requests: 42 HTTP requests in this frame

Frame: https://ad.a-ads.com/1699111?size=320x100
Frame ID: D8E7F31702531817FFD4C554958A79CD
Requests: 3 HTTP requests in this frame

Frame: https://ad.a-ads.com/1699111?size=320x100
Frame ID: F4F18E4BDB23D0C312295E3521EB4094
Requests: 3 HTTP requests in this frame

Frame: https://1337x2.xyz/sub/42/0/
Frame ID: 5C1A76AEE4990187B8A8027749D15367
Requests: 11 HTTP requests in this frame

Frame: https://tainhachay.us/
Frame ID: 437A6F2A8CA93BDFA6C8E32C918E5776
Requests: 23 HTTP requests in this frame

Frame: https://ad.a-ads.com/1699111?size=320x100
Frame ID: A67D01DE3C19139C1653E56E9912D619
Requests: 2 HTTP requests in this frame

Frame: https://stream.vast.wtf/yt/ls?eu=https%3A%2F%2Fwww.google.com%2Furl%3Fsa%3DD%26q%3Dhttps%3A%2F%2Fwww.youtube.com%2Fembed%2FGGvZaKxAGzI%253Fenablejsapi%253D1%2526origin%253D%2A%2526playsinline%253D1%2526autoplay%253D1%2526mute%253D1&ee=https%3A%2F%2Fvs.javcosplay.com%2Fsts%2F&pid=60807&p=0.0200&oid=1132713&sp=0.040000&spp=1000&se=impression&vi=GGvZaKxAGzI&tcbbi=https%3A%2F%2F12007250.pix-cdn.org%2Fnative%2Ftmp%2Ftbz.jpg&tcbbc=https%3A%2F%2Ftube.biz%2F%3Futm_source%3Dtbz%26utm_medium%3Dbanner%26utm_campaign%3Dasites%26ref%3Dnq1a9fVMKw&utm1=tcb&utm2=746359569-1&utm3=195-21720-0&utm4=0-9039089-14
Frame ID: 16A7F7D0186671A545470272D8904F8E
Requests: 4 HTTP requests in this frame

Frame: https://ad.a-ads.com/1699111?size=320x100
Frame ID: A2D2A5ED4DF75F36C5C8C76FEF85589E
Requests: 2 HTTP requests in this frame

Frame: https://1337x2.xyz/user/bone111/
Frame ID: 8A129D74BA676FF514F666088077D159
Requests: 17 HTTP requests in this frame

Frame: https://stream.vast.wtf/yt/ls?eu=https%3A%2F%2Fwww.google.com%2Furl%3Fsa%3DD%26q%3Dhttps%3A%2F%2Fwww.youtube.com%2Fembed%2FX1Q5hBdnivU%253Fenablejsapi%253D1%2526origin%253D%2A%2526playsinline%253D1%2526autoplay%253D1%2526mute%253D1&ee=https%3A%2F%2Fvs.javcosplay.com%2Fsts%2F&pid=43038&p=0.0200&oid=1132653&sp=0.0400&spp=1000&se=impression&vi=X1Q5hBdnivU&tcbbi=https%3A%2F%2F12007250.pix-cdn.org%2Fnative%2Ftmp%2Ftbz.jpg&tcbbc=https%3A%2F%2Ftube.biz%2F%3Futm_source%3Dtbz%26utm_medium%3Dbanner%26utm_campaign%3Dasites%26ref%3Dnq1a9fVMKw
Frame ID: D858DC1E459B143D866DB41942129650
Requests: 1 HTTP requests in this frame

Frame: https://stream.vast.wtf/files/ytls/bundle6.js
Frame ID: 67968A4EFDEBAD26960EADCD5CDBB82E
Requests: 1 HTTP requests in this frame

Frame: https://ad.a-ads.com/1699111?size=320x100
Frame ID: F463EC74A4FB969E410A0D9FBC00C2EC
Requests: 3 HTTP requests in this frame

Frame: https://ad.a-ads.com/1699111?size=320x100
Frame ID: 1A98C5B5D133BE65CD81EB455FF84B29
Requests: 3 HTTP requests in this frame

Frame: https://1337x2.xyz/user/MoviesFD7/
Frame ID: 86FB3861EF8377A8A8947430774ECA81
Requests: 3 HTTP requests in this frame

Frame: https://tainhachay.us/
Frame ID: 6B102884B922CABE61674BC1AD57A309
Requests: 9 HTTP requests in this frame

Frame: https://stream.vast.wtf/yt/ls?eu=https%3A%2F%2Fwww.google.com%2Furl%3Fsa%3DD%26q%3Dhttps%3A%2F%2Fwww.youtube.com%2Fembed%2FGGvZaKxAGzI%253Fenablejsapi%253D1%2526origin%253D%2A%2526playsinline%253D1%2526autoplay%253D1%2526mute%253D1&ee=https%3A%2F%2Fvs.javcosplay.com%2Fsts%2F&pid=43038&p=0.0200&oid=1132713&sp=0.0400&spp=1000&se=impression&vi=GGvZaKxAGzI&tcbbi=https%3A%2F%2F12007250.pix-cdn.org%2Fnative%2Ftmp%2Ftbz.jpg&tcbbc=https%3A%2F%2Ftube.biz%2F%3Futm_source%3Dtbz%26utm_medium%3Dbanner%26utm_campaign%3Dasites%26ref%3Dnq1a9fVMKw
Frame ID: 998F8FFF65D5691B2273AFCB65FECCF9
Requests: 3 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

TaiNhacHay.US - Tải Xuống Các Bài Hát Mp3, Tải Xuống Miễn Phí Mới Nhất 2021TaiNhacHay.US - Tải Xuống Các Bài Hát Mp3, Tải Xuống Miễn Phí Mới Nhất 2021

Page Statistics

125
Requests

86 %
HTTPS

79 %
IPv6

31
Domains

35
Subdomains

25
IPs

4
Countries

2846 kB
Transfer

7010 kB
Size

11
Cookies

2 Outgoing links

These are links going to different origins than the main page.

URL: https://cs.u-on.eu/in.php?u=76513

Search URL Search Domain Scan URL

URL: https://rutgon.me/mokuns

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 21

https://ad.jetx.info/red2.php?rand=pA57100f9cbfeea63e4645014657346447&id=27 HTTP 302
https://1337x2.xyz/submit.php

Request Chain 57

https://rtbbnr.com/get/?go=1&data=eyJpbXAiOlt7InNlY3VyZSI6MSwiZXh0Ijp7ImF2IjowLCJpZCI6MTY5NSwic3BhY2VpZCI6MTY5NSwiaWR6b25lIjpudWxsLCJhZF90YWdzIjoiIiwibGFiZWxzIjoiIiwidGl0bGUiOiIiLCJzdWJpZCI6IjUxMzY2MzAxOCIsInV0bTEiOiIiLCJ1dG0yIjoiIiwidXRtNCI6IiIsInNwb3RfaWQiOjExODc4fSwiYmFubmVyIjp7InciOjEsImgiOjF9fV0sInNpdGUiOnsiaWQiOiIxMTg3OCIsInBhZ2UiOiJodHRwczovL3RhaW5oYWNoYXkudXMvIn0sImRldmljZSI6eyJ3IjoxNjAwLCJoIjoxMjAwfSwidXNlciI6eyJpZCI6Ijc1ZjY3ZDAyMGE2YzJjNDU2MWQxY2E0NjcwMzQ1YjBhIn0sImV4dCI6eyJkdCI6MTYzODgzMTYwMzgwMH19 HTTP 302
https://tcimp.zog.link/in/banners?katds_ep=rrA3caYzzjleWbhfMFRzG38EO6u4cgDdcapQC-CLUukP8AcEJoe2K-AFHcjgUjjShbAvWNvoAI0oqu_QUR5iarA9BrcYLyoaGS6coUuyGACfGVex66Tk58N_gsVUctfAXi3e5n14232NKUVCdpNPUE18WhkZeYScwoQQZ8181CKtAAzSgF4BHB9ty_LW_nWoFEu0fw3Nsfhc6ORvGxwTUmX7zCN_e9hAIkYYuzHoKNl9TBzg0oi5hRzx8OJai1_ffN0_10l3Fru-2hf9clmhAKyl-SXcNRdryQR20qHYhueFRH07aDKb-86dtDfStKdaaONsMhlYZw-xUsgtBdt20NndfNTbjyoIQQmdBS-njjnlH4b5ZODFimT5vE6Crdm7Vipcb5UQiDpM_ho6t_YQp-5SQmtWaGPM13_JTFMXfbclytc1e_EuycrcmJHcWqWTKsW6SEPcUVpf HTTP 302
https://tb.baimgfroggd.site/in/1816/?user_id=eb9d2febbe40555d02d3583ba9df566827bcca2c&bid=0.040000&katds_labels=&utm1=tcb&utm2=746359569-1&utm3=195-21720-0&utm4=0-9039089-14 HTTP 302
https://stream.vast.wtf/yt/ls?eu=https%3A%2F%2Fwww.google.com%2Furl%3Fsa%3DD%26q%3Dhttps%3A%2F%2Fwww.youtube.com%2Fembed%2FGGvZaKxAGzI%253Fenablejsapi%253D1%2526origin%253D%2A%2526playsinline%253D1%2526autoplay%253D1%2526mute%253D1&ee=https%3A%2F%2Fvs.javcosplay.com%2Fsts%2F&pid=60807&p=0.0200&oid=1132713&sp=0.040000&spp=1000&se=impression&vi=GGvZaKxAGzI&tcbbi=https%3A%2F%2F12007250.pix-cdn.org%2Fnative%2Ftmp%2Ftbz.jpg&tcbbc=https%3A%2F%2Ftube.biz%2F%3Futm_source%3Dtbz%26utm_medium%3Dbanner%26utm_campaign%3Dasites%26ref%3Dnq1a9fVMKw&utm1=tcb&utm2=746359569-1&utm3=195-21720-0&utm4=0-9039089-14

Request Chain 63

https://ad.jetx.info/red2.php?rand=pA57100f9cbfeea63e4645014657346447&id=27 HTTP 302
https://1337x2.xyz/submit.php

Request Chain 100

https://rtbbnr.com/get/?go=1&data=eyJpbXAiOlt7InNlY3VyZSI6MSwiZXh0Ijp7ImF2IjowLCJpZCI6MTY5NSwic3BhY2VpZCI6MTY5NSwiaWR6b25lIjpudWxsLCJhZF90YWdzIjoiIiwibGFiZWxzIjoiIiwidGl0bGUiOiIiLCJzdWJpZCI6IjUxMzY2MzAxOCIsInV0bTEiOiIiLCJ1dG0yIjoiIiwidXRtNCI6IiIsInNwb3RfaWQiOjExODc4fSwiYmFubmVyIjp7InciOjEsImgiOjF9fV0sInNpdGUiOnsiaWQiOiIxMTg3OCIsInBhZ2UiOiJodHRwczovLzEzMzd4Mi54eXovIn0sImRldmljZSI6eyJ3IjoxNjAwLCJoIjoxMjAwfSwidXNlciI6eyJpZCI6Ijc3MGVjY2U2ODI4NmMxYjcyNWZiNmM1MzI4NzFlMjQzIn0sImV4dCI6eyJkdCI6MTYzODgzMTYwNjQzM319 HTTP 302
https://tb.baimgfroggd.site/in/1739/?screen_resolution=1600x1200&zone=ssp_cpm&w=1&h=1&spaceid=1695&user_id=770ecce68286c1b725fb6c532871e243&bid=0.0400&katds_labels=&utm1=&utm2=&utm3=&utm4= HTTP 302
https://stream.vast.wtf/yt/ls?eu=https%3A%2F%2Fwww.google.com%2Furl%3Fsa%3DD%26q%3Dhttps%3A%2F%2Fwww.youtube.com%2Fembed%2FX1Q5hBdnivU%253Fenablejsapi%253D1%2526origin%253D%2A%2526playsinline%253D1%2526autoplay%253D1%2526mute%253D1&ee=https%3A%2F%2Fvs.javcosplay.com%2Fsts%2F&pid=43038&p=0.0200&oid=1132653&sp=0.0400&spp=1000&se=impression&vi=X1Q5hBdnivU&tcbbi=https%3A%2F%2F12007250.pix-cdn.org%2Fnative%2Ftmp%2Ftbz.jpg&tcbbc=https%3A%2F%2Ftube.biz%2F%3Futm_source%3Dtbz%26utm_medium%3Dbanner%26utm_campaign%3Dasites%26ref%3Dnq1a9fVMKw

Request Chain 107

https://ad.jetx.info/red2.php?rand=pA57100f9cbfeea63e4645014657346447&id=27 HTTP 302
https://1337x2.xyz/submit.php

Request Chain 109

https://rtbbnr.com/get/?go=1&data=eyJpbXAiOlt7InNlY3VyZSI6MSwiZXh0Ijp7ImF2IjowLCJpZCI6MTY5NSwic3BhY2VpZCI6MTY5NSwiaWR6b25lIjpudWxsLCJhZF90YWdzIjoiIiwibGFiZWxzIjoiIiwidGl0bGUiOiIiLCJzdWJpZCI6IjUxMzY2MzAxOCIsInV0bTEiOiIiLCJ1dG0yIjoiIiwidXRtNCI6IiIsInNwb3RfaWQiOjExODc4fSwiYmFubmVyIjp7InciOjEsImgiOjF9fV0sInNpdGUiOnsiaWQiOiIxMTg3OCIsInBhZ2UiOiJodHRwczovL3RhaW5oYWNoYXkudXMvIn0sImRldmljZSI6eyJ3IjoxNjAwLCJoIjoxMjAwfSwidXNlciI6eyJpZCI6Ijc1ZjY3ZDAyMGE2YzJjNDU2MWQxY2E0NjcwMzQ1YjBhIn0sImV4dCI6eyJkdCI6MTYzODgzMTYwMzgwMH19 HTTP 302
https://tb.baimgfroggd.site/in/1739/?screen_resolution=1600x1200&zone=ssp_cpm&w=1&h=1&spaceid=1695&user_id=75f67d020a6c2c4561d1ca4670345b0a&bid=0.0400&katds_labels=&utm1=&utm2=&utm3=&utm4= HTTP 302
https://stream.vast.wtf/yt/ls?eu=https%3A%2F%2Fwww.google.com%2Furl%3Fsa%3DD%26q%3Dhttps%3A%2F%2Fwww.youtube.com%2Fembed%2FGGvZaKxAGzI%253Fenablejsapi%253D1%2526origin%253D%2A%2526playsinline%253D1%2526autoplay%253D1%2526mute%253D1&ee=https%3A%2F%2Fvs.javcosplay.com%2Fsts%2F&pid=43038&p=0.0200&oid=1132713&sp=0.0400&spp=1000&se=impression&vi=GGvZaKxAGzI&tcbbi=https%3A%2F%2F12007250.pix-cdn.org%2Fnative%2Ftmp%2Ftbz.jpg&tcbbc=https%3A%2F%2Ftube.biz%2F%3Futm_source%3Dtbz%26utm_medium%3Dbanner%26utm_campaign%3Dasites%26ref%3Dnq1a9fVMKw

Request Chain 111

https://nghetaitruyen.aino.pk/filedownload/2375551/img-1-1638607976306-(nghetaitruyen.aino.pk).jpg HTTP 302
https://dl7.wapkizfile.info/download/e85ce45cef727a420f82e2f592bda428/5d8e6e5a829b841f3a75f89962d3593a/nghetaitruyen+aino+pk/img-1-1638607976306-(nghetaitruyen.aino.pk).jpg

125 HTTP transactions
5 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request / Show response
tainhachay.us/ 44 KB
12 KB 1030ms
857ms Document
text/html 2606:4700:3033::6815:f54
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://tainhachay.us/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3033::6815:f54 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

acf137af3e303c4d781898efe19ab0b3c8910515986799fe46fa1c2f29a454f7

Security Headers

Name	Value
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language: en-US,en;q=0.9

Response headers

date: Mon, 06 Dec 2021 23:00:01 GMT
content-type: text/html; charset=UTF-8
vary: Accept-Encoding Accept-Encoding
expires: Mon, 06 Dec 2021 23:09:28 GMT
cache-control: public
pragma: no-cache
last-modified: Mon, 06 Dec 2021 22:59:28 GMT
access-control-allow-origin: *
x-xss-protection: 1; mode=block
cf-cache-status: DYNAMIC
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ucl7CscHfktd9LUsegXZI8lGs8azVROXUzNy9IVgdOc4qXRWnQ7ITV2iF18mtp3YKI4aunUMLfFBgxa8XGlCgGrnVYpZ7USL2T7iZAStvV5qSZWMDzFqW1WzOjBWVu%2FHn1k9%2BOJr0CTwJWTI"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 6b9920be8f63817a-DFW
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400

GET
H2 200 font-awesome.css
netdna.bootstrapcdn.com/font-awesome/4.0.3/css/ 21 KB
5 KB 285ms
123ms Stylesheet
text/css 2606:4700::6812:bcf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://netdna.bootstrapcdn.com/font-awesome/4.0.3/css/font-awesome.css

Requested by

Host: tainhachay.us
URL: https://tainhachay.us/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:bcf , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

3083e8d3b21ddc3f0e6d65ec3580aa6edfaadca5d9737d9caa27e6a233e1ccf3

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: en-US,en;q=0.9
Referer: https://tainhachay.us/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Mon, 06 Dec 2021 23:00:01 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
cdn-edgestorageid: 711, 617, 617
age: 18458224
cdn-cachedat: 2021-05-03 12:02:07
cdn-pullzone: 252412
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
timing-allow-origin: *
access-control-allow-origin: *
last-modified: Mon, 25 Jan 2021 22:04:53 GMT
server: cloudflare
cdn-requestpullcode: 200
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/css; charset=utf-8
cdn-cache: HIT
vary: Accept-Encoding
cache-control: public, max-age=31919000
cdn-uid: b1941f61-b576-4f40-80de-5677acb38f74
cdn-requestid: 7106d808e7f3fd7e56dc6ca3bd98f420
cf-ray: 6b9920c50b0aec52-DFW
cdn-requestcountrycode: US
cdn-requestpullsuccess: True

GET
H2 200 jquery.min.js Show response
ajax.googleapis.com/ajax/libs/jquery/1.10.2/ 91 KB
33 KB 350ms
113ms Script
text/javascript 2607:f8b0:4006:817::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ajax.googleapis.com/ajax/libs/jquery/1.10.2/jquery.min.js

Requested by

Host: tainhachay.us
URL: https://tainhachay.us/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:817::200a , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

89a15e9c40bc6b14809f236ee8cd3ed1ea42393c1f6ca55c7855cd779b3f922e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-US,en;q=0.9
Referer: https://tainhachay.us/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Mon, 06 Dec 2021 19:33:33 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 12388
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 32954
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 19:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="hosted-libraries-pushers"
vary: Accept-Encoding
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 06 Dec 2022 19:33:33 GMT

GET
H2 200 jquery-ui.min.js Show response
ajax.googleapis.com/ajax/libs/jqueryui/1.10.3/ 223 KB
59 KB 455ms
218ms Script
text/javascript 2607:f8b0:4006:817::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ajax.googleapis.com/ajax/libs/jqueryui/1.10.3/jquery-ui.min.js

Requested by

Host: tainhachay.us
URL: https://tainhachay.us/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:817::200a , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

9671f8be70ad94a5362e60f4656d5d53ba214d32ab70a3f9d1603d7dadf9d1c1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-US,en;q=0.9
Referer: https://tainhachay.us/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Mon, 06 Dec 2021 06:29:25 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 59436
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 60529
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 19:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="hosted-libraries-pushers"
vary: Accept-Encoding
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 06 Dec 2022 06:29:25 GMT

GET
H2 200 style.css
fastcdn.jdi5.com/css/nhacdj.wapkiz.com/ 7 KB
2 KB 270ms
105ms Stylesheet
text/css 2606:4700:3036::ac43:9c4b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://fastcdn.jdi5.com/css/nhacdj.wapkiz.com/style.css
Requested by: Host: tainhachay.us
URL: https://tainhachay.us/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3036::ac43:9c4b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PHP/7.4.0RC6
Resource Hash: 5400a57a5051b8e339aa10ba25409f825aa52e50ce5e5f867772ec7666e2602a

Request headers

Accept-Language: en-US,en;q=0.9
Referer: https://tainhachay.us/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Mon, 06 Dec 2021 23:00:01 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 32
x-powered-by: PHP/7.4.0RC6
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
last-modified: Mon, 06 Dec 2021 22:59:29 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=IOqTbntCutLrlgLoGQ8czVtItY0MDmgIGCgew7%2BYegW%2BQKagXIig1%2BIbUBlCuBEm0u33pJCYH%2FttFWMK0SHxGMHrLbzdInYj7pk0oPeIXp1r0FYER3MfPxxtTWr4ZmsVxRMM3GsWmmakvNSHMrBp"}],"group":"cf-nel","max_age":604800}
content-type: text/css;charset=UTF-8
cache-control: max-age=14400
cf-polished: origSize=7606
cf-ray: 6b9920c50c71814f-DFW
cf-bgj: minify

GET
H2 200 waWQiOjEwNjQ1OTMsInNpZCI6MTExNTc1NCwid2lkIjoyNzk0MTMsInNyYyI6Mn0=eyJ.js Show response
yqmxfz.com/pw/ 146 KB
56 KB 284ms
114ms Script
application/javascript 2606:4700:3036::ac43:c555
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://yqmxfz.com/pw/waWQiOjEwNjQ1OTMsInNpZCI6MTExNTc1NCwid2lkIjoyNzk0MTMsInNyYyI6Mn0=eyJ.js
Requested by: Host: tainhachay.us
URL: https://tainhachay.us/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3036::ac43:c555 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: bd89c9e7d6048ee176b38666f2003a0d976bce1c643c5a56139e553b2ff28a33

Request headers

Accept-Language: en-US,en;q=0.9
Referer: https://tainhachay.us/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Mon, 06 Dec 2021 23:00:02 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
e-tag: da9bd4a7cc53e633c559fc77d7ee5945
age: 31
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
last-modified: Mon, 06 Dec 2021 22:59:30 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=VZg0DZEgaelXtyfrIVQcgg4XZsKTCMKgNZ6B0entzgvRfJ%2BH%2BgBeBWHNyAja7sr7EWp4TiJaJfcqY2HDU26XQp2chY29utiHS6VG%2FqLoOSK4HNXqPFOVNnGSd7KSOb6q7wk1BK29%2FDCE"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: https://tainhachay.us
cache-control: max-age=14400
cf-ray: 6b9920c85d6f55c0-DFW

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 163 KB
61 KB 378ms
131ms Script
application/javascript 2607:f8b0:4006:81e::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-GJ11EDJFL9

Requested by

Host: tainhachay.us
URL: https://tainhachay.us/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:81e::2008 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

ca60e9251383538dd4e5d724cbf4f26acd7c1888b7fc7ea88be59c45e3ccb287

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Accept-Language: en-US,en;q=0.9
Referer: https://tainhachay.us/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Mon, 06 Dec 2021 23:00:02 GMT
content-encoding: br
server: Google Tag Manager
access-control-allow-headers: Cache-Control
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; includeSubDomains
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 61824
x-xss-protection: 0
expires: Mon, 06 Dec 2021 23:00:02 GMT

GET
H/1.1 200
OK js.php Show response
cs.u-on.eu/ 302 B
509 B 484ms
158ms Script
application/x-javascript 163.172.215.201
Online SAS

General

Check archive.org

Show headers Download Go to

Full URL: https://cs.u-on.eu/js.php?u=76513
Requested by: Host: tainhachay.us
URL: https://tainhachay.us/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 163.172.215.201 Amsterdam, Netherlands, ASN12876 (Online SAS, FR),
Reverse DNS: 163-172-215-201.rev.poneytelecom.eu
Software: Apache/2.4.29 (Ubuntu) /
Resource Hash: cba8021d40885cd127e578ef3519b60fe58018c97992bf06d4958572b750d770

Request headers

Accept-Language: en-US,en;q=0.9
Referer: https://tainhachay.us/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date: Mon, 06 Dec 2021 23:00:01 GMT
Content-Encoding: gzip
Server: Apache/2.4.29 (Ubuntu)
Vary: Accept-Encoding
Content-Type: application/x-javascript
Cache-Control: no-store, no-cache, must-revalidate
Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
Content-Length: 205

GET
H2 200 online.js Show response
counter.jdi5.com/ 3 KB
2 KB 266ms
101ms Script
application/javascript 2606:4700:3032::6815:28ba
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://counter.jdi5.com/online.js
Requested by: Host: tainhachay.us
URL: https://tainhachay.us/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3032::6815:28ba , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8f530bfa2c38b91f1fc244604bb6db7381662a0a44f151bf368d310ced331442

Request headers

Accept-Language: en-US,en;q=0.9
Referer: https://tainhachay.us/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Mon, 06 Dec 2021 23:00:01 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 8181823
cf-polished: origSize=4463
cf-bgj: minify
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
last-modified: Fri, 19 Mar 2021 16:57:56 GMT
server: cloudflare
etag: W/"6054d814-116f"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=PA4I%2F4HOr5BNQ27lPiRiqmS8pCxqz4Ls3dYgzG3KnMaYrW5uL3lxGBRZX0U4PDhU4882CrMLlcyA9Ck0%2Bhf56K6FLcMqK3Bb31Zq0oaXJs%2FeqxWtboWKJKLdVKbm08J1ClrGRxURjiMzytdu%2BHe5"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=315360000
cf-ray: 6b9920c50e872f19-DFW
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 90 KB
35 KB 473ms
235ms Script
application/javascript 2607:f8b0:4006:81e::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=UA-46789381-15

Requested by

Host: tainhachay.us
URL: https://tainhachay.us/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:81e::2008 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

f5a06b873144ea51bdac8574b7da792811cc74e892bdd036be776969e21d1fd2

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Accept-Language: en-US,en;q=0.9
Referer: https://tainhachay.us/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Mon, 06 Dec 2021 23:00:02 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 36167
x-xss-protection: 0
last-modified: Mon, 06 Dec 2021 21:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Mon, 06 Dec 2021 23:00:02 GMT

GET
H2 200 css
fonts.googleapis.com/ 7 KB
1 KB 368ms
130ms Stylesheet
text/css 2607:f8b0:4006:81d::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Montserrat:400|Comfortaa:400,300,700|Boogaloo

Requested by

Host: fastcdn.jdi5.com
URL: https://fastcdn.jdi5.com/css/nhacdj.wapkiz.com/style.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:81d::200a , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

7ed9f306dbc0a60b775ccf447f0753f26560c57f71e6e39c131f1df4ade86433

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: en-US,en;q=0.9
Referer: https://fastcdn.jdi5.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Mon, 06 Dec 2021 23:00:02 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Mon, 06 Dec 2021 23:00:02 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Mon, 06 Dec 2021 23:00:02 GMT

GET
H/1.1 200
OK 1699111 Show response
ad.a-ads.com/ Frame D8E7 6 KB
2 KB 528ms
181ms Document
text/html 136.243.4.18
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://ad.a-ads.com/1699111?size=320x100

Requested by

Host: tainhachay.us
URL: https://tainhachay.us/

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

136.243.4.18 , Germany, ASN24940 (HETZNER-AS, DE),

Reverse DNS

static.18.4.243.136.clients.your-server.de

Software

nginx/1.18.0 (Ubuntu) / Phusion Passenger(R)

Resource Hash

88ca48315a76355607cb683a32cf25f153c1c431daa180a36d82f8338d03e78b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language: en-US,en;q=0.9
Referer: https://tainhachay.us/

Response headers

Server: nginx/1.18.0 (Ubuntu)
Date: Mon, 06 Dec 2021 23:00:02 GMT
Content-Type: text/html;charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding Accept-Encoding
Status: 200 OK
X-XSS-Protection: 1; mode=block
X-Content-Type-Options: nosniff
X-Powered-By: Phusion Passenger(R)
X-Original-Referer: https://tainhachay.us/
Content-Encoding: gzip

GET
H2 200 wnload Show response
yfetyg.com/ 0
128 B 490ms
160ms Fetch
application/javascript 2a02:b4a:1:7::9166:1
ADVANCEDHOSTERS-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://yfetyg.com/wnload?a=1&e=aeyJwaWQiOjEwNjQ1OTMsInNpZCI6MTExNTc1NCwid2lkIjoyNzk0MTMsImQiOiJ0YWluaGFjaGF5LnVzIiwibGkiOjF9&tz=0&if=0
Requested by: Host: yqmxfz.com
URL: https://yqmxfz.com/pw/waWQiOjEwNjQ1OTMsInNpZCI6MTExNTc1NCwid2lkIjoyNzk0MTMsInNyYyI6Mn0=eyJ.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server: 2a02:b4a:1:7::9166:1 , Netherlands, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software: nginx/1.18.0 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: en-US,en;q=0.9
Referer: https://tainhachay.us/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

access-control-allow-origin: *
date: Mon, 06 Dec 2021 23:00:02 GMT
access-control-allow-credentials: true
server: nginx/1.18.0
content-length: 0
content-type: application/javascript; charset=utf-8

GET
H2 200 trace Show response
cloudflare.com/cdn-cgi/ 283 B
432 B 295ms
112ms Fetch
text/plain 2606:4700::6810:85e5
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cloudflare.com/cdn-cgi/trace

Requested by

Host: yqmxfz.com
URL: https://yqmxfz.com/pw/waWQiOjEwNjQ1OTMsInNpZCI6MTExNTc1NCwid2lkIjoyNzk0MTMsInNyYyI6Mn0=eyJ.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:85e5 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

6927b4a6789de5a2e3ad959130de87e09bfdcb72fc62115c435febacf386fa7c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Accept-Language: en-US,en;q=0.9
Referer: https://tainhachay.us/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Mon, 06 Dec 2021 23:00:02 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cloudflare
x-frame-options: DENY
content-type: text/plain
access-control-allow-origin: *
cache-control: no-cache
cf-ray: 6b9920cc486a0c13-DFW
expires: Thu, 01 Jan 1970 00:00:01 GMT

GET
H2 200 JTUSjIg1_i6t8kCHKm459Wlhyw.woff2
fonts.gstatic.com/s/montserrat/v18/ 19 KB
20 KB 350ms
113ms Font
font/woff2 2607:f8b0:4006:823::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/montserrat/v18/JTUSjIg1_i6t8kCHKm459Wlhyw.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Montserrat:400|Comfortaa:400,300,700|Boogaloo

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:823::2003 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

2b26a74f3c0e529bc8fccfa6b1db8e083e738992266359fde1a5bd0aaa81cbc3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://tainhachay.us
Accept-Language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Wed, 01 Dec 2021 17:31:06 GMT
x-content-type-options: nosniff
age: 451736
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 19844
x-xss-protection: 0
last-modified: Tue, 10 Aug 2021 00:20:10 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Thu, 01 Dec 2022 17:31:06 GMT

GET
H2 200 JTUSjIg1_i6t8kCHKm459Wdhyzbi.woff2
fonts.gstatic.com/s/montserrat/v18/ 17 KB
17 KB 424ms
190ms Font
font/woff2 2607:f8b0:4006:823::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/montserrat/v18/JTUSjIg1_i6t8kCHKm459Wdhyzbi.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Montserrat:400|Comfortaa:400,300,700|Boogaloo

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:823::2003 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

66ebd4ac253961eb0f81cd79787f1121e7dca85ecd5ad4ea4b513b43f7eb3332

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://tainhachay.us
Accept-Language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Wed, 01 Dec 2021 15:55:30 GMT
x-content-type-options: nosniff
age: 457472
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 16952
x-xss-protection: 0
last-modified: Tue, 10 Aug 2021 00:20:06 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Thu, 01 Dec 2022 15:55:30 GMT

GET
BLOB 200
OK 6e82032f-72a9-43f4-87fd-539eb64f7715
https://tainhachay.us/ 91 B
0 Other
application/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://tainhachay.us/6e82032f-72a9-43f4-87fd-539eb64f7715
Requested by: Host: tainhachay.us
URL: https://tainhachay.us/
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 2d054b502d829accd15ff9cb78d1431df1c3ec2c67ca18d4008d2cbc973c6384

Request headers

Accept-Language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Content-Length: 91
Content-Type: application/javascript

GET
H/1.1 200
OK 1699111 Show response
ad.a-ads.com/ Frame F4F1 6 KB
2 KB 179ms
179ms Document
text/html 136.243.4.18
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://ad.a-ads.com/1699111?size=320x100

Requested by

Host: tainhachay.us
URL: https://tainhachay.us/

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

136.243.4.18 , Germany, ASN24940 (HETZNER-AS, DE),

Reverse DNS

static.18.4.243.136.clients.your-server.de

Software

nginx/1.18.0 (Ubuntu) / Phusion Passenger(R)

Resource Hash

88ca48315a76355607cb683a32cf25f153c1c431daa180a36d82f8338d03e78b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language: en-US,en;q=0.9
Referer: https://tainhachay.us/

Response headers

Server: nginx/1.18.0 (Ubuntu)
Date: Mon, 06 Dec 2021 23:00:02 GMT
Content-Type: text/html;charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding Accept-Encoding
Status: 200 OK
X-XSS-Protection: 1; mode=block
X-Content-Type-Options: nosniff
X-Powered-By: Phusion Passenger(R)
X-Original-Referer: https://tainhachay.us/
Content-Encoding: gzip

GET
H3 200 fontawesome-webfont.woff
netdna.bootstrapcdn.com/font-awesome/4.0.3/fonts/ 43 KB
44 KB 180ms
93ms Font
font/woff 2606:4700::6812:bcf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://netdna.bootstrapcdn.com/font-awesome/4.0.3/fonts/fontawesome-webfont.woff?v=4.0.3

Requested by

Host: netdna.bootstrapcdn.com
URL: https://netdna.bootstrapcdn.com/font-awesome/4.0.3/css/font-awesome.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6812:bcf , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

0fd28fece9ebd606b8b071460ebd3fc2ed7bc7a66ef91c8834f11dfacab4a849

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://netdna.bootstrapcdn.com/font-awesome/4.0.3/css/font-awesome.css
Origin: https://tainhachay.us
Accept-Language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Mon, 06 Dec 2021 23:00:02 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
cdn-edgestorageid: 674, 617, 617, 617
age: 172187
cdn-cachedat: 2021-06-08 10:21:32
cdn-pullzone: 252412
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 44432
timing-allow-origin: *
access-control-allow-origin: *
last-modified: Mon, 25 Jan 2021 22:04:53 GMT
server: cloudflare
cdn-requestpullcode: 200
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: font/woff
cdn-cache: HIT
vary: Accept-Encoding
cache-control: public, max-age=31919000
cdn-uid: b1941f61-b576-4f40-80de-5677acb38f74
cdn-requestid: 6f0b5ab211583213a6925a3e8e68e60c
accept-ranges: bytes
cf-ray: 6b9920cbdc1c2836-DFW
cdn-requestcountrycode: US
cdn-status: 200
cdn-requestpullsuccess: True

GET
H/1.1 200
OK c.php
cs.u-on.eu/ 393 B
634 B 162ms
162ms Image
image/png 163.172.215.201
Online SAS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cs.u-on.eu/c.php?u=76513&rjs=%3F**1600x1200&ljs=https%3A%2F%2Ftainhachay.us%2F
Requested by: Host: tainhachay.us
URL: https://tainhachay.us/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 163.172.215.201 Amsterdam, Netherlands, ASN12876 (Online SAS, FR),
Reverse DNS: 163-172-215-201.rev.poneytelecom.eu
Software: Apache/2.4.29 (Ubuntu) /
Resource Hash: 483b61aab2517acf9fd9c941dfa23bb50b600822433794052d9d1dd14ff7b5fa

Request headers

Accept-Language: en-US,en;q=0.9
Referer: https://tainhachay.us/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date: Mon, 06 Dec 2021 23:00:02 GMT
Cache-Control: no-store, no-cache, must-revalidate
Server: Apache/2.4.29 (Ubuntu)
Connection: Keep-Alive
Keep-Alive: timeout=5, max=99
Content-Length: 393
Content-Type: image/png

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 49 KB
20 KB 362ms
116ms Script
text/javascript 2607:f8b0:4006:807::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: counter.jdi5.com
URL: https://counter.jdi5.com/online.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:807::200e , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: en-US,en;q=0.9
Referer: https://tainhachay.us/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 02 Nov 2021 17:39:06 GMT
server: Golfe2
age: 2287
date: Mon, 06 Dec 2021 22:21:55 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20006
expires: Tue, 07 Dec 2021 00:21:55 GMT

GET
H2 200 fc.php Show response
counter.jdi5.com/ 49 B
401 B 1115ms
1115ms Script
application/x-javascript 2606:4700:3032::6815:28ba
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://counter.jdi5.com/fc.php?id=dd49e6ba9eba68d577b1c27e55d021d7&ua=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F96.0.4664.45%20Safari%2F537.36&ref=&pn=https%3A%2F%2Ftainhachay.us%2F&wh=1600x1200&rand=57
Requested by: Host: counter.jdi5.com
URL: https://counter.jdi5.com/online.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3032::6815:28ba , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 73690468d47d18015acd2ae64d297cd325b6588e23edc9c6d12592526a1c1273

Request headers

Accept-Language: en-US,en;q=0.9
Referer: https://tainhachay.us/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Mon, 06 Dec 2021 23:00:03 GMT
content-encoding: gzip
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=fbG2j83Gsc%2FIrrs732Jp9WBnGjIl09M%2B3Di94089okdMdQ1EPt6ETIsStyQ6weeJjXt9qFbBaCRS5u7KZSLm9mxMSufFaF%2FL5hhHcoQR2pzZUCEle%2BiWhF4tbNDvSs2A04H76snSuyXl5G3TxSSX"}],"group":"cf-nel","max_age":604800}
content-type: application/x-javascript
cf-ray: 6b9920cbaba42f19-DFW
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400

GET
H2

200

submit.php Show response
1337x2.xyz/ Frame 5C1A
Redirect Chain

https://ad.jetx.info/red2.php?rand=pA57100f9cbfeea63e4645014657346447&id=27
https://1337x2.xyz/submit.php

345 B
754 B

573ms
380ms

Document
text/html

2606:4700:3037::ac43:9bec
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://1337x2.xyz/submit.php
Requested by: Host: tainhachay.us
URL: https://tainhachay.us/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3037::ac43:9bec , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PHP/7.1.33
Resource Hash: e9b281d1d3a53a42aaa13f8b0e5b332da80515dd3f010481193953038d8fa7ef

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language: en-US,en;q=0.9
Referer: https://tainhachay.us/

Response headers

date: Mon, 06 Dec 2021 23:00:03 GMT
content-type: text/html; charset=UTF-8
vary: Accept-Encoding
x-powered-by: PHP/7.1.33
cf-cache-status: DYNAMIC
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=GQz29h7fRwjTdOXnN6ySJgSGCEUYhG5YOcRYOQBzxJ%2FqQtUZrZ%2BLxTFOegjGeiaB4IjSVfqFW3KStfU5A0gNxf%2FmPJLuLbgeeIw1LJJ%2F%2Fy5GeLXgJkv%2FFdCou41hOU2N1TRpoMZjGITt"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 6b9920d08c0a816a-DFW
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400

Redirect headers

date: Mon, 06 Dec 2021 23:00:03 GMT
content-type: text/html; charset=UTF-8
location: https://1337x2.xyz/submit.php
x-powered-by: PHP/5.6.40
expires: Thu, 19 Nov 1981 08:52:00 GMT
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
pragma: no-cache
cf-cache-status: DYNAMIC
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=t387jw4Ih30YUFZublt7ctcqsYTZfW97%2BK7ouKPHSRGR896LrUR1ESdDsuoyJDmJIbxz%2Fo4Io7innEgIr3gQ0csjUsZRMsg%2FkllN7sRnmKA1JzdSS1b9KxievKhdgQvB04kXPoIOLh8ISSM%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 6b9920ccdfc5ec52-DFW
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400

GET
H2 200 / Show response
tainhachay.us/ Frame 437A 44 KB
11 KB 720ms
720ms Document
text/html 2606:4700:3033::6815:f54
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://tainhachay.us/

Requested by

Host: tainhachay.us
URL: https://tainhachay.us/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3033::6815:f54 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ad031b78237d16f15269da1375864b47de6ffd5fb5caad4309d5c400cee4f371

Security Headers

Name	Value
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language: en-US,en;q=0.9
Referer: https://tainhachay.us/

Response headers

date: Mon, 06 Dec 2021 23:00:03 GMT
content-type: text/html; charset=UTF-8
vary: Accept-Encoding Accept-Encoding
expires: Mon, 06 Dec 2021 23:09:28 GMT
cache-control: public
pragma: no-cache
last-modified: Mon, 06 Dec 2021 22:59:28 GMT
access-control-allow-origin: *
x-xss-protection: 1; mode=block
cf-cache-status: DYNAMIC
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=8g0X2Hz4JdEkex0nU1W9WqHIk%2BlWBbKnAV%2BpyCNZUtlIFEc1tjmxLWeE96fs8PmnEFGF9wXptN18KH2kD4AKz%2FZPcQYxNusT0y%2FEViWVp3AUoicsLk7vWgomKEx20BQU8rPkGZGsnGSvllJS"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 6b9920cbbb7f817a-DFW
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400

GET
H/1.1 200
OK 320x100
static.a-ads.com/a-ads-banners/319492/ Frame D8E7 97 KB
98 KB 647ms
304ms Image
image/gif 136.243.4.18
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.a-ads.com/a-ads-banners/319492/320x100?region=eu-central-1
Requested by: Host: ad.a-ads.com
URL: https://ad.a-ads.com/1699111?size=320x100
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 136.243.4.18 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.18.4.243.136.clients.your-server.de
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: 08fd1c94cf023e5e99098e3ca336d01b32a237f0e781ab06c61d18af2589666d

Request headers

Accept-Language: en-US,en;q=0.9
Referer: https://ad.a-ads.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date: Mon, 06 Dec 2021 23:00:02 GMT
Last-Modified: Mon, 06 Dec 2021 11:34:44 GMT
Server: nginx/1.18.0 (Ubuntu)
x-amz-request-id: S173HV67D0ZX2HJM
ETag: "3eaed3fe434808810cf7e5b48879b777"
Content-Type: image/gif
Cache-Control: max-age=315360000
x-amz-replication-status: COMPLETED
Content-Length: 99707
Connection: keep-alive
Accept-Ranges: bytes
x-amz-version-id: Jv4WlpkWaQayYAR41qPblO0LoxVcMH1F
x-amz-id-2: 5Qw2eK+SxPpU3fuVEsl6x6zy3Hh7H+0nFOeKrcV0Avaf2SBuEzZsSINmLncmDauZiag03agLvUA=
Expires: Thu, 31 Dec 2037 23:55:55 GMT

POST
H2 204 collect
www.google-analytics.com/g/ 0
169 B 411ms
203ms Ping
text/plain 2607:f8b0:4006:807::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://www.google-analytics.com/g/collect?v=2&tid=G-GJ11EDJFL9&gtm=2oec10&_p=571259918&sr=1600x1200&ul=en-us&cid=397816071.1638831603&_s=1&dl=https%3A%2F%2Ftainhachay.us%2F&dt=TaiNhacHay.US%20-%20T%E1%BA%A3i%20Xu%E1%BB%91ng%20C%C3%A1c%20B%C3%A0i%20H%C3%A1t%20Mp3%2C%20T%E1%BA%A3i%20Xu%E1%BB%91ng%20Mi%E1%BB%85n%20Ph%C3%AD%20M%E1%BB%9Bi%20Nh%E1%BA%A5t%202021&sid=1638831602&sct=1&seg=0&en=page_view&_fv=1&_nsi=1&_ss=1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-GJ11EDJFL9
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2607:f8b0:4006:807::200e , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://tainhachay.us/
Accept-Language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Mon, 06 Dec 2021 23:00:02 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://tainhachay.us
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 js Show response
www.googletagmanager.com/gtag/ 90 KB
35 KB 250ms
131ms Script
application/javascript 2607:f8b0:4006:81e::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=UA-46789381-15&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-GJ11EDJFL9

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:81e::2008 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

2d91726619e3a826e7f0ee795f192f1cec70bca40a48bf2c55cfb9b5f8130417

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Accept-Language: en-US,en;q=0.9
Referer: https://tainhachay.us/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Mon, 06 Dec 2021 23:00:02 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 36190
x-xss-protection: 0
last-modified: Mon, 06 Dec 2021 21:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Mon, 06 Dec 2021 23:00:02 GMT

GET
DATA 200
OK truncated
/ Frame D8E7 305 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 95347f5a02237a0ff92fc87be7ad78f0fb44eebc125ffb61edc17da98a6d23d7

Request headers

Accept-Language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Content-Type: image/png

GET
H/1.1 200
OK 320x100
static.a-ads.com/a-ads-banners/319492/ Frame F4F1 97 KB
98 KB 647ms
302ms Image
image/gif 136.243.4.18
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.a-ads.com/a-ads-banners/319492/320x100?region=eu-central-1
Requested by: Host: ad.a-ads.com
URL: https://ad.a-ads.com/1699111?size=320x100
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 136.243.4.18 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.18.4.243.136.clients.your-server.de
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: 08fd1c94cf023e5e99098e3ca336d01b32a237f0e781ab06c61d18af2589666d

Request headers

Accept-Language: en-US,en;q=0.9
Referer: https://ad.a-ads.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date: Mon, 06 Dec 2021 23:00:03 GMT
Last-Modified: Mon, 06 Dec 2021 11:34:44 GMT
Server: nginx/1.18.0 (Ubuntu)
x-amz-request-id: S173HV67D0ZX2HJM
ETag: "3eaed3fe434808810cf7e5b48879b777"
Content-Type: image/gif
Cache-Control: max-age=315360000
x-amz-replication-status: COMPLETED
Content-Length: 99707
Connection: keep-alive
Accept-Ranges: bytes
x-amz-version-id: Jv4WlpkWaQayYAR41qPblO0LoxVcMH1F
x-amz-id-2: 5Qw2eK+SxPpU3fuVEsl6x6zy3Hh7H+0nFOeKrcV0Avaf2SBuEzZsSINmLncmDauZiag03agLvUA=
Expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
DATA 200
OK truncated
/ Frame F4F1 305 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 95347f5a02237a0ff92fc87be7ad78f0fb44eebc125ffb61edc17da98a6d23d7

Request headers

Accept-Language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 adManager.js Show response
js.wpadmngr.com/static/ 451 B
598 B 254ms
83ms Script
application/javascript 45.133.44.25
ATT-INTERNET4

General

Check archive.org

Show headers Download Go to

Full URL: https://js.wpadmngr.com/static/adManager.js
Requested by: Host: yqmxfz.com
URL: https://yqmxfz.com/pw/waWQiOjEwNjQ1OTMsInNpZCI6MTExNTc1NCwid2lkIjoyNzk0MTMsInNyYyI6Mn0=eyJ.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 45.133.44.25 Philadelphia, United States, ASN7018 (ATT-INTERNET4, US),
Reverse DNS
Software: nginx/1.18.0 /
Resource Hash: 2f499c632d806f66b96dda6cbd4cac0363d331885476a8ac1d9e8ac60954d720

Request headers

Accept-Language: en-US,en;q=0.9
Referer: https://tainhachay.us/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Mon, 06 Dec 2021 23:00:02 GMT
content-encoding: gzip
last-modified: Wed, 13 Oct 2021 09:03:43 GMT
server: nginx/1.18.0
etag: W/"6166a0ef-1c3"
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
expires: Tue, 07 Dec 2021 00:00:02 GMT
cache-control: max-age=3600
x-proxy-cache: HIT

GET
H3 200 JTUSjIg1_i6t8kCHKm459WZhyzbi.woff2
fonts.gstatic.com/s/montserrat/v18/ 7 KB
7 KB 236ms
116ms Font
font/woff2 2607:f8b0:4006:823::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/montserrat/v18/JTUSjIg1_i6t8kCHKm459WZhyzbi.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Montserrat:400|Comfortaa:400,300,700|Boogaloo

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:823::2003 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e2852d2462d64cf4179aa9397380ee32b82fea35d0a79dfd9ad94cca5cde0859

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://tainhachay.us
Accept-Language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Sun, 05 Dec 2021 00:30:16 GMT
x-content-type-options: nosniff
age: 167387
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6688
x-xss-protection: 0
last-modified: Tue, 10 Aug 2021 00:20:02 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Mon, 05 Dec 2022 00:30:16 GMT

POST
H3 200 collect Show response
www.google-analytics.com/j/ 4 B
24 B 249ms
126ms XHR
text/plain 2607:f8b0:4006:807::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j96&a=571259918&t=pageview&_s=1&dl=https%3A%2F%2Ftainhachay.us%2F&ul=en-us&de=UTF-8&dt=TaiNhacHay.US%20-%20T%E1%BA%A3i%20Xu%E1%BB%91ng%20C%C3%A1c%20B%C3%A0i%20H%C3%A1t%20Mp3%2C%20T%E1%BA%A3i%20Xu%E1%BB%91ng%20Mi%E1%BB%85n%20Ph%C3%AD%20M%E1%BB%9Bi%20Nh%E1%BA%A5t%202021&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=IADAAEABAAAAAC~&jid=1758037433&gjid=388162901&cid=397816071.1638831603&tid=UA-46789381-10&_gid=1531865707.1638831603&_r=1&_slc=1&z=1487912194

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:807::200e , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://tainhachay.us/
Accept-Language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Mon, 06 Dec 2021 23:00:03 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://tainhachay.us
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 200 collect Show response
www.google-analytics.com/j/ 2 B
22 B 241ms
125ms XHR
text/plain 2607:f8b0:4006:807::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j96&a=571259918&t=pageview&_s=1&dl=https%3A%2F%2Ftainhachay.us%2F&ul=en-us&de=UTF-8&dt=TaiNhacHay.US%20-%20T%E1%BA%A3i%20Xu%E1%BB%91ng%20C%C3%A1c%20B%C3%A0i%20H%C3%A1t%20Mp3%2C%20T%E1%BA%A3i%20Xu%E1%BB%91ng%20Mi%E1%BB%85n%20Ph%C3%AD%20M%E1%BB%9Bi%20Nh%E1%BA%A5t%202021&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YADAAUABAAAAAC~&jid=1748989015&gjid=1665839328&cid=397816071.1638831603&tid=UA-46789381-15&_gid=1531865707.1638831603&_r=1&gtm=2ouc10&z=622937967

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:807::200e , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://tainhachay.us/
Accept-Language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Mon, 06 Dec 2021 23:00:03 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://tainhachay.us
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 collect
www.google-analytics.com/ 35 B
55 B 227ms
113ms Image
image/gif 2607:f8b0:4006:807::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j96&a=571259918&t=event&_s=2&dl=https%3A%2F%2Ftainhachay.us%2F&ul=en-us&de=UTF-8&dt=TaiNhacHay.US%20-%20T%E1%BA%A3i%20Xu%E1%BB%91ng%20C%C3%A1c%20B%C3%A0i%20H%C3%A1t%20Mp3%2C%20T%E1%BA%A3i%20Xu%E1%BB%91ng%20Mi%E1%BB%85n%20Ph%C3%AD%20M%E1%BB%9Bi%20Nh%E1%BA%A5t%202021&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=tainhachay.us&ea=tainhachay.us&el=tainhachay.us&_u=YADAAUABAAAAAC~&jid=&gjid=&cid=397816071.1638831603&tid=UA-46789381-15&_gid=1531865707.1638831603&gtm=2ouc10&cg1=tainhachay.us&z=2142010507

Requested by

Host: tainhachay.us
URL: https://tainhachay.us/

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:807::200e , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: en-US,en;q=0.9
Referer: https://tainhachay.us/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 06 Dec 2021 12:18:34 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 38489
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 adManager.m.js Show response
js.wpadmngr.com/static/ 76 KB
28 KB 256ms
84ms Script
application/javascript 45.133.44.25
ATT-INTERNET4

General

Check archive.org

Show headers Download Go to

Full URL: https://js.wpadmngr.com/static/adManager.m.js
Requested by: Host: js.wpadmngr.com
URL: https://js.wpadmngr.com/static/adManager.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 45.133.44.25 Philadelphia, United States, ASN7018 (ATT-INTERNET4, US),
Reverse DNS
Software: nginx/1.18.0 /
Resource Hash: c3b4f77d5381aed1035dfd325c92572507530e8f732002a7613caee1774a532a

Request headers

Referer: https://tainhachay.us/
Origin: https://tainhachay.us
Accept-Language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Mon, 06 Dec 2021 23:00:03 GMT
content-encoding: gzip
last-modified: Fri, 03 Dec 2021 10:57:04 GMT
server: nginx/1.18.0
etag: W/"61a9f800-12e6c"
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
expires: Tue, 07 Dec 2021 00:00:03 GMT
cache-control: max-age=3600
x-proxy-cache: HIT

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 2 B
68 B 363ms
130ms XHR
text/plain 2607:f8b0:4023:1404::9d
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j96&tid=UA-46789381-15&cid=397816071.1638831603&jid=1748989015&gjid=1665839328&_gid=1531865707.1638831603&_u=YADAAUABAAAAAC~&z=566976597

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4023:1404::9d Columbus, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

6068f86ff5e6d3a3e100e95fd0ab03a5fb9ebfca9386b2c0ee131361a62526c2

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://tainhachay.us/
Accept-Language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
date: Mon, 06 Dec 2021 23:00:03 GMT
content-type: text/plain
access-control-allow-origin: https://tainhachay.us
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 2 B
438 B 362ms
129ms XHR
text/plain 2607:f8b0:4023:1404::9d
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j96&tid=UA-46789381-10&cid=397816071.1638831603&jid=1758037433&gjid=388162901&_gid=1531865707.1638831603&_u=IADAAEAAAAAAAC~&z=1060522625

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4023:1404::9d Columbus, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

6068f86ff5e6d3a3e100e95fd0ab03a5fb9ebfca9386b2c0ee131361a62526c2

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://tainhachay.us/
Accept-Language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
date: Mon, 06 Dec 2021 23:00:03 GMT
content-type: text/plain
access-control-allow-origin: https://tainhachay.us
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 font-awesome.css
netdna.bootstrapcdn.com/font-awesome/4.0.3/css/ Frame 437A 21 KB
5 KB 194ms
111ms Stylesheet
text/css 2606:4700::6812:bcf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://netdna.bootstrapcdn.com/font-awesome/4.0.3/css/font-awesome.css

Requested by

Host: tainhachay.us
URL: https://tainhachay.us/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6812:bcf , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

3083e8d3b21ddc3f0e6d65ec3580aa6edfaadca5d9737d9caa27e6a233e1ccf3

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: en-US,en;q=0.9
Referer: https://tainhachay.us/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Mon, 06 Dec 2021 23:00:03 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
cdn-edgestorageid: 711, 617, 617
age: 18458226
cdn-cachedat: 2021-05-03 12:02:07
cdn-pullzone: 252412
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
timing-allow-origin: *
access-control-allow-origin: *
last-modified: Mon, 25 Jan 2021 22:04:53 GMT
server: cloudflare
cdn-requestpullcode: 200
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/css; charset=utf-8
cdn-cache: HIT
vary: Accept-Encoding
cache-control: public, max-age=31919000
cdn-uid: b1941f61-b576-4f40-80de-5677acb38f74
cdn-requestid: 7106d808e7f3fd7e56dc6ca3bd98f420
cf-ray: 6b9920d0cffa8163-DFW
cdn-requestcountrycode: US
cdn-requestpullsuccess: True

GET
H3 200 jquery.min.js Show response
ajax.googleapis.com/ajax/libs/jquery/1.10.2/ Frame 437A 91 KB
32 KB 236ms
115ms Script
text/javascript 2607:f8b0:4006:817::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ajax.googleapis.com/ajax/libs/jquery/1.10.2/jquery.min.js

Requested by

Host: tainhachay.us
URL: https://tainhachay.us/

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:817::200a , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

89a15e9c40bc6b14809f236ee8cd3ed1ea42393c1f6ca55c7855cd779b3f922e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-US,en;q=0.9
Referer: https://tainhachay.us/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Mon, 06 Dec 2021 19:33:33 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 12390
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 32954
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 19:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="hosted-libraries-pushers"
vary: Accept-Encoding
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 06 Dec 2022 19:33:33 GMT

GET
H3 200 jquery-ui.min.js Show response
ajax.googleapis.com/ajax/libs/jqueryui/1.10.3/ Frame 437A 223 KB
59 KB 241ms
121ms Script
text/javascript 2607:f8b0:4006:817::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ajax.googleapis.com/ajax/libs/jqueryui/1.10.3/jquery-ui.min.js

Requested by

Host: tainhachay.us
URL: https://tainhachay.us/

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:817::200a , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

9671f8be70ad94a5362e60f4656d5d53ba214d32ab70a3f9d1603d7dadf9d1c1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-US,en;q=0.9
Referer: https://tainhachay.us/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Mon, 06 Dec 2021 06:29:25 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 59438
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 60529
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 19:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="hosted-libraries-pushers"
vary: Accept-Encoding
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 06 Dec 2022 06:29:25 GMT

GET
H3 200 style.css
fastcdn.jdi5.com/css/nhacdj.wapkiz.com/ Frame 437A 7 KB
2 KB 101ms
101ms Stylesheet
text/css 2606:4700:3032::6815:28ba
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://fastcdn.jdi5.com/css/nhacdj.wapkiz.com/style.css
Requested by: Host: tainhachay.us
URL: https://tainhachay.us/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3032::6815:28ba , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PHP/7.4.0RC6
Resource Hash: 5400a57a5051b8e339aa10ba25409f825aa52e50ce5e5f867772ec7666e2602a

Request headers

Accept-Language: en-US,en;q=0.9
Referer: https://tainhachay.us/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Mon, 06 Dec 2021 23:00:03 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 34
x-powered-by: PHP/7.4.0RC6
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
last-modified: Mon, 06 Dec 2021 22:59:29 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2F47fucr4km7QxMrjyI1yER9GZfqJajmZBQpjGgyJK2bZXU7FhdN2kCYM0hK2S8JwG8GdT%2F8QupvF4xrXJnKwL0tKxol5OUOSTbne2KMJ%2BgG%2Fs2gye1WEkEroFi%2FcD2XTaIyrnOd016mBWqKFoNyk"}],"group":"cf-nel","max_age":604800}
content-type: text/css;charset=UTF-8
cache-control: max-age=14400
cf-polished: origSize=7606
cf-ray: 6b9920d04dd228ab-DFW
cf-bgj: minify

GET
H3 200 waWQiOjEwNjQ1OTMsInNpZCI6MTExNTc1NCwid2lkIjoyNzk0MTMsInNyYyI6Mn0=eyJ.js Show response
yqmxfz.com/pw/ Frame 437A 146 KB
56 KB 222ms
127ms Script
application/javascript 2606:4700:3036::ac43:c555
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://yqmxfz.com/pw/waWQiOjEwNjQ1OTMsInNpZCI6MTExNTc1NCwid2lkIjoyNzk0MTMsInNyYyI6Mn0=eyJ.js
Requested by: Host: tainhachay.us
URL: https://tainhachay.us/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3036::ac43:c555 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: bd89c9e7d6048ee176b38666f2003a0d976bce1c643c5a56139e553b2ff28a33

Request headers

Accept-Language: en-US,en;q=0.9
Referer: https://tainhachay.us/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Mon, 06 Dec 2021 23:00:03 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
e-tag: da9bd4a7cc53e633c559fc77d7ee5945
age: 33
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
last-modified: Mon, 06 Dec 2021 22:59:30 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=t2VeLffvGRIoxU688Q6BZ60h1oSXZKVQub69WyQfVXSPeXTb519FL3EqhTkCNUblmqyVof6sBJcwPtdJucyNLZ1WYLr5Ddnl0cEezEMFc%2FMNs9Hp%2BTKOj47Ch6f62bOvvLnBL8ar0y%2F%2F"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: https://tainhachay.us
cache-control: max-age=14400
cf-ray: 6b9920d35c5b0bff-DFW

GET
H3 200 js Show response
www.googletagmanager.com/gtag/ Frame 437A 163 KB
60 KB 133ms
132ms Script
application/javascript 2607:f8b0:4006:81e::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-GJ11EDJFL9

Requested by

Host: tainhachay.us
URL: https://tainhachay.us/

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:81e::2008 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

7ed08cb5cc454b867ea14268279a4fe72cd2583d119959241899265bd0bf2d3d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Accept-Language: en-US,en;q=0.9
Referer: https://tainhachay.us/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Mon, 06 Dec 2021 23:00:03 GMT
content-encoding: br
server: Google Tag Manager
access-control-allow-headers: Cache-Control
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; includeSubDomains
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 61845
x-xss-protection: 0
expires: Mon, 06 Dec 2021 23:00:03 GMT

GET
H/1.1 200
OK js.php Show response
cs.u-on.eu/ Frame 437A 302 B
508 B 163ms
163ms Script
application/x-javascript 163.172.215.201
Online SAS

General

Check archive.org

Show headers Download Go to

Full URL: https://cs.u-on.eu/js.php?u=76513
Requested by: Host: tainhachay.us
URL: https://tainhachay.us/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 163.172.215.201 Amsterdam, Netherlands, ASN12876 (Online SAS, FR),
Reverse DNS: 163-172-215-201.rev.poneytelecom.eu
Software: Apache/2.4.29 (Ubuntu) /
Resource Hash: cba8021d40885cd127e578ef3519b60fe58018c97992bf06d4958572b750d770

Request headers

Accept-Language: en-US,en;q=0.9
Referer: https://tainhachay.us/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date: Mon, 06 Dec 2021 23:00:03 GMT
Content-Encoding: gzip
Server: Apache/2.4.29 (Ubuntu)
Vary: Accept-Encoding
Content-Type: application/x-javascript
Cache-Control: no-store, no-cache, must-revalidate
Connection: Keep-Alive
Keep-Alive: timeout=5, max=98
Content-Length: 205

GET
H3 200 online.js Show response
counter.jdi5.com/ Frame 437A 3 KB
2 KB 98ms
98ms Script
application/javascript 2606:4700:3032::6815:28ba
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://counter.jdi5.com/online.js
Requested by: Host: tainhachay.us
URL: https://tainhachay.us/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3032::6815:28ba , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8f530bfa2c38b91f1fc244604bb6db7381662a0a44f151bf368d310ced331442

Request headers

Accept-Language: en-US,en;q=0.9
Referer: https://tainhachay.us/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Mon, 06 Dec 2021 23:00:03 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 8181825
cf-polished: origSize=4463
cf-bgj: minify
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
last-modified: Fri, 19 Mar 2021 16:57:56 GMT
server: cloudflare
etag: W/"6054d814-116f"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=b3VRmXcvdekuh9wt8Fugc86qLQnWWsUhW6P3cNFdPQsrE6Y7zgnVM4X7jV1YkmmuNwGhZ5vqzNjDWqsg7%2F0g2G9Ue8Lrckt3BfbFW6xsKMICnv0itJSaLn5o%2FWurf7GsX1iwxuYsyP%2BBR1rW6B%2BA"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=315360000
cf-ray: 6b9920d04dd528ab-DFW
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H3 200 js Show response
www.googletagmanager.com/gtag/ Frame 437A 90 KB
35 KB 168ms
168ms Script
application/javascript 2607:f8b0:4006:81e::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=UA-46789381-15

Requested by

Host: tainhachay.us
URL: https://tainhachay.us/

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:81e::2008 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

8e25546647979751db83ff8bcf88950356f081b82919e6d1ad3ca93688430d27

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Accept-Language: en-US,en;q=0.9
Referer: https://tainhachay.us/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Mon, 06 Dec 2021 23:00:03 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 36169
x-xss-protection: 0
last-modified: Mon, 06 Dec 2021 21:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Mon, 06 Dec 2021 23:00:03 GMT

GET
H2 200 5380 Show response
na.nawpush.com/tags/ 619 B
537 B 251ms
81ms XHR
text/plain 45.133.44.24
ADVANCEDHOSTERS-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://na.nawpush.com/tags/5380
Requested by: Host: js.wpadmngr.com
URL: https://js.wpadmngr.com/static/adManager.m.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 45.133.44.24 Philadelphia, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software: nginx/1.18.0 /
Resource Hash: aef5a06805b71a34c37e45b967d67aaf1391df3ed2613b84a88e4c4f6e2cc7f3

Request headers

Accept-Language: en-US,en;q=0.9
Referer: https://tainhachay.us/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

access-control-allow-origin: *
date: Mon, 06 Dec 2021 23:00:03 GMT
cache-control: max-age=300, public
content-type: text/plain; charset=utf-8
server: nginx/1.18.0
content-encoding: gzip
x-proxy-cache: HIT

GET
H2 200 wp-banners.js Show response
js.wpadmngr.com/npc/sdk/ 0
238 B 84ms
84ms Script
application/javascript 45.133.44.25
ATT-INTERNET4

General

Check archive.org

Show headers Download Go to

Full URL: https://js.wpadmngr.com/npc/sdk/wp-banners.js
Requested by: Host: js.wpadmngr.com
URL: https://js.wpadmngr.com/static/adManager.m.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 45.133.44.25 Philadelphia, United States, ASN7018 (ATT-INTERNET4, US),
Reverse DNS
Software: nginx/1.18.0 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: en-US,en;q=0.9
Referer: https://tainhachay.us/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Mon, 06 Dec 2021 23:00:03 GMT
last-modified: Fri, 20 Aug 2021 15:14:31 GMT
server: nginx/1.18.0
etag: "611fc6d7-0"
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
expires: Tue, 07 Dec 2021 00:00:03 GMT
cache-control: max-age=3600
accept-ranges: bytes
content-length: 0
x-proxy-cache: HIT

GET
H2 200 track Show response
metricswpsh.com/in/ 0
193 B 517ms
169ms XHR
text/plain 168.119.25.18
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://metricswpsh.com/in/track?data=eyJ3bCI6MSwic3ViaWQiOjAsInVzZXJfaWQiOiI3OTMzMjk3MDEyMzA0MzMxMDAwIiwidGltZXpvbmUiOjAsInZlciI6IjIuMTEuMCIsInRhZ19pZCI6NTM4MCwic2NyZWVuX3Jlc29sdXRpb24iOiIxNjAweDEyMDAiLCJhZGJsb2NrIjowLCJ0aW1lem9uZV9vbHNvbiI6IkV0Yy9Vbmtub3duIiwidXRtX3NvdXJjZSI6IiIsInV0bV9tZWRpdW0iOiIiLCJ1dG1fY2FtcGFpZ24iOiIiLCJ1dG1fY29udGVudCI6IiIsIm1tIjowfQ==
Requested by: Host: js.wpadmngr.com
URL: https://js.wpadmngr.com/static/adManager.m.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 168.119.25.18 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.18.25.119.168.clients.your-server.de
Software: nginx/1.18.0 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: en-US,en;q=0.9
Referer: https://tainhachay.us/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 06 Dec 2021 23:00:03 GMT
server: nginx/1.18.0
vary: Origin
access-control-allow-methods: *
access-control-allow-origin: *
cache-control: no-transform, no-cache, no-store, must-revalidate
access-control-allow-headers: *
content-length: 0

GET
H2 200 csub.js Show response
js.wpushsdk.com/npc/sdk/wpu/ 13 KB
5 KB 273ms
88ms Script
application/javascript 45.133.44.24
ADVANCEDHOSTERS-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://js.wpushsdk.com/npc/sdk/wpu/csub.js
Requested by: Host: js.wpadmngr.com
URL: https://js.wpadmngr.com/static/adManager.m.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 45.133.44.24 Philadelphia, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software: nginx/1.18.0 /
Resource Hash: c91a75b4331f5f78cdb3b1264724d73a79d10c83d0bd186261a7f7a2b8d04f1e

Request headers

Accept-Language: en-US,en;q=0.9
Referer: https://tainhachay.us/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Mon, 06 Dec 2021 23:00:03 GMT
content-encoding: gzip
last-modified: Thu, 28 Oct 2021 14:05:52 GMT
server: nginx/1.18.0
etag: W/"617aae40-32b9"
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
expires: Tue, 07 Dec 2021 00:00:03 GMT
cache-control: max-age=3600
x-proxy-cache: HIT

GET
H2 200 build.m.js Show response
js.cabnnr.com/banner-admanager/ 10 KB
4 KB 250ms
83ms Script
application/javascript 45.133.44.25
ATT-INTERNET4

General

Check archive.org

Show headers Download Go to

Full URL: https://js.cabnnr.com/banner-admanager/build.m.js
Requested by: Host: js.wpadmngr.com
URL: https://js.wpadmngr.com/static/adManager.m.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 45.133.44.25 Philadelphia, United States, ASN7018 (ATT-INTERNET4, US),
Reverse DNS
Software: nginx/1.18.0 /
Resource Hash: b140feb2368ebae9a4a45d927f1b07c77e343aae3cc7a3522f100a0d37e55eab

Request headers

Referer: https://tainhachay.us/
Origin: https://tainhachay.us
Accept-Language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Mon, 06 Dec 2021 23:00:03 GMT
content-encoding: gzip
last-modified: Wed, 01 Dec 2021 12:53:40 GMT
server: nginx/1.18.0
etag: W/"61a77054-27d0"
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
expires: Tue, 07 Dec 2021 00:00:03 GMT
cache-control: max-age=3600
x-proxy-cache: HIT

GET
H2 200 ga-audiences
www.google.com/ads/ 42 B
107 B 368ms
131ms Image
image/gif 2607:f8b0:4006:81d::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j96&tid=UA-46789381-10&cid=397816071.1638831603&jid=1758037433&_u=IADAAEAAAAAAAC~&z=2066743206

Requested by

Host: tainhachay.us
URL: https://tainhachay.us/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:81d::2004 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-US,en;q=0.9
Referer: https://tainhachay.us/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 06 Dec 2021 23:00:03 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.com/ads/ 42 B
501 B 366ms
130ms Image
image/gif 2607:f8b0:4006:81d::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j96&tid=UA-46789381-15&cid=397816071.1638831603&jid=1748989015&_u=YADAAUABAAAAAC~&z=1890324835

Requested by

Host: tainhachay.us
URL: https://tainhachay.us/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:81d::2004 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-US,en;q=0.9
Referer: https://tainhachay.us/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 06 Dec 2021 23:00:03 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 FF0000.png
imgcdn1.jdi5.com/img/ 128 B
537 B 96ms
95ms Image
image/png 2606:4700:3036::ac43:9c4b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://imgcdn1.jdi5.com/img/FF0000.png
Requested by: Host: tainhachay.us
URL: https://tainhachay.us/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3036::ac43:9c4b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PHP/5.6.40
Resource Hash: f55305c1eb95d27c0b58235590a184a11b5093f7481b48862645b2dc45d458cf

Request headers

Accept-Language: en-US,en;q=0.9
Referer: https://tainhachay.us/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Mon, 06 Dec 2021 23:00:03 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 2373848
x-powered-by: PHP/5.6.40
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 128
last-modified: Tue, 09 Nov 2021 11:35:55 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=TGHYoGIzDR6z%2BLSnoEDS5pS6D9YKrOsDUxrZTqvx6%2B7%2F%2F0t7w%2Bqh30WaRyLViCtCF1unfpKUFN1ujBR81tFOHUtV%2Bk42dZr5%2BaMhnPzpLOPZ8pnlbAAjmHzF56RAnbZBvh%2BxWG6d%2BZ6fU9kBgVK5"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 6b9920d2afb4814f-DFW
expires: Wed, 09 Nov 2022 11:35:55 GMT

POST
H3 200 / Show response
1337x2.xyz/ Frame 5C1A 355 B
838 B 504ms
398ms Document
text/html 2606:4700:3037::ac43:9bec
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://1337x2.xyz/
Requested by: Host: tainhachay.us
URL: https://tainhachay.us/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3037::ac43:9bec , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PHP/7.1.33
Resource Hash: 5183e8686cc20c1163b6f88b76a0a186066d6c4a2a69e56d89b9f3a4924df29f

Request headers

Upgrade-Insecure-Requests: 1
Origin: https://1337x2.xyz
Content-Type: application/x-www-form-urlencoded
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language: en-US,en;q=0.9
Referer: https://1337x2.xyz/submit.php

Response headers

date: Mon, 06 Dec 2021 23:00:04 GMT
content-type: text/html; charset=UTF-8
vary: Accept-Encoding
x-powered-by: PHP/7.1.33
cf-cache-status: DYNAMIC
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=AfvIq%2FnfCnS%2B0C%2FH%2BmaoqC8NRMN5AYR3wEivNB8u2Mhxm%2F22%2BladuBW%2BrvunHTJGC%2FfG86y5m7NTunN7w8paMHKgL6zX61Qnj90q5nD5fc2C3OmiTlJlYDUJ74CemcCTW1gDOhKkPcvG"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 6b9920d3ba3a2fbd-DFW
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400

GET
H3 200 css
fonts.googleapis.com/ Frame 437A 7 KB
735 B 249ms
130ms Stylesheet
text/css 2607:f8b0:4006:81d::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Montserrat:400|Comfortaa:400,300,700|Boogaloo

Requested by

Host: fastcdn.jdi5.com
URL: https://fastcdn.jdi5.com/css/nhacdj.wapkiz.com/style.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:81d::200a , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

7ed9f306dbc0a60b775ccf447f0753f26560c57f71e6e39c131f1df4ade86433

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: en-US,en;q=0.9
Referer: https://fastcdn.jdi5.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Mon, 06 Dec 2021 23:00:03 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Mon, 06 Dec 2021 23:00:03 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Mon, 06 Dec 2021 23:00:03 GMT

GET
H/1.1 200
OK 1699111 Show response
ad.a-ads.com/ Frame A67D 6 KB
2 KB 177ms
177ms Document
text/html 136.243.4.18
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://ad.a-ads.com/1699111?size=320x100

Requested by

Host: tainhachay.us
URL: https://tainhachay.us/

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

136.243.4.18 , Germany, ASN24940 (HETZNER-AS, DE),

Reverse DNS

static.18.4.243.136.clients.your-server.de

Software

nginx/1.18.0 (Ubuntu) / Phusion Passenger(R)

Resource Hash

88ca48315a76355607cb683a32cf25f153c1c431daa180a36d82f8338d03e78b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language: en-US,en;q=0.9
Referer: https://tainhachay.us/

Response headers

Server: nginx/1.18.0 (Ubuntu)
Date: Mon, 06 Dec 2021 23:00:03 GMT
Content-Type: text/html;charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding Accept-Encoding
Status: 200 OK
X-XSS-Protection: 1; mode=block
X-Content-Type-Options: nosniff
X-Powered-By: Phusion Passenger(R)
X-Original-Referer: https://tainhachay.us/
Content-Encoding: gzip

GET
H2

200

ls Show response
stream.vast.wtf/yt/ Frame 16A7
Redirect Chain

https://rtbbnr.com/get/?go=1&data=eyJpbXAiOlt7InNlY3VyZSI6MSwiZXh0Ijp7ImF2IjowLCJpZCI6MTY5NSwic3BhY2VpZCI6MTY5NSwiaWR6b25lIjpudWxsLCJhZF90YWdzIjoiIiwibGFiZWxzIjoiIiwidGl0bGUiOiIiLCJzdWJpZCI6IjUxMzY...
https://tcimp.zog.link/in/banners?katds_ep=rrA3caYzzjleWbhfMFRzG38EO6u4cgDdcapQC-CLUukP8AcEJoe2K-AFHcjgUjjShbAvWNvoAI0oqu_QUR5iarA9BrcYLyoaGS6coUuyGACfGVex66Tk58N_gsVUctfAXi3e5n14232NKUVCdpNPUE18Wh...
https://tb.baimgfroggd.site/in/1816/?user_id=eb9d2febbe40555d02d3583ba9df566827bcca2c&bid=0.040000&katds_labels=&utm1=tcb&utm2=746359569-1&utm3=195-21720-0&utm4=0-9039089-14
https://stream.vast.wtf/yt/ls?eu=https%3A%2F%2Fwww.google.com%2Furl%3Fsa%3DD%26q%3Dhttps%3A%2F%2Fwww.youtube.com%2Fembed%2FGGvZaKxAGzI%253Fenablejsapi%253D1%2526origin%253D%2A%2526playsinline%253D1...

5 KB
3 KB

388ms
222ms

Document
text/html

2606:4700:3036::6815:2206
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://stream.vast.wtf/yt/ls?eu=https%3A%2F%2Fwww.google.com%2Furl%3Fsa%3DD%26q%3Dhttps%3A%2F%2Fwww.youtube.com%2Fembed%2FGGvZaKxAGzI%253Fenablejsapi%253D1%2526origin%253D%2A%2526playsinline%253D1%2526autoplay%253D1%2526mute%253D1&ee=https%3A%2F%2Fvs.javcosplay.com%2Fsts%2F&pid=60807&p=0.0200&oid=1132713&sp=0.040000&spp=1000&se=impression&vi=GGvZaKxAGzI&tcbbi=https%3A%2F%2F12007250.pix-cdn.org%2Fnative%2Ftmp%2Ftbz.jpg&tcbbc=https%3A%2F%2Ftube.biz%2F%3Futm_source%3Dtbz%26utm_medium%3Dbanner%26utm_campaign%3Dasites%26ref%3Dnq1a9fVMKw&utm1=tcb&utm2=746359569-1&utm3=195-21720-0&utm4=0-9039089-14
Requested by: Host: js.cabnnr.com
URL: https://js.cabnnr.com/banner-admanager/build.m.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3036::6815:2206 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: dbc1d23b68353dba50fe546bd25eec8abadeb688a53624cb8df4e72cfe492c96

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language: en-US,en;q=0.9
Referer: https://tainhachay.us/

Response headers

date: Mon, 06 Dec 2021 23:00:05 GMT
content-type: text/html; charset=utf-8
access-control-allow-credentials: true
access-control-allow-origin: *
via: 1.1 google
cf-cache-status: DYNAMIC
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=IsqXyjR33EvgbQNbcFs9XqecL2x95QPzrnCuirD%2FVokWXt7mwfe3wS%2BTS3G%2BGedOjTi44aT%2BPJBYoi%2F9gJ%2Bx29dDuqSjBZOpp%2FYvLYTjja%2FNc1MMeacloBv0s8iHB5fvGRHTNGvC7hYrRF40sK8%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 6b9920de6843679c-DFW
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400

Redirect headers

server: nginx/1.17.2
date: Mon, 06 Dec 2021 23:00:05 GMT
content-type: text/html; charset=UTF-8
content-length: 0
location: https://stream.vast.wtf/yt/ls?eu=https%3A%2F%2Fwww.google.com%2Furl%3Fsa%3DD%26q%3Dhttps%3A%2F%2Fwww.youtube.com%2Fembed%2FGGvZaKxAGzI%253Fenablejsapi%253D1%2526origin%253D%2A%2526playsinline%253D1%2526autoplay%253D1%2526mute%253D1&ee=https%3A%2F%2Fvs.javcosplay.com%2Fsts%2F&pid=60807&p=0.0200&oid=1132713&sp=0.040000&spp=1000&se=impression&vi=GGvZaKxAGzI&tcbbi=https%3A%2F%2F12007250.pix-cdn.org%2Fnative%2Ftmp%2Ftbz.jpg&tcbbc=https%3A%2F%2Ftube.biz%2F%3Futm_source%3Dtbz%26utm_medium%3Dbanner%26utm_campaign%3Dasites%26ref%3Dnq1a9fVMKw&utm1=tcb&utm2=746359569-1&utm3=195-21720-0&utm4=0-9039089-14
pragma: no-cache
vary: *
cache-control: no-cache, no-store, must-revalidate

GET
H/1.1 200
OK 320x100
static.a-ads.com/a-ads-banners/319492/ Frame A67D 97 KB
98 KB 176ms
176ms Image
image/gif 136.243.4.18
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.a-ads.com/a-ads-banners/319492/320x100?region=eu-central-1
Requested by: Host: ad.a-ads.com
URL: https://ad.a-ads.com/1699111?size=320x100
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 136.243.4.18 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.18.4.243.136.clients.your-server.de
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: 08fd1c94cf023e5e99098e3ca336d01b32a237f0e781ab06c61d18af2589666d

Request headers

Accept-Language: en-US,en;q=0.9
Referer: https://ad.a-ads.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date: Mon, 06 Dec 2021 23:00:03 GMT
Last-Modified: Mon, 06 Dec 2021 11:34:44 GMT
Server: nginx/1.18.0 (Ubuntu)
x-amz-request-id: S173HV67D0ZX2HJM
ETag: "3eaed3fe434808810cf7e5b48879b777"
Content-Type: image/gif
Cache-Control: max-age=315360000
x-amz-replication-status: COMPLETED
Content-Length: 99707
Connection: keep-alive
Accept-Ranges: bytes
x-amz-version-id: Jv4WlpkWaQayYAR41qPblO0LoxVcMH1F
x-amz-id-2: 5Qw2eK+SxPpU3fuVEsl6x6zy3Hh7H+0nFOeKrcV0Avaf2SBuEzZsSINmLncmDauZiag03agLvUA=
Expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H/1.1 200
OK 1699111 Show response
ad.a-ads.com/ Frame A2D2 6 KB
2 KB 187ms
187ms Document
text/html 136.243.4.18
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://ad.a-ads.com/1699111?size=320x100

Requested by

Host: tainhachay.us
URL: https://tainhachay.us/

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

136.243.4.18 , Germany, ASN24940 (HETZNER-AS, DE),

Reverse DNS

static.18.4.243.136.clients.your-server.de

Software

nginx/1.18.0 (Ubuntu) / Phusion Passenger(R)

Resource Hash

88ca48315a76355607cb683a32cf25f153c1c431daa180a36d82f8338d03e78b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language: en-US,en;q=0.9
Referer: https://tainhachay.us/

Response headers

Server: nginx/1.18.0 (Ubuntu)
Date: Mon, 06 Dec 2021 23:00:04 GMT
Content-Type: text/html;charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding Accept-Encoding
Status: 200 OK
X-XSS-Protection: 1; mode=block
X-Content-Type-Options: nosniff
X-Powered-By: Phusion Passenger(R)
X-Original-Referer: https://tainhachay.us/
Content-Encoding: gzip

GET
H/1.1 200
OK c.php
cs.u-on.eu/ Frame 437A 391 B
632 B 161ms
161ms Image
image/png 163.172.215.201
Online SAS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cs.u-on.eu/c.php?u=76513&rjs=https%3A%2F%2Ftainhachay.us%2F%3F**1600x1200&ljs=https%3A%2F%2Ftainhachay.us%2F
Requested by: Host: tainhachay.us
URL: https://tainhachay.us/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 163.172.215.201 Amsterdam, Netherlands, ASN12876 (Online SAS, FR),
Reverse DNS: 163-172-215-201.rev.poneytelecom.eu
Software: Apache/2.4.29 (Ubuntu) /
Resource Hash: 449bc31ec664d74976a43b6c8f35f10cc4ce94be905d3c4e4cf92f4b788b7fe8

Request headers

Accept-Language: en-US,en;q=0.9
Referer: https://tainhachay.us/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date: Mon, 06 Dec 2021 23:00:04 GMT
Cache-Control: no-store, no-cache, must-revalidate
Server: Apache/2.4.29 (Ubuntu)
Connection: Keep-Alive
Keep-Alive: timeout=5, max=97
Content-Length: 391
Content-Type: image/png

GET
H3 200 analytics.js Show response
www.google-analytics.com/ Frame 437A 49 KB
20 KB 112ms
112ms Script
text/javascript 2607:f8b0:4006:807::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: counter.jdi5.com
URL: https://counter.jdi5.com/online.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:807::200e , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: en-US,en;q=0.9
Referer: https://tainhachay.us/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 02 Nov 2021 17:39:06 GMT
server: Golfe2
age: 2289
date: Mon, 06 Dec 2021 22:21:55 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20006
expires: Tue, 07 Dec 2021 00:21:55 GMT

GET
H3 200 fc.php Show response
counter.jdi5.com/ Frame 437A 49 B
608 B 1376ms
1376ms Script
application/x-javascript 2606:4700:3032::6815:28ba
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://counter.jdi5.com/fc.php?id=dd49e6ba9eba68d577b1c27e55d021d7&ua=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F96.0.4664.45%20Safari%2F537.36&ref=https%3A%2F%2Ftainhachay.us%2F&pn=https%3A%2F%2Ftainhachay.us%2F%23&wh=1600x1200&rand=63
Requested by: Host: counter.jdi5.com
URL: https://counter.jdi5.com/online.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3032::6815:28ba , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 73690468d47d18015acd2ae64d297cd325b6588e23edc9c6d12592526a1c1273

Request headers

Accept-Language: en-US,en;q=0.9
Referer: https://tainhachay.us/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Mon, 06 Dec 2021 23:00:05 GMT
content-encoding: gzip
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=sMZXR6jUWisQ9htUuD7QL9TDUoz9RF%2FzyHd0Khx6EtBLle%2Fp3qrVYcG%2BjHDBgZCWHPmAPmBmj8w9GE5BkFSr1hT4GMtNgtnkJ00m4dEQxWJujMpCVhNVGcUuzkt8ynx5lOhLzvq0ZR4E5EJUSVLJ"}],"group":"cf-nel","max_age":604800}
content-type: application/x-javascript
cf-ray: 6b9920d4cdf528ab-DFW
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400

GET
H3

200

submit.php Show response
1337x2.xyz/ Frame 8A12
Redirect Chain

https://ad.jetx.info/red2.php?rand=pA57100f9cbfeea63e4645014657346447&id=27
https://1337x2.xyz/submit.php

345 B
716 B

384ms
383ms

Document
text/html

2606:4700:3037::ac43:9bec
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://1337x2.xyz/submit.php
Requested by: Host: tainhachay.us
URL: https://tainhachay.us/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3037::ac43:9bec , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PHP/7.1.33
Resource Hash: e9b281d1d3a53a42aaa13f8b0e5b332da80515dd3f010481193953038d8fa7ef

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language: en-US,en;q=0.9
Referer: https://tainhachay.us/

Response headers

date: Mon, 06 Dec 2021 23:00:04 GMT
content-type: text/html; charset=UTF-8
vary: Accept-Encoding
x-powered-by: PHP/7.1.33
cf-cache-status: DYNAMIC
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=g9iS7RWEQ0LuLPoVtH53vNx7TUvj4dTCyAiod4crX59lywegjf9qVdahiFi1mgGjN%2FQwgMlCqnVPRVj2a8BoFDeO3ZyVJr7uu5%2Fxx9qXbJmzKTCfgH8kUGnEy%2BBrPH5bAUrwufC9dAsX"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 6b9920d7ca572fbd-DFW
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400

Redirect headers

date: Mon, 06 Dec 2021 23:00:04 GMT
content-type: text/html; charset=UTF-8
location: https://1337x2.xyz/submit.php
x-powered-by: PHP/5.6.40
expires: Thu, 19 Nov 1981 08:52:00 GMT
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
pragma: no-cache
cf-cache-status: DYNAMIC
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=dF2vw9XWHnWOBOCDkh246jCfazripUxvAEObRVVFLwtUW%2BzTifcldvIEE2nJLyRpZYNVa92lJOqPJuO2YGbfaJ4B6YREgbQasqkVDoQ%2BkzyGxvTneZEjhaPxYkA1dFLBGMVYZ%2B5p4apOjpY%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 6b9920d55de72877-DFW
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400

GET
H3 200 js Show response
www.googletagmanager.com/gtag/ Frame 437A 90 KB
35 KB 127ms
126ms Script
application/javascript 2607:f8b0:4006:81e::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=UA-46789381-15&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-GJ11EDJFL9

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:81e::2008 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

cfdb3dbf59739013469663a73f5cf5443f2c06733ad8acc5807bff7dc7a4569b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Accept-Language: en-US,en;q=0.9
Referer: https://tainhachay.us/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Mon, 06 Dec 2021 23:00:04 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 36188
x-xss-protection: 0
last-modified: Mon, 06 Dec 2021 21:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Mon, 06 Dec 2021 23:00:04 GMT

GET
H2 200 wnload Show response
yfetyg.com/ Frame 437A 0
127 B 165ms
164ms Fetch
application/javascript 2a02:b4a:1:7::9166:1
ADVANCEDHOSTERS-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://yfetyg.com/wnload?a=1&e=aeyJwaWQiOjEwNjQ1OTMsInNpZCI6MTExNTc1NCwid2lkIjoyNzk0MTMsImQiOiJ0YWluaGFjaGF5LnVzIiwibGkiOjF9&tz=0&if=1
Requested by: Host: yqmxfz.com
URL: https://yqmxfz.com/pw/waWQiOjEwNjQ1OTMsInNpZCI6MTExNTc1NCwid2lkIjoyNzk0MTMsInNyYyI6Mn0=eyJ.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server: 2a02:b4a:1:7::9166:1 , Netherlands, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software: nginx/1.18.0 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: en-US,en;q=0.9
Referer: https://tainhachay.us/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

access-control-allow-origin: *
date: Mon, 06 Dec 2021 23:00:04 GMT
access-control-allow-credentials: true
server: nginx/1.18.0
content-length: 0
content-type: application/javascript; charset=utf-8

GET
H2 204 oZjAwMDZZUlVDUwINCQIBUwgA Show response
d1esebcdm6wx7j.cloudfront.net/ Frame 437A 0
293 B 335ms
160ms Script
text/plain 2600:9000:21ea:2200:15:c747:87c0:21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d1esebcdm6wx7j.cloudfront.net/oZjAwMDZZUlVDUwINCQIBUwgA
Requested by: Host: yqmxfz.com
URL: https://yqmxfz.com/pw/waWQiOjEwNjQ1OTMsInNpZCI6MTExNTc1NCwid2lkIjoyNzk0MTMsInNyYyI6Mn0=eyJ.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:21ea:2200:15:c747:87c0:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: en-US,en;q=0.9
Referer: https://tainhachay.us/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 06 Dec 2021 23:00:04 GMT
via: 1.1 0406aa08030e059015fb279667e94e6e.cloudfront.net (CloudFront)
x-amz-cf-pop: EWR50-C1
x-cache: Miss from cloudfront
access-control-allow-origin: *
cache-control: no-store, no-cache, proxy-revalidate, must-revalidate, private, no-transform
x-amz-cf-id: zhGU73qh-ALD8CzuSVveZvO7ewqgsRUguP1k8oKg04YI13a4ftyBwg==

GET
BLOB 200
OK adeb46c2-85fe-45c8-b5a7-735a9d78729c
https://tainhachay.us/ Frame 437A 91 B
0 Other
application/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://tainhachay.us/adeb46c2-85fe-45c8-b5a7-735a9d78729c
Requested by: Host: tainhachay.us
URL: https://tainhachay.us/
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 2d054b502d829accd15ff9cb78d1431df1c3ec2c67ca18d4008d2cbc973c6384

Request headers

Accept-Language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Content-Length: 91
Content-Type: application/javascript

POST
H3 200 collect Show response
www.google-analytics.com/j/ Frame 437A 2 B
22 B 126ms
125ms XHR
text/plain 2607:f8b0:4006:807::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j96&a=321815229&t=pageview&_s=1&dl=https%3A%2F%2Ftainhachay.us%2F&ul=en-us&de=UTF-8&dt=TaiNhacHay.US%20-%20T%E1%BA%A3i%20Xu%E1%BB%91ng%20C%C3%A1c%20B%C3%A0i%20H%C3%A1t%20Mp3%2C%20T%E1%BA%A3i%20Xu%E1%BB%91ng%20Mi%E1%BB%85n%20Ph%C3%AD%20M%E1%BB%9Bi%20Nh%E1%BA%A5t%202021&sd=24-bit&sr=1600x1200&vp=&je=0&_u=AACAAEABAAAAAC~&jid=&gjid=&cid=397816071.1638831603&tid=UA-46789381-10&_gid=1531865707.1638831603&_slc=1&z=45701488

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:807::200e , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

a048e640908046be06e00eab37742b5d5ff80964af58cfd22f7cb2de4dfe375f

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://tainhachay.us/
Accept-Language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Mon, 06 Dec 2021 23:00:04 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://tainhachay.us
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 collect
www.google-analytics.com/ Frame 437A 35 B
55 B 112ms
112ms Image
image/gif 2607:f8b0:4006:807::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j96&a=321815229&t=pageview&_s=1&dl=https%3A%2F%2Ftainhachay.us%2F&ul=en-us&de=UTF-8&dt=TaiNhacHay.US%20-%20T%E1%BA%A3i%20Xu%E1%BB%91ng%20C%C3%A1c%20B%C3%A0i%20H%C3%A1t%20Mp3%2C%20T%E1%BA%A3i%20Xu%E1%BB%91ng%20Mi%E1%BB%85n%20Ph%C3%AD%20M%E1%BB%9Bi%20Nh%E1%BA%A5t%202021&sd=24-bit&sr=1600x1200&vp=&je=0&_u=QACAAUABAAAAAC~&jid=&gjid=&cid=397816071.1638831603&tid=UA-46789381-15&_gid=1531865707.1638831603&gtm=2ouc10&z=2047742030

Requested by

Host: tainhachay.us
URL: https://tainhachay.us/

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:807::200e , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: en-US,en;q=0.9
Referer: https://tainhachay.us/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 06 Dec 2021 12:18:34 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 38490
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 200 collect
www.google-analytics.com/ Frame 437A 35 B
55 B 113ms
113ms Image
image/gif 2607:f8b0:4006:807::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j96&a=321815229&t=event&_s=2&dl=https%3A%2F%2Ftainhachay.us%2F&ul=en-us&de=UTF-8&dt=TaiNhacHay.US%20-%20T%E1%BA%A3i%20Xu%E1%BB%91ng%20C%C3%A1c%20B%C3%A0i%20H%C3%A1t%20Mp3%2C%20T%E1%BA%A3i%20Xu%E1%BB%91ng%20Mi%E1%BB%85n%20Ph%C3%AD%20M%E1%BB%9Bi%20Nh%E1%BA%A5t%202021&sd=24-bit&sr=1600x1200&vp=&je=0&ec=tainhachay.us&ea=tainhachay.us&el=tainhachay.us&_u=QACAAUABAAAAAC~&jid=&gjid=&cid=397816071.1638831603&tid=UA-46789381-15&_gid=1531865707.1638831603&gtm=2ouc10&cg1=tainhachay.us&z=1044818289

Requested by

Host: tainhachay.us
URL: https://tainhachay.us/

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:807::200e , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: en-US,en;q=0.9
Referer: https://tainhachay.us/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 06 Dec 2021 12:18:34 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 38490
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK 320x100
static.a-ads.com/a-ads-banners/319492/ Frame A2D2 97 KB
98 KB 183ms
183ms Image
image/gif 136.243.4.18
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.a-ads.com/a-ads-banners/319492/320x100?region=eu-central-1
Requested by: Host: ad.a-ads.com
URL: https://ad.a-ads.com/1699111?size=320x100
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 136.243.4.18 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.18.4.243.136.clients.your-server.de
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: 08fd1c94cf023e5e99098e3ca336d01b32a237f0e781ab06c61d18af2589666d

Request headers

Accept-Language: en-US,en;q=0.9
Referer: https://ad.a-ads.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date: Mon, 06 Dec 2021 23:00:04 GMT
Last-Modified: Mon, 06 Dec 2021 11:34:44 GMT
Server: nginx/1.18.0 (Ubuntu)
x-amz-request-id: S173HV67D0ZX2HJM
ETag: "3eaed3fe434808810cf7e5b48879b777"
Content-Type: image/gif
Cache-Control: max-age=315360000
x-amz-replication-status: COMPLETED
Content-Length: 99707
Connection: keep-alive
Accept-Ranges: bytes
x-amz-version-id: Jv4WlpkWaQayYAR41qPblO0LoxVcMH1F
x-amz-id-2: 5Qw2eK+SxPpU3fuVEsl6x6zy3Hh7H+0nFOeKrcV0Avaf2SBuEzZsSINmLncmDauZiag03agLvUA=
Expires: Thu, 31 Dec 2037 23:55:55 GMT

POST
H3 200 / Show response
1337x2.xyz/sub/42/0/ Frame 5C1A 3 KB
2 KB 250ms
250ms Document
text/html 2606:4700:3037::ac43:9bec
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://1337x2.xyz/sub/42/0/
Requested by: Host: tainhachay.us
URL: https://tainhachay.us/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3037::ac43:9bec , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PHP/7.1.33
Resource Hash: 2c614af4a4f47e851f2db41f2c3896682ff7dd66c464903962906ac9d4af3aab

Request headers

Upgrade-Insecure-Requests: 1
Origin: https://1337x2.xyz
Content-Type: application/x-www-form-urlencoded
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language: en-US,en;q=0.9
Referer: https://1337x2.xyz/

Response headers

date: Mon, 06 Dec 2021 23:00:04 GMT
content-type: text/html; charset=UTF-8
vary: Accept-Encoding
x-powered-by: PHP/7.1.33
cf-cache-status: DYNAMIC
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=2BEOtX9WvCa1c5%2FKIWAEGZD9jwlap3wU2g35JQhb0gyxvjaqwZyDQ5n8%2BwprgvJny8%2BvF2hsbk05Mipm7PQ5HG8t6AacTlWIXkIm%2Fn9MUhOhj7WuMHCCYtGrYC7ydw9CHyEwIaRDGPE4"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 6b9920d719192fbd-DFW
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400

GET
H3 200 js Show response
www.googletagmanager.com/gtag/ Frame 5C1A 90 KB
35 KB 140ms
140ms Script
application/javascript 2607:f8b0:4006:81e::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=UA-46789381-59

Requested by

Host: 1337x2.xyz
URL: https://1337x2.xyz/sub/42/0/

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:81e::2008 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

8e450ad54f09c663888f4af6c1e65f8e688fab4fdf5b6a95f41834f7c808b3f3

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Accept-Language: en-US,en;q=0.9
Referer: https://1337x2.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Mon, 06 Dec 2021 23:00:04 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 36168
x-xss-protection: 0
last-modified: Mon, 06 Dec 2021 21:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Mon, 06 Dec 2021 23:00:04 GMT

GET
H3 200 waWQiOjEwNTEyMDUsInNpZCI6MTEwODk1MSwid2lkIjoyNzI2MDQsInNyYyI6Mn0=eyJ.js Show response
yqmxfz.com/pw/ Frame 5C1A 146 KB
56 KB 103ms
102ms Script
application/javascript 2606:4700:3036::ac43:c555
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://yqmxfz.com/pw/waWQiOjEwNTEyMDUsInNpZCI6MTEwODk1MSwid2lkIjoyNzI2MDQsInNyYyI6Mn0=eyJ.js
Requested by: Host: 1337x2.xyz
URL: https://1337x2.xyz/sub/42/0/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3036::ac43:c555 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b482ac0d51dbe763832e72e96adb288550d827d0360a7085ddaae016247b4114

Request headers

Accept-Language: en-US,en;q=0.9
Referer: https://1337x2.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Mon, 06 Dec 2021 23:00:04 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
e-tag: fec252b1ce30324c595df2f486cf6a7c
age: 32
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
last-modified: Mon, 06 Dec 2021 22:59:32 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=UGDHinFAxp2gKI80mFlDsMyuzLVHH5HmUpVvz8wwObYNssb79wfHffTQ6SlbvOBEHBhfmKwvZmYzs1fIV%2FaZfaUz47iGCa9h1xENwXlIjiFikyyYCrNSOQH5QKXysHvDWSurYsMKaSTR"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: https://1337x2.xyz
cache-control: max-age=14400
cf-ray: 6b9920d8be530bff-DFW

GET
H2 200 lazysizes.min.js Show response
afarkas.github.io/lazysizes/ Frame 5C1A 8 KB
4 KB 254ms
83ms Script
application/javascript 2606:50c0:8001::153
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://afarkas.github.io/lazysizes/lazysizes.min.js
Requested by: Host: 1337x2.xyz
URL: https://1337x2.xyz/sub/42/0/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:50c0:8001::153 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: GitHub.com /
Resource Hash: 3d9120fa621da6d613c1698b7014ec6bdf4620366e8f2b7b547059f4b6f6272b

Request headers

Accept-Language: en-US,en;q=0.9
Referer: https://1337x2.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

x-fastly-request-id: 39edd961f3081f0c8658023a33f4272951357f15
date: Mon, 06 Dec 2021 23:00:04 GMT
content-encoding: gzip
age: 163
x-cache: HIT
content-length: 3497
x-served-by: cache-dal21249-DAL
access-control-allow-origin: *
last-modified: Mon, 17 May 2021 09:28:46 GMT
server: GitHub.com
x-github-request-id: F93C:7A93:B8A59:17331D:619DF193
x-timer: S1638831605.764339,VS0,VE1
etag: W/"60a2374e-1ed1"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
via: 1.1 varnish
expires: Wed, 24 Nov 2021 08:07:10 GMT
cache-control: max-age=600
permissions-policy: interest-cohort=()
accept-ranges: bytes
x-origin-cache: HIT
x-proxy-cache: HIT
x-cache-hits: 1

GET
H3 200 analytics.js Show response
www.google-analytics.com/ Frame 5C1A 49 KB
20 KB 113ms
113ms Script
text/javascript 2607:f8b0:4006:807::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-46789381-59

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:807::200e , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: en-US,en;q=0.9
Referer: https://1337x2.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 02 Nov 2021 17:39:06 GMT
server: Golfe2
age: 2289
date: Mon, 06 Dec 2021 22:21:55 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20006
expires: Tue, 07 Dec 2021 00:21:55 GMT

GET
H2 200 wnload Show response
yfetyg.com/ Frame 5C1A 0
127 B 169ms
168ms Fetch
application/javascript 2a02:b4a:1:7::9166:1
ADVANCEDHOSTERS-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://yfetyg.com/wnload?a=1&e=aeyJwaWQiOjEwNTEyMDUsInNpZCI6MTEwODk1MSwid2lkIjoyNzI2MDQsImQiOiIxMzM3eDIueHl6IiwibGkiOjF9&tz=0&if=1
Requested by: Host: yqmxfz.com
URL: https://yqmxfz.com/pw/waWQiOjEwNTEyMDUsInNpZCI6MTEwODk1MSwid2lkIjoyNzI2MDQsInNyYyI6Mn0=eyJ.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server: 2a02:b4a:1:7::9166:1 , Netherlands, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software: nginx/1.18.0 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: en-US,en;q=0.9
Referer: https://1337x2.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

access-control-allow-origin: *
date: Mon, 06 Dec 2021 23:00:05 GMT
access-control-allow-credentials: true
server: nginx/1.18.0
content-length: 0
content-type: application/javascript; charset=utf-8

GET
H2 200 trace Show response
cloudflare.com/cdn-cgi/ Frame 5C1A 283 B
331 B 94ms
93ms Fetch
text/plain 2606:4700::6810:85e5
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cloudflare.com/cdn-cgi/trace

Requested by

Host: yqmxfz.com
URL: https://yqmxfz.com/pw/waWQiOjEwNTEyMDUsInNpZCI6MTEwODk1MSwid2lkIjoyNzI2MDQsInNyYyI6Mn0=eyJ.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:85e5 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

398c8f241f8a1d33dccb17aacb940c807860fa903f52b60c691eb535a6f6022c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Accept-Language: en-US,en;q=0.9
Referer: https://1337x2.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Mon, 06 Dec 2021 23:00:05 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cloudflare
x-frame-options: DENY
content-type: text/plain
access-control-allow-origin: *
cache-control: no-cache
cf-ray: 6b9920db6eac0c13-DFW
expires: Thu, 01 Jan 1970 00:00:01 GMT

GET
BLOB 200
OK 98916c1b-1bed-4fe4-a3bd-5bc32e9200fc
https://1337x2.xyz/ Frame 5C1A 91 B
0 Other
application/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://1337x2.xyz/98916c1b-1bed-4fe4-a3bd-5bc32e9200fc
Requested by: Host: 1337x2.xyz
URL: https://1337x2.xyz/sub/42/0/
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 2d054b502d829accd15ff9cb78d1431df1c3ec2c67ca18d4008d2cbc973c6384

Request headers

Accept-Language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Content-Length: 91
Content-Type: application/javascript

POST
H3 200 / Show response
1337x2.xyz/ Frame 8A12 359 B
800 B 251ms
250ms Document
text/html 2606:4700:3037::ac43:9bec
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://1337x2.xyz/
Requested by: Host: tainhachay.us
URL: https://tainhachay.us/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3037::ac43:9bec , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PHP/7.1.33
Resource Hash: ab5dce5dce629c311054495294d567cfa75afb1381720c53c992f64a33b94f48

Request headers

Upgrade-Insecure-Requests: 1
Origin: https://1337x2.xyz
Content-Type: application/x-www-form-urlencoded
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language: en-US,en;q=0.9
Referer: https://1337x2.xyz/submit.php

Response headers

date: Mon, 06 Dec 2021 23:00:05 GMT
content-type: text/html; charset=UTF-8
vary: Accept-Encoding
x-powered-by: PHP/7.1.33
cf-cache-status: DYNAMIC
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Mp1jPctikxTNN1R%2Bki5kdC973U925Ke%2B6dxG9wak2iDC7FSYacOy3thaTaZYLyS5TLazgSmTzuqNFld3Wi4krjRnaN%2B9YGTZ8YEb5lNrmbA9HgEb6D2qgUCOVs8Obb2Uuw4cvc8jm3P%2B"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 6b9920db897d2fbd-DFW
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400

GET
H2 204 oZjAwMDZZUlVDUwINCQIBUwgA Show response
d1esebcdm6wx7j.cloudfront.net/ Frame 5C1A 0
300 B 95ms
95ms Script
text/plain 2600:9000:21ea:2200:15:c747:87c0:21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d1esebcdm6wx7j.cloudfront.net/oZjAwMDZZUlVDUwINCQIBUwgA
Requested by: Host: yqmxfz.com
URL: https://yqmxfz.com/pw/waWQiOjEwNTEyMDUsInNpZCI6MTEwODk1MSwid2lkIjoyNzI2MDQsInNyYyI6Mn0=eyJ.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:21ea:2200:15:c747:87c0:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: en-US,en;q=0.9
Referer: https://1337x2.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 06 Dec 2021 22:59:33 GMT
via: 1.1 0406aa08030e059015fb279667e94e6e.cloudfront.net (CloudFront)
age: 32
x-cache: Hit from cloudfront
access-control-allow-origin: *
cache-control: no-store, no-cache, proxy-revalidate, must-revalidate, private, no-transform
x-amz-cf-pop: EWR50-C1
x-amz-cf-id: KoCqGV_Gx8txSQzaFyGpelRUiLjCGA0KWN4SE1nQXQxvTAc6m4NrPA==

POST
H3 200 / Show response
1337x2.xyz/user/bone111/ Frame 8A12 3 KB
2 KB 252ms
251ms Document
text/html 2606:4700:3037::ac43:9bec
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://1337x2.xyz/user/bone111/
Requested by: Host: tainhachay.us
URL: https://tainhachay.us/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3037::ac43:9bec , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PHP/7.1.33
Resource Hash: 41748e786a5e736c2b5d0390d2b362e8cb4689bd0854b2a4d833bfef74aa1302

Request headers

Upgrade-Insecure-Requests: 1
Origin: https://1337x2.xyz
Content-Type: application/x-www-form-urlencoded
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language: en-US,en;q=0.9
Referer: https://1337x2.xyz/

Response headers

date: Mon, 06 Dec 2021 23:00:05 GMT
content-type: text/html; charset=UTF-8
vary: Accept-Encoding
x-powered-by: PHP/7.1.33
cf-cache-status: DYNAMIC
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Xvh8uMZtrW2zMKXBMLpIZdI8p%2F9DWJYKzBI7Sk5v9RWaXJA%2BJ8JcarnLCBSZz4VJbWHmgcjRf%2FoC6QLTdy5NQgmQiM9PgnxrnGiv1TjtcrhyDrbpMQllaBdh5V8ZXekBHWEPvkxjn1tc"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 6b9920dd2c922fbd-DFW
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400

GET
H3 200 FF0000.png
imgcdn1.jdi5.com/img/ Frame 437A 128 B
756 B 98ms
98ms Image
image/png 2606:4700:3032::6815:28ba
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://imgcdn1.jdi5.com/img/FF0000.png
Requested by: Host: counter.jdi5.com
URL: https://counter.jdi5.com/online.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3032::6815:28ba , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PHP/5.6.40
Resource Hash: f55305c1eb95d27c0b58235590a184a11b5093f7481b48862645b2dc45d458cf

Request headers

Accept-Language: en-US,en;q=0.9
Referer: https://tainhachay.us/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Mon, 06 Dec 2021 23:00:05 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 2373850
x-powered-by: PHP/5.6.40
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 128
last-modified: Tue, 09 Nov 2021 11:35:55 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=uq%2FFQ9jXD1yKnUX7VvHkPoDSsN%2FFFCb6yfkS6fyanMp55NWT%2FSFXFSylHGV56KXZy5RJen9ndVPRFKaTiiEVsUmzisdp9Ncbz%2BtonL5SvxWYhKROHyeyj9zjzmbPtVEm0E3bjxQBkMxat%2BuSxWf4"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 6b9920dd6f8b28ab-DFW
expires: Wed, 09 Nov 2022 11:35:55 GMT

GET
H3 200 js Show response
www.googletagmanager.com/gtag/ Frame 8A12 90 KB
35 KB 136ms
136ms Script
application/javascript 2607:f8b0:4006:81e::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=UA-46789381-59

Requested by

Host: 1337x2.xyz
URL: https://1337x2.xyz/user/bone111/

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:81e::2008 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

2eb97be0ca7a4944963a9d01e2c2a8e44b18d6dbe062ff7ddddd880172d0090a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Accept-Language: en-US,en;q=0.9
Referer: https://1337x2.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Mon, 06 Dec 2021 23:00:05 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 36167
x-xss-protection: 0
last-modified: Mon, 06 Dec 2021 21:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Mon, 06 Dec 2021 23:00:05 GMT

GET
H3 200 waWQiOjEwNTEyMDUsInNpZCI6MTEwODk1MSwid2lkIjoyNzI2MDQsInNyYyI6Mn0=eyJ.js Show response
yqmxfz.com/pw/ Frame 8A12 146 KB
56 KB 108ms
108ms Script
application/javascript 2606:4700:3036::ac43:c555
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://yqmxfz.com/pw/waWQiOjEwNTEyMDUsInNpZCI6MTEwODk1MSwid2lkIjoyNzI2MDQsInNyYyI6Mn0=eyJ.js
Requested by: Host: 1337x2.xyz
URL: https://1337x2.xyz/user/bone111/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3036::ac43:c555 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b482ac0d51dbe763832e72e96adb288550d827d0360a7085ddaae016247b4114

Request headers

Accept-Language: en-US,en;q=0.9
Referer: https://1337x2.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Mon, 06 Dec 2021 23:00:05 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
e-tag: fec252b1ce30324c595df2f486cf6a7c
age: 33
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
last-modified: Mon, 06 Dec 2021 22:59:32 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=q2YvPvKSL5Bol61PCu%2FLQ%2BWUXtdUHOWj8r07q8WujTwIg5ZeQllts6%2BbFCWYXL0R2YalcrmSW5XMjlcAvr5wZ%2BsTnWw%2Bgx20h%2BZfiraRN%2BEENv%2F4087dO0VYkJDPbN1QUOanTXu9MWEM"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: https://1337x2.xyz
cache-control: max-age=14400
cf-ray: 6b9920decbe10bff-DFW

GET
H2 200 lazysizes.min.js Show response
afarkas.github.io/lazysizes/ Frame 8A12 8 KB
4 KB 86ms
85ms Script
application/javascript 2606:50c0:8001::153
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://afarkas.github.io/lazysizes/lazysizes.min.js
Requested by: Host: 1337x2.xyz
URL: https://1337x2.xyz/user/bone111/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:50c0:8001::153 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: GitHub.com /
Resource Hash: 3d9120fa621da6d613c1698b7014ec6bdf4620366e8f2b7b547059f4b6f6272b

Request headers

Accept-Language: en-US,en;q=0.9
Referer: https://1337x2.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

x-fastly-request-id: 7e72b48a613d4720a19708dbc3fb9007be59fecc
date: Mon, 06 Dec 2021 23:00:05 GMT
content-encoding: gzip
age: 164
x-cache: HIT
content-length: 3497
x-served-by: cache-dal21249-DAL
access-control-allow-origin: *
last-modified: Mon, 17 May 2021 09:28:46 GMT
server: GitHub.com
x-github-request-id: F93C:7A93:B8A59:17331D:619DF193
x-timer: S1638831606.566131,VS0,VE0
etag: W/"60a2374e-1ed1"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
via: 1.1 varnish
expires: Wed, 24 Nov 2021 08:07:10 GMT
cache-control: max-age=600
permissions-policy: interest-cohort=()
accept-ranges: bytes
x-origin-cache: HIT
x-proxy-cache: HIT
x-cache-hits: 2

GET
H2 200 wnload Show response
yfetyg.com/ Frame 8A12 0
127 B 164ms
163ms Fetch
application/javascript 2a02:b4a:1:7::9166:1
ADVANCEDHOSTERS-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://yfetyg.com/wnload?a=1&e=aeyJwaWQiOjEwNTEyMDUsInNpZCI6MTEwODk1MSwid2lkIjoyNzI2MDQsImQiOiIxMzM3eDIueHl6IiwibGkiOjF9&tz=0&if=1
Requested by: Host: yqmxfz.com
URL: https://yqmxfz.com/pw/waWQiOjEwNTEyMDUsInNpZCI6MTEwODk1MSwid2lkIjoyNzI2MDQsInNyYyI6Mn0=eyJ.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server: 2a02:b4a:1:7::9166:1 , Netherlands, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software: nginx/1.18.0 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: en-US,en;q=0.9
Referer: https://1337x2.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

access-control-allow-origin: *
date: Mon, 06 Dec 2021 23:00:05 GMT
access-control-allow-credentials: true
server: nginx/1.18.0
content-length: 0
content-type: application/javascript; charset=utf-8

GET
H2 200 trace Show response
cloudflare.com/cdn-cgi/ Frame 8A12 283 B
309 B 105ms
105ms Fetch
text/plain 2606:4700::6810:85e5
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cloudflare.com/cdn-cgi/trace

Requested by

Host: yqmxfz.com
URL: https://yqmxfz.com/pw/waWQiOjEwNTEyMDUsInNpZCI6MTEwODk1MSwid2lkIjoyNzI2MDQsInNyYyI6Mn0=eyJ.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:85e5 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

97ec3e849c2c3cbb2b4e52b254c9c01a9a59ff9355a1c9e9a6c51ce93a102fc7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Accept-Language: en-US,en;q=0.9
Referer: https://1337x2.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Mon, 06 Dec 2021 23:00:05 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cloudflare
x-frame-options: DENY
content-type: text/plain
access-control-allow-origin: *
cache-control: no-cache
cf-ray: 6b9920e14b360c13-DFW
expires: Thu, 01 Jan 1970 00:00:01 GMT

GET
BLOB 200
OK 0dda8e6d-0ab2-4414-be5b-6fb3fe3dc5ca
https://1337x2.xyz/ Frame 8A12 91 B
0 Other
application/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://1337x2.xyz/0dda8e6d-0ab2-4414-be5b-6fb3fe3dc5ca
Requested by: Host: 1337x2.xyz
URL: https://1337x2.xyz/user/bone111/
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 2d054b502d829accd15ff9cb78d1431df1c3ec2c67ca18d4008d2cbc973c6384

Request headers

Accept-Language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Content-Length: 91
Content-Type: application/javascript

GET
H3 200 analytics.js Show response
www.google-analytics.com/ Frame 8A12 49 KB
20 KB 116ms
116ms Script
text/javascript 2607:f8b0:4006:807::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-46789381-59

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:807::200e , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: en-US,en;q=0.9
Referer: https://1337x2.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 02 Nov 2021 17:39:06 GMT
server: Golfe2
age: 2291
date: Mon, 06 Dec 2021 22:21:55 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20006
expires: Tue, 07 Dec 2021 00:21:55 GMT

GET
H3 200 bundle5.js Show response
stream.vast.wtf/files/ytls/ Frame 16A7 2 MB
619 KB 291ms
192ms Script
application/javascript 2606:4700:3036::6815:2206
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://stream.vast.wtf/files/ytls/bundle5.js
Requested by: Host: stream.vast.wtf
URL: https://stream.vast.wtf/yt/ls?eu=https%3A%2F%2Fwww.google.com%2Furl%3Fsa%3DD%26q%3Dhttps%3A%2F%2Fwww.youtube.com%2Fembed%2FGGvZaKxAGzI%253Fenablejsapi%253D1%2526origin%253D%2A%2526playsinline%253D1%2526autoplay%253D1%2526mute%253D1&ee=https%3A%2F%2Fvs.javcosplay.com%2Fsts%2F&pid=60807&p=0.0200&oid=1132713&sp=0.040000&spp=1000&se=impression&vi=GGvZaKxAGzI&tcbbi=https%3A%2F%2F12007250.pix-cdn.org%2Fnative%2Ftmp%2Ftbz.jpg&tcbbc=https%3A%2F%2Ftube.biz%2F%3Futm_source%3Dtbz%26utm_medium%3Dbanner%26utm_campaign%3Dasites%26ref%3Dnq1a9fVMKw&utm1=tcb&utm2=746359569-1&utm3=195-21720-0&utm4=0-9039089-14
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3036::6815:2206 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ecdf4ae5f5c9297579dbe49dc256ca07afa3c768f723a8bfac5b9a9f749baede

Request headers

Accept-Language: en-US,en;q=0.9
Referer: https://stream.vast.wtf/yt/ls?eu=https%3A%2F%2Fwww.google.com%2Furl%3Fsa%3DD%26q%3Dhttps%3A%2F%2Fwww.youtube.com%2Fembed%2FGGvZaKxAGzI%253Fenablejsapi%253D1%2526origin%253D%2A%2526playsinline%253D1%2526autoplay%253D1%2526mute%253D1&ee=https%3A%2F%2Fvs.javcosplay.com%2Fsts%2F&pid=60807&p=0.0200&oid=1132713&sp=0.040000&spp=1000&se=impression&vi=GGvZaKxAGzI&tcbbi=https%3A%2F%2F12007250.pix-cdn.org%2Fnative%2Ftmp%2Ftbz.jpg&tcbbc=https%3A%2F%2Ftube.biz%2F%3Futm_source%3Dtbz%26utm_medium%3Dbanner%26utm_campaign%3Dasites%26ref%3Dnq1a9fVMKw&utm1=tcb&utm2=746359569-1&utm3=195-21720-0&utm4=0-9039089-14
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Mon, 06 Dec 2021 23:00:06 GMT
via: 1.1 google
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 5593
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
last-modified: Thu, 25 Nov 2021 07:55:58 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=y2V6IfUGzvI0pdn0GzzQBUuWIjwWxSRU3V3On8MKmmYRNRxOIOG13j8U3YXjJB5P4YryhdOyQTB6gYSluT9%2FhYCVZQfqX0XV2My90h7E2Itl%2FU6OlS%2BAm5sogu0Z1QILvEz2gFd8qXK6Yjgrsc4%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=14400
cf-ray: 6b9920e21aab66d1-DFW
cf-bgj: minify

GET
H2 200 tbz.jpg
12007250.pix-cdn.org/native/tmp/ Frame 16A7 20 KB
21 KB 323ms
128ms Image
image/jpeg 45.133.44.25
ATT-INTERNET4

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://12007250.pix-cdn.org/native/tmp/tbz.jpg

Requested by

Host: stream.vast.wtf
URL: https://stream.vast.wtf/yt/ls?eu=https%3A%2F%2Fwww.google.com%2Furl%3Fsa%3DD%26q%3Dhttps%3A%2F%2Fwww.youtube.com%2Fembed%2FGGvZaKxAGzI%253Fenablejsapi%253D1%2526origin%253D%2A%2526playsinline%253D1%2526autoplay%253D1%2526mute%253D1&ee=https%3A%2F%2Fvs.javcosplay.com%2Fsts%2F&pid=60807&p=0.0200&oid=1132713&sp=0.040000&spp=1000&se=impression&vi=GGvZaKxAGzI&tcbbi=https%3A%2F%2F12007250.pix-cdn.org%2Fnative%2Ftmp%2Ftbz.jpg&tcbbc=https%3A%2F%2Ftube.biz%2F%3Futm_source%3Dtbz%26utm_medium%3Dbanner%26utm_campaign%3Dasites%26ref%3Dnq1a9fVMKw&utm1=tcb&utm2=746359569-1&utm3=195-21720-0&utm4=0-9039089-14

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

45.133.44.25 Philadelphia, United States, ASN7018 (ATT-INTERNET4, US),

Reverse DNS

Software

cloudflare /

Resource Hash

0a500f83955139786d6ad6b9c95cbe603dceb315cf5c87005cfcf3fe2b199c2e

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: en-US,en;q=0.9
Referer: https://stream.vast.wtf/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Mon, 06 Dec 2021 23:00:06 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 5816789
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 20782
last-modified: Thu, 30 Sep 2021 13:59:58 GMT
server: cloudflare
etag: "6155c2de-512e"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=T%2B546ndgGprCUHvbZALwlV%2F0HrYlTy0LMzXIBNPwHkcxrgn6WLfUf1KCBrDut0Xj%2BXaVO%2FX3EkewGMqN1etXv7rSctlBu603TGOYvJiC1WiJwFHubuFbil%2FqzA1R"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=3600
accept-ranges: bytes
cf-ray: 6b99112ef89c7fe1-IAD
x-proxy-cache: HIT
expires: Tue, 07 Dec 2021 00:00:06 GMT

GET
H2 200 adManager.js Show response
js.wpadmngr.com/static/ Frame 8A12 451 B
597 B 85ms
84ms Script
application/javascript 45.133.44.25
ATT-INTERNET4

General

Check archive.org

Show headers Download Go to

Full URL: https://js.wpadmngr.com/static/adManager.js
Requested by: Host: yqmxfz.com
URL: https://yqmxfz.com/pw/waWQiOjEwNTEyMDUsInNpZCI6MTEwODk1MSwid2lkIjoyNzI2MDQsInNyYyI6Mn0=eyJ.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 45.133.44.25 Philadelphia, United States, ASN7018 (ATT-INTERNET4, US),
Reverse DNS
Software: nginx/1.18.0 /
Resource Hash: 2f499c632d806f66b96dda6cbd4cac0363d331885476a8ac1d9e8ac60954d720

Request headers

Accept-Language: en-US,en;q=0.9
Referer: https://1337x2.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Mon, 06 Dec 2021 23:00:06 GMT
content-encoding: gzip
last-modified: Wed, 13 Oct 2021 09:03:43 GMT
server: nginx/1.18.0
etag: W/"6166a0ef-1c3"
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
expires: Tue, 07 Dec 2021 00:00:06 GMT
cache-control: max-age=3600
x-proxy-cache: HIT

GET
H2 200 adManager.m.js Show response
js.wpadmngr.com/static/ Frame 8A12 76 KB
28 KB 97ms
96ms Script
application/javascript 45.133.44.25
ATT-INTERNET4

General

Check archive.org

Show headers Download Go to

Full URL: https://js.wpadmngr.com/static/adManager.m.js
Requested by: Host: js.wpadmngr.com
URL: https://js.wpadmngr.com/static/adManager.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 45.133.44.25 Philadelphia, United States, ASN7018 (ATT-INTERNET4, US),
Reverse DNS
Software: nginx/1.18.0 /
Resource Hash: c3b4f77d5381aed1035dfd325c92572507530e8f732002a7613caee1774a532a

Request headers

Referer: https://1337x2.xyz/
Origin: https://1337x2.xyz
Accept-Language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Mon, 06 Dec 2021 23:00:06 GMT
content-encoding: gzip
last-modified: Fri, 03 Dec 2021 10:57:04 GMT
server: nginx/1.18.0
etag: W/"61a9f800-12e6c"
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
expires: Tue, 07 Dec 2021 00:00:06 GMT
cache-control: max-age=3600
x-proxy-cache: HIT

GET
H2 200 5380 Show response
na.nawpush.com/tags/ Frame 8A12 619 B
536 B 82ms
82ms XHR
text/plain 45.133.44.24
ADVANCEDHOSTERS-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://na.nawpush.com/tags/5380
Requested by: Host: js.wpadmngr.com
URL: https://js.wpadmngr.com/static/adManager.m.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 45.133.44.24 Philadelphia, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software: nginx/1.18.0 /
Resource Hash: aef5a06805b71a34c37e45b967d67aaf1391df3ed2613b84a88e4c4f6e2cc7f3

Request headers

Accept-Language: en-US,en;q=0.9
Referer: https://1337x2.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

access-control-allow-origin: *
date: Mon, 06 Dec 2021 23:00:06 GMT
cache-control: max-age=300, public
content-type: text/plain; charset=utf-8
server: nginx/1.18.0
content-encoding: gzip
x-proxy-cache: HIT

GET
H2 200 wp-banners.js Show response
js.wpadmngr.com/npc/sdk/ Frame 8A12 0
238 B 84ms
83ms Script
application/javascript 45.133.44.25
ATT-INTERNET4

General

Check archive.org

Show headers Download Go to

Full URL: https://js.wpadmngr.com/npc/sdk/wp-banners.js
Requested by: Host: js.wpadmngr.com
URL: https://js.wpadmngr.com/static/adManager.m.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 45.133.44.25 Philadelphia, United States, ASN7018 (ATT-INTERNET4, US),
Reverse DNS
Software: nginx/1.18.0 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: en-US,en;q=0.9
Referer: https://1337x2.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Mon, 06 Dec 2021 23:00:06 GMT
last-modified: Fri, 20 Aug 2021 15:14:31 GMT
server: nginx/1.18.0
etag: "611fc6d7-0"
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
expires: Tue, 07 Dec 2021 00:00:06 GMT
cache-control: max-age=3600
accept-ranges: bytes
content-length: 0
x-proxy-cache: HIT

GET
H2 200 track Show response
metricswpsh.com/in/ Frame 8A12 0
192 B 186ms
186ms XHR
text/plain 168.119.25.18
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://metricswpsh.com/in/track?data=eyJ3bCI6MSwic3ViaWQiOjAsInVzZXJfaWQiOiIxMjUyMDM0MjA4MTY4MDk1MDAwMCIsInRpbWV6b25lIjowLCJ2ZXIiOiIyLjExLjAiLCJ0YWdfaWQiOjUzODAsInNjcmVlbl9yZXNvbHV0aW9uIjoiMTYwMHgxMjAwIiwiYWRibG9jayI6MCwidGltZXpvbmVfb2xzb24iOiJFdGMvVW5rbm93biIsInV0bV9zb3VyY2UiOiIiLCJ1dG1fbWVkaXVtIjoiIiwidXRtX2NhbXBhaWduIjoiIiwidXRtX2NvbnRlbnQiOiIiLCJtbSI6MH0=
Requested by: Host: js.wpadmngr.com
URL: https://js.wpadmngr.com/static/adManager.m.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 168.119.25.18 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.18.25.119.168.clients.your-server.de
Software: nginx/1.18.0 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: en-US,en;q=0.9
Referer: https://1337x2.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 06 Dec 2021 23:00:06 GMT
server: nginx/1.18.0
vary: Origin
access-control-allow-methods: *
access-control-allow-origin: *
cache-control: no-transform, no-cache, no-store, must-revalidate
access-control-allow-headers: *
content-length: 0

GET
H2 200 csub.js Show response
js.wpushsdk.com/npc/sdk/wpu/ Frame 8A12 13 KB
5 KB 86ms
85ms Script
application/javascript 45.133.44.24
ADVANCEDHOSTERS-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://js.wpushsdk.com/npc/sdk/wpu/csub.js
Requested by: Host: js.wpadmngr.com
URL: https://js.wpadmngr.com/static/adManager.m.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 45.133.44.24 Philadelphia, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software: nginx/1.18.0 /
Resource Hash: c91a75b4331f5f78cdb3b1264724d73a79d10c83d0bd186261a7f7a2b8d04f1e

Request headers

Accept-Language: en-US,en;q=0.9
Referer: https://1337x2.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Mon, 06 Dec 2021 23:00:06 GMT
content-encoding: gzip
last-modified: Thu, 28 Oct 2021 14:05:52 GMT
server: nginx/1.18.0
etag: W/"617aae40-32b9"
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
expires: Tue, 07 Dec 2021 00:00:06 GMT
cache-control: max-age=3600
x-proxy-cache: HIT

GET
H2 200 build.m.js Show response
js.cabnnr.com/banner-admanager/ Frame 8A12 10 KB
4 KB 84ms
83ms Script
application/javascript 45.133.44.25
ATT-INTERNET4

General

Check archive.org

Show headers Download Go to

Full URL: https://js.cabnnr.com/banner-admanager/build.m.js
Requested by: Host: js.wpadmngr.com
URL: https://js.wpadmngr.com/static/adManager.m.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 45.133.44.25 Philadelphia, United States, ASN7018 (ATT-INTERNET4, US),
Reverse DNS
Software: nginx/1.18.0 /
Resource Hash: b140feb2368ebae9a4a45d927f1b07c77e343aae3cc7a3522f100a0d37e55eab

Request headers

Referer: https://1337x2.xyz/
Origin: https://1337x2.xyz
Accept-Language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Mon, 06 Dec 2021 23:00:06 GMT
content-encoding: gzip
last-modified: Wed, 01 Dec 2021 12:53:40 GMT
server: nginx/1.18.0
etag: W/"61a77054-27d0"
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
expires: Tue, 07 Dec 2021 00:00:06 GMT
cache-control: max-age=3600
x-proxy-cache: HIT

GET
H3

200

ls
stream.vast.wtf/yt/ Frame D858
Redirect Chain

https://rtbbnr.com/get/?go=1&data=eyJpbXAiOlt7InNlY3VyZSI6MSwiZXh0Ijp7ImF2IjowLCJpZCI6MTY5NSwic3BhY2VpZCI6MTY5NSwiaWR6b25lIjpudWxsLCJhZF90YWdzIjoiIiwibGFiZWxzIjoiIiwidGl0bGUiOiIiLCJzdWJpZCI6IjUxMzY...
https://tb.baimgfroggd.site/in/1739/?screen_resolution=1600x1200&zone=ssp_cpm&w=1&h=1&spaceid=1695&user_id=770ecce68286c1b725fb6c532871e243&bid=0.0400&katds_labels=&utm1=&utm2=&utm3=&utm4=
https://stream.vast.wtf/yt/ls?eu=https%3A%2F%2Fwww.google.com%2Furl%3Fsa%3DD%26q%3Dhttps%3A%2F%2Fwww.youtube.com%2Fembed%2FX1Q5hBdnivU%253Fenablejsapi%253D1%2526origin%253D%2A%2526playsinline%253D1...

0
0

230ms
230ms

Document
text/html

2606:4700:3036::6815:2206
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://stream.vast.wtf/yt/ls?eu=https%3A%2F%2Fwww.google.com%2Furl%3Fsa%3DD%26q%3Dhttps%3A%2F%2Fwww.youtube.com%2Fembed%2FX1Q5hBdnivU%253Fenablejsapi%253D1%2526origin%253D%2A%2526playsinline%253D1%2526autoplay%253D1%2526mute%253D1&ee=https%3A%2F%2Fvs.javcosplay.com%2Fsts%2F&pid=43038&p=0.0200&oid=1132653&sp=0.0400&spp=1000&se=impression&vi=X1Q5hBdnivU&tcbbi=https%3A%2F%2F12007250.pix-cdn.org%2Fnative%2Ftmp%2Ftbz.jpg&tcbbc=https%3A%2F%2Ftube.biz%2F%3Futm_source%3Dtbz%26utm_medium%3Dbanner%26utm_campaign%3Dasites%26ref%3Dnq1a9fVMKw
Requested by: Host: js.cabnnr.com
URL: https://js.cabnnr.com/banner-admanager/build.m.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3036::6815:2206 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language: en-US,en;q=0.9
Referer: https://1337x2.xyz/

Response headers

date: Mon, 06 Dec 2021 23:00:06 GMT
content-type: text/html; charset=utf-8
access-control-allow-credentials: true
access-control-allow-origin: *
via: 1.1 google
cf-cache-status: DYNAMIC
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=xixeQwiZErfUY3XZ0yVNh30P5EJY8hqkhBMImsCa%2BXhMbxPaTmW1RFWb1b5pxRL%2BAHm1IuRBbMpL5muTniAsEg7Dy19RwbIPhM7yo07pLrGi1sDer0RVpf1OE1XOnJi0oZPHoA567xzSTWw4tKA%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 6b9920e6acfa66d1-DFW
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400

Redirect headers

server: nginx/1.17.2
date: Mon, 06 Dec 2021 23:00:06 GMT
content-type: text/html; charset=UTF-8
content-length: 0
location: https://stream.vast.wtf/yt/ls?eu=https%3A%2F%2Fwww.google.com%2Furl%3Fsa%3DD%26q%3Dhttps%3A%2F%2Fwww.youtube.com%2Fembed%2FX1Q5hBdnivU%253Fenablejsapi%253D1%2526origin%253D%2A%2526playsinline%253D1%2526autoplay%253D1%2526mute%253D1&ee=https%3A%2F%2Fvs.javcosplay.com%2Fsts%2F&pid=43038&p=0.0200&oid=1132653&sp=0.0400&spp=1000&se=impression&vi=X1Q5hBdnivU&tcbbi=https%3A%2F%2F12007250.pix-cdn.org%2Fnative%2Ftmp%2Ftbz.jpg&tcbbc=https%3A%2F%2Ftube.biz%2F%3Futm_source%3Dtbz%26utm_medium%3Dbanner%26utm_campaign%3Dasites%26ref%3Dnq1a9fVMKw
cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
vary: *

GET /
vs.javcosplay.com/sts/ Frame 16A7 0
0

GET bundle6.js
stream.vast.wtf/files/ytls/ Frame 6796 0
0

GET
H/1.1 200
OK c.php
cs.u-on.eu/ 390 B
631 B 177ms
177ms Image
image/png 163.172.215.201
Online SAS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cs.u-on.eu/c.php?u=76513&rjs=%3F**1600x1200&ljs=https%3A%2F%2Ftainhachay.us%2F
Requested by: Host: tainhachay.us
URL: https://tainhachay.us/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 163.172.215.201 Amsterdam, Netherlands, ASN12876 (Online SAS, FR),
Reverse DNS: 163-172-215-201.rev.poneytelecom.eu
Software: Apache/2.4.29 (Ubuntu) /
Resource Hash: 74b5019fec8510532b4021ecfbdace057a8090c56eb563e1054dc3372dfd02ef

Request headers

Accept-Language: en-US,en;q=0.9
Referer: https://tainhachay.us/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date: Mon, 06 Dec 2021 23:00:07 GMT
Cache-Control: no-store, no-cache, must-revalidate
Server: Apache/2.4.29 (Ubuntu)
Connection: Keep-Alive
Keep-Alive: timeout=5, max=96
Content-Length: 390
Content-Type: image/png

POST collect
www.google-analytics.com/g/ Frame 437A 0
0

GET
H/1.1 200
OK 1699111 Show response
ad.a-ads.com/ Frame F463 6 KB
2 KB 180ms
180ms Document
text/html 136.243.4.18
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://ad.a-ads.com/1699111?size=320x100

Requested by

Host: tainhachay.us
URL: https://tainhachay.us/

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

136.243.4.18 , Germany, ASN24940 (HETZNER-AS, DE),

Reverse DNS

static.18.4.243.136.clients.your-server.de

Software

nginx/1.18.0 (Ubuntu) / Phusion Passenger(R)

Resource Hash

e6a0e7518367ceaafa98eb2fcbfdb0bdc66ac106b4eb47982eb3c766b7a149f3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language: en-US,en;q=0.9
Referer: https://tainhachay.us/

Response headers

Server: nginx/1.18.0 (Ubuntu)
Date: Mon, 06 Dec 2021 23:00:07 GMT
Content-Type: text/html;charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding Accept-Encoding
Status: 200 OK
X-XSS-Protection: 1; mode=block
X-Content-Type-Options: nosniff
X-Powered-By: Phusion Passenger(R)
X-Original-Referer: https://tainhachay.us/
Content-Encoding: gzip

GET
H/1.1 200
OK 1699111 Show response
ad.a-ads.com/ Frame 1A98 6 KB
2 KB 360ms
181ms Document
text/html 136.243.4.18
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://ad.a-ads.com/1699111?size=320x100

Requested by

Host: tainhachay.us
URL: https://tainhachay.us/

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

136.243.4.18 , Germany, ASN24940 (HETZNER-AS, DE),

Reverse DNS

static.18.4.243.136.clients.your-server.de

Software

nginx/1.18.0 (Ubuntu) / Phusion Passenger(R)

Resource Hash

88ca48315a76355607cb683a32cf25f153c1c431daa180a36d82f8338d03e78b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language: en-US,en;q=0.9
Referer: https://tainhachay.us/

Response headers

Server: nginx/1.18.0 (Ubuntu)
Date: Mon, 06 Dec 2021 23:00:07 GMT
Content-Type: text/html;charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding Accept-Encoding
Status: 200 OK
X-XSS-Protection: 1; mode=block
X-Content-Type-Options: nosniff
X-Powered-By: Phusion Passenger(R)
X-Original-Referer: https://tainhachay.us/
Content-Encoding: gzip

GET
H3

200

submit.php Show response
1337x2.xyz/ Frame 86FB
Redirect Chain

https://ad.jetx.info/red2.php?rand=pA57100f9cbfeea63e4645014657346447&id=27
https://1337x2.xyz/submit.php

345 B
720 B

250ms
250ms

Document
text/html

2606:4700:3037::ac43:9bec
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://1337x2.xyz/submit.php
Requested by: Host: tainhachay.us
URL: https://tainhachay.us/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3037::ac43:9bec , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PHP/7.1.33
Resource Hash: e9b281d1d3a53a42aaa13f8b0e5b332da80515dd3f010481193953038d8fa7ef

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language: en-US,en;q=0.9
Referer: https://tainhachay.us/

Response headers

date: Mon, 06 Dec 2021 23:00:08 GMT
content-type: text/html; charset=UTF-8
vary: Accept-Encoding
x-powered-by: PHP/7.1.33
cf-cache-status: DYNAMIC
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Oau2BiXfM7KSfUCRPB6oyF4P7%2BkQdFkqvQpujdL1IlyO7lDGfPSA%2BPlYvkul6LPc0L%2BO05VilFxQA7mgk%2BELD%2F7TdiQPEs4vXP8GTloccOT5Pu7DLnz3KC0i4aduvYInXMwn6We%2FhSp6"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 6b9920ed2bfe2fbd-DFW
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400

Redirect headers

date: Mon, 06 Dec 2021 23:00:07 GMT
content-type: text/html; charset=UTF-8
location: https://1337x2.xyz/submit.php
x-powered-by: PHP/5.6.40
expires: Thu, 19 Nov 1981 08:52:00 GMT
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
pragma: no-cache
cf-cache-status: DYNAMIC
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=yV%2ByPfayw213RLZOp8tjEaWRdICxDrw9FsEXpyKNvLvqCxS6JIK8grYhXXl6VNMC9ENY2FKFaHJ929E3flauF%2Bx7mtxzLasOyFxmVHDvYgvI5xIbf5EGOQKqtHXuWBXBZJasGbZH9SLLpCg%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 6b9920ebaa5b2877-DFW
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400

GET
H3 200 /
tainhachay.us/ Frame 6B10 43 KB
0 856ms
856ms Document
text/html 2606:4700:3033::6815:f54
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://tainhachay.us/

Requested by

Host: tainhachay.us
URL: https://tainhachay.us/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3033::6815:f54 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language: en-US,en;q=0.9
Referer: https://tainhachay.us/

Response headers

date: Mon, 06 Dec 2021 23:00:08 GMT
content-type: text/html; charset=UTF-8
vary: Accept-Encoding Accept-Encoding
expires: Mon, 06 Dec 2021 23:09:28 GMT
cache-control: public
pragma: no-cache
last-modified: Mon, 06 Dec 2021 22:59:28 GMT
access-control-allow-origin: *
x-xss-protection: 1; mode=block
cf-cache-status: DYNAMIC
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=EWn9bIydaqz0t8kGGYTsEDXu7ghmorJKag33MIUo3R5GXnZBHVd5TjZrECe1SD4m4mdUgsJaZW7nzDBzkiYafKkSfiwwbSBs%2FvcnP6gnAQWrrnrrbH0R%2FaFKV4c0Hxq51Rz54gFMtok2NEw0"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 6b9920ebabd0c7ee-DFW
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400

GET
H3

200

ls Show response
stream.vast.wtf/yt/ Frame 998F
Redirect Chain

https://rtbbnr.com/get/?go=1&data=eyJpbXAiOlt7InNlY3VyZSI6MSwiZXh0Ijp7ImF2IjowLCJpZCI6MTY5NSwic3BhY2VpZCI6MTY5NSwiaWR6b25lIjpudWxsLCJhZF90YWdzIjoiIiwibGFiZWxzIjoiIiwidGl0bGUiOiIiLCJzdWJpZCI6IjUxMzY...
https://tb.baimgfroggd.site/in/1739/?screen_resolution=1600x1200&zone=ssp_cpm&w=1&h=1&spaceid=1695&user_id=75f67d020a6c2c4561d1ca4670345b0a&bid=0.0400&katds_labels=&utm1=&utm2=&utm3=&utm4=
https://stream.vast.wtf/yt/ls?eu=https%3A%2F%2Fwww.google.com%2Furl%3Fsa%3DD%26q%3Dhttps%3A%2F%2Fwww.youtube.com%2Fembed%2FGGvZaKxAGzI%253Fenablejsapi%253D1%2526origin%253D%2A%2526playsinline%253D1...

5 KB
3 KB

240ms
240ms

Document
text/html

2606:4700:3036::6815:2206
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://stream.vast.wtf/yt/ls?eu=https%3A%2F%2Fwww.google.com%2Furl%3Fsa%3DD%26q%3Dhttps%3A%2F%2Fwww.youtube.com%2Fembed%2FGGvZaKxAGzI%253Fenablejsapi%253D1%2526origin%253D%2A%2526playsinline%253D1%2526autoplay%253D1%2526mute%253D1&ee=https%3A%2F%2Fvs.javcosplay.com%2Fsts%2F&pid=43038&p=0.0200&oid=1132713&sp=0.0400&spp=1000&se=impression&vi=GGvZaKxAGzI&tcbbi=https%3A%2F%2F12007250.pix-cdn.org%2Fnative%2Ftmp%2Ftbz.jpg&tcbbc=https%3A%2F%2Ftube.biz%2F%3Futm_source%3Dtbz%26utm_medium%3Dbanner%26utm_campaign%3Dasites%26ref%3Dnq1a9fVMKw
Requested by: Host: tainhachay.us
URL: https://tainhachay.us/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3036::6815:2206 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: df71a2edd9fecb972acfb44fa91c8eb2456e4e424039a41ee45dab262ebc8028

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language: en-US,en;q=0.9
Referer: https://tainhachay.us/

Response headers

date: Mon, 06 Dec 2021 23:00:08 GMT
content-type: text/html; charset=utf-8
access-control-allow-credentials: true
access-control-allow-origin: *
via: 1.1 google
cf-cache-status: DYNAMIC
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ASgHO5kWZogBtsyTGpdGu0oY6NblnnnImQJPt5cOQGxH59ZxmwBoSKBh1XJkIoJs7TH80k%2B2He8fiPbGl62S64EfK%2BWWiJvNVK4fnmlMUYp8mROUyzoaHLVx9X%2F9ZzeQLCLyJP%2BWZNfW477f%2BTQ%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 6b9920edeef266d1-DFW
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400

Redirect headers

server: nginx/1.17.2
date: Mon, 06 Dec 2021 23:00:08 GMT
content-type: text/html; charset=UTF-8
content-length: 0
location: https://stream.vast.wtf/yt/ls?eu=https%3A%2F%2Fwww.google.com%2Furl%3Fsa%3DD%26q%3Dhttps%3A%2F%2Fwww.youtube.com%2Fembed%2FGGvZaKxAGzI%253Fenablejsapi%253D1%2526origin%253D%2A%2526playsinline%253D1%2526autoplay%253D1%2526mute%253D1&ee=https%3A%2F%2Fvs.javcosplay.com%2Fsts%2F&pid=43038&p=0.0200&oid=1132713&sp=0.0400&spp=1000&se=impression&vi=GGvZaKxAGzI&tcbbi=https%3A%2F%2F12007250.pix-cdn.org%2Fnative%2Ftmp%2Ftbz.jpg&tcbbc=https%3A%2F%2Ftube.biz%2F%3Futm_source%3Dtbz%26utm_medium%3Dbanner%26utm_campaign%3Dasites%26ref%3Dnq1a9fVMKw
pragma: no-cache
vary: *
cache-control: no-cache, no-store, must-revalidate

GET
DATA 200
OK truncated
/ 1 KB
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 1ad2090f0621999104947850b2f170e36f6326b49d895bb3709181cec8a3cd3f

Request headers

Accept-Language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Content-Type: image/png

GET
H2

200

img-1-1638607976306-(nghetaitruyen.aino.pk).jpg
dl7.wapkizfile.info/download/e85ce45cef727a420f82e2f592bda428/5d8e6e5a829b841f3a75f89962d3593a/nghetaitruyen+aino+pk/
Redirect Chain

https://nghetaitruyen.aino.pk/filedownload/2375551/img-1-1638607976306-(nghetaitruyen.aino.pk).jpg
https://dl7.wapkizfile.info/download/e85ce45cef727a420f82e2f592bda428/5d8e6e5a829b841f3a75f89962d3593a/nghetaitruyen+aino+pk/img-1-1638607976306-(nghetaitruyen.aino.pk).jpg

24 KB
25 KB

252ms
89ms

Image
image/gif

2606:4700:3038::6815:ea45

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dl7.wapkizfile.info/download/e85ce45cef727a420f82e2f592bda428/5d8e6e5a829b841f3a75f89962d3593a/nghetaitruyen+aino+pk/img-1-1638607976306-(nghetaitruyen.aino.pk).jpg
Requested by: Host: tainhachay.us
URL: https://tainhachay.us/
Protocol: H2
Server: 2606:4700:3038::6815:ea45 -, , ASN (),
Reverse DNS
Software: cloudflare / PHP/5.6.40
Resource Hash: df8f4ca8b711f4c2ba235b234bab9acd7aa2de8d40195f24301b644b144fa4c3

Request headers

Accept-Language: en-US,en;q=0.9
Referer: https://tainhachay.us/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Mon, 06 Dec 2021 23:00:08 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 32
x-powered-by: PHP/5.6.40
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 24889
last-modified: Mon, 06 Dec 2021 22:59:36 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=OKoLPZQMMsDlgpkE2AZNt9ynJ5aUkXSbAj%2BtEegjX8e5HtRcn1ax0yic6Bbi3YJpU6a21%2ByGauO73Jb5TzIg9Y9afZiFFRSpGU7uz1dObEtkqQCgHzekxl36Pyn9vhf%2BIUAGmG18QuOhxyQvLLgJCqLa"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
access-control-allow-origin: *
cache-control: max-age=2678400
accept-ranges: bytes
cf-ray: 6b9920f09b58671f-DFW

Redirect headers

Pragma: no-cache
Date: Mon, 06 Dec 2021 23:00:08 GMT
Server: nginx
location: https://dl7.wapkizfile.info/download/e85ce45cef727a420f82e2f592bda428/5d8e6e5a829b841f3a75f89962d3593a/nghetaitruyen+aino+pk/img-1-1638607976306-(nghetaitruyen.aino.pk).jpg
Content-Type: text/html; charset=UTF-8
Access-Control-Allow-Origin: *
Cache-Control: no-store, no-cache, must-revalidate
Content-Length: 0
X-XSS-Protection: 1; mode=block
Expires: Thu, 19 Nov 1981 08:52:00 GMT

POST
H3 204 collect
www.google-analytics.com/g/ 0
17 B 135ms
134ms Ping
text/plain 2607:f8b0:4006:807::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://www.google-analytics.com/g/collect?v=2&tid=G-GJ11EDJFL9&gtm=2oec10&_p=571259918&sr=1600x1200&ul=en-us&cid=397816071.1638831603&_s=2&dl=https%3A%2F%2Ftainhachay.us%2F&dt=TaiNhacHay.US%20-%20T%E1%BA%A3i%20Xu%E1%BB%91ng%20C%C3%A1c%20B%C3%A0i%20H%C3%A1t%20Mp3%2C%20T%E1%BA%A3i%20Xu%E1%BB%91ng%20Mi%E1%BB%85n%20Ph%C3%AD%20M%E1%BB%9Bi%20Nh%E1%BA%A5t%202021&sid=1638831602&sct=1&seg=0&en=tainhachay.us&_et=21&ep.event_category=tainhachay.us&ep.event_label=tainhachay.us
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-GJ11EDJFL9
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2607:f8b0:4006:807::200e , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://tainhachay.us/
Accept-Language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Mon, 06 Dec 2021 23:00:07 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://tainhachay.us
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK 320x100
static.a-ads.com/a-ads-banners/118283/ Frame F463 223 KB
0 307ms
307ms Image
image/gif 136.243.4.18
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.a-ads.com/a-ads-banners/118283/320x100?region=eu-central-1
Requested by: Host: ad.a-ads.com
URL: https://ad.a-ads.com/1699111?size=320x100
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 136.243.4.18 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.18.4.243.136.clients.your-server.de
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash

Request headers

Accept-Language: en-US,en;q=0.9
Referer: https://ad.a-ads.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date: Mon, 06 Dec 2021 23:00:07 GMT
Last-Modified: Sun, 26 Apr 2020 08:04:42 GMT
Server: nginx/1.18.0 (Ubuntu)
x-amz-request-id: AAKV2HGK5BVDS4T1
ETag: "1763aab6b854e56cd527a753bf570c68"
Content-Type: image/gif
Cache-Control: max-age=315360000
Content-Length: 536399
Connection: keep-alive
Accept-Ranges: bytes
x-amz-version-id: sIOihSO9skGRM5mfwdOrxFkH_ks0V5go
x-amz-id-2: VQJj2o/DCZq8Pt8cJTLc0jYLHQdyzEt7bbkiy6z09gvaFsZINtw5K3XvF1ksWw89jBoEL+0CNek=
Expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
DATA 200
OK truncated
/ Frame F463 305 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 95347f5a02237a0ff92fc87be7ad78f0fb44eebc125ffb61edc17da98a6d23d7

Request headers

Accept-Language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Content-Type: image/png

GET
H/1.1 200
OK 320x100
static.a-ads.com/a-ads-banners/319492/ Frame 1A98 97 KB
98 KB 294ms
294ms Image
image/gif 136.243.4.18
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.a-ads.com/a-ads-banners/319492/320x100?region=eu-central-1
Requested by: Host: ad.a-ads.com
URL: https://ad.a-ads.com/1699111?size=320x100
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 136.243.4.18 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.18.4.243.136.clients.your-server.de
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: 08fd1c94cf023e5e99098e3ca336d01b32a237f0e781ab06c61d18af2589666d

Request headers

Accept-Language: en-US,en;q=0.9
Referer: https://ad.a-ads.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date: Mon, 06 Dec 2021 23:00:08 GMT
Last-Modified: Mon, 06 Dec 2021 11:34:44 GMT
Server: nginx/1.18.0 (Ubuntu)
x-amz-request-id: S173HV67D0ZX2HJM
ETag: "3eaed3fe434808810cf7e5b48879b777"
Content-Type: image/gif
Cache-Control: max-age=315360000
x-amz-replication-status: COMPLETED
Content-Length: 99707
Connection: keep-alive
Accept-Ranges: bytes
x-amz-version-id: Jv4WlpkWaQayYAR41qPblO0LoxVcMH1F
x-amz-id-2: 5Qw2eK+SxPpU3fuVEsl6x6zy3Hh7H+0nFOeKrcV0Avaf2SBuEzZsSINmLncmDauZiag03agLvUA=
Expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
DATA 200
OK truncated
/ Frame 1A98 305 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 95347f5a02237a0ff92fc87be7ad78f0fb44eebc125ffb61edc17da98a6d23d7

Request headers

Accept-Language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Content-Type: image/png

POST
H3 200 / Show response
1337x2.xyz/ Frame 86FB 361 B
806 B 248ms
248ms Document
text/html 2606:4700:3037::ac43:9bec
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://1337x2.xyz/
Requested by: Host: tainhachay.us
URL: https://tainhachay.us/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3037::ac43:9bec , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PHP/7.1.33
Resource Hash: 7fd61fdc55ecaae7490bbbddb37dac943bb6ae61a6dfe81d86de2b49029d962c

Request headers

Upgrade-Insecure-Requests: 1
Origin: https://1337x2.xyz
Content-Type: application/x-www-form-urlencoded
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language: en-US,en;q=0.9
Referer: https://1337x2.xyz/submit.php

Response headers

date: Mon, 06 Dec 2021 23:00:08 GMT
content-type: text/html; charset=UTF-8
vary: Accept-Encoding
x-powered-by: PHP/7.1.33
cf-cache-status: DYNAMIC
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=PouYaR4fwafTNOvJNoBl431hcSjB872DiD2JdgQMlKPxDelW3CgZTFZ58EjH3Ihls51Ddqzs2blgf5NGAuAqEdIBG%2FoJ25Dktthx%2BURP%2ByeYrBLrOK8J5MismwDb%2BoZ9oSz%2FNJNXFvow"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 6b9920eecf682fbd-DFW
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400

GET
H3 200 bundle5.js
stream.vast.wtf/files/ytls/ Frame 998F 2 MB
619 KB 106ms
105ms Script
application/javascript 2606:4700:3036::6815:2206
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://stream.vast.wtf/files/ytls/bundle5.js
Requested by: Host: stream.vast.wtf
URL: https://stream.vast.wtf/yt/ls?eu=https%3A%2F%2Fwww.google.com%2Furl%3Fsa%3DD%26q%3Dhttps%3A%2F%2Fwww.youtube.com%2Fembed%2FGGvZaKxAGzI%253Fenablejsapi%253D1%2526origin%253D%2A%2526playsinline%253D1%2526autoplay%253D1%2526mute%253D1&ee=https%3A%2F%2Fvs.javcosplay.com%2Fsts%2F&pid=43038&p=0.0200&oid=1132713&sp=0.0400&spp=1000&se=impression&vi=GGvZaKxAGzI&tcbbi=https%3A%2F%2F12007250.pix-cdn.org%2Fnative%2Ftmp%2Ftbz.jpg&tcbbc=https%3A%2F%2Ftube.biz%2F%3Futm_source%3Dtbz%26utm_medium%3Dbanner%26utm_campaign%3Dasites%26ref%3Dnq1a9fVMKw
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3036::6815:2206 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

Accept-Language: en-US,en;q=0.9
Referer: https://stream.vast.wtf/yt/ls?eu=https%3A%2F%2Fwww.google.com%2Furl%3Fsa%3DD%26q%3Dhttps%3A%2F%2Fwww.youtube.com%2Fembed%2FGGvZaKxAGzI%253Fenablejsapi%253D1%2526origin%253D%2A%2526playsinline%253D1%2526autoplay%253D1%2526mute%253D1&ee=https%3A%2F%2Fvs.javcosplay.com%2Fsts%2F&pid=43038&p=0.0200&oid=1132713&sp=0.0400&spp=1000&se=impression&vi=GGvZaKxAGzI&tcbbi=https%3A%2F%2F12007250.pix-cdn.org%2Fnative%2Ftmp%2Ftbz.jpg&tcbbc=https%3A%2F%2Ftube.biz%2F%3Futm_source%3Dtbz%26utm_medium%3Dbanner%26utm_campaign%3Dasites%26ref%3Dnq1a9fVMKw
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Mon, 06 Dec 2021 23:00:08 GMT
via: 1.1 google
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 5595
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
last-modified: Thu, 25 Nov 2021 07:55:58 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=aq8IVC8xtaRIChSqzkW0D9maSVwZtZDnyuNTekJzRJ0dTfNqmYtf2SO2yeYV2zxKqKMWroZOGFIGwH9A2sAxieF%2FeCtczqV4XWN0lfPh7E61%2Ft0AO%2FGYe2P5v6sdpMtqU7chN4X3vJmsrO2ATt8%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=14400
cf-ray: 6b9920f00c4466d1-DFW
cf-bgj: minify

GET tbz.jpg
12007250.pix-cdn.org/native/tmp/ Frame 998F 0
0

POST
H3 200 /
1337x2.xyz/user/MoviesFD7/ Frame 86FB 0
0 257ms
256ms Document
text/html 2606:4700:3037::ac43:9bec
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://1337x2.xyz/user/MoviesFD7/
Requested by: Host: tainhachay.us
URL: https://tainhachay.us/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3037::ac43:9bec , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PHP/7.1.33
Resource Hash

Request headers

Upgrade-Insecure-Requests: 1
Origin: https://1337x2.xyz
Content-Type: application/x-www-form-urlencoded
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language: en-US,en;q=0.9
Referer: https://1337x2.xyz/

Response headers

date: Mon, 06 Dec 2021 23:00:08 GMT
content-type: text/html; charset=UTF-8
vary: Accept-Encoding
x-powered-by: PHP/7.1.33
cf-cache-status: DYNAMIC
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=jvhNyGcqlLjuwgylTMfk9n0HSNBF55htqdVwmlQzt9unMNlN5eTANf8g43rB6r6pGjXZ1X4I1IdOMiMC%2FTIPF6GjiL5VnkwQjb3ucZT%2F6tt3ed9i8XUGM9e3S1M%2Bdo6tC6NO%2Fg1UIinM"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 6b9920f06af52fbd-DFW
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400

GET font-awesome.css
netdna.bootstrapcdn.com/font-awesome/4.0.3/css/ Frame 6B10 0
0

GET jquery.min.js
ajax.googleapis.com/ajax/libs/jquery/1.10.2/ Frame 6B10 0
0

GET jquery-ui.min.js
ajax.googleapis.com/ajax/libs/jqueryui/1.10.3/ Frame 6B10 0
0

GET style.css
fastcdn.jdi5.com/css/nhacdj.wapkiz.com/ Frame 6B10 0
0

GET waWQiOjEwNjQ1OTMsInNpZCI6MTExNTc1NCwid2lkIjoyNzk0MTMsInNyYyI6Mn0=eyJ.js
yqmxfz.com/pw/ Frame 6B10 0
0

GET js
www.googletagmanager.com/gtag/ Frame 6B10 0
0

GET js.php
cs.u-on.eu/ Frame 6B10 0
0

GET online.js
counter.jdi5.com/ Frame 6B10 0
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: vs.javcosplay.com
URL: https://vs.javcosplay.com/sts/?eu=https%3A%2F%2Fwww.google.com%2Furl%3Fsa%3DD%26q%3Dhttps%3A%2F%2Fwww.youtube.com%2Fembed%2FGGvZaKxAGzI%253Fenablejsapi%253D1%2526origin%253D%2A%2526playsinline%253D1%2526autoplay%253D1%2526mute%253D1&ee=https%3A%2F%2Fvs.javcosplay.com%2Fsts%2F&pid=60807&p=0.0200&oid=1132713&sp=0.040000&spp=1000&se=impression&vi=GGvZaKxAGzI&tcbbi=https%3A%2F%2F12007250.pix-cdn.org%2Fnative%2Ftmp%2Ftbz.jpg&tcbbc=https%3A%2F%2Ftube.biz%2F%3Futm_source%3Dtbz%26utm_medium%3Dbanner%26utm_campaign%3Dasites%26ref%3Dnq1a9fVMKw&utm1=tcb&utm2=746359569-1&utm3=195-21720-0&utm4=0-9039089-14&type=impression&g_referer=https://tainhachay.us

Domain: stream.vast.wtf
URL: https://stream.vast.wtf/files/ytls/bundle6.js

Domain: www.google-analytics.com
URL: https://www.google-analytics.com/g/collect?v=2&tid=G-GJ11EDJFL9&gtm=2oec10&_p=321815229&sr=1600x1200&ul=en-us&cid=397816071.1638831603&dl=https%3A%2F%2Ftainhachay.us%2F&dr=https%3A%2F%2Ftainhachay.us%2F&dt=TaiNhacHay.US%20-%20T%E1%BA%A3i%20Xu%E1%BB%91ng%20C%C3%A1c%20B%C3%A0i%20H%C3%A1t%20Mp3%2C%20T%E1%BA%A3i%20Xu%E1%BB%91ng%20Mi%E1%BB%85n%20Ph%C3%AD%20M%E1%BB%9Bi%20Nh%E1%BA%A5t%202021&sid=1638831602&sct=1&seg=1&_s=1

Domain: 12007250.pix-cdn.org
URL: https://12007250.pix-cdn.org/native/tmp/tbz.jpg

Domain: netdna.bootstrapcdn.com
URL: https://netdna.bootstrapcdn.com/font-awesome/4.0.3/css/font-awesome.css

Domain: ajax.googleapis.com
URL: https://ajax.googleapis.com/ajax/libs/jquery/1.10.2/jquery.min.js

Domain: ajax.googleapis.com
URL: https://ajax.googleapis.com/ajax/libs/jqueryui/1.10.3/jquery-ui.min.js

Domain: fastcdn.jdi5.com
URL: https://fastcdn.jdi5.com/css/nhacdj.wapkiz.com/style.css

Domain: yqmxfz.com
URL: https://yqmxfz.com/pw/waWQiOjEwNjQ1OTMsInNpZCI6MTExNTc1NCwid2lkIjoyNzk0MTMsInNyYyI6Mn0=eyJ.js

Domain: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-GJ11EDJFL9

Domain: cs.u-on.eu
URL: https://cs.u-on.eu/js.php?u=76513

Domain: counter.jdi5.com
URL: https://counter.jdi5.com/online.js

Verdicts & Comments Add Verdict or Comment

45 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

11 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.tainhachay.us/	1969-12-31 23:59:59	Name: tainhachay_us Value: 479bcbdb6771c1394ee7e8cb8e86fc5c
tainhachay.us/	1970-01-19 23:57:03	Name: _rce Value: US
.tainhachay.us/	1970-01-19 23:15:18	Name: _gid Value: GA1.2.1531865707.1638831603
.tainhachay.us/	1970-01-19 23:13:51	Name: _gat Value: 1
.tainhachay.us/	1970-01-19 23:13:51	Name: _gat_gtag_UA_46789381_15 Value: 1
.tainhachay.us/	1970-01-20 16:45:03	Name: _ga Value: GA1.2.397816071.1638831603
tcimp.zog.link/	1970-01-19 23:15:18	Name: 750.0 Value: 1
tb.baimgfroggd.site/	1970-01-19 23:15:18	Name: 1816.1132713 Value: 1
.tainhachay.us/	1970-01-20 16:45:03	Name: _ga_GJ11EDJFL9 Value: GS1.1.1638831602.1.1.1638831605.0
tb.baimgfroggd.site/	1970-01-19 23:15:18	Name: 1739.1132653 Value: 1
tb.baimgfroggd.site/	1970-01-19 23:15:18	Name: 1739.1132713 Value: 1

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
X-Xss-Protection	1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

12007250.pix-cdn.org
1337x2.xyz
ad.a-ads.com
ad.jetx.info
afarkas.github.io
ajax.googleapis.com
cloudflare.com
counter.jdi5.com
cs.u-on.eu
d1esebcdm6wx7j.cloudfront.net
dl7.wapkizfile.info
fastcdn.jdi5.com
fonts.googleapis.com
fonts.gstatic.com
imgcdn1.jdi5.com
js.cabnnr.com
js.wpadmngr.com
js.wpushsdk.com
metricswpsh.com
na.nawpush.com
netdna.bootstrapcdn.com
nghetaitruyen.aino.pk
rtbbnr.com
static.a-ads.com
stats.g.doubleclick.net
stream.vast.wtf
tainhachay.us
tb.baimgfroggd.site
tcimp.zog.link
vs.javcosplay.com
www.google-analytics.com
www.google.com
www.googletagmanager.com
yfetyg.com
yqmxfz.com
12007250.pix-cdn.org
ajax.googleapis.com
counter.jdi5.com
cs.u-on.eu
fastcdn.jdi5.com
netdna.bootstrapcdn.com
stream.vast.wtf
vs.javcosplay.com
www.google-analytics.com
www.googletagmanager.com
yqmxfz.com
136.243.4.18
163.172.215.201
168.119.25.18
2600:9000:21ea:2200:15:c747:87c0:21
2606:4700:3030::ac43:d46f
2606:4700:3032::6815:28ba
2606:4700:3033::6815:f54
2606:4700:3036::6815:2206
2606:4700:3036::ac43:9c4b
2606:4700:3036::ac43:c555
2606:4700:3037::ac43:9bec
2606:4700:3038::6815:ea45
2606:4700::6810:85e5
2606:4700::6812:bcf
2606:50c0:8001::153
2607:f8b0:4006:807::200e
2607:f8b0:4006:817::200a
2607:f8b0:4006:81d::2004
2607:f8b0:4006:81d::200a
2607:f8b0:4006:81e::2008
2607:f8b0:4006:823::2003
2607:f8b0:4023:1404::9d
2a01:4f8:252:564d::2
2a02:128:7:5241::2
2a02:128:7:5242::2
2a02:b4a:1:7::9166:1
45.133.44.24
45.133.44.25
45.14.224.146
08fd1c94cf023e5e99098e3ca336d01b32a237f0e781ab06c61d18af2589666d
0a500f83955139786d6ad6b9c95cbe603dceb315cf5c87005cfcf3fe2b199c2e
0fd28fece9ebd606b8b071460ebd3fc2ed7bc7a66ef91c8834f11dfacab4a849
1ad2090f0621999104947850b2f170e36f6326b49d895bb3709181cec8a3cd3f
2b26a74f3c0e529bc8fccfa6b1db8e083e738992266359fde1a5bd0aaa81cbc3
2c614af4a4f47e851f2db41f2c3896682ff7dd66c464903962906ac9d4af3aab
2d054b502d829accd15ff9cb78d1431df1c3ec2c67ca18d4008d2cbc973c6384
2d91726619e3a826e7f0ee795f192f1cec70bca40a48bf2c55cfb9b5f8130417
2eb97be0ca7a4944963a9d01e2c2a8e44b18d6dbe062ff7ddddd880172d0090a
2f499c632d806f66b96dda6cbd4cac0363d331885476a8ac1d9e8ac60954d720
3083e8d3b21ddc3f0e6d65ec3580aa6edfaadca5d9737d9caa27e6a233e1ccf3
398c8f241f8a1d33dccb17aacb940c807860fa903f52b60c691eb535a6f6022c
3d9120fa621da6d613c1698b7014ec6bdf4620366e8f2b7b547059f4b6f6272b
41748e786a5e736c2b5d0390d2b362e8cb4689bd0854b2a4d833bfef74aa1302
449bc31ec664d74976a43b6c8f35f10cc4ce94be905d3c4e4cf92f4b788b7fe8
483b61aab2517acf9fd9c941dfa23bb50b600822433794052d9d1dd14ff7b5fa
5183e8686cc20c1163b6f88b76a0a186066d6c4a2a69e56d89b9f3a4924df29f
5400a57a5051b8e339aa10ba25409f825aa52e50ce5e5f867772ec7666e2602a
6068f86ff5e6d3a3e100e95fd0ab03a5fb9ebfca9386b2c0ee131361a62526c2
66ebd4ac253961eb0f81cd79787f1121e7dca85ecd5ad4ea4b513b43f7eb3332
6927b4a6789de5a2e3ad959130de87e09bfdcb72fc62115c435febacf386fa7c
73690468d47d18015acd2ae64d297cd325b6588e23edc9c6d12592526a1c1273
74b5019fec8510532b4021ecfbdace057a8090c56eb563e1054dc3372dfd02ef
7ed08cb5cc454b867ea14268279a4fe72cd2583d119959241899265bd0bf2d3d
7ed9f306dbc0a60b775ccf447f0753f26560c57f71e6e39c131f1df4ade86433
7fd61fdc55ecaae7490bbbddb37dac943bb6ae61a6dfe81d86de2b49029d962c
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
88ca48315a76355607cb683a32cf25f153c1c431daa180a36d82f8338d03e78b
89a15e9c40bc6b14809f236ee8cd3ed1ea42393c1f6ca55c7855cd779b3f922e
8e25546647979751db83ff8bcf88950356f081b82919e6d1ad3ca93688430d27
8e450ad54f09c663888f4af6c1e65f8e688fab4fdf5b6a95f41834f7c808b3f3
8f530bfa2c38b91f1fc244604bb6db7381662a0a44f151bf368d310ced331442
95347f5a02237a0ff92fc87be7ad78f0fb44eebc125ffb61edc17da98a6d23d7
9671f8be70ad94a5362e60f4656d5d53ba214d32ab70a3f9d1603d7dadf9d1c1
97ec3e849c2c3cbb2b4e52b254c9c01a9a59ff9355a1c9e9a6c51ce93a102fc7
a048e640908046be06e00eab37742b5d5ff80964af58cfd22f7cb2de4dfe375f
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
ab5dce5dce629c311054495294d567cfa75afb1381720c53c992f64a33b94f48
acf137af3e303c4d781898efe19ab0b3c8910515986799fe46fa1c2f29a454f7
ad031b78237d16f15269da1375864b47de6ffd5fb5caad4309d5c400cee4f371
aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8
aef5a06805b71a34c37e45b967d67aaf1391df3ed2613b84a88e4c4f6e2cc7f3
b140feb2368ebae9a4a45d927f1b07c77e343aae3cc7a3522f100a0d37e55eab
b482ac0d51dbe763832e72e96adb288550d827d0360a7085ddaae016247b4114
bd89c9e7d6048ee176b38666f2003a0d976bce1c643c5a56139e553b2ff28a33
c3b4f77d5381aed1035dfd325c92572507530e8f732002a7613caee1774a532a
c91a75b4331f5f78cdb3b1264724d73a79d10c83d0bd186261a7f7a2b8d04f1e
ca60e9251383538dd4e5d724cbf4f26acd7c1888b7fc7ea88be59c45e3ccb287
cba8021d40885cd127e578ef3519b60fe58018c97992bf06d4958572b750d770
cfdb3dbf59739013469663a73f5cf5443f2c06733ad8acc5807bff7dc7a4569b
dbc1d23b68353dba50fe546bd25eec8abadeb688a53624cb8df4e72cfe492c96
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
df71a2edd9fecb972acfb44fa91c8eb2456e4e424039a41ee45dab262ebc8028
df8f4ca8b711f4c2ba235b234bab9acd7aa2de8d40195f24301b644b144fa4c3
e2852d2462d64cf4179aa9397380ee32b82fea35d0a79dfd9ad94cca5cde0859
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e6a0e7518367ceaafa98eb2fcbfdb0bdc66ac106b4eb47982eb3c766b7a149f3
e9b281d1d3a53a42aaa13f8b0e5b332da80515dd3f010481193953038d8fa7ef
ecdf4ae5f5c9297579dbe49dc256ca07afa3c768f723a8bfac5b9a9f749baede
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f55305c1eb95d27c0b58235590a184a11b5093f7481b48862645b2dc45d458cf
f5a06b873144ea51bdac8574b7da792811cc74e892bdd036be776969e21d1fd2

tainhachay.us Open in urlscan Pro 2606:4700:3033::6815:f54 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page Statistics

125 Requests

86 %HTTPS

79 %IPv6

31 Domains

35 Subdomains

25 IPs

4 Countries

2846 kBTransfer

7010 kBSize

11 Cookies

2 Outgoing links

Redirected requests

125 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 5 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

tainhachay.us Open in urlscan Pro
2606:4700:3033::6815:f54 Public Scan

Screenshot
Live screenshot

Full Image

125
Requests

86 %
HTTPS

79 %
IPv6

31
Domains

35
Subdomains

25
IPs

4
Countries

2846 kB
Transfer

7010 kB
Size

11
Cookies

125 HTTP transactions
5 data transactions