URL: https://tainhachay.us/
Submission: On December 06 via automatic, source rescanner — Scanned from US

Summary

This website contacted 25 IPs in 4 countries across 31 domains to perform 125 HTTP transactions. The main IP is 2606:4700:3033::6815:f54, located in United States and belongs to CLOUDFLARENET, US. The main domain is tainhachay.us.
TLS certificate: Issued by R3 on December 6th 2021. Valid for: 3 months.
This is the only time tainhachay.us was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
3 2606:4700:303... 13335 (CLOUDFLAR...)
3 2606:4700::68... 13335 (CLOUDFLAR...)
4 2607:f8b0:400... 15169 (GOOGLE)
2 2606:4700:303... 13335 (CLOUDFLAR...)
4 2606:4700:303... 13335 (CLOUDFLAR...)
8 2607:f8b0:400... 15169 (GOOGLE)
5 163.172.215.201 12876 (Online SAS)
6 2606:4700:303... 13335 (CLOUDFLAR...)
2 2607:f8b0:400... 15169 (GOOGLE)
12 136.243.4.18 24940 (HETZNER-AS)
4 2a02:b4a:1:7:... 39572 (ADVANCEDH...)
3 2606:4700::68... 13335 (CLOUDFLAR...)
3 2607:f8b0:400... 15169 (GOOGLE)
12 2607:f8b0:400... 15169 (GOOGLE)
3 3 2606:4700:303... 13335 (CLOUDFLAR...)
9 2606:4700:303... 13335 (CLOUDFLAR...)
9 45.133.44.25 7018 (ATT-INTER...)
2 2607:f8b0:402... 15169 (GOOGLE)
4 45.133.44.24 39572 (ADVANCEDH...)
2 168.119.25.18 24940 (HETZNER-AS)
2 2607:f8b0:400... 15169 (GOOGLE)
3 3 2a01:4f8:252:... 24940 (HETZNER-AS)
1 1 2a02:128:7:52... 50245 (SERVEREL-AS)
3 3 2a02:128:7:52... 50245 (SERVEREL-AS)
5 2606:4700:303... 13335 (CLOUDFLAR...)
2 2600:9000:21e... 16509 (AMAZON-02)
2 2606:50c0:800... 54113 (FASTLY)
1 1 45.14.224.146 ()
1 2606:4700:303... ()
125 25
Domain Requested by
12 www.google-analytics.com counter.jdi5.com
www.googletagmanager.com
www.google-analytics.com
tainhachay.us
9 1337x2.xyz tainhachay.us
8 www.googletagmanager.com tainhachay.us
www.googletagmanager.com
1337x2.xyz
6 js.wpadmngr.com yqmxfz.com
js.wpadmngr.com
6 static.a-ads.com ad.a-ads.com
6 ad.a-ads.com tainhachay.us
5 stream.vast.wtf js.cabnnr.com
stream.vast.wtf
tainhachay.us
5 cs.u-on.eu tainhachay.us
4 yfetyg.com yqmxfz.com
4 counter.jdi5.com tainhachay.us
counter.jdi5.com
4 yqmxfz.com tainhachay.us
1337x2.xyz
4 ajax.googleapis.com tainhachay.us
3 tb.baimgfroggd.site 3 redirects
3 rtbbnr.com 3 redirects
3 ad.jetx.info 3 redirects
3 fonts.gstatic.com fonts.googleapis.com
3 cloudflare.com yqmxfz.com
3 netdna.bootstrapcdn.com tainhachay.us
netdna.bootstrapcdn.com
3 tainhachay.us tainhachay.us
2 afarkas.github.io 1337x2.xyz
2 d1esebcdm6wx7j.cloudfront.net yqmxfz.com
2 imgcdn1.jdi5.com tainhachay.us
counter.jdi5.com
2 www.google.com tainhachay.us
2 js.cabnnr.com js.wpadmngr.com
2 js.wpushsdk.com js.wpadmngr.com
2 metricswpsh.com js.wpadmngr.com
2 na.nawpush.com js.wpadmngr.com
2 stats.g.doubleclick.net www.google-analytics.com
2 fonts.googleapis.com fastcdn.jdi5.com
2 fastcdn.jdi5.com tainhachay.us
1 dl7.wapkizfile.info tainhachay.us
1 nghetaitruyen.aino.pk 1 redirects
1 12007250.pix-cdn.org stream.vast.wtf
1 tcimp.zog.link 1 redirects
0 vs.javcosplay.com Failed stream.vast.wtf
125 35

This site contains links to these domains. Also see Links.

Domain
cs.u-on.eu
rutgon.me
Subject Issuer Validity Valid
*.tainhachay.us
R3
2021-12-06 -
2022-03-06
3 months crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3
2021-03-01 -
2022-02-28
a year crt.sh
upload.video.google.com
GTS CA 1C3
2021-11-01 -
2022-01-24
3 months crt.sh
*.google-analytics.com
GTS CA 1C3
2021-11-01 -
2022-01-24
3 months crt.sh
cs.u-on.eu
R3
2021-10-24 -
2022-01-22
3 months crt.sh
*.a-ads.com
Sectigo ECC Domain Validation Secure Server CA
2020-12-02 -
2022-01-02
a year crt.sh
yfetyg.com
R3
2021-10-19 -
2022-01-17
3 months crt.sh
cloudflare.com
Cloudflare Inc ECC CA-3
2021-06-04 -
2022-06-03
a year crt.sh
*.gstatic.com
GTS CA 1C3
2021-11-08 -
2022-01-31
3 months crt.sh
js.wpadmngr.com
R3
2021-11-18 -
2022-02-16
3 months crt.sh
*.g.doubleclick.net
GTS CA 1C3
2021-11-01 -
2022-01-24
3 months crt.sh
na.nawpush.com
R3
2021-10-14 -
2022-01-12
3 months crt.sh
notification.tubecup.net
R3
2021-11-30 -
2022-02-28
3 months crt.sh
js.wpushsdk.com
R3
2021-11-18 -
2022-02-16
3 months crt.sh
js.cabnnr.com
R3
2021-10-29 -
2022-01-27
3 months crt.sh
www.google.com
GTS CA 1C3
2021-11-01 -
2022-01-24
3 months crt.sh
*.cloudfront.net
Amazon
2021-03-19 -
2022-03-17
a year crt.sh
www.github.com
DigiCert SHA2 High Assurance Server CA
2020-05-06 -
2022-04-14
2 years crt.sh
12007250.pix-cdn.org
R3
2021-12-01 -
2022-03-01
3 months crt.sh

This page contains 16 frames:

Primary Page: https://tainhachay.us/
Frame ID: 7DFE8A4EDC4E81444B56590A62537A5F
Requests: 42 HTTP requests in this frame

Frame: https://ad.a-ads.com/1699111?size=320x100
Frame ID: D8E7F31702531817FFD4C554958A79CD
Requests: 3 HTTP requests in this frame

Frame: https://ad.a-ads.com/1699111?size=320x100
Frame ID: F4F18E4BDB23D0C312295E3521EB4094
Requests: 3 HTTP requests in this frame

Frame: https://1337x2.xyz/sub/42/0/
Frame ID: 5C1A76AEE4990187B8A8027749D15367
Requests: 11 HTTP requests in this frame

Frame: https://tainhachay.us/
Frame ID: 437A6F2A8CA93BDFA6C8E32C918E5776
Requests: 23 HTTP requests in this frame

Frame: https://ad.a-ads.com/1699111?size=320x100
Frame ID: A67D01DE3C19139C1653E56E9912D619
Requests: 2 HTTP requests in this frame

Frame: https://stream.vast.wtf/yt/ls?eu=https%3A%2F%2Fwww.google.com%2Furl%3Fsa%3DD%26q%3Dhttps%3A%2F%2Fwww.youtube.com%2Fembed%2FGGvZaKxAGzI%253Fenablejsapi%253D1%2526origin%253D%2A%2526playsinline%253D1%2526autoplay%253D1%2526mute%253D1&ee=https%3A%2F%2Fvs.javcosplay.com%2Fsts%2F&pid=60807&p=0.0200&oid=1132713&sp=0.040000&spp=1000&se=impression&vi=GGvZaKxAGzI&tcbbi=https%3A%2F%2F12007250.pix-cdn.org%2Fnative%2Ftmp%2Ftbz.jpg&tcbbc=https%3A%2F%2Ftube.biz%2F%3Futm_source%3Dtbz%26utm_medium%3Dbanner%26utm_campaign%3Dasites%26ref%3Dnq1a9fVMKw&utm1=tcb&utm2=746359569-1&utm3=195-21720-0&utm4=0-9039089-14
Frame ID: 16A7F7D0186671A545470272D8904F8E
Requests: 4 HTTP requests in this frame

Frame: https://ad.a-ads.com/1699111?size=320x100
Frame ID: A2D2A5ED4DF75F36C5C8C76FEF85589E
Requests: 2 HTTP requests in this frame

Frame: https://1337x2.xyz/user/bone111/
Frame ID: 8A129D74BA676FF514F666088077D159
Requests: 17 HTTP requests in this frame

Frame: https://stream.vast.wtf/yt/ls?eu=https%3A%2F%2Fwww.google.com%2Furl%3Fsa%3DD%26q%3Dhttps%3A%2F%2Fwww.youtube.com%2Fembed%2FX1Q5hBdnivU%253Fenablejsapi%253D1%2526origin%253D%2A%2526playsinline%253D1%2526autoplay%253D1%2526mute%253D1&ee=https%3A%2F%2Fvs.javcosplay.com%2Fsts%2F&pid=43038&p=0.0200&oid=1132653&sp=0.0400&spp=1000&se=impression&vi=X1Q5hBdnivU&tcbbi=https%3A%2F%2F12007250.pix-cdn.org%2Fnative%2Ftmp%2Ftbz.jpg&tcbbc=https%3A%2F%2Ftube.biz%2F%3Futm_source%3Dtbz%26utm_medium%3Dbanner%26utm_campaign%3Dasites%26ref%3Dnq1a9fVMKw
Frame ID: D858DC1E459B143D866DB41942129650
Requests: 1 HTTP requests in this frame

Frame: https://stream.vast.wtf/files/ytls/bundle6.js
Frame ID: 67968A4EFDEBAD26960EADCD5CDBB82E
Requests: 1 HTTP requests in this frame

Frame: https://ad.a-ads.com/1699111?size=320x100
Frame ID: F463EC74A4FB969E410A0D9FBC00C2EC
Requests: 3 HTTP requests in this frame

Frame: https://ad.a-ads.com/1699111?size=320x100
Frame ID: 1A98C5B5D133BE65CD81EB455FF84B29
Requests: 3 HTTP requests in this frame

Frame: https://1337x2.xyz/user/MoviesFD7/
Frame ID: 86FB3861EF8377A8A8947430774ECA81
Requests: 3 HTTP requests in this frame

Frame: https://tainhachay.us/
Frame ID: 6B102884B922CABE61674BC1AD57A309
Requests: 9 HTTP requests in this frame

Frame: https://stream.vast.wtf/yt/ls?eu=https%3A%2F%2Fwww.google.com%2Furl%3Fsa%3DD%26q%3Dhttps%3A%2F%2Fwww.youtube.com%2Fembed%2FGGvZaKxAGzI%253Fenablejsapi%253D1%2526origin%253D%2A%2526playsinline%253D1%2526autoplay%253D1%2526mute%253D1&ee=https%3A%2F%2Fvs.javcosplay.com%2Fsts%2F&pid=43038&p=0.0200&oid=1132713&sp=0.0400&spp=1000&se=impression&vi=GGvZaKxAGzI&tcbbi=https%3A%2F%2F12007250.pix-cdn.org%2Fnative%2Ftmp%2Ftbz.jpg&tcbbc=https%3A%2F%2Ftube.biz%2F%3Futm_source%3Dtbz%26utm_medium%3Dbanner%26utm_campaign%3Dasites%26ref%3Dnq1a9fVMKw
Frame ID: 998F8FFF65D5691B2273AFCB65FECCF9
Requests: 3 HTTP requests in this frame

Screenshot

Page Title

TaiNhacHay.US - Tải Xuống Các Bài Hát Mp3, Tải Xuống Miễn Phí Mới Nhất 2021TaiNhacHay.US - Tải Xuống Các Bài Hát Mp3, Tải Xuống Miễn Phí Mới Nhất 2021

Page Statistics

125
Requests

86 %
HTTPS

79 %
IPv6

31
Domains

35
Subdomains

25
IPs

4
Countries

2846 kB
Transfer

7010 kB
Size

11
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 21
  • https://ad.jetx.info/red2.php?rand=pA57100f9cbfeea63e4645014657346447&id=27 HTTP 302
  • https://1337x2.xyz/submit.php
Request Chain 57
  • https://rtbbnr.com/get/?go=1&data=eyJpbXAiOlt7InNlY3VyZSI6MSwiZXh0Ijp7ImF2IjowLCJpZCI6MTY5NSwic3BhY2VpZCI6MTY5NSwiaWR6b25lIjpudWxsLCJhZF90YWdzIjoiIiwibGFiZWxzIjoiIiwidGl0bGUiOiIiLCJzdWJpZCI6IjUxMzY2MzAxOCIsInV0bTEiOiIiLCJ1dG0yIjoiIiwidXRtNCI6IiIsInNwb3RfaWQiOjExODc4fSwiYmFubmVyIjp7InciOjEsImgiOjF9fV0sInNpdGUiOnsiaWQiOiIxMTg3OCIsInBhZ2UiOiJodHRwczovL3RhaW5oYWNoYXkudXMvIn0sImRldmljZSI6eyJ3IjoxNjAwLCJoIjoxMjAwfSwidXNlciI6eyJpZCI6Ijc1ZjY3ZDAyMGE2YzJjNDU2MWQxY2E0NjcwMzQ1YjBhIn0sImV4dCI6eyJkdCI6MTYzODgzMTYwMzgwMH19 HTTP 302
  • https://tcimp.zog.link/in/banners?katds_ep=rrA3caYzzjleWbhfMFRzG38EO6u4cgDdcapQC-CLUukP8AcEJoe2K-AFHcjgUjjShbAvWNvoAI0oqu_QUR5iarA9BrcYLyoaGS6coUuyGACfGVex66Tk58N_gsVUctfAXi3e5n14232NKUVCdpNPUE18WhkZeYScwoQQZ8181CKtAAzSgF4BHB9ty_LW_nWoFEu0fw3Nsfhc6ORvGxwTUmX7zCN_e9hAIkYYuzHoKNl9TBzg0oi5hRzx8OJai1_ffN0_10l3Fru-2hf9clmhAKyl-SXcNRdryQR20qHYhueFRH07aDKb-86dtDfStKdaaONsMhlYZw-xUsgtBdt20NndfNTbjyoIQQmdBS-njjnlH4b5ZODFimT5vE6Crdm7Vipcb5UQiDpM_ho6t_YQp-5SQmtWaGPM13_JTFMXfbclytc1e_EuycrcmJHcWqWTKsW6SEPcUVpf HTTP 302
  • https://tb.baimgfroggd.site/in/1816/?user_id=eb9d2febbe40555d02d3583ba9df566827bcca2c&bid=0.040000&katds_labels=&utm1=tcb&utm2=746359569-1&utm3=195-21720-0&utm4=0-9039089-14 HTTP 302
  • https://stream.vast.wtf/yt/ls?eu=https%3A%2F%2Fwww.google.com%2Furl%3Fsa%3DD%26q%3Dhttps%3A%2F%2Fwww.youtube.com%2Fembed%2FGGvZaKxAGzI%253Fenablejsapi%253D1%2526origin%253D%2A%2526playsinline%253D1%2526autoplay%253D1%2526mute%253D1&ee=https%3A%2F%2Fvs.javcosplay.com%2Fsts%2F&pid=60807&p=0.0200&oid=1132713&sp=0.040000&spp=1000&se=impression&vi=GGvZaKxAGzI&tcbbi=https%3A%2F%2F12007250.pix-cdn.org%2Fnative%2Ftmp%2Ftbz.jpg&tcbbc=https%3A%2F%2Ftube.biz%2F%3Futm_source%3Dtbz%26utm_medium%3Dbanner%26utm_campaign%3Dasites%26ref%3Dnq1a9fVMKw&utm1=tcb&utm2=746359569-1&utm3=195-21720-0&utm4=0-9039089-14
Request Chain 63
  • https://ad.jetx.info/red2.php?rand=pA57100f9cbfeea63e4645014657346447&id=27 HTTP 302
  • https://1337x2.xyz/submit.php
Request Chain 100
  • https://rtbbnr.com/get/?go=1&data=eyJpbXAiOlt7InNlY3VyZSI6MSwiZXh0Ijp7ImF2IjowLCJpZCI6MTY5NSwic3BhY2VpZCI6MTY5NSwiaWR6b25lIjpudWxsLCJhZF90YWdzIjoiIiwibGFiZWxzIjoiIiwidGl0bGUiOiIiLCJzdWJpZCI6IjUxMzY2MzAxOCIsInV0bTEiOiIiLCJ1dG0yIjoiIiwidXRtNCI6IiIsInNwb3RfaWQiOjExODc4fSwiYmFubmVyIjp7InciOjEsImgiOjF9fV0sInNpdGUiOnsiaWQiOiIxMTg3OCIsInBhZ2UiOiJodHRwczovLzEzMzd4Mi54eXovIn0sImRldmljZSI6eyJ3IjoxNjAwLCJoIjoxMjAwfSwidXNlciI6eyJpZCI6Ijc3MGVjY2U2ODI4NmMxYjcyNWZiNmM1MzI4NzFlMjQzIn0sImV4dCI6eyJkdCI6MTYzODgzMTYwNjQzM319 HTTP 302
  • https://tb.baimgfroggd.site/in/1739/?screen_resolution=1600x1200&zone=ssp_cpm&w=1&h=1&spaceid=1695&user_id=770ecce68286c1b725fb6c532871e243&bid=0.0400&katds_labels=&utm1=&utm2=&utm3=&utm4= HTTP 302
  • https://stream.vast.wtf/yt/ls?eu=https%3A%2F%2Fwww.google.com%2Furl%3Fsa%3DD%26q%3Dhttps%3A%2F%2Fwww.youtube.com%2Fembed%2FX1Q5hBdnivU%253Fenablejsapi%253D1%2526origin%253D%2A%2526playsinline%253D1%2526autoplay%253D1%2526mute%253D1&ee=https%3A%2F%2Fvs.javcosplay.com%2Fsts%2F&pid=43038&p=0.0200&oid=1132653&sp=0.0400&spp=1000&se=impression&vi=X1Q5hBdnivU&tcbbi=https%3A%2F%2F12007250.pix-cdn.org%2Fnative%2Ftmp%2Ftbz.jpg&tcbbc=https%3A%2F%2Ftube.biz%2F%3Futm_source%3Dtbz%26utm_medium%3Dbanner%26utm_campaign%3Dasites%26ref%3Dnq1a9fVMKw
Request Chain 107
  • https://ad.jetx.info/red2.php?rand=pA57100f9cbfeea63e4645014657346447&id=27 HTTP 302
  • https://1337x2.xyz/submit.php
Request Chain 109
  • https://rtbbnr.com/get/?go=1&data=eyJpbXAiOlt7InNlY3VyZSI6MSwiZXh0Ijp7ImF2IjowLCJpZCI6MTY5NSwic3BhY2VpZCI6MTY5NSwiaWR6b25lIjpudWxsLCJhZF90YWdzIjoiIiwibGFiZWxzIjoiIiwidGl0bGUiOiIiLCJzdWJpZCI6IjUxMzY2MzAxOCIsInV0bTEiOiIiLCJ1dG0yIjoiIiwidXRtNCI6IiIsInNwb3RfaWQiOjExODc4fSwiYmFubmVyIjp7InciOjEsImgiOjF9fV0sInNpdGUiOnsiaWQiOiIxMTg3OCIsInBhZ2UiOiJodHRwczovL3RhaW5oYWNoYXkudXMvIn0sImRldmljZSI6eyJ3IjoxNjAwLCJoIjoxMjAwfSwidXNlciI6eyJpZCI6Ijc1ZjY3ZDAyMGE2YzJjNDU2MWQxY2E0NjcwMzQ1YjBhIn0sImV4dCI6eyJkdCI6MTYzODgzMTYwMzgwMH19 HTTP 302
  • https://tb.baimgfroggd.site/in/1739/?screen_resolution=1600x1200&zone=ssp_cpm&w=1&h=1&spaceid=1695&user_id=75f67d020a6c2c4561d1ca4670345b0a&bid=0.0400&katds_labels=&utm1=&utm2=&utm3=&utm4= HTTP 302
  • https://stream.vast.wtf/yt/ls?eu=https%3A%2F%2Fwww.google.com%2Furl%3Fsa%3DD%26q%3Dhttps%3A%2F%2Fwww.youtube.com%2Fembed%2FGGvZaKxAGzI%253Fenablejsapi%253D1%2526origin%253D%2A%2526playsinline%253D1%2526autoplay%253D1%2526mute%253D1&ee=https%3A%2F%2Fvs.javcosplay.com%2Fsts%2F&pid=43038&p=0.0200&oid=1132713&sp=0.0400&spp=1000&se=impression&vi=GGvZaKxAGzI&tcbbi=https%3A%2F%2F12007250.pix-cdn.org%2Fnative%2Ftmp%2Ftbz.jpg&tcbbc=https%3A%2F%2Ftube.biz%2F%3Futm_source%3Dtbz%26utm_medium%3Dbanner%26utm_campaign%3Dasites%26ref%3Dnq1a9fVMKw
Request Chain 111
  • https://nghetaitruyen.aino.pk/filedownload/2375551/img-1-1638607976306-(nghetaitruyen.aino.pk).jpg HTTP 302
  • https://dl7.wapkizfile.info/download/e85ce45cef727a420f82e2f592bda428/5d8e6e5a829b841f3a75f89962d3593a/nghetaitruyen+aino+pk/img-1-1638607976306-(nghetaitruyen.aino.pk).jpg

125 HTTP transactions

Resource
Path
Size
x-fer
Type
MIME-Type
Primary Request /
tainhachay.us/
44 KB
12 KB
Document
General
Full URL
https://tainhachay.us/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3033::6815:f54 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
acf137af3e303c4d781898efe19ab0b3c8910515986799fe46fa1c2f29a454f7
Security Headers
Name Value
X-Xss-Protection 1; mode=block

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language
en-US,en;q=0.9

Response headers

date
Mon, 06 Dec 2021 23:00:01 GMT
content-type
text/html; charset=UTF-8
vary
Accept-Encoding Accept-Encoding
expires
Mon, 06 Dec 2021 23:09:28 GMT
cache-control
public
pragma
no-cache
last-modified
Mon, 06 Dec 2021 22:59:28 GMT
access-control-allow-origin
*
x-xss-protection
1; mode=block
cf-cache-status
DYNAMIC
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ucl7CscHfktd9LUsegXZI8lGs8azVROXUzNy9IVgdOc4qXRWnQ7ITV2iF18mtp3YKI4aunUMLfFBgxa8XGlCgGrnVYpZ7USL2T7iZAStvV5qSZWMDzFqW1WzOjBWVu%2FHn1k9%2BOJr0CTwJWTI"}],"group":"cf-nel","max_age":604800}
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
cf-ray
6b9920be8f63817a-DFW
content-encoding
br
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
font-awesome.css
netdna.bootstrapcdn.com/font-awesome/4.0.3/css/
21 KB
5 KB
Stylesheet
General
Full URL
https://netdna.bootstrapcdn.com/font-awesome/4.0.3/css/font-awesome.css
Requested by
Host: tainhachay.us
URL: https://tainhachay.us/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:bcf , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3083e8d3b21ddc3f0e6d65ec3580aa6edfaadca5d9737d9caa27e6a233e1ccf3
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://tainhachay.us/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Mon, 06 Dec 2021 23:00:01 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
cdn-edgestorageid
711, 617, 617
age
18458224
cdn-cachedat
2021-05-03 12:02:07
cdn-pullzone
252412
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
timing-allow-origin
*
access-control-allow-origin
*
last-modified
Mon, 25 Jan 2021 22:04:53 GMT
server
cloudflare
cdn-requestpullcode
200
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
text/css; charset=utf-8
cdn-cache
HIT
vary
Accept-Encoding
cache-control
public, max-age=31919000
cdn-uid
b1941f61-b576-4f40-80de-5677acb38f74
cdn-requestid
7106d808e7f3fd7e56dc6ca3bd98f420
cf-ray
6b9920c50b0aec52-DFW
cdn-requestcountrycode
US
cdn-requestpullsuccess
True
jquery.min.js
ajax.googleapis.com/ajax/libs/jquery/1.10.2/
91 KB
33 KB
Script
General
Full URL
https://ajax.googleapis.com/ajax/libs/jquery/1.10.2/jquery.min.js
Requested by
Host: tainhachay.us
URL: https://tainhachay.us/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:817::200a , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
89a15e9c40bc6b14809f236ee8cd3ed1ea42393c1f6ca55c7855cd779b3f922e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://tainhachay.us/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Mon, 06 Dec 2021 19:33:33 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
12388
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
32954
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 19:15:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="hosted-libraries-pushers"
vary
Accept-Encoding
report-to
{"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 06 Dec 2022 19:33:33 GMT
jquery-ui.min.js
ajax.googleapis.com/ajax/libs/jqueryui/1.10.3/
223 KB
59 KB
Script
General
Full URL
https://ajax.googleapis.com/ajax/libs/jqueryui/1.10.3/jquery-ui.min.js
Requested by
Host: tainhachay.us
URL: https://tainhachay.us/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:817::200a , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
9671f8be70ad94a5362e60f4656d5d53ba214d32ab70a3f9d1603d7dadf9d1c1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://tainhachay.us/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Mon, 06 Dec 2021 06:29:25 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
59436
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
60529
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 19:15:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="hosted-libraries-pushers"
vary
Accept-Encoding
report-to
{"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 06 Dec 2022 06:29:25 GMT
style.css
fastcdn.jdi5.com/css/nhacdj.wapkiz.com/
7 KB
2 KB
Stylesheet
General
Full URL
https://fastcdn.jdi5.com/css/nhacdj.wapkiz.com/style.css
Requested by
Host: tainhachay.us
URL: https://tainhachay.us/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3036::ac43:9c4b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / PHP/7.4.0RC6
Resource Hash
5400a57a5051b8e339aa10ba25409f825aa52e50ce5e5f867772ec7666e2602a

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://tainhachay.us/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Mon, 06 Dec 2021 23:00:01 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
32
x-powered-by
PHP/7.4.0RC6
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
last-modified
Mon, 06 Dec 2021 22:59:29 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=IOqTbntCutLrlgLoGQ8czVtItY0MDmgIGCgew7%2BYegW%2BQKagXIig1%2BIbUBlCuBEm0u33pJCYH%2FttFWMK0SHxGMHrLbzdInYj7pk0oPeIXp1r0FYER3MfPxxtTWr4ZmsVxRMM3GsWmmakvNSHMrBp"}],"group":"cf-nel","max_age":604800}
content-type
text/css;charset=UTF-8
cache-control
max-age=14400
cf-polished
origSize=7606
cf-ray
6b9920c50c71814f-DFW
cf-bgj
minify
waWQiOjEwNjQ1OTMsInNpZCI6MTExNTc1NCwid2lkIjoyNzk0MTMsInNyYyI6Mn0=eyJ.js
yqmxfz.com/pw/
146 KB
56 KB
Script
General
Full URL
https://yqmxfz.com/pw/waWQiOjEwNjQ1OTMsInNpZCI6MTExNTc1NCwid2lkIjoyNzk0MTMsInNyYyI6Mn0=eyJ.js
Requested by
Host: tainhachay.us
URL: https://tainhachay.us/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3036::ac43:c555 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
bd89c9e7d6048ee176b38666f2003a0d976bce1c643c5a56139e553b2ff28a33

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://tainhachay.us/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Mon, 06 Dec 2021 23:00:02 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
e-tag
da9bd4a7cc53e633c559fc77d7ee5945
age
31
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
last-modified
Mon, 06 Dec 2021 22:59:30 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=VZg0DZEgaelXtyfrIVQcgg4XZsKTCMKgNZ6B0entzgvRfJ%2BH%2BgBeBWHNyAja7sr7EWp4TiJaJfcqY2HDU26XQp2chY29utiHS6VG%2FqLoOSK4HNXqPFOVNnGSd7KSOb6q7wk1BK29%2FDCE"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
https://tainhachay.us
cache-control
max-age=14400
cf-ray
6b9920c85d6f55c0-DFW
js
www.googletagmanager.com/gtag/
163 KB
61 KB
Script
General
Full URL
https://www.googletagmanager.com/gtag/js?id=G-GJ11EDJFL9
Requested by
Host: tainhachay.us
URL: https://tainhachay.us/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:81e::2008 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
ca60e9251383538dd4e5d724cbf4f26acd7c1888b7fc7ea88be59c45e3ccb287
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://tainhachay.us/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Mon, 06 Dec 2021 23:00:02 GMT
content-encoding
br
server
Google Tag Manager
access-control-allow-headers
Cache-Control
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; includeSubDomains
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
61824
x-xss-protection
0
expires
Mon, 06 Dec 2021 23:00:02 GMT
js.php
cs.u-on.eu/
302 B
509 B
Script
General
Full URL
https://cs.u-on.eu/js.php?u=76513
Requested by
Host: tainhachay.us
URL: https://tainhachay.us/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
163.172.215.201 Amsterdam, Netherlands, ASN12876 (Online SAS, FR),
Reverse DNS
163-172-215-201.rev.poneytelecom.eu
Software
Apache/2.4.29 (Ubuntu) /
Resource Hash
cba8021d40885cd127e578ef3519b60fe58018c97992bf06d4958572b750d770

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://tainhachay.us/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date
Mon, 06 Dec 2021 23:00:01 GMT
Content-Encoding
gzip
Server
Apache/2.4.29 (Ubuntu)
Vary
Accept-Encoding
Content-Type
application/x-javascript
Cache-Control
no-store, no-cache, must-revalidate
Connection
Keep-Alive
Keep-Alive
timeout=5, max=100
Content-Length
205
online.js
counter.jdi5.com/
3 KB
2 KB
Script
General
Full URL
https://counter.jdi5.com/online.js
Requested by
Host: tainhachay.us
URL: https://tainhachay.us/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3032::6815:28ba , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8f530bfa2c38b91f1fc244604bb6db7381662a0a44f151bf368d310ced331442

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://tainhachay.us/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Mon, 06 Dec 2021 23:00:01 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
8181823
cf-polished
origSize=4463
cf-bgj
minify
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
last-modified
Fri, 19 Mar 2021 16:57:56 GMT
server
cloudflare
etag
W/"6054d814-116f"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=PA4I%2F4HOr5BNQ27lPiRiqmS8pCxqz4Ls3dYgzG3KnMaYrW5uL3lxGBRZX0U4PDhU4882CrMLlcyA9Ck0%2Bhf56K6FLcMqK3Bb31Zq0oaXJs%2FeqxWtboWKJKLdVKbm08J1ClrGRxURjiMzytdu%2BHe5"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=315360000
cf-ray
6b9920c50e872f19-DFW
expires
Thu, 31 Dec 2037 23:55:55 GMT
js
www.googletagmanager.com/gtag/
90 KB
35 KB
Script
General
Full URL
https://www.googletagmanager.com/gtag/js?id=UA-46789381-15
Requested by
Host: tainhachay.us
URL: https://tainhachay.us/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:81e::2008 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
f5a06b873144ea51bdac8574b7da792811cc74e892bdd036be776969e21d1fd2
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://tainhachay.us/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Mon, 06 Dec 2021 23:00:02 GMT
content-encoding
br
vary
Accept-Encoding
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
36167
x-xss-protection
0
last-modified
Mon, 06 Dec 2021 21:00:00 GMT
server
Google Tag Manager
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Mon, 06 Dec 2021 23:00:02 GMT
css
fonts.googleapis.com/
7 KB
1 KB
Stylesheet
General
Full URL
https://fonts.googleapis.com/css?family=Montserrat:400|Comfortaa:400,300,700|Boogaloo
Requested by
Host: fastcdn.jdi5.com
URL: https://fastcdn.jdi5.com/css/nhacdj.wapkiz.com/style.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:81d::200a , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
7ed9f306dbc0a60b775ccf447f0753f26560c57f71e6e39c131f1df4ade86433
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://fastcdn.jdi5.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Mon, 06 Dec 2021 23:00:02 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
date
Mon, 06 Dec 2021 23:00:02 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Mon, 06 Dec 2021 23:00:02 GMT
1699111
ad.a-ads.com/ Frame D8E7
6 KB
2 KB
Document
General
Full URL
https://ad.a-ads.com/1699111?size=320x100
Requested by
Host: tainhachay.us
URL: https://tainhachay.us/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
136.243.4.18 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.18.4.243.136.clients.your-server.de
Software
nginx/1.18.0 (Ubuntu) / Phusion Passenger(R)
Resource Hash
88ca48315a76355607cb683a32cf25f153c1c431daa180a36d82f8338d03e78b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language
en-US,en;q=0.9
Referer
https://tainhachay.us/

Response headers

Server
nginx/1.18.0 (Ubuntu)
Date
Mon, 06 Dec 2021 23:00:02 GMT
Content-Type
text/html;charset=utf-8
Transfer-Encoding
chunked
Connection
keep-alive
Vary
Accept-Encoding Accept-Encoding
Status
200 OK
X-XSS-Protection
1; mode=block
X-Content-Type-Options
nosniff
X-Powered-By
Phusion Passenger(R)
X-Original-Referer
https://tainhachay.us/
Content-Encoding
gzip
wnload
yfetyg.com/
0
128 B
Fetch
General
Full URL
https://yfetyg.com/wnload?a=1&e=aeyJwaWQiOjEwNjQ1OTMsInNpZCI6MTExNTc1NCwid2lkIjoyNzk0MTMsImQiOiJ0YWluaGFjaGF5LnVzIiwibGkiOjF9&tz=0&if=0
Requested by
Host: yqmxfz.com
URL: https://yqmxfz.com/pw/waWQiOjEwNjQ1OTMsInNpZCI6MTExNTc1NCwid2lkIjoyNzk0MTMsInNyYyI6Mn0=eyJ.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
2a02:b4a:1:7::9166:1 , Netherlands, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://tainhachay.us/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

access-control-allow-origin
*
date
Mon, 06 Dec 2021 23:00:02 GMT
access-control-allow-credentials
true
server
nginx/1.18.0
content-length
0
content-type
application/javascript; charset=utf-8
trace
cloudflare.com/cdn-cgi/
283 B
432 B
Fetch
General
Full URL
https://cloudflare.com/cdn-cgi/trace
Requested by
Host: yqmxfz.com
URL: https://yqmxfz.com/pw/waWQiOjEwNjQ1OTMsInNpZCI6MTExNTc1NCwid2lkIjoyNzk0MTMsInNyYyI6Mn0=eyJ.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:85e5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6927b4a6789de5a2e3ad959130de87e09bfdcb72fc62115c435febacf386fa7c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://tainhachay.us/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Mon, 06 Dec 2021 23:00:02 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cloudflare
x-frame-options
DENY
content-type
text/plain
access-control-allow-origin
*
cache-control
no-cache
cf-ray
6b9920cc486a0c13-DFW
expires
Thu, 01 Jan 1970 00:00:01 GMT
JTUSjIg1_i6t8kCHKm459Wlhyw.woff2
fonts.gstatic.com/s/montserrat/v18/
19 KB
20 KB
Font
General
Full URL
https://fonts.gstatic.com/s/montserrat/v18/JTUSjIg1_i6t8kCHKm459Wlhyw.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Montserrat:400|Comfortaa:400,300,700|Boogaloo
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:823::2003 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
2b26a74f3c0e529bc8fccfa6b1db8e083e738992266359fde1a5bd0aaa81cbc3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://tainhachay.us
Accept-Language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Wed, 01 Dec 2021 17:31:06 GMT
x-content-type-options
nosniff
age
451736
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
19844
x-xss-protection
0
last-modified
Tue, 10 Aug 2021 00:20:10 GMT
server
sffe
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="apps-themes"
expires
Thu, 01 Dec 2022 17:31:06 GMT
JTUSjIg1_i6t8kCHKm459Wdhyzbi.woff2
fonts.gstatic.com/s/montserrat/v18/
17 KB
17 KB
Font
General
Full URL
https://fonts.gstatic.com/s/montserrat/v18/JTUSjIg1_i6t8kCHKm459Wdhyzbi.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Montserrat:400|Comfortaa:400,300,700|Boogaloo
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:823::2003 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
66ebd4ac253961eb0f81cd79787f1121e7dca85ecd5ad4ea4b513b43f7eb3332
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://tainhachay.us
Accept-Language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Wed, 01 Dec 2021 15:55:30 GMT
x-content-type-options
nosniff
age
457472
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
16952
x-xss-protection
0
last-modified
Tue, 10 Aug 2021 00:20:06 GMT
server
sffe
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="apps-themes"
expires
Thu, 01 Dec 2022 15:55:30 GMT
6e82032f-72a9-43f4-87fd-539eb64f7715
https://tainhachay.us/
91 B
0
Other
General
Full URL
blob:https://tainhachay.us/6e82032f-72a9-43f4-87fd-539eb64f7715
Requested by
Host: tainhachay.us
URL: https://tainhachay.us/
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
2d054b502d829accd15ff9cb78d1431df1c3ec2c67ca18d4008d2cbc973c6384

Request headers

Accept-Language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Content-Length
91
Content-Type
application/javascript
1699111
ad.a-ads.com/ Frame F4F1
6 KB
2 KB
Document
General
Full URL
https://ad.a-ads.com/1699111?size=320x100
Requested by
Host: tainhachay.us
URL: https://tainhachay.us/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
136.243.4.18 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.18.4.243.136.clients.your-server.de
Software
nginx/1.18.0 (Ubuntu) / Phusion Passenger(R)
Resource Hash
88ca48315a76355607cb683a32cf25f153c1c431daa180a36d82f8338d03e78b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language
en-US,en;q=0.9
Referer
https://tainhachay.us/

Response headers

Server
nginx/1.18.0 (Ubuntu)
Date
Mon, 06 Dec 2021 23:00:02 GMT
Content-Type
text/html;charset=utf-8
Transfer-Encoding
chunked
Connection
keep-alive
Vary
Accept-Encoding Accept-Encoding
Status
200 OK
X-XSS-Protection
1; mode=block
X-Content-Type-Options
nosniff
X-Powered-By
Phusion Passenger(R)
X-Original-Referer
https://tainhachay.us/
Content-Encoding
gzip
fontawesome-webfont.woff
netdna.bootstrapcdn.com/font-awesome/4.0.3/fonts/
43 KB
44 KB
Font
General
Full URL
https://netdna.bootstrapcdn.com/font-awesome/4.0.3/fonts/fontawesome-webfont.woff?v=4.0.3
Requested by
Host: netdna.bootstrapcdn.com
URL: https://netdna.bootstrapcdn.com/font-awesome/4.0.3/css/font-awesome.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6812:bcf , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0fd28fece9ebd606b8b071460ebd3fc2ed7bc7a66ef91c8834f11dfacab4a849
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://netdna.bootstrapcdn.com/font-awesome/4.0.3/css/font-awesome.css
Origin
https://tainhachay.us
Accept-Language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Mon, 06 Dec 2021 23:00:02 GMT
x-content-type-options
nosniff
cf-cache-status
HIT
cdn-edgestorageid
674, 617, 617, 617
age
172187
cdn-cachedat
2021-06-08 10:21:32
cdn-pullzone
252412
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
44432
timing-allow-origin
*
access-control-allow-origin
*
last-modified
Mon, 25 Jan 2021 22:04:53 GMT
server
cloudflare
cdn-requestpullcode
200
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
font/woff
cdn-cache
HIT
vary
Accept-Encoding
cache-control
public, max-age=31919000
cdn-uid
b1941f61-b576-4f40-80de-5677acb38f74
cdn-requestid
6f0b5ab211583213a6925a3e8e68e60c
accept-ranges
bytes
cf-ray
6b9920cbdc1c2836-DFW
cdn-requestcountrycode
US
cdn-status
200
cdn-requestpullsuccess
True
c.php
cs.u-on.eu/
393 B
634 B
Image
General
Full URL
https://cs.u-on.eu/c.php?u=76513&rjs=%3F**1600x1200&ljs=https%3A%2F%2Ftainhachay.us%2F
Requested by
Host: tainhachay.us
URL: https://tainhachay.us/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
163.172.215.201 Amsterdam, Netherlands, ASN12876 (Online SAS, FR),
Reverse DNS
163-172-215-201.rev.poneytelecom.eu
Software
Apache/2.4.29 (Ubuntu) /
Resource Hash
483b61aab2517acf9fd9c941dfa23bb50b600822433794052d9d1dd14ff7b5fa

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://tainhachay.us/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date
Mon, 06 Dec 2021 23:00:02 GMT
Cache-Control
no-store, no-cache, must-revalidate
Server
Apache/2.4.29 (Ubuntu)
Connection
Keep-Alive
Keep-Alive
timeout=5, max=99
Content-Length
393
Content-Type
image/png
analytics.js
www.google-analytics.com/
49 KB
20 KB
Script
General
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: counter.jdi5.com
URL: https://counter.jdi5.com/online.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:807::200e , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://tainhachay.us/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Tue, 02 Nov 2021 17:39:06 GMT
server
Golfe2
age
2287
date
Mon, 06 Dec 2021 22:21:55 GMT
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
20006
expires
Tue, 07 Dec 2021 00:21:55 GMT
fc.php
counter.jdi5.com/
49 B
401 B
Script
General
Full URL
https://counter.jdi5.com/fc.php?id=dd49e6ba9eba68d577b1c27e55d021d7&ua=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F96.0.4664.45%20Safari%2F537.36&ref=&pn=https%3A%2F%2Ftainhachay.us%2F&wh=1600x1200&rand=57
Requested by
Host: counter.jdi5.com
URL: https://counter.jdi5.com/online.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3032::6815:28ba , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
73690468d47d18015acd2ae64d297cd325b6588e23edc9c6d12592526a1c1273

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://tainhachay.us/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Mon, 06 Dec 2021 23:00:03 GMT
content-encoding
gzip
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=fbG2j83Gsc%2FIrrs732Jp9WBnGjIl09M%2B3Di94089okdMdQ1EPt6ETIsStyQ6weeJjXt9qFbBaCRS5u7KZSLm9mxMSufFaF%2FL5hhHcoQR2pzZUCEle%2BiWhF4tbNDvSs2A04H76snSuyXl5G3TxSSX"}],"group":"cf-nel","max_age":604800}
content-type
application/x-javascript
cf-ray
6b9920cbaba42f19-DFW
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
submit.php
1337x2.xyz/ Frame 5C1A
Redirect Chain
  • https://ad.jetx.info/red2.php?rand=pA57100f9cbfeea63e4645014657346447&id=27
  • https://1337x2.xyz/submit.php
345 B
754 B
Document
General
Full URL
https://1337x2.xyz/submit.php
Requested by
Host: tainhachay.us
URL: https://tainhachay.us/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3037::ac43:9bec , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / PHP/7.1.33
Resource Hash
e9b281d1d3a53a42aaa13f8b0e5b332da80515dd3f010481193953038d8fa7ef

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language
en-US,en;q=0.9
Referer
https://tainhachay.us/

Response headers

date
Mon, 06 Dec 2021 23:00:03 GMT
content-type
text/html; charset=UTF-8
vary
Accept-Encoding
x-powered-by
PHP/7.1.33
cf-cache-status
DYNAMIC
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=GQz29h7fRwjTdOXnN6ySJgSGCEUYhG5YOcRYOQBzxJ%2FqQtUZrZ%2BLxTFOegjGeiaB4IjSVfqFW3KStfU5A0gNxf%2FmPJLuLbgeeIw1LJJ%2F%2Fy5GeLXgJkv%2FFdCou41hOU2N1TRpoMZjGITt"}],"group":"cf-nel","max_age":604800}
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
cf-ray
6b9920d08c0a816a-DFW
content-encoding
br
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400

Redirect headers

date
Mon, 06 Dec 2021 23:00:03 GMT
content-type
text/html; charset=UTF-8
location
https://1337x2.xyz/submit.php
x-powered-by
PHP/5.6.40
expires
Thu, 19 Nov 1981 08:52:00 GMT
cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
pragma
no-cache
cf-cache-status
DYNAMIC
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=t387jw4Ih30YUFZublt7ctcqsYTZfW97%2BK7ouKPHSRGR896LrUR1ESdDsuoyJDmJIbxz%2Fo4Io7innEgIr3gQ0csjUsZRMsg%2FkllN7sRnmKA1JzdSS1b9KxievKhdgQvB04kXPoIOLh8ISSM%3D"}],"group":"cf-nel","max_age":604800}
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
cf-ray
6b9920ccdfc5ec52-DFW
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
/
tainhachay.us/ Frame 437A
44 KB
11 KB
Document
General
Full URL
https://tainhachay.us/
Requested by
Host: tainhachay.us
URL: https://tainhachay.us/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3033::6815:f54 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ad031b78237d16f15269da1375864b47de6ffd5fb5caad4309d5c400cee4f371
Security Headers
Name Value
X-Xss-Protection 1; mode=block

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language
en-US,en;q=0.9
Referer
https://tainhachay.us/

Response headers

date
Mon, 06 Dec 2021 23:00:03 GMT
content-type
text/html; charset=UTF-8
vary
Accept-Encoding Accept-Encoding
expires
Mon, 06 Dec 2021 23:09:28 GMT
cache-control
public
pragma
no-cache
last-modified
Mon, 06 Dec 2021 22:59:28 GMT
access-control-allow-origin
*
x-xss-protection
1; mode=block
cf-cache-status
DYNAMIC
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=8g0X2Hz4JdEkex0nU1W9WqHIk%2BlWBbKnAV%2BpyCNZUtlIFEc1tjmxLWeE96fs8PmnEFGF9wXptN18KH2kD4AKz%2FZPcQYxNusT0y%2FEViWVp3AUoicsLk7vWgomKEx20BQU8rPkGZGsnGSvllJS"}],"group":"cf-nel","max_age":604800}
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
cf-ray
6b9920cbbb7f817a-DFW
content-encoding
br
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
320x100
static.a-ads.com/a-ads-banners/319492/ Frame D8E7
97 KB
98 KB
Image
General
Full URL
https://static.a-ads.com/a-ads-banners/319492/320x100?region=eu-central-1
Requested by
Host: ad.a-ads.com
URL: https://ad.a-ads.com/1699111?size=320x100
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
136.243.4.18 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.18.4.243.136.clients.your-server.de
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
08fd1c94cf023e5e99098e3ca336d01b32a237f0e781ab06c61d18af2589666d

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://ad.a-ads.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date
Mon, 06 Dec 2021 23:00:02 GMT
Last-Modified
Mon, 06 Dec 2021 11:34:44 GMT
Server
nginx/1.18.0 (Ubuntu)
x-amz-request-id
S173HV67D0ZX2HJM
ETag
"3eaed3fe434808810cf7e5b48879b777"
Content-Type
image/gif
Cache-Control
max-age=315360000
x-amz-replication-status
COMPLETED
Content-Length
99707
Connection
keep-alive
Accept-Ranges
bytes
x-amz-version-id
Jv4WlpkWaQayYAR41qPblO0LoxVcMH1F
x-amz-id-2
5Qw2eK+SxPpU3fuVEsl6x6zy3Hh7H+0nFOeKrcV0Avaf2SBuEzZsSINmLncmDauZiag03agLvUA=
Expires
Thu, 31 Dec 2037 23:55:55 GMT
collect
www.google-analytics.com/g/
0
169 B
Ping
General
Full URL
https://www.google-analytics.com/g/collect?v=2&tid=G-GJ11EDJFL9&gtm=2oec10&_p=571259918&sr=1600x1200&ul=en-us&cid=397816071.1638831603&_s=1&dl=https%3A%2F%2Ftainhachay.us%2F&dt=TaiNhacHay.US%20-%20T%E1%BA%A3i%20Xu%E1%BB%91ng%20C%C3%A1c%20B%C3%A0i%20H%C3%A1t%20Mp3%2C%20T%E1%BA%A3i%20Xu%E1%BB%91ng%20Mi%E1%BB%85n%20Ph%C3%AD%20M%E1%BB%9Bi%20Nh%E1%BA%A5t%202021&sid=1638831602&sct=1&seg=0&en=page_view&_fv=1&_nsi=1&_ss=1
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-GJ11EDJFL9
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:807::200e , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://tainhachay.us/
Accept-Language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

pragma
no-cache
date
Mon, 06 Dec 2021 23:00:02 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://tainhachay.us
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
js
www.googletagmanager.com/gtag/
90 KB
35 KB
Script
General
Full URL
https://www.googletagmanager.com/gtag/js?id=UA-46789381-15&l=dataLayer&cx=c
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-GJ11EDJFL9
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:81e::2008 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
2d91726619e3a826e7f0ee795f192f1cec70bca40a48bf2c55cfb9b5f8130417
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://tainhachay.us/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Mon, 06 Dec 2021 23:00:02 GMT
content-encoding
br
vary
Accept-Encoding
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
36190
x-xss-protection
0
last-modified
Mon, 06 Dec 2021 21:00:00 GMT
server
Google Tag Manager
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Mon, 06 Dec 2021 23:00:02 GMT
truncated
/ Frame D8E7
305 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
95347f5a02237a0ff92fc87be7ad78f0fb44eebc125ffb61edc17da98a6d23d7

Request headers

Accept-Language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Content-Type
image/png
320x100
static.a-ads.com/a-ads-banners/319492/ Frame F4F1
97 KB
98 KB
Image
General
Full URL
https://static.a-ads.com/a-ads-banners/319492/320x100?region=eu-central-1
Requested by
Host: ad.a-ads.com
URL: https://ad.a-ads.com/1699111?size=320x100
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
136.243.4.18 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.18.4.243.136.clients.your-server.de
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
08fd1c94cf023e5e99098e3ca336d01b32a237f0e781ab06c61d18af2589666d

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://ad.a-ads.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date
Mon, 06 Dec 2021 23:00:03 GMT
Last-Modified
Mon, 06 Dec 2021 11:34:44 GMT
Server
nginx/1.18.0 (Ubuntu)
x-amz-request-id
S173HV67D0ZX2HJM
ETag
"3eaed3fe434808810cf7e5b48879b777"
Content-Type
image/gif
Cache-Control
max-age=315360000
x-amz-replication-status
COMPLETED
Content-Length
99707
Connection
keep-alive
Accept-Ranges
bytes
x-amz-version-id
Jv4WlpkWaQayYAR41qPblO0LoxVcMH1F
x-amz-id-2
5Qw2eK+SxPpU3fuVEsl6x6zy3Hh7H+0nFOeKrcV0Avaf2SBuEzZsSINmLncmDauZiag03agLvUA=
Expires
Thu, 31 Dec 2037 23:55:55 GMT
truncated
/ Frame F4F1
305 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
95347f5a02237a0ff92fc87be7ad78f0fb44eebc125ffb61edc17da98a6d23d7

Request headers

Accept-Language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Content-Type
image/png
adManager.js
js.wpadmngr.com/static/
451 B
598 B
Script
General
Full URL
https://js.wpadmngr.com/static/adManager.js
Requested by
Host: yqmxfz.com
URL: https://yqmxfz.com/pw/waWQiOjEwNjQ1OTMsInNpZCI6MTExNTc1NCwid2lkIjoyNzk0MTMsInNyYyI6Mn0=eyJ.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
45.133.44.25 Philadelphia, United States, ASN7018 (ATT-INTERNET4, US),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash
2f499c632d806f66b96dda6cbd4cac0363d331885476a8ac1d9e8ac60954d720

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://tainhachay.us/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Mon, 06 Dec 2021 23:00:02 GMT
content-encoding
gzip
last-modified
Wed, 13 Oct 2021 09:03:43 GMT
server
nginx/1.18.0
etag
W/"6166a0ef-1c3"
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
expires
Tue, 07 Dec 2021 00:00:02 GMT
cache-control
max-age=3600
x-proxy-cache
HIT
JTUSjIg1_i6t8kCHKm459WZhyzbi.woff2
fonts.gstatic.com/s/montserrat/v18/
7 KB
7 KB
Font
General
Full URL
https://fonts.gstatic.com/s/montserrat/v18/JTUSjIg1_i6t8kCHKm459WZhyzbi.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Montserrat:400|Comfortaa:400,300,700|Boogaloo
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:823::2003 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e2852d2462d64cf4179aa9397380ee32b82fea35d0a79dfd9ad94cca5cde0859
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://tainhachay.us
Accept-Language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Sun, 05 Dec 2021 00:30:16 GMT
x-content-type-options
nosniff
age
167387
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6688
x-xss-protection
0
last-modified
Tue, 10 Aug 2021 00:20:02 GMT
server
sffe
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="apps-themes"
expires
Mon, 05 Dec 2022 00:30:16 GMT
collect
www.google-analytics.com/j/
4 B
24 B
XHR
General
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j96&a=571259918&t=pageview&_s=1&dl=https%3A%2F%2Ftainhachay.us%2F&ul=en-us&de=UTF-8&dt=TaiNhacHay.US%20-%20T%E1%BA%A3i%20Xu%E1%BB%91ng%20C%C3%A1c%20B%C3%A0i%20H%C3%A1t%20Mp3%2C%20T%E1%BA%A3i%20Xu%E1%BB%91ng%20Mi%E1%BB%85n%20Ph%C3%AD%20M%E1%BB%9Bi%20Nh%E1%BA%A5t%202021&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=IADAAEABAAAAAC~&jid=1758037433&gjid=388162901&cid=397816071.1638831603&tid=UA-46789381-10&_gid=1531865707.1638831603&_r=1&_slc=1&z=1487912194
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:807::200e , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://tainhachay.us/
Accept-Language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Mon, 06 Dec 2021 23:00:03 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://tainhachay.us
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
4
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
www.google-analytics.com/j/
2 B
22 B
XHR
General
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j96&a=571259918&t=pageview&_s=1&dl=https%3A%2F%2Ftainhachay.us%2F&ul=en-us&de=UTF-8&dt=TaiNhacHay.US%20-%20T%E1%BA%A3i%20Xu%E1%BB%91ng%20C%C3%A1c%20B%C3%A0i%20H%C3%A1t%20Mp3%2C%20T%E1%BA%A3i%20Xu%E1%BB%91ng%20Mi%E1%BB%85n%20Ph%C3%AD%20M%E1%BB%9Bi%20Nh%E1%BA%A5t%202021&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YADAAUABAAAAAC~&jid=1748989015&gjid=1665839328&cid=397816071.1638831603&tid=UA-46789381-15&_gid=1531865707.1638831603&_r=1&gtm=2ouc10&z=622937967
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:807::200e , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://tainhachay.us/
Accept-Language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Mon, 06 Dec 2021 23:00:03 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://tainhachay.us
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
www.google-analytics.com/
35 B
55 B
Image
General
Full URL
https://www.google-analytics.com/collect?v=1&_v=j96&a=571259918&t=event&_s=2&dl=https%3A%2F%2Ftainhachay.us%2F&ul=en-us&de=UTF-8&dt=TaiNhacHay.US%20-%20T%E1%BA%A3i%20Xu%E1%BB%91ng%20C%C3%A1c%20B%C3%A0i%20H%C3%A1t%20Mp3%2C%20T%E1%BA%A3i%20Xu%E1%BB%91ng%20Mi%E1%BB%85n%20Ph%C3%AD%20M%E1%BB%9Bi%20Nh%E1%BA%A5t%202021&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=tainhachay.us&ea=tainhachay.us&el=tainhachay.us&_u=YADAAUABAAAAAC~&jid=&gjid=&cid=397816071.1638831603&tid=UA-46789381-15&_gid=1531865707.1638831603&gtm=2ouc10&cg1=tainhachay.us&z=2142010507
Requested by
Host: tainhachay.us
URL: https://tainhachay.us/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:807::200e , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://tainhachay.us/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 06 Dec 2021 12:18:34 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
age
38489
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
35
expires
Mon, 01 Jan 1990 00:00:00 GMT
adManager.m.js
js.wpadmngr.com/static/
76 KB
28 KB
Script
General
Full URL
https://js.wpadmngr.com/static/adManager.m.js
Requested by
Host: js.wpadmngr.com
URL: https://js.wpadmngr.com/static/adManager.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
45.133.44.25 Philadelphia, United States, ASN7018 (ATT-INTERNET4, US),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash
c3b4f77d5381aed1035dfd325c92572507530e8f732002a7613caee1774a532a

Request headers

Referer
https://tainhachay.us/
Origin
https://tainhachay.us
Accept-Language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Mon, 06 Dec 2021 23:00:03 GMT
content-encoding
gzip
last-modified
Fri, 03 Dec 2021 10:57:04 GMT
server
nginx/1.18.0
etag
W/"61a9f800-12e6c"
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
expires
Tue, 07 Dec 2021 00:00:03 GMT
cache-control
max-age=3600
x-proxy-cache
HIT
collect
stats.g.doubleclick.net/j/
2 B
68 B
XHR
General
Full URL
https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j96&tid=UA-46789381-15&cid=397816071.1638831603&jid=1748989015&gjid=1665839328&_gid=1531865707.1638831603&_u=YADAAUABAAAAAC~&z=566976597
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4023:1404::9d Columbus, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
6068f86ff5e6d3a3e100e95fd0ab03a5fb9ebfca9386b2c0ee131361a62526c2
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://tainhachay.us/
Accept-Language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
strict-transport-security
max-age=10886400; includeSubDomains; preload
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
date
Mon, 06 Dec 2021 23:00:03 GMT
content-type
text/plain
access-control-allow-origin
https://tainhachay.us
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
stats.g.doubleclick.net/j/
2 B
438 B
XHR
General
Full URL
https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j96&tid=UA-46789381-10&cid=397816071.1638831603&jid=1758037433&gjid=388162901&_gid=1531865707.1638831603&_u=IADAAEAAAAAAAC~&z=1060522625
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4023:1404::9d Columbus, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
6068f86ff5e6d3a3e100e95fd0ab03a5fb9ebfca9386b2c0ee131361a62526c2
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://tainhachay.us/
Accept-Language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
strict-transport-security
max-age=10886400; includeSubDomains; preload
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
date
Mon, 06 Dec 2021 23:00:03 GMT
content-type
text/plain
access-control-allow-origin
https://tainhachay.us
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2
expires
Fri, 01 Jan 1990 00:00:00 GMT
font-awesome.css
netdna.bootstrapcdn.com/font-awesome/4.0.3/css/ Frame 437A
21 KB
5 KB
Stylesheet
General
Full URL
https://netdna.bootstrapcdn.com/font-awesome/4.0.3/css/font-awesome.css
Requested by
Host: tainhachay.us
URL: https://tainhachay.us/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6812:bcf , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3083e8d3b21ddc3f0e6d65ec3580aa6edfaadca5d9737d9caa27e6a233e1ccf3
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://tainhachay.us/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Mon, 06 Dec 2021 23:00:03 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
cdn-edgestorageid
711, 617, 617
age
18458226
cdn-cachedat
2021-05-03 12:02:07
cdn-pullzone
252412
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
timing-allow-origin
*
access-control-allow-origin
*
last-modified
Mon, 25 Jan 2021 22:04:53 GMT
server
cloudflare
cdn-requestpullcode
200
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
text/css; charset=utf-8
cdn-cache
HIT
vary
Accept-Encoding
cache-control
public, max-age=31919000
cdn-uid
b1941f61-b576-4f40-80de-5677acb38f74
cdn-requestid
7106d808e7f3fd7e56dc6ca3bd98f420
cf-ray
6b9920d0cffa8163-DFW
cdn-requestcountrycode
US
cdn-requestpullsuccess
True
jquery.min.js
ajax.googleapis.com/ajax/libs/jquery/1.10.2/ Frame 437A
91 KB
32 KB
Script
General
Full URL
https://ajax.googleapis.com/ajax/libs/jquery/1.10.2/jquery.min.js
Requested by
Host: tainhachay.us
URL: https://tainhachay.us/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:817::200a , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
89a15e9c40bc6b14809f236ee8cd3ed1ea42393c1f6ca55c7855cd779b3f922e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://tainhachay.us/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Mon, 06 Dec 2021 19:33:33 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
12390
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
32954
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 19:15:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="hosted-libraries-pushers"
vary
Accept-Encoding
report-to
{"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 06 Dec 2022 19:33:33 GMT
jquery-ui.min.js
ajax.googleapis.com/ajax/libs/jqueryui/1.10.3/ Frame 437A
223 KB
59 KB
Script
General
Full URL
https://ajax.googleapis.com/ajax/libs/jqueryui/1.10.3/jquery-ui.min.js
Requested by
Host: tainhachay.us
URL: https://tainhachay.us/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:817::200a , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
9671f8be70ad94a5362e60f4656d5d53ba214d32ab70a3f9d1603d7dadf9d1c1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://tainhachay.us/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Mon, 06 Dec 2021 06:29:25 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
59438
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
60529
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 19:15:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="hosted-libraries-pushers"
vary
Accept-Encoding
report-to
{"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 06 Dec 2022 06:29:25 GMT
style.css
fastcdn.jdi5.com/css/nhacdj.wapkiz.com/ Frame 437A
7 KB
2 KB
Stylesheet
General
Full URL
https://fastcdn.jdi5.com/css/nhacdj.wapkiz.com/style.css
Requested by
Host: tainhachay.us
URL: https://tainhachay.us/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3032::6815:28ba , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / PHP/7.4.0RC6
Resource Hash
5400a57a5051b8e339aa10ba25409f825aa52e50ce5e5f867772ec7666e2602a

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://tainhachay.us/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Mon, 06 Dec 2021 23:00:03 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
34
x-powered-by
PHP/7.4.0RC6
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
last-modified
Mon, 06 Dec 2021 22:59:29 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2F47fucr4km7QxMrjyI1yER9GZfqJajmZBQpjGgyJK2bZXU7FhdN2kCYM0hK2S8JwG8GdT%2F8QupvF4xrXJnKwL0tKxol5OUOSTbne2KMJ%2BgG%2Fs2gye1WEkEroFi%2FcD2XTaIyrnOd016mBWqKFoNyk"}],"group":"cf-nel","max_age":604800}
content-type
text/css;charset=UTF-8
cache-control
max-age=14400
cf-polished
origSize=7606
cf-ray
6b9920d04dd228ab-DFW
cf-bgj
minify
waWQiOjEwNjQ1OTMsInNpZCI6MTExNTc1NCwid2lkIjoyNzk0MTMsInNyYyI6Mn0=eyJ.js
yqmxfz.com/pw/ Frame 437A
146 KB
56 KB
Script
General
Full URL
https://yqmxfz.com/pw/waWQiOjEwNjQ1OTMsInNpZCI6MTExNTc1NCwid2lkIjoyNzk0MTMsInNyYyI6Mn0=eyJ.js
Requested by
Host: tainhachay.us
URL: https://tainhachay.us/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3036::ac43:c555 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
bd89c9e7d6048ee176b38666f2003a0d976bce1c643c5a56139e553b2ff28a33

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://tainhachay.us/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Mon, 06 Dec 2021 23:00:03 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
e-tag
da9bd4a7cc53e633c559fc77d7ee5945
age
33
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
last-modified
Mon, 06 Dec 2021 22:59:30 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=t2VeLffvGRIoxU688Q6BZ60h1oSXZKVQub69WyQfVXSPeXTb519FL3EqhTkCNUblmqyVof6sBJcwPtdJucyNLZ1WYLr5Ddnl0cEezEMFc%2FMNs9Hp%2BTKOj47Ch6f62bOvvLnBL8ar0y%2F%2F"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
https://tainhachay.us
cache-control
max-age=14400
cf-ray
6b9920d35c5b0bff-DFW
js
www.googletagmanager.com/gtag/ Frame 437A
163 KB
60 KB
Script
General
Full URL
https://www.googletagmanager.com/gtag/js?id=G-GJ11EDJFL9
Requested by
Host: tainhachay.us
URL: https://tainhachay.us/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:81e::2008 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
7ed08cb5cc454b867ea14268279a4fe72cd2583d119959241899265bd0bf2d3d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://tainhachay.us/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Mon, 06 Dec 2021 23:00:03 GMT
content-encoding
br
server
Google Tag Manager
access-control-allow-headers
Cache-Control
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; includeSubDomains
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
61845
x-xss-protection
0
expires
Mon, 06 Dec 2021 23:00:03 GMT
js.php
cs.u-on.eu/ Frame 437A
302 B
508 B
Script
General
Full URL
https://cs.u-on.eu/js.php?u=76513
Requested by
Host: tainhachay.us
URL: https://tainhachay.us/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
163.172.215.201 Amsterdam, Netherlands, ASN12876 (Online SAS, FR),
Reverse DNS
163-172-215-201.rev.poneytelecom.eu
Software
Apache/2.4.29 (Ubuntu) /
Resource Hash
cba8021d40885cd127e578ef3519b60fe58018c97992bf06d4958572b750d770

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://tainhachay.us/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date
Mon, 06 Dec 2021 23:00:03 GMT
Content-Encoding
gzip
Server
Apache/2.4.29 (Ubuntu)
Vary
Accept-Encoding
Content-Type
application/x-javascript
Cache-Control
no-store, no-cache, must-revalidate
Connection
Keep-Alive
Keep-Alive
timeout=5, max=98
Content-Length
205
online.js
counter.jdi5.com/ Frame 437A
3 KB
2 KB
Script
General
Full URL
https://counter.jdi5.com/online.js
Requested by
Host: tainhachay.us
URL: https://tainhachay.us/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3032::6815:28ba , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8f530bfa2c38b91f1fc244604bb6db7381662a0a44f151bf368d310ced331442

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://tainhachay.us/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Mon, 06 Dec 2021 23:00:03 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
8181825
cf-polished
origSize=4463
cf-bgj
minify
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
last-modified
Fri, 19 Mar 2021 16:57:56 GMT
server
cloudflare
etag
W/"6054d814-116f"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=b3VRmXcvdekuh9wt8Fugc86qLQnWWsUhW6P3cNFdPQsrE6Y7zgnVM4X7jV1YkmmuNwGhZ5vqzNjDWqsg7%2F0g2G9Ue8Lrckt3BfbFW6xsKMICnv0itJSaLn5o%2FWurf7GsX1iwxuYsyP%2BBR1rW6B%2BA"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=315360000
cf-ray
6b9920d04dd528ab-DFW
expires
Thu, 31 Dec 2037 23:55:55 GMT
js
www.googletagmanager.com/gtag/ Frame 437A
90 KB
35 KB
Script
General
Full URL
https://www.googletagmanager.com/gtag/js?id=UA-46789381-15
Requested by
Host: tainhachay.us
URL: https://tainhachay.us/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:81e::2008 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
8e25546647979751db83ff8bcf88950356f081b82919e6d1ad3ca93688430d27
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://tainhachay.us/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Mon, 06 Dec 2021 23:00:03 GMT
content-encoding
br
vary
Accept-Encoding
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
36169
x-xss-protection
0
last-modified
Mon, 06 Dec 2021 21:00:00 GMT
server
Google Tag Manager
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Mon, 06 Dec 2021 23:00:03 GMT
5380
na.nawpush.com/tags/
619 B
537 B
XHR
General
Full URL
https://na.nawpush.com/tags/5380
Requested by
Host: js.wpadmngr.com
URL: https://js.wpadmngr.com/static/adManager.m.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
45.133.44.24 Philadelphia, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash
aef5a06805b71a34c37e45b967d67aaf1391df3ed2613b84a88e4c4f6e2cc7f3

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://tainhachay.us/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

access-control-allow-origin
*
date
Mon, 06 Dec 2021 23:00:03 GMT
cache-control
max-age=300, public
content-type
text/plain; charset=utf-8
server
nginx/1.18.0
content-encoding
gzip
x-proxy-cache
HIT
wp-banners.js
js.wpadmngr.com/npc/sdk/
0
238 B
Script
General
Full URL
https://js.wpadmngr.com/npc/sdk/wp-banners.js
Requested by
Host: js.wpadmngr.com
URL: https://js.wpadmngr.com/static/adManager.m.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
45.133.44.25 Philadelphia, United States, ASN7018 (ATT-INTERNET4, US),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://tainhachay.us/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Mon, 06 Dec 2021 23:00:03 GMT
last-modified
Fri, 20 Aug 2021 15:14:31 GMT
server
nginx/1.18.0
etag
"611fc6d7-0"
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
expires
Tue, 07 Dec 2021 00:00:03 GMT
cache-control
max-age=3600
accept-ranges
bytes
content-length
0
x-proxy-cache
HIT
track
metricswpsh.com/in/
0
193 B
XHR
General
Full URL
https://metricswpsh.com/in/track?data=eyJ3bCI6MSwic3ViaWQiOjAsInVzZXJfaWQiOiI3OTMzMjk3MDEyMzA0MzMxMDAwIiwidGltZXpvbmUiOjAsInZlciI6IjIuMTEuMCIsInRhZ19pZCI6NTM4MCwic2NyZWVuX3Jlc29sdXRpb24iOiIxNjAweDEyMDAiLCJhZGJsb2NrIjowLCJ0aW1lem9uZV9vbHNvbiI6IkV0Yy9Vbmtub3duIiwidXRtX3NvdXJjZSI6IiIsInV0bV9tZWRpdW0iOiIiLCJ1dG1fY2FtcGFpZ24iOiIiLCJ1dG1fY29udGVudCI6IiIsIm1tIjowfQ==
Requested by
Host: js.wpadmngr.com
URL: https://js.wpadmngr.com/static/adManager.m.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
168.119.25.18 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.18.25.119.168.clients.your-server.de
Software
nginx/1.18.0 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://tainhachay.us/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 06 Dec 2021 23:00:03 GMT
server
nginx/1.18.0
vary
Origin
access-control-allow-methods
*
access-control-allow-origin
*
cache-control
no-transform, no-cache, no-store, must-revalidate
access-control-allow-headers
*
content-length
0
csub.js
js.wpushsdk.com/npc/sdk/wpu/
13 KB
5 KB
Script
General
Full URL
https://js.wpushsdk.com/npc/sdk/wpu/csub.js
Requested by
Host: js.wpadmngr.com
URL: https://js.wpadmngr.com/static/adManager.m.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
45.133.44.24 Philadelphia, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash
c91a75b4331f5f78cdb3b1264724d73a79d10c83d0bd186261a7f7a2b8d04f1e

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://tainhachay.us/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Mon, 06 Dec 2021 23:00:03 GMT
content-encoding
gzip
last-modified
Thu, 28 Oct 2021 14:05:52 GMT
server
nginx/1.18.0
etag
W/"617aae40-32b9"
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
expires
Tue, 07 Dec 2021 00:00:03 GMT
cache-control
max-age=3600
x-proxy-cache
HIT
build.m.js
js.cabnnr.com/banner-admanager/
10 KB
4 KB
Script
General
Full URL
https://js.cabnnr.com/banner-admanager/build.m.js
Requested by
Host: js.wpadmngr.com
URL: https://js.wpadmngr.com/static/adManager.m.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
45.133.44.25 Philadelphia, United States, ASN7018 (ATT-INTERNET4, US),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash
b140feb2368ebae9a4a45d927f1b07c77e343aae3cc7a3522f100a0d37e55eab

Request headers

Referer
https://tainhachay.us/
Origin
https://tainhachay.us
Accept-Language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Mon, 06 Dec 2021 23:00:03 GMT
content-encoding
gzip
last-modified
Wed, 01 Dec 2021 12:53:40 GMT
server
nginx/1.18.0
etag
W/"61a77054-27d0"
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
expires
Tue, 07 Dec 2021 00:00:03 GMT
cache-control
max-age=3600
x-proxy-cache
HIT
ga-audiences
www.google.com/ads/
42 B
107 B
Image
General
Full URL
https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j96&tid=UA-46789381-10&cid=397816071.1638831603&jid=1758037433&_u=IADAAEAAAAAAAC~&z=2066743206
Requested by
Host: tainhachay.us
URL: https://tainhachay.us/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:81d::2004 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://tainhachay.us/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 06 Dec 2021 23:00:03 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ga-audiences
www.google.com/ads/
42 B
501 B
Image
General
Full URL
https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j96&tid=UA-46789381-15&cid=397816071.1638831603&jid=1748989015&_u=YADAAUABAAAAAC~&z=1890324835
Requested by
Host: tainhachay.us
URL: https://tainhachay.us/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:81d::2004 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://tainhachay.us/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 06 Dec 2021 23:00:03 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
FF0000.png
imgcdn1.jdi5.com/img/
128 B
537 B
Image
General
Full URL
https://imgcdn1.jdi5.com/img/FF0000.png
Requested by
Host: tainhachay.us
URL: https://tainhachay.us/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3036::ac43:9c4b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / PHP/5.6.40
Resource Hash
f55305c1eb95d27c0b58235590a184a11b5093f7481b48862645b2dc45d458cf

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://tainhachay.us/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Mon, 06 Dec 2021 23:00:03 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
2373848
x-powered-by
PHP/5.6.40
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
128
last-modified
Tue, 09 Nov 2021 11:35:55 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=TGHYoGIzDR6z%2BLSnoEDS5pS6D9YKrOsDUxrZTqvx6%2B7%2F%2F0t7w%2Bqh30WaRyLViCtCF1unfpKUFN1ujBR81tFOHUtV%2Bk42dZr5%2BaMhnPzpLOPZ8pnlbAAjmHzF56RAnbZBvh%2BxWG6d%2BZ6fU9kBgVK5"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=31536000
accept-ranges
bytes
cf-ray
6b9920d2afb4814f-DFW
expires
Wed, 09 Nov 2022 11:35:55 GMT
/
1337x2.xyz/ Frame 5C1A
355 B
838 B
Document
General
Full URL
https://1337x2.xyz/
Requested by
Host: tainhachay.us
URL: https://tainhachay.us/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3037::ac43:9bec , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / PHP/7.1.33
Resource Hash
5183e8686cc20c1163b6f88b76a0a186066d6c4a2a69e56d89b9f3a4924df29f

Request headers

Upgrade-Insecure-Requests
1
Origin
https://1337x2.xyz
Content-Type
application/x-www-form-urlencoded
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language
en-US,en;q=0.9
Referer
https://1337x2.xyz/submit.php

Response headers

date
Mon, 06 Dec 2021 23:00:04 GMT
content-type
text/html; charset=UTF-8
vary
Accept-Encoding
x-powered-by
PHP/7.1.33
cf-cache-status
DYNAMIC
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=AfvIq%2FnfCnS%2B0C%2FH%2BmaoqC8NRMN5AYR3wEivNB8u2Mhxm%2F22%2BladuBW%2BrvunHTJGC%2FfG86y5m7NTunN7w8paMHKgL6zX61Qnj90q5nD5fc2C3OmiTlJlYDUJ74CemcCTW1gDOhKkPcvG"}],"group":"cf-nel","max_age":604800}
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
cf-ray
6b9920d3ba3a2fbd-DFW
content-encoding
br
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
css
fonts.googleapis.com/ Frame 437A
7 KB
735 B
Stylesheet
General
Full URL
https://fonts.googleapis.com/css?family=Montserrat:400|Comfortaa:400,300,700|Boogaloo
Requested by
Host: fastcdn.jdi5.com
URL: https://fastcdn.jdi5.com/css/nhacdj.wapkiz.com/style.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:81d::200a , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
7ed9f306dbc0a60b775ccf447f0753f26560c57f71e6e39c131f1df4ade86433
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://fastcdn.jdi5.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Mon, 06 Dec 2021 23:00:03 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
date
Mon, 06 Dec 2021 23:00:03 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Mon, 06 Dec 2021 23:00:03 GMT
1699111
ad.a-ads.com/ Frame A67D
6 KB
2 KB
Document
General
Full URL
https://ad.a-ads.com/1699111?size=320x100
Requested by
Host: tainhachay.us
URL: https://tainhachay.us/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
136.243.4.18 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.18.4.243.136.clients.your-server.de
Software
nginx/1.18.0 (Ubuntu) / Phusion Passenger(R)
Resource Hash
88ca48315a76355607cb683a32cf25f153c1c431daa180a36d82f8338d03e78b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language
en-US,en;q=0.9
Referer
https://tainhachay.us/

Response headers

Server
nginx/1.18.0 (Ubuntu)
Date
Mon, 06 Dec 2021 23:00:03 GMT
Content-Type
text/html;charset=utf-8
Transfer-Encoding
chunked
Connection
keep-alive
Vary
Accept-Encoding Accept-Encoding
Status
200 OK
X-XSS-Protection
1; mode=block
X-Content-Type-Options
nosniff
X-Powered-By
Phusion Passenger(R)
X-Original-Referer
https://tainhachay.us/
Content-Encoding
gzip
ls
stream.vast.wtf/yt/ Frame 16A7
Redirect Chain
  • https://rtbbnr.com/get/?go=1&data=eyJpbXAiOlt7InNlY3VyZSI6MSwiZXh0Ijp7ImF2IjowLCJpZCI6MTY5NSwic3BhY2VpZCI6MTY5NSwiaWR6b25lIjpudWxsLCJhZF90YWdzIjoiIiwibGFiZWxzIjoiIiwidGl0bGUiOiIiLCJzdWJpZCI6IjUxMzY...
  • https://tcimp.zog.link/in/banners?katds_ep=rrA3caYzzjleWbhfMFRzG38EO6u4cgDdcapQC-CLUukP8AcEJoe2K-AFHcjgUjjShbAvWNvoAI0oqu_QUR5iarA9BrcYLyoaGS6coUuyGACfGVex66Tk58N_gsVUctfAXi3e5n14232NKUVCdpNPUE18Wh...
  • https://tb.baimgfroggd.site/in/1816/?user_id=eb9d2febbe40555d02d3583ba9df566827bcca2c&bid=0.040000&katds_labels=&utm1=tcb&utm2=746359569-1&utm3=195-21720-0&utm4=0-9039089-14
  • https://stream.vast.wtf/yt/ls?eu=https%3A%2F%2Fwww.google.com%2Furl%3Fsa%3DD%26q%3Dhttps%3A%2F%2Fwww.youtube.com%2Fembed%2FGGvZaKxAGzI%253Fenablejsapi%253D1%2526origin%253D%2A%2526playsinline%253D1...
5 KB
3 KB
Document
General
Full URL
https://stream.vast.wtf/yt/ls?eu=https%3A%2F%2Fwww.google.com%2Furl%3Fsa%3DD%26q%3Dhttps%3A%2F%2Fwww.youtube.com%2Fembed%2FGGvZaKxAGzI%253Fenablejsapi%253D1%2526origin%253D%2A%2526playsinline%253D1%2526autoplay%253D1%2526mute%253D1&ee=https%3A%2F%2Fvs.javcosplay.com%2Fsts%2F&pid=60807&p=0.0200&oid=1132713&sp=0.040000&spp=1000&se=impression&vi=GGvZaKxAGzI&tcbbi=https%3A%2F%2F12007250.pix-cdn.org%2Fnative%2Ftmp%2Ftbz.jpg&tcbbc=https%3A%2F%2Ftube.biz%2F%3Futm_source%3Dtbz%26utm_medium%3Dbanner%26utm_campaign%3Dasites%26ref%3Dnq1a9fVMKw&utm1=tcb&utm2=746359569-1&utm3=195-21720-0&utm4=0-9039089-14
Requested by
Host: js.cabnnr.com
URL: https://js.cabnnr.com/banner-admanager/build.m.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3036::6815:2206 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
dbc1d23b68353dba50fe546bd25eec8abadeb688a53624cb8df4e72cfe492c96

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language
en-US,en;q=0.9
Referer
https://tainhachay.us/

Response headers

date
Mon, 06 Dec 2021 23:00:05 GMT
content-type
text/html; charset=utf-8
access-control-allow-credentials
true
access-control-allow-origin
*
via
1.1 google
cf-cache-status
DYNAMIC
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=IsqXyjR33EvgbQNbcFs9XqecL2x95QPzrnCuirD%2FVokWXt7mwfe3wS%2BTS3G%2BGedOjTi44aT%2BPJBYoi%2F9gJ%2Bx29dDuqSjBZOpp%2FYvLYTjja%2FNc1MMeacloBv0s8iHB5fvGRHTNGvC7hYrRF40sK8%3D"}],"group":"cf-nel","max_age":604800}
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
cf-ray
6b9920de6843679c-DFW
content-encoding
br
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400

Redirect headers

server
nginx/1.17.2
date
Mon, 06 Dec 2021 23:00:05 GMT
content-type
text/html; charset=UTF-8
content-length
0
location
https://stream.vast.wtf/yt/ls?eu=https%3A%2F%2Fwww.google.com%2Furl%3Fsa%3DD%26q%3Dhttps%3A%2F%2Fwww.youtube.com%2Fembed%2FGGvZaKxAGzI%253Fenablejsapi%253D1%2526origin%253D%2A%2526playsinline%253D1%2526autoplay%253D1%2526mute%253D1&ee=https%3A%2F%2Fvs.javcosplay.com%2Fsts%2F&pid=60807&p=0.0200&oid=1132713&sp=0.040000&spp=1000&se=impression&vi=GGvZaKxAGzI&tcbbi=https%3A%2F%2F12007250.pix-cdn.org%2Fnative%2Ftmp%2Ftbz.jpg&tcbbc=https%3A%2F%2Ftube.biz%2F%3Futm_source%3Dtbz%26utm_medium%3Dbanner%26utm_campaign%3Dasites%26ref%3Dnq1a9fVMKw&utm1=tcb&utm2=746359569-1&utm3=195-21720-0&utm4=0-9039089-14
pragma
no-cache
vary
*
cache-control
no-cache, no-store, must-revalidate
320x100
static.a-ads.com/a-ads-banners/319492/ Frame A67D
97 KB
98 KB
Image
General
Full URL
https://static.a-ads.com/a-ads-banners/319492/320x100?region=eu-central-1
Requested by
Host: ad.a-ads.com
URL: https://ad.a-ads.com/1699111?size=320x100
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
136.243.4.18 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.18.4.243.136.clients.your-server.de
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
08fd1c94cf023e5e99098e3ca336d01b32a237f0e781ab06c61d18af2589666d

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://ad.a-ads.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date
Mon, 06 Dec 2021 23:00:03 GMT
Last-Modified
Mon, 06 Dec 2021 11:34:44 GMT
Server
nginx/1.18.0 (Ubuntu)
x-amz-request-id
S173HV67D0ZX2HJM
ETag
"3eaed3fe434808810cf7e5b48879b777"
Content-Type
image/gif
Cache-Control
max-age=315360000
x-amz-replication-status
COMPLETED
Content-Length
99707
Connection
keep-alive
Accept-Ranges
bytes
x-amz-version-id
Jv4WlpkWaQayYAR41qPblO0LoxVcMH1F
x-amz-id-2
5Qw2eK+SxPpU3fuVEsl6x6zy3Hh7H+0nFOeKrcV0Avaf2SBuEzZsSINmLncmDauZiag03agLvUA=
Expires
Thu, 31 Dec 2037 23:55:55 GMT
1699111
ad.a-ads.com/ Frame A2D2
6 KB
2 KB
Document
General
Full URL
https://ad.a-ads.com/1699111?size=320x100
Requested by
Host: tainhachay.us
URL: https://tainhachay.us/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
136.243.4.18 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.18.4.243.136.clients.your-server.de
Software
nginx/1.18.0 (Ubuntu) / Phusion Passenger(R)
Resource Hash
88ca48315a76355607cb683a32cf25f153c1c431daa180a36d82f8338d03e78b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language
en-US,en;q=0.9
Referer
https://tainhachay.us/

Response headers

Server
nginx/1.18.0 (Ubuntu)
Date
Mon, 06 Dec 2021 23:00:04 GMT
Content-Type
text/html;charset=utf-8
Transfer-Encoding
chunked
Connection
keep-alive
Vary
Accept-Encoding Accept-Encoding
Status
200 OK
X-XSS-Protection
1; mode=block
X-Content-Type-Options
nosniff
X-Powered-By
Phusion Passenger(R)
X-Original-Referer
https://tainhachay.us/
Content-Encoding
gzip
c.php
cs.u-on.eu/ Frame 437A
391 B
632 B
Image
General
Full URL
https://cs.u-on.eu/c.php?u=76513&rjs=https%3A%2F%2Ftainhachay.us%2F%3F**1600x1200&ljs=https%3A%2F%2Ftainhachay.us%2F
Requested by
Host: tainhachay.us
URL: https://tainhachay.us/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
163.172.215.201 Amsterdam, Netherlands, ASN12876 (Online SAS, FR),
Reverse DNS
163-172-215-201.rev.poneytelecom.eu
Software
Apache/2.4.29 (Ubuntu) /
Resource Hash
449bc31ec664d74976a43b6c8f35f10cc4ce94be905d3c4e4cf92f4b788b7fe8

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://tainhachay.us/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date
Mon, 06 Dec 2021 23:00:04 GMT
Cache-Control
no-store, no-cache, must-revalidate
Server
Apache/2.4.29 (Ubuntu)
Connection
Keep-Alive
Keep-Alive
timeout=5, max=97
Content-Length
391
Content-Type
image/png
analytics.js
www.google-analytics.com/ Frame 437A
49 KB
20 KB
Script
General
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: counter.jdi5.com
URL: https://counter.jdi5.com/online.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:807::200e , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://tainhachay.us/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Tue, 02 Nov 2021 17:39:06 GMT
server
Golfe2
age
2289
date
Mon, 06 Dec 2021 22:21:55 GMT
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
20006
expires
Tue, 07 Dec 2021 00:21:55 GMT
fc.php
counter.jdi5.com/ Frame 437A
49 B
608 B
Script
General
Full URL
https://counter.jdi5.com/fc.php?id=dd49e6ba9eba68d577b1c27e55d021d7&ua=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F96.0.4664.45%20Safari%2F537.36&ref=https%3A%2F%2Ftainhachay.us%2F&pn=https%3A%2F%2Ftainhachay.us%2F%23&wh=1600x1200&rand=63
Requested by
Host: counter.jdi5.com
URL: https://counter.jdi5.com/online.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3032::6815:28ba , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
73690468d47d18015acd2ae64d297cd325b6588e23edc9c6d12592526a1c1273

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://tainhachay.us/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Mon, 06 Dec 2021 23:00:05 GMT
content-encoding
gzip
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=sMZXR6jUWisQ9htUuD7QL9TDUoz9RF%2FzyHd0Khx6EtBLle%2Fp3qrVYcG%2BjHDBgZCWHPmAPmBmj8w9GE5BkFSr1hT4GMtNgtnkJ00m4dEQxWJujMpCVhNVGcUuzkt8ynx5lOhLzvq0ZR4E5EJUSVLJ"}],"group":"cf-nel","max_age":604800}
content-type
application/x-javascript
cf-ray
6b9920d4cdf528ab-DFW
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
submit.php
1337x2.xyz/ Frame 8A12
Redirect Chain
  • https://ad.jetx.info/red2.php?rand=pA57100f9cbfeea63e4645014657346447&id=27
  • https://1337x2.xyz/submit.php
345 B
716 B
Document
General
Full URL
https://1337x2.xyz/submit.php
Requested by
Host: tainhachay.us
URL: https://tainhachay.us/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3037::ac43:9bec , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / PHP/7.1.33
Resource Hash
e9b281d1d3a53a42aaa13f8b0e5b332da80515dd3f010481193953038d8fa7ef

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language
en-US,en;q=0.9
Referer
https://tainhachay.us/

Response headers

date
Mon, 06 Dec 2021 23:00:04 GMT
content-type
text/html; charset=UTF-8
vary
Accept-Encoding
x-powered-by
PHP/7.1.33
cf-cache-status
DYNAMIC
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=g9iS7RWEQ0LuLPoVtH53vNx7TUvj4dTCyAiod4crX59lywegjf9qVdahiFi1mgGjN%2FQwgMlCqnVPRVj2a8BoFDeO3ZyVJr7uu5%2Fxx9qXbJmzKTCfgH8kUGnEy%2BBrPH5bAUrwufC9dAsX"}],"group":"cf-nel","max_age":604800}
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
cf-ray
6b9920d7ca572fbd-DFW
content-encoding
br
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400

Redirect headers

date
Mon, 06 Dec 2021 23:00:04 GMT
content-type
text/html; charset=UTF-8
location
https://1337x2.xyz/submit.php
x-powered-by
PHP/5.6.40
expires
Thu, 19 Nov 1981 08:52:00 GMT
cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
pragma
no-cache
cf-cache-status
DYNAMIC
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=dF2vw9XWHnWOBOCDkh246jCfazripUxvAEObRVVFLwtUW%2BzTifcldvIEE2nJLyRpZYNVa92lJOqPJuO2YGbfaJ4B6YREgbQasqkVDoQ%2BkzyGxvTneZEjhaPxYkA1dFLBGMVYZ%2B5p4apOjpY%3D"}],"group":"cf-nel","max_age":604800}
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
cf-ray
6b9920d55de72877-DFW
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
js
www.googletagmanager.com/gtag/ Frame 437A
90 KB
35 KB
Script
General
Full URL
https://www.googletagmanager.com/gtag/js?id=UA-46789381-15&l=dataLayer&cx=c
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-GJ11EDJFL9
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:81e::2008 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
cfdb3dbf59739013469663a73f5cf5443f2c06733ad8acc5807bff7dc7a4569b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://tainhachay.us/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Mon, 06 Dec 2021 23:00:04 GMT
content-encoding
br
vary
Accept-Encoding
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
36188
x-xss-protection
0
last-modified
Mon, 06 Dec 2021 21:00:00 GMT
server
Google Tag Manager
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Mon, 06 Dec 2021 23:00:04 GMT
wnload
yfetyg.com/ Frame 437A
0
127 B
Fetch
General
Full URL
https://yfetyg.com/wnload?a=1&e=aeyJwaWQiOjEwNjQ1OTMsInNpZCI6MTExNTc1NCwid2lkIjoyNzk0MTMsImQiOiJ0YWluaGFjaGF5LnVzIiwibGkiOjF9&tz=0&if=1
Requested by
Host: yqmxfz.com
URL: https://yqmxfz.com/pw/waWQiOjEwNjQ1OTMsInNpZCI6MTExNTc1NCwid2lkIjoyNzk0MTMsInNyYyI6Mn0=eyJ.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
2a02:b4a:1:7::9166:1 , Netherlands, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://tainhachay.us/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

access-control-allow-origin
*
date
Mon, 06 Dec 2021 23:00:04 GMT
access-control-allow-credentials
true
server
nginx/1.18.0
content-length
0
content-type
application/javascript; charset=utf-8
oZjAwMDZZUlVDUwINCQIBUwgA
d1esebcdm6wx7j.cloudfront.net/ Frame 437A
0
293 B
Script
General
Full URL
https://d1esebcdm6wx7j.cloudfront.net/oZjAwMDZZUlVDUwINCQIBUwgA
Requested by
Host: yqmxfz.com
URL: https://yqmxfz.com/pw/waWQiOjEwNjQ1OTMsInNpZCI6MTExNTc1NCwid2lkIjoyNzk0MTMsInNyYyI6Mn0=eyJ.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:21ea:2200:15:c747:87c0:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://tainhachay.us/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 06 Dec 2021 23:00:04 GMT
via
1.1 0406aa08030e059015fb279667e94e6e.cloudfront.net (CloudFront)
x-amz-cf-pop
EWR50-C1
x-cache
Miss from cloudfront
access-control-allow-origin
*
cache-control
no-store, no-cache, proxy-revalidate, must-revalidate, private, no-transform
x-amz-cf-id
zhGU73qh-ALD8CzuSVveZvO7ewqgsRUguP1k8oKg04YI13a4ftyBwg==
adeb46c2-85fe-45c8-b5a7-735a9d78729c
https://tainhachay.us/ Frame 437A
91 B
0
Other
General
Full URL
blob:https://tainhachay.us/adeb46c2-85fe-45c8-b5a7-735a9d78729c
Requested by
Host: tainhachay.us
URL: https://tainhachay.us/
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
2d054b502d829accd15ff9cb78d1431df1c3ec2c67ca18d4008d2cbc973c6384

Request headers

Accept-Language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Content-Length
91
Content-Type
application/javascript
collect
www.google-analytics.com/j/ Frame 437A
2 B
22 B
XHR
General
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j96&a=321815229&t=pageview&_s=1&dl=https%3A%2F%2Ftainhachay.us%2F&ul=en-us&de=UTF-8&dt=TaiNhacHay.US%20-%20T%E1%BA%A3i%20Xu%E1%BB%91ng%20C%C3%A1c%20B%C3%A0i%20H%C3%A1t%20Mp3%2C%20T%E1%BA%A3i%20Xu%E1%BB%91ng%20Mi%E1%BB%85n%20Ph%C3%AD%20M%E1%BB%9Bi%20Nh%E1%BA%A5t%202021&sd=24-bit&sr=1600x1200&vp=&je=0&_u=AACAAEABAAAAAC~&jid=&gjid=&cid=397816071.1638831603&tid=UA-46789381-10&_gid=1531865707.1638831603&_slc=1&z=45701488
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:807::200e , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
a048e640908046be06e00eab37742b5d5ff80964af58cfd22f7cb2de4dfe375f
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://tainhachay.us/
Accept-Language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Mon, 06 Dec 2021 23:00:04 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://tainhachay.us
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
www.google-analytics.com/ Frame 437A
35 B
55 B
Image
General
Full URL
https://www.google-analytics.com/collect?v=1&_v=j96&a=321815229&t=pageview&_s=1&dl=https%3A%2F%2Ftainhachay.us%2F&ul=en-us&de=UTF-8&dt=TaiNhacHay.US%20-%20T%E1%BA%A3i%20Xu%E1%BB%91ng%20C%C3%A1c%20B%C3%A0i%20H%C3%A1t%20Mp3%2C%20T%E1%BA%A3i%20Xu%E1%BB%91ng%20Mi%E1%BB%85n%20Ph%C3%AD%20M%E1%BB%9Bi%20Nh%E1%BA%A5t%202021&sd=24-bit&sr=1600x1200&vp=&je=0&_u=QACAAUABAAAAAC~&jid=&gjid=&cid=397816071.1638831603&tid=UA-46789381-15&_gid=1531865707.1638831603&gtm=2ouc10&z=2047742030
Requested by
Host: tainhachay.us
URL: https://tainhachay.us/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:807::200e , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://tainhachay.us/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 06 Dec 2021 12:18:34 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
age
38490
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
35
expires
Mon, 01 Jan 1990 00:00:00 GMT
collect
www.google-analytics.com/ Frame 437A
35 B
55 B
Image
General
Full URL
https://www.google-analytics.com/collect?v=1&_v=j96&a=321815229&t=event&_s=2&dl=https%3A%2F%2Ftainhachay.us%2F&ul=en-us&de=UTF-8&dt=TaiNhacHay.US%20-%20T%E1%BA%A3i%20Xu%E1%BB%91ng%20C%C3%A1c%20B%C3%A0i%20H%C3%A1t%20Mp3%2C%20T%E1%BA%A3i%20Xu%E1%BB%91ng%20Mi%E1%BB%85n%20Ph%C3%AD%20M%E1%BB%9Bi%20Nh%E1%BA%A5t%202021&sd=24-bit&sr=1600x1200&vp=&je=0&ec=tainhachay.us&ea=tainhachay.us&el=tainhachay.us&_u=QACAAUABAAAAAC~&jid=&gjid=&cid=397816071.1638831603&tid=UA-46789381-15&_gid=1531865707.1638831603&gtm=2ouc10&cg1=tainhachay.us&z=1044818289
Requested by
Host: tainhachay.us
URL: https://tainhachay.us/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:807::200e , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://tainhachay.us/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 06 Dec 2021 12:18:34 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
age
38490
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
35
expires
Mon, 01 Jan 1990 00:00:00 GMT
320x100
static.a-ads.com/a-ads-banners/319492/ Frame A2D2
97 KB
98 KB
Image
General
Full URL
https://static.a-ads.com/a-ads-banners/319492/320x100?region=eu-central-1
Requested by
Host: ad.a-ads.com
URL: https://ad.a-ads.com/1699111?size=320x100
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
136.243.4.18 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.18.4.243.136.clients.your-server.de
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
08fd1c94cf023e5e99098e3ca336d01b32a237f0e781ab06c61d18af2589666d

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://ad.a-ads.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date
Mon, 06 Dec 2021 23:00:04 GMT
Last-Modified
Mon, 06 Dec 2021 11:34:44 GMT
Server
nginx/1.18.0 (Ubuntu)
x-amz-request-id
S173HV67D0ZX2HJM
ETag
"3eaed3fe434808810cf7e5b48879b777"
Content-Type
image/gif
Cache-Control
max-age=315360000
x-amz-replication-status
COMPLETED
Content-Length
99707
Connection
keep-alive
Accept-Ranges
bytes
x-amz-version-id
Jv4WlpkWaQayYAR41qPblO0LoxVcMH1F
x-amz-id-2
5Qw2eK+SxPpU3fuVEsl6x6zy3Hh7H+0nFOeKrcV0Avaf2SBuEzZsSINmLncmDauZiag03agLvUA=
Expires
Thu, 31 Dec 2037 23:55:55 GMT
/
1337x2.xyz/sub/42/0/ Frame 5C1A
3 KB
2 KB
Document
General
Full URL
https://1337x2.xyz/sub/42/0/
Requested by
Host: tainhachay.us
URL: https://tainhachay.us/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3037::ac43:9bec , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / PHP/7.1.33
Resource Hash
2c614af4a4f47e851f2db41f2c3896682ff7dd66c464903962906ac9d4af3aab

Request headers

Upgrade-Insecure-Requests
1
Origin
https://1337x2.xyz
Content-Type
application/x-www-form-urlencoded
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language
en-US,en;q=0.9
Referer
https://1337x2.xyz/

Response headers

date
Mon, 06 Dec 2021 23:00:04 GMT
content-type
text/html; charset=UTF-8
vary
Accept-Encoding
x-powered-by
PHP/7.1.33
cf-cache-status
DYNAMIC
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=2BEOtX9WvCa1c5%2FKIWAEGZD9jwlap3wU2g35JQhb0gyxvjaqwZyDQ5n8%2BwprgvJny8%2BvF2hsbk05Mipm7PQ5HG8t6AacTlWIXkIm%2Fn9MUhOhj7WuMHCCYtGrYC7ydw9CHyEwIaRDGPE4"}],"group":"cf-nel","max_age":604800}
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
cf-ray
6b9920d719192fbd-DFW
content-encoding
br
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
js
www.googletagmanager.com/gtag/ Frame 5C1A
90 KB
35 KB
Script
General
Full URL
https://www.googletagmanager.com/gtag/js?id=UA-46789381-59
Requested by
Host: 1337x2.xyz
URL: https://1337x2.xyz/sub/42/0/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:81e::2008 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
8e450ad54f09c663888f4af6c1e65f8e688fab4fdf5b6a95f41834f7c808b3f3
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://1337x2.xyz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Mon, 06 Dec 2021 23:00:04 GMT
content-encoding
br
vary
Accept-Encoding
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
36168
x-xss-protection
0
last-modified
Mon, 06 Dec 2021 21:00:00 GMT
server
Google Tag Manager
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Mon, 06 Dec 2021 23:00:04 GMT
waWQiOjEwNTEyMDUsInNpZCI6MTEwODk1MSwid2lkIjoyNzI2MDQsInNyYyI6Mn0=eyJ.js
yqmxfz.com/pw/ Frame 5C1A
146 KB
56 KB
Script
General
Full URL
https://yqmxfz.com/pw/waWQiOjEwNTEyMDUsInNpZCI6MTEwODk1MSwid2lkIjoyNzI2MDQsInNyYyI6Mn0=eyJ.js
Requested by
Host: 1337x2.xyz
URL: https://1337x2.xyz/sub/42/0/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3036::ac43:c555 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b482ac0d51dbe763832e72e96adb288550d827d0360a7085ddaae016247b4114

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://1337x2.xyz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Mon, 06 Dec 2021 23:00:04 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
e-tag
fec252b1ce30324c595df2f486cf6a7c
age
32
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
last-modified
Mon, 06 Dec 2021 22:59:32 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=UGDHinFAxp2gKI80mFlDsMyuzLVHH5HmUpVvz8wwObYNssb79wfHffTQ6SlbvOBEHBhfmKwvZmYzs1fIV%2FaZfaUz47iGCa9h1xENwXlIjiFikyyYCrNSOQH5QKXysHvDWSurYsMKaSTR"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
https://1337x2.xyz
cache-control
max-age=14400
cf-ray
6b9920d8be530bff-DFW
lazysizes.min.js
afarkas.github.io/lazysizes/ Frame 5C1A
8 KB
4 KB
Script
General
Full URL
https://afarkas.github.io/lazysizes/lazysizes.min.js
Requested by
Host: 1337x2.xyz
URL: https://1337x2.xyz/sub/42/0/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:50c0:8001::153 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
GitHub.com /
Resource Hash
3d9120fa621da6d613c1698b7014ec6bdf4620366e8f2b7b547059f4b6f6272b

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://1337x2.xyz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

x-fastly-request-id
39edd961f3081f0c8658023a33f4272951357f15
date
Mon, 06 Dec 2021 23:00:04 GMT
content-encoding
gzip
age
163
x-cache
HIT
content-length
3497
x-served-by
cache-dal21249-DAL
access-control-allow-origin
*
last-modified
Mon, 17 May 2021 09:28:46 GMT
server
GitHub.com
x-github-request-id
F93C:7A93:B8A59:17331D:619DF193
x-timer
S1638831605.764339,VS0,VE1
etag
W/"60a2374e-1ed1"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
via
1.1 varnish
expires
Wed, 24 Nov 2021 08:07:10 GMT
cache-control
max-age=600
permissions-policy
interest-cohort=()
accept-ranges
bytes
x-origin-cache
HIT
x-proxy-cache
HIT
x-cache-hits
1
analytics.js
www.google-analytics.com/ Frame 5C1A
49 KB
20 KB
Script
General
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-46789381-59
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:807::200e , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://1337x2.xyz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Tue, 02 Nov 2021 17:39:06 GMT
server
Golfe2
age
2289
date
Mon, 06 Dec 2021 22:21:55 GMT
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
20006
expires
Tue, 07 Dec 2021 00:21:55 GMT
wnload
yfetyg.com/ Frame 5C1A
0
127 B
Fetch
General
Full URL
https://yfetyg.com/wnload?a=1&e=aeyJwaWQiOjEwNTEyMDUsInNpZCI6MTEwODk1MSwid2lkIjoyNzI2MDQsImQiOiIxMzM3eDIueHl6IiwibGkiOjF9&tz=0&if=1
Requested by
Host: yqmxfz.com
URL: https://yqmxfz.com/pw/waWQiOjEwNTEyMDUsInNpZCI6MTEwODk1MSwid2lkIjoyNzI2MDQsInNyYyI6Mn0=eyJ.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
2a02:b4a:1:7::9166:1 , Netherlands, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://1337x2.xyz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

access-control-allow-origin
*
date
Mon, 06 Dec 2021 23:00:05 GMT
access-control-allow-credentials
true
server
nginx/1.18.0
content-length
0
content-type
application/javascript; charset=utf-8
trace
cloudflare.com/cdn-cgi/ Frame 5C1A
283 B
331 B
Fetch
General
Full URL
https://cloudflare.com/cdn-cgi/trace
Requested by
Host: yqmxfz.com
URL: https://yqmxfz.com/pw/waWQiOjEwNTEyMDUsInNpZCI6MTEwODk1MSwid2lkIjoyNzI2MDQsInNyYyI6Mn0=eyJ.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:85e5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
398c8f241f8a1d33dccb17aacb940c807860fa903f52b60c691eb535a6f6022c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://1337x2.xyz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Mon, 06 Dec 2021 23:00:05 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cloudflare
x-frame-options
DENY
content-type
text/plain
access-control-allow-origin
*
cache-control
no-cache
cf-ray
6b9920db6eac0c13-DFW
expires
Thu, 01 Jan 1970 00:00:01 GMT
98916c1b-1bed-4fe4-a3bd-5bc32e9200fc
https://1337x2.xyz/ Frame 5C1A
91 B
0
Other
General
Full URL
blob:https://1337x2.xyz/98916c1b-1bed-4fe4-a3bd-5bc32e9200fc
Requested by
Host: 1337x2.xyz
URL: https://1337x2.xyz/sub/42/0/
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
2d054b502d829accd15ff9cb78d1431df1c3ec2c67ca18d4008d2cbc973c6384

Request headers

Accept-Language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Content-Length
91
Content-Type
application/javascript
/
1337x2.xyz/ Frame 8A12
359 B
800 B
Document
General
Full URL
https://1337x2.xyz/
Requested by
Host: tainhachay.us
URL: https://tainhachay.us/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3037::ac43:9bec , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / PHP/7.1.33
Resource Hash
ab5dce5dce629c311054495294d567cfa75afb1381720c53c992f64a33b94f48

Request headers

Upgrade-Insecure-Requests
1
Origin
https://1337x2.xyz
Content-Type
application/x-www-form-urlencoded
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language
en-US,en;q=0.9
Referer
https://1337x2.xyz/submit.php

Response headers

date
Mon, 06 Dec 2021 23:00:05 GMT
content-type
text/html; charset=UTF-8
vary
Accept-Encoding
x-powered-by
PHP/7.1.33
cf-cache-status
DYNAMIC
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Mp1jPctikxTNN1R%2Bki5kdC973U925Ke%2B6dxG9wak2iDC7FSYacOy3thaTaZYLyS5TLazgSmTzuqNFld3Wi4krjRnaN%2B9YGTZ8YEb5lNrmbA9HgEb6D2qgUCOVs8Obb2Uuw4cvc8jm3P%2B"}],"group":"cf-nel","max_age":604800}
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
cf-ray
6b9920db897d2fbd-DFW
content-encoding
br
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
oZjAwMDZZUlVDUwINCQIBUwgA
d1esebcdm6wx7j.cloudfront.net/ Frame 5C1A
0
300 B
Script
General
Full URL
https://d1esebcdm6wx7j.cloudfront.net/oZjAwMDZZUlVDUwINCQIBUwgA
Requested by
Host: yqmxfz.com
URL: https://yqmxfz.com/pw/waWQiOjEwNTEyMDUsInNpZCI6MTEwODk1MSwid2lkIjoyNzI2MDQsInNyYyI6Mn0=eyJ.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:21ea:2200:15:c747:87c0:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://1337x2.xyz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 06 Dec 2021 22:59:33 GMT
via
1.1 0406aa08030e059015fb279667e94e6e.cloudfront.net (CloudFront)
age
32
x-cache
Hit from cloudfront
access-control-allow-origin
*
cache-control
no-store, no-cache, proxy-revalidate, must-revalidate, private, no-transform
x-amz-cf-pop
EWR50-C1
x-amz-cf-id
KoCqGV_Gx8txSQzaFyGpelRUiLjCGA0KWN4SE1nQXQxvTAc6m4NrPA==
/
1337x2.xyz/user/bone111/ Frame 8A12
3 KB
2 KB
Document
General
Full URL
https://1337x2.xyz/user/bone111/
Requested by
Host: tainhachay.us
URL: https://tainhachay.us/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3037::ac43:9bec , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / PHP/7.1.33
Resource Hash
41748e786a5e736c2b5d0390d2b362e8cb4689bd0854b2a4d833bfef74aa1302

Request headers

Upgrade-Insecure-Requests
1
Origin
https://1337x2.xyz
Content-Type
application/x-www-form-urlencoded
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language
en-US,en;q=0.9
Referer
https://1337x2.xyz/

Response headers

date
Mon, 06 Dec 2021 23:00:05 GMT
content-type
text/html; charset=UTF-8
vary
Accept-Encoding
x-powered-by
PHP/7.1.33
cf-cache-status
DYNAMIC
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Xvh8uMZtrW2zMKXBMLpIZdI8p%2F9DWJYKzBI7Sk5v9RWaXJA%2BJ8JcarnLCBSZz4VJbWHmgcjRf%2FoC6QLTdy5NQgmQiM9PgnxrnGiv1TjtcrhyDrbpMQllaBdh5V8ZXekBHWEPvkxjn1tc"}],"group":"cf-nel","max_age":604800}
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
cf-ray
6b9920dd2c922fbd-DFW
content-encoding
br
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
FF0000.png
imgcdn1.jdi5.com/img/ Frame 437A
128 B
756 B
Image
General
Full URL
https://imgcdn1.jdi5.com/img/FF0000.png
Requested by
Host: counter.jdi5.com
URL: https://counter.jdi5.com/online.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3032::6815:28ba , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / PHP/5.6.40
Resource Hash
f55305c1eb95d27c0b58235590a184a11b5093f7481b48862645b2dc45d458cf

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://tainhachay.us/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Mon, 06 Dec 2021 23:00:05 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
2373850
x-powered-by
PHP/5.6.40
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
128
last-modified
Tue, 09 Nov 2021 11:35:55 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=uq%2FFQ9jXD1yKnUX7VvHkPoDSsN%2FFFCb6yfkS6fyanMp55NWT%2FSFXFSylHGV56KXZy5RJen9ndVPRFKaTiiEVsUmzisdp9Ncbz%2BtonL5SvxWYhKROHyeyj9zjzmbPtVEm0E3bjxQBkMxat%2BuSxWf4"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=31536000
accept-ranges
bytes
cf-ray
6b9920dd6f8b28ab-DFW
expires
Wed, 09 Nov 2022 11:35:55 GMT
js
www.googletagmanager.com/gtag/ Frame 8A12
90 KB
35 KB
Script
General
Full URL
https://www.googletagmanager.com/gtag/js?id=UA-46789381-59
Requested by
Host: 1337x2.xyz
URL: https://1337x2.xyz/user/bone111/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:81e::2008 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
2eb97be0ca7a4944963a9d01e2c2a8e44b18d6dbe062ff7ddddd880172d0090a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://1337x2.xyz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Mon, 06 Dec 2021 23:00:05 GMT
content-encoding
br
vary
Accept-Encoding
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
36167
x-xss-protection
0
last-modified
Mon, 06 Dec 2021 21:00:00 GMT
server
Google Tag Manager
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Mon, 06 Dec 2021 23:00:05 GMT
waWQiOjEwNTEyMDUsInNpZCI6MTEwODk1MSwid2lkIjoyNzI2MDQsInNyYyI6Mn0=eyJ.js
yqmxfz.com/pw/ Frame 8A12
146 KB
56 KB
Script
General
Full URL
https://yqmxfz.com/pw/waWQiOjEwNTEyMDUsInNpZCI6MTEwODk1MSwid2lkIjoyNzI2MDQsInNyYyI6Mn0=eyJ.js
Requested by
Host: 1337x2.xyz
URL: https://1337x2.xyz/user/bone111/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3036::ac43:c555 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b482ac0d51dbe763832e72e96adb288550d827d0360a7085ddaae016247b4114

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://1337x2.xyz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Mon, 06 Dec 2021 23:00:05 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
e-tag
fec252b1ce30324c595df2f486cf6a7c
age
33
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
last-modified
Mon, 06 Dec 2021 22:59:32 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=q2YvPvKSL5Bol61PCu%2FLQ%2BWUXtdUHOWj8r07q8WujTwIg5ZeQllts6%2BbFCWYXL0R2YalcrmSW5XMjlcAvr5wZ%2BsTnWw%2Bgx20h%2BZfiraRN%2BEENv%2F4087dO0VYkJDPbN1QUOanTXu9MWEM"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
https://1337x2.xyz
cache-control
max-age=14400
cf-ray
6b9920decbe10bff-DFW
lazysizes.min.js
afarkas.github.io/lazysizes/ Frame 8A12
8 KB
4 KB
Script
General
Full URL
https://afarkas.github.io/lazysizes/lazysizes.min.js
Requested by
Host: 1337x2.xyz
URL: https://1337x2.xyz/user/bone111/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:50c0:8001::153 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
GitHub.com /
Resource Hash
3d9120fa621da6d613c1698b7014ec6bdf4620366e8f2b7b547059f4b6f6272b

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://1337x2.xyz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

x-fastly-request-id
7e72b48a613d4720a19708dbc3fb9007be59fecc
date
Mon, 06 Dec 2021 23:00:05 GMT
content-encoding
gzip
age
164
x-cache
HIT
content-length
3497
x-served-by
cache-dal21249-DAL
access-control-allow-origin
*
last-modified
Mon, 17 May 2021 09:28:46 GMT
server
GitHub.com
x-github-request-id
F93C:7A93:B8A59:17331D:619DF193
x-timer
S1638831606.566131,VS0,VE0
etag
W/"60a2374e-1ed1"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
via
1.1 varnish
expires
Wed, 24 Nov 2021 08:07:10 GMT
cache-control
max-age=600
permissions-policy
interest-cohort=()
accept-ranges
bytes
x-origin-cache
HIT
x-proxy-cache
HIT
x-cache-hits
2
wnload
yfetyg.com/ Frame 8A12
0
127 B
Fetch
General
Full URL
https://yfetyg.com/wnload?a=1&e=aeyJwaWQiOjEwNTEyMDUsInNpZCI6MTEwODk1MSwid2lkIjoyNzI2MDQsImQiOiIxMzM3eDIueHl6IiwibGkiOjF9&tz=0&if=1
Requested by
Host: yqmxfz.com
URL: https://yqmxfz.com/pw/waWQiOjEwNTEyMDUsInNpZCI6MTEwODk1MSwid2lkIjoyNzI2MDQsInNyYyI6Mn0=eyJ.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
2a02:b4a:1:7::9166:1 , Netherlands, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://1337x2.xyz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

access-control-allow-origin
*
date
Mon, 06 Dec 2021 23:00:05 GMT
access-control-allow-credentials
true
server
nginx/1.18.0
content-length
0
content-type
application/javascript; charset=utf-8
trace
cloudflare.com/cdn-cgi/ Frame 8A12
283 B
309 B
Fetch
General
Full URL
https://cloudflare.com/cdn-cgi/trace
Requested by
Host: yqmxfz.com
URL: https://yqmxfz.com/pw/waWQiOjEwNTEyMDUsInNpZCI6MTEwODk1MSwid2lkIjoyNzI2MDQsInNyYyI6Mn0=eyJ.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:85e5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
97ec3e849c2c3cbb2b4e52b254c9c01a9a59ff9355a1c9e9a6c51ce93a102fc7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://1337x2.xyz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Mon, 06 Dec 2021 23:00:05 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cloudflare
x-frame-options
DENY
content-type
text/plain
access-control-allow-origin
*
cache-control
no-cache
cf-ray
6b9920e14b360c13-DFW
expires
Thu, 01 Jan 1970 00:00:01 GMT
0dda8e6d-0ab2-4414-be5b-6fb3fe3dc5ca
https://1337x2.xyz/ Frame 8A12
91 B
0
Other
General
Full URL
blob:https://1337x2.xyz/0dda8e6d-0ab2-4414-be5b-6fb3fe3dc5ca
Requested by
Host: 1337x2.xyz
URL: https://1337x2.xyz/user/bone111/
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
2d054b502d829accd15ff9cb78d1431df1c3ec2c67ca18d4008d2cbc973c6384

Request headers

Accept-Language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Content-Length
91
Content-Type
application/javascript
analytics.js
www.google-analytics.com/ Frame 8A12
49 KB
20 KB
Script
General
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-46789381-59
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:807::200e , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://1337x2.xyz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Tue, 02 Nov 2021 17:39:06 GMT
server
Golfe2
age
2291
date
Mon, 06 Dec 2021 22:21:55 GMT
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
20006
expires
Tue, 07 Dec 2021 00:21:55 GMT
bundle5.js
stream.vast.wtf/files/ytls/ Frame 16A7
2 MB
619 KB
Script
General
Full URL
https://stream.vast.wtf/files/ytls/bundle5.js
Requested by
Host: stream.vast.wtf
URL: https://stream.vast.wtf/yt/ls?eu=https%3A%2F%2Fwww.google.com%2Furl%3Fsa%3DD%26q%3Dhttps%3A%2F%2Fwww.youtube.com%2Fembed%2FGGvZaKxAGzI%253Fenablejsapi%253D1%2526origin%253D%2A%2526playsinline%253D1%2526autoplay%253D1%2526mute%253D1&ee=https%3A%2F%2Fvs.javcosplay.com%2Fsts%2F&pid=60807&p=0.0200&oid=1132713&sp=0.040000&spp=1000&se=impression&vi=GGvZaKxAGzI&tcbbi=https%3A%2F%2F12007250.pix-cdn.org%2Fnative%2Ftmp%2Ftbz.jpg&tcbbc=https%3A%2F%2Ftube.biz%2F%3Futm_source%3Dtbz%26utm_medium%3Dbanner%26utm_campaign%3Dasites%26ref%3Dnq1a9fVMKw&utm1=tcb&utm2=746359569-1&utm3=195-21720-0&utm4=0-9039089-14
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3036::6815:2206 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ecdf4ae5f5c9297579dbe49dc256ca07afa3c768f723a8bfac5b9a9f749baede

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://stream.vast.wtf/yt/ls?eu=https%3A%2F%2Fwww.google.com%2Furl%3Fsa%3DD%26q%3Dhttps%3A%2F%2Fwww.youtube.com%2Fembed%2FGGvZaKxAGzI%253Fenablejsapi%253D1%2526origin%253D%2A%2526playsinline%253D1%2526autoplay%253D1%2526mute%253D1&ee=https%3A%2F%2Fvs.javcosplay.com%2Fsts%2F&pid=60807&p=0.0200&oid=1132713&sp=0.040000&spp=1000&se=impression&vi=GGvZaKxAGzI&tcbbi=https%3A%2F%2F12007250.pix-cdn.org%2Fnative%2Ftmp%2Ftbz.jpg&tcbbc=https%3A%2F%2Ftube.biz%2F%3Futm_source%3Dtbz%26utm_medium%3Dbanner%26utm_campaign%3Dasites%26ref%3Dnq1a9fVMKw&utm1=tcb&utm2=746359569-1&utm3=195-21720-0&utm4=0-9039089-14
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Mon, 06 Dec 2021 23:00:06 GMT
via
1.1 google
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
5593
content-encoding
br
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
last-modified
Thu, 25 Nov 2021 07:55:58 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=y2V6IfUGzvI0pdn0GzzQBUuWIjwWxSRU3V3On8MKmmYRNRxOIOG13j8U3YXjJB5P4YryhdOyQTB6gYSluT9%2FhYCVZQfqX0XV2My90h7E2Itl%2FU6OlS%2BAm5sogu0Z1QILvEz2gFd8qXK6Yjgrsc4%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=14400
cf-ray
6b9920e21aab66d1-DFW
cf-bgj
minify
tbz.jpg
12007250.pix-cdn.org/native/tmp/ Frame 16A7
20 KB
21 KB
Image
General
Full URL
https://12007250.pix-cdn.org/native/tmp/tbz.jpg
Requested by
Host: stream.vast.wtf
URL: https://stream.vast.wtf/yt/ls?eu=https%3A%2F%2Fwww.google.com%2Furl%3Fsa%3DD%26q%3Dhttps%3A%2F%2Fwww.youtube.com%2Fembed%2FGGvZaKxAGzI%253Fenablejsapi%253D1%2526origin%253D%2A%2526playsinline%253D1%2526autoplay%253D1%2526mute%253D1&ee=https%3A%2F%2Fvs.javcosplay.com%2Fsts%2F&pid=60807&p=0.0200&oid=1132713&sp=0.040000&spp=1000&se=impression&vi=GGvZaKxAGzI&tcbbi=https%3A%2F%2F12007250.pix-cdn.org%2Fnative%2Ftmp%2Ftbz.jpg&tcbbc=https%3A%2F%2Ftube.biz%2F%3Futm_source%3Dtbz%26utm_medium%3Dbanner%26utm_campaign%3Dasites%26ref%3Dnq1a9fVMKw&utm1=tcb&utm2=746359569-1&utm3=195-21720-0&utm4=0-9039089-14
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
45.133.44.25 Philadelphia, United States, ASN7018 (ATT-INTERNET4, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0a500f83955139786d6ad6b9c95cbe603dceb315cf5c87005cfcf3fe2b199c2e
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://stream.vast.wtf/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Mon, 06 Dec 2021 23:00:06 GMT
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
5816789
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
20782
last-modified
Thu, 30 Sep 2021 13:59:58 GMT
server
cloudflare
etag
"6155c2de-512e"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=T%2B546ndgGprCUHvbZALwlV%2F0HrYlTy0LMzXIBNPwHkcxrgn6WLfUf1KCBrDut0Xj%2BXaVO%2FX3EkewGMqN1etXv7rSctlBu603TGOYvJiC1WiJwFHubuFbil%2FqzA1R"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=3600
accept-ranges
bytes
cf-ray
6b99112ef89c7fe1-IAD
x-proxy-cache
HIT
expires
Tue, 07 Dec 2021 00:00:06 GMT
adManager.js
js.wpadmngr.com/static/ Frame 8A12
451 B
597 B
Script
General
Full URL
https://js.wpadmngr.com/static/adManager.js
Requested by
Host: yqmxfz.com
URL: https://yqmxfz.com/pw/waWQiOjEwNTEyMDUsInNpZCI6MTEwODk1MSwid2lkIjoyNzI2MDQsInNyYyI6Mn0=eyJ.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
45.133.44.25 Philadelphia, United States, ASN7018 (ATT-INTERNET4, US),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash
2f499c632d806f66b96dda6cbd4cac0363d331885476a8ac1d9e8ac60954d720

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://1337x2.xyz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Mon, 06 Dec 2021 23:00:06 GMT
content-encoding
gzip
last-modified
Wed, 13 Oct 2021 09:03:43 GMT
server
nginx/1.18.0
etag
W/"6166a0ef-1c3"
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
expires
Tue, 07 Dec 2021 00:00:06 GMT
cache-control
max-age=3600
x-proxy-cache
HIT
adManager.m.js
js.wpadmngr.com/static/ Frame 8A12
76 KB
28 KB
Script
General
Full URL
https://js.wpadmngr.com/static/adManager.m.js
Requested by
Host: js.wpadmngr.com
URL: https://js.wpadmngr.com/static/adManager.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
45.133.44.25 Philadelphia, United States, ASN7018 (ATT-INTERNET4, US),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash
c3b4f77d5381aed1035dfd325c92572507530e8f732002a7613caee1774a532a

Request headers

Referer
https://1337x2.xyz/
Origin
https://1337x2.xyz
Accept-Language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Mon, 06 Dec 2021 23:00:06 GMT
content-encoding
gzip
last-modified
Fri, 03 Dec 2021 10:57:04 GMT
server
nginx/1.18.0
etag
W/"61a9f800-12e6c"
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
expires
Tue, 07 Dec 2021 00:00:06 GMT
cache-control
max-age=3600
x-proxy-cache
HIT
5380
na.nawpush.com/tags/ Frame 8A12
619 B
536 B
XHR
General
Full URL
https://na.nawpush.com/tags/5380
Requested by
Host: js.wpadmngr.com
URL: https://js.wpadmngr.com/static/adManager.m.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
45.133.44.24 Philadelphia, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash
aef5a06805b71a34c37e45b967d67aaf1391df3ed2613b84a88e4c4f6e2cc7f3

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://1337x2.xyz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

access-control-allow-origin
*
date
Mon, 06 Dec 2021 23:00:06 GMT
cache-control
max-age=300, public
content-type
text/plain; charset=utf-8
server
nginx/1.18.0
content-encoding
gzip
x-proxy-cache
HIT
wp-banners.js
js.wpadmngr.com/npc/sdk/ Frame 8A12
0
238 B
Script
General
Full URL
https://js.wpadmngr.com/npc/sdk/wp-banners.js
Requested by
Host: js.wpadmngr.com
URL: https://js.wpadmngr.com/static/adManager.m.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
45.133.44.25 Philadelphia, United States, ASN7018 (ATT-INTERNET4, US),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://1337x2.xyz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Mon, 06 Dec 2021 23:00:06 GMT
last-modified
Fri, 20 Aug 2021 15:14:31 GMT
server
nginx/1.18.0
etag
"611fc6d7-0"
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
expires
Tue, 07 Dec 2021 00:00:06 GMT
cache-control
max-age=3600
accept-ranges
bytes
content-length
0
x-proxy-cache
HIT
track
metricswpsh.com/in/ Frame 8A12
0
192 B
XHR
General
Full URL
https://metricswpsh.com/in/track?data=eyJ3bCI6MSwic3ViaWQiOjAsInVzZXJfaWQiOiIxMjUyMDM0MjA4MTY4MDk1MDAwMCIsInRpbWV6b25lIjowLCJ2ZXIiOiIyLjExLjAiLCJ0YWdfaWQiOjUzODAsInNjcmVlbl9yZXNvbHV0aW9uIjoiMTYwMHgxMjAwIiwiYWRibG9jayI6MCwidGltZXpvbmVfb2xzb24iOiJFdGMvVW5rbm93biIsInV0bV9zb3VyY2UiOiIiLCJ1dG1fbWVkaXVtIjoiIiwidXRtX2NhbXBhaWduIjoiIiwidXRtX2NvbnRlbnQiOiIiLCJtbSI6MH0=
Requested by
Host: js.wpadmngr.com
URL: https://js.wpadmngr.com/static/adManager.m.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
168.119.25.18 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.18.25.119.168.clients.your-server.de
Software
nginx/1.18.0 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://1337x2.xyz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 06 Dec 2021 23:00:06 GMT
server
nginx/1.18.0
vary
Origin
access-control-allow-methods
*
access-control-allow-origin
*
cache-control
no-transform, no-cache, no-store, must-revalidate
access-control-allow-headers
*
content-length
0
csub.js
js.wpushsdk.com/npc/sdk/wpu/ Frame 8A12
13 KB
5 KB
Script
General
Full URL
https://js.wpushsdk.com/npc/sdk/wpu/csub.js
Requested by
Host: js.wpadmngr.com
URL: https://js.wpadmngr.com/static/adManager.m.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
45.133.44.24 Philadelphia, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash
c91a75b4331f5f78cdb3b1264724d73a79d10c83d0bd186261a7f7a2b8d04f1e

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://1337x2.xyz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Mon, 06 Dec 2021 23:00:06 GMT
content-encoding
gzip
last-modified
Thu, 28 Oct 2021 14:05:52 GMT
server
nginx/1.18.0
etag
W/"617aae40-32b9"
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
expires
Tue, 07 Dec 2021 00:00:06 GMT
cache-control
max-age=3600
x-proxy-cache
HIT
build.m.js
js.cabnnr.com/banner-admanager/ Frame 8A12
10 KB
4 KB
Script
General
Full URL
https://js.cabnnr.com/banner-admanager/build.m.js
Requested by
Host: js.wpadmngr.com
URL: https://js.wpadmngr.com/static/adManager.m.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
45.133.44.25 Philadelphia, United States, ASN7018 (ATT-INTERNET4, US),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash
b140feb2368ebae9a4a45d927f1b07c77e343aae3cc7a3522f100a0d37e55eab

Request headers

Referer
https://1337x2.xyz/
Origin
https://1337x2.xyz
Accept-Language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Mon, 06 Dec 2021 23:00:06 GMT
content-encoding
gzip
last-modified
Wed, 01 Dec 2021 12:53:40 GMT
server
nginx/1.18.0
etag
W/"61a77054-27d0"
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
expires
Tue, 07 Dec 2021 00:00:06 GMT
cache-control
max-age=3600
x-proxy-cache
HIT
ls
stream.vast.wtf/yt/ Frame D858
Redirect Chain
  • https://rtbbnr.com/get/?go=1&data=eyJpbXAiOlt7InNlY3VyZSI6MSwiZXh0Ijp7ImF2IjowLCJpZCI6MTY5NSwic3BhY2VpZCI6MTY5NSwiaWR6b25lIjpudWxsLCJhZF90YWdzIjoiIiwibGFiZWxzIjoiIiwidGl0bGUiOiIiLCJzdWJpZCI6IjUxMzY...
  • https://tb.baimgfroggd.site/in/1739/?screen_resolution=1600x1200&zone=ssp_cpm&w=1&h=1&spaceid=1695&user_id=770ecce68286c1b725fb6c532871e243&bid=0.0400&katds_labels=&utm1=&utm2=&utm3=&utm4=
  • https://stream.vast.wtf/yt/ls?eu=https%3A%2F%2Fwww.google.com%2Furl%3Fsa%3DD%26q%3Dhttps%3A%2F%2Fwww.youtube.com%2Fembed%2FX1Q5hBdnivU%253Fenablejsapi%253D1%2526origin%253D%2A%2526playsinline%253D1...
0
0
Document
General
Full URL
https://stream.vast.wtf/yt/ls?eu=https%3A%2F%2Fwww.google.com%2Furl%3Fsa%3DD%26q%3Dhttps%3A%2F%2Fwww.youtube.com%2Fembed%2FX1Q5hBdnivU%253Fenablejsapi%253D1%2526origin%253D%2A%2526playsinline%253D1%2526autoplay%253D1%2526mute%253D1&ee=https%3A%2F%2Fvs.javcosplay.com%2Fsts%2F&pid=43038&p=0.0200&oid=1132653&sp=0.0400&spp=1000&se=impression&vi=X1Q5hBdnivU&tcbbi=https%3A%2F%2F12007250.pix-cdn.org%2Fnative%2Ftmp%2Ftbz.jpg&tcbbc=https%3A%2F%2Ftube.biz%2F%3Futm_source%3Dtbz%26utm_medium%3Dbanner%26utm_campaign%3Dasites%26ref%3Dnq1a9fVMKw
Requested by
Host: js.cabnnr.com
URL: https://js.cabnnr.com/banner-admanager/build.m.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3036::6815:2206 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language
en-US,en;q=0.9
Referer
https://1337x2.xyz/

Response headers

date
Mon, 06 Dec 2021 23:00:06 GMT
content-type
text/html; charset=utf-8
access-control-allow-credentials
true
access-control-allow-origin
*
via
1.1 google
cf-cache-status
DYNAMIC
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=xixeQwiZErfUY3XZ0yVNh30P5EJY8hqkhBMImsCa%2BXhMbxPaTmW1RFWb1b5pxRL%2BAHm1IuRBbMpL5muTniAsEg7Dy19RwbIPhM7yo07pLrGi1sDer0RVpf1OE1XOnJi0oZPHoA567xzSTWw4tKA%3D"}],"group":"cf-nel","max_age":604800}
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
cf-ray
6b9920e6acfa66d1-DFW
content-encoding
br
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400

Redirect headers

server
nginx/1.17.2
date
Mon, 06 Dec 2021 23:00:06 GMT
content-type
text/html; charset=UTF-8
content-length
0
location
https://stream.vast.wtf/yt/ls?eu=https%3A%2F%2Fwww.google.com%2Furl%3Fsa%3DD%26q%3Dhttps%3A%2F%2Fwww.youtube.com%2Fembed%2FX1Q5hBdnivU%253Fenablejsapi%253D1%2526origin%253D%2A%2526playsinline%253D1%2526autoplay%253D1%2526mute%253D1&ee=https%3A%2F%2Fvs.javcosplay.com%2Fsts%2F&pid=43038&p=0.0200&oid=1132653&sp=0.0400&spp=1000&se=impression&vi=X1Q5hBdnivU&tcbbi=https%3A%2F%2F12007250.pix-cdn.org%2Fnative%2Ftmp%2Ftbz.jpg&tcbbc=https%3A%2F%2Ftube.biz%2F%3Futm_source%3Dtbz%26utm_medium%3Dbanner%26utm_campaign%3Dasites%26ref%3Dnq1a9fVMKw
cache-control
no-cache, no-store, must-revalidate
pragma
no-cache
vary
*
/
vs.javcosplay.com/sts/ Frame 16A7
0
0

bundle6.js
stream.vast.wtf/files/ytls/ Frame 6796
0
0

c.php
cs.u-on.eu/
390 B
631 B
Image
General
Full URL
https://cs.u-on.eu/c.php?u=76513&rjs=%3F**1600x1200&ljs=https%3A%2F%2Ftainhachay.us%2F
Requested by
Host: tainhachay.us
URL: https://tainhachay.us/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
163.172.215.201 Amsterdam, Netherlands, ASN12876 (Online SAS, FR),
Reverse DNS
163-172-215-201.rev.poneytelecom.eu
Software
Apache/2.4.29 (Ubuntu) /
Resource Hash
74b5019fec8510532b4021ecfbdace057a8090c56eb563e1054dc3372dfd02ef

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://tainhachay.us/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date
Mon, 06 Dec 2021 23:00:07 GMT
Cache-Control
no-store, no-cache, must-revalidate
Server
Apache/2.4.29 (Ubuntu)
Connection
Keep-Alive
Keep-Alive
timeout=5, max=96
Content-Length
390
Content-Type
image/png
collect
www.google-analytics.com/g/ Frame 437A
0
0

1699111
ad.a-ads.com/ Frame F463
6 KB
2 KB
Document
General
Full URL
https://ad.a-ads.com/1699111?size=320x100
Requested by
Host: tainhachay.us
URL: https://tainhachay.us/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
136.243.4.18 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.18.4.243.136.clients.your-server.de
Software
nginx/1.18.0 (Ubuntu) / Phusion Passenger(R)
Resource Hash
e6a0e7518367ceaafa98eb2fcbfdb0bdc66ac106b4eb47982eb3c766b7a149f3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language
en-US,en;q=0.9
Referer
https://tainhachay.us/

Response headers

Server
nginx/1.18.0 (Ubuntu)
Date
Mon, 06 Dec 2021 23:00:07 GMT
Content-Type
text/html;charset=utf-8
Transfer-Encoding
chunked
Connection
keep-alive
Vary
Accept-Encoding Accept-Encoding
Status
200 OK
X-XSS-Protection
1; mode=block
X-Content-Type-Options
nosniff
X-Powered-By
Phusion Passenger(R)
X-Original-Referer
https://tainhachay.us/
Content-Encoding
gzip
1699111
ad.a-ads.com/ Frame 1A98
6 KB
2 KB
Document
General
Full URL
https://ad.a-ads.com/1699111?size=320x100
Requested by
Host: tainhachay.us
URL: https://tainhachay.us/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
136.243.4.18 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.18.4.243.136.clients.your-server.de
Software
nginx/1.18.0 (Ubuntu) / Phusion Passenger(R)
Resource Hash
88ca48315a76355607cb683a32cf25f153c1c431daa180a36d82f8338d03e78b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language
en-US,en;q=0.9
Referer
https://tainhachay.us/

Response headers

Server
nginx/1.18.0 (Ubuntu)
Date
Mon, 06 Dec 2021 23:00:07 GMT
Content-Type
text/html;charset=utf-8
Transfer-Encoding
chunked
Connection
keep-alive
Vary
Accept-Encoding Accept-Encoding
Status
200 OK
X-XSS-Protection
1; mode=block
X-Content-Type-Options
nosniff
X-Powered-By
Phusion Passenger(R)
X-Original-Referer
https://tainhachay.us/
Content-Encoding
gzip
submit.php
1337x2.xyz/ Frame 86FB
Redirect Chain
  • https://ad.jetx.info/red2.php?rand=pA57100f9cbfeea63e4645014657346447&id=27
  • https://1337x2.xyz/submit.php
345 B
720 B
Document
General
Full URL
https://1337x2.xyz/submit.php
Requested by
Host: tainhachay.us
URL: https://tainhachay.us/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3037::ac43:9bec , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / PHP/7.1.33
Resource Hash
e9b281d1d3a53a42aaa13f8b0e5b332da80515dd3f010481193953038d8fa7ef

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language
en-US,en;q=0.9
Referer
https://tainhachay.us/

Response headers

date
Mon, 06 Dec 2021 23:00:08 GMT
content-type
text/html; charset=UTF-8
vary
Accept-Encoding
x-powered-by
PHP/7.1.33
cf-cache-status
DYNAMIC
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Oau2BiXfM7KSfUCRPB6oyF4P7%2BkQdFkqvQpujdL1IlyO7lDGfPSA%2BPlYvkul6LPc0L%2BO05VilFxQA7mgk%2BELD%2F7TdiQPEs4vXP8GTloccOT5Pu7DLnz3KC0i4aduvYInXMwn6We%2FhSp6"}],"group":"cf-nel","max_age":604800}
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
cf-ray
6b9920ed2bfe2fbd-DFW
content-encoding
br
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400

Redirect headers

date
Mon, 06 Dec 2021 23:00:07 GMT
content-type
text/html; charset=UTF-8
location
https://1337x2.xyz/submit.php
x-powered-by
PHP/5.6.40
expires
Thu, 19 Nov 1981 08:52:00 GMT
cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
pragma
no-cache
cf-cache-status
DYNAMIC
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=yV%2ByPfayw213RLZOp8tjEaWRdICxDrw9FsEXpyKNvLvqCxS6JIK8grYhXXl6VNMC9ENY2FKFaHJ929E3flauF%2Bx7mtxzLasOyFxmVHDvYgvI5xIbf5EGOQKqtHXuWBXBZJasGbZH9SLLpCg%3D"}],"group":"cf-nel","max_age":604800}
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
cf-ray
6b9920ebaa5b2877-DFW
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
/
tainhachay.us/ Frame 6B10
43 KB
0
Document
General
Full URL
https://tainhachay.us/
Requested by
Host: tainhachay.us
URL: https://tainhachay.us/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3033::6815:f54 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
Security Headers
Name Value
X-Xss-Protection 1; mode=block

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language
en-US,en;q=0.9
Referer
https://tainhachay.us/

Response headers

date
Mon, 06 Dec 2021 23:00:08 GMT
content-type
text/html; charset=UTF-8
vary
Accept-Encoding Accept-Encoding
expires
Mon, 06 Dec 2021 23:09:28 GMT
cache-control
public
pragma
no-cache
last-modified
Mon, 06 Dec 2021 22:59:28 GMT
access-control-allow-origin
*
x-xss-protection
1; mode=block
cf-cache-status
DYNAMIC
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=EWn9bIydaqz0t8kGGYTsEDXu7ghmorJKag33MIUo3R5GXnZBHVd5TjZrECe1SD4m4mdUgsJaZW7nzDBzkiYafKkSfiwwbSBs%2FvcnP6gnAQWrrnrrbH0R%2FaFKV4c0Hxq51Rz54gFMtok2NEw0"}],"group":"cf-nel","max_age":604800}
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
cf-ray
6b9920ebabd0c7ee-DFW
content-encoding
br
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
ls
stream.vast.wtf/yt/ Frame 998F
Redirect Chain
  • https://rtbbnr.com/get/?go=1&data=eyJpbXAiOlt7InNlY3VyZSI6MSwiZXh0Ijp7ImF2IjowLCJpZCI6MTY5NSwic3BhY2VpZCI6MTY5NSwiaWR6b25lIjpudWxsLCJhZF90YWdzIjoiIiwibGFiZWxzIjoiIiwidGl0bGUiOiIiLCJzdWJpZCI6IjUxMzY...
  • https://tb.baimgfroggd.site/in/1739/?screen_resolution=1600x1200&zone=ssp_cpm&w=1&h=1&spaceid=1695&user_id=75f67d020a6c2c4561d1ca4670345b0a&bid=0.0400&katds_labels=&utm1=&utm2=&utm3=&utm4=
  • https://stream.vast.wtf/yt/ls?eu=https%3A%2F%2Fwww.google.com%2Furl%3Fsa%3DD%26q%3Dhttps%3A%2F%2Fwww.youtube.com%2Fembed%2FGGvZaKxAGzI%253Fenablejsapi%253D1%2526origin%253D%2A%2526playsinline%253D1...
5 KB
3 KB
Document
General
Full URL
https://stream.vast.wtf/yt/ls?eu=https%3A%2F%2Fwww.google.com%2Furl%3Fsa%3DD%26q%3Dhttps%3A%2F%2Fwww.youtube.com%2Fembed%2FGGvZaKxAGzI%253Fenablejsapi%253D1%2526origin%253D%2A%2526playsinline%253D1%2526autoplay%253D1%2526mute%253D1&ee=https%3A%2F%2Fvs.javcosplay.com%2Fsts%2F&pid=43038&p=0.0200&oid=1132713&sp=0.0400&spp=1000&se=impression&vi=GGvZaKxAGzI&tcbbi=https%3A%2F%2F12007250.pix-cdn.org%2Fnative%2Ftmp%2Ftbz.jpg&tcbbc=https%3A%2F%2Ftube.biz%2F%3Futm_source%3Dtbz%26utm_medium%3Dbanner%26utm_campaign%3Dasites%26ref%3Dnq1a9fVMKw
Requested by
Host: tainhachay.us
URL: https://tainhachay.us/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3036::6815:2206 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
df71a2edd9fecb972acfb44fa91c8eb2456e4e424039a41ee45dab262ebc8028

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language
en-US,en;q=0.9
Referer
https://tainhachay.us/

Response headers

date
Mon, 06 Dec 2021 23:00:08 GMT
content-type
text/html; charset=utf-8
access-control-allow-credentials
true
access-control-allow-origin
*
via
1.1 google
cf-cache-status
DYNAMIC
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ASgHO5kWZogBtsyTGpdGu0oY6NblnnnImQJPt5cOQGxH59ZxmwBoSKBh1XJkIoJs7TH80k%2B2He8fiPbGl62S64EfK%2BWWiJvNVK4fnmlMUYp8mROUyzoaHLVx9X%2F9ZzeQLCLyJP%2BWZNfW477f%2BTQ%3D"}],"group":"cf-nel","max_age":604800}
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
cf-ray
6b9920edeef266d1-DFW
content-encoding
br
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400

Redirect headers

server
nginx/1.17.2
date
Mon, 06 Dec 2021 23:00:08 GMT
content-type
text/html; charset=UTF-8
content-length
0
location
https://stream.vast.wtf/yt/ls?eu=https%3A%2F%2Fwww.google.com%2Furl%3Fsa%3DD%26q%3Dhttps%3A%2F%2Fwww.youtube.com%2Fembed%2FGGvZaKxAGzI%253Fenablejsapi%253D1%2526origin%253D%2A%2526playsinline%253D1%2526autoplay%253D1%2526mute%253D1&ee=https%3A%2F%2Fvs.javcosplay.com%2Fsts%2F&pid=43038&p=0.0200&oid=1132713&sp=0.0400&spp=1000&se=impression&vi=GGvZaKxAGzI&tcbbi=https%3A%2F%2F12007250.pix-cdn.org%2Fnative%2Ftmp%2Ftbz.jpg&tcbbc=https%3A%2F%2Ftube.biz%2F%3Futm_source%3Dtbz%26utm_medium%3Dbanner%26utm_campaign%3Dasites%26ref%3Dnq1a9fVMKw
pragma
no-cache
vary
*
cache-control
no-cache, no-store, must-revalidate
truncated
/
1 KB
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
1ad2090f0621999104947850b2f170e36f6326b49d895bb3709181cec8a3cd3f

Request headers

Accept-Language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Content-Type
image/png
img-1-1638607976306-(nghetaitruyen.aino.pk).jpg
dl7.wapkizfile.info/download/e85ce45cef727a420f82e2f592bda428/5d8e6e5a829b841f3a75f89962d3593a/nghetaitruyen+aino+pk/
Redirect Chain
  • https://nghetaitruyen.aino.pk/filedownload/2375551/img-1-1638607976306-(nghetaitruyen.aino.pk).jpg
  • https://dl7.wapkizfile.info/download/e85ce45cef727a420f82e2f592bda428/5d8e6e5a829b841f3a75f89962d3593a/nghetaitruyen+aino+pk/img-1-1638607976306-(nghetaitruyen.aino.pk).jpg
24 KB
25 KB
Image
General
Full URL
https://dl7.wapkizfile.info/download/e85ce45cef727a420f82e2f592bda428/5d8e6e5a829b841f3a75f89962d3593a/nghetaitruyen+aino+pk/img-1-1638607976306-(nghetaitruyen.aino.pk).jpg
Requested by
Host: tainhachay.us
URL: https://tainhachay.us/
Protocol
H2
Server
2606:4700:3038::6815:ea45 -, , ASN (),
Reverse DNS
Software
cloudflare / PHP/5.6.40
Resource Hash
df8f4ca8b711f4c2ba235b234bab9acd7aa2de8d40195f24301b644b144fa4c3

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://tainhachay.us/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Mon, 06 Dec 2021 23:00:08 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
32
x-powered-by
PHP/5.6.40
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
24889
last-modified
Mon, 06 Dec 2021 22:59:36 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=OKoLPZQMMsDlgpkE2AZNt9ynJ5aUkXSbAj%2BtEegjX8e5HtRcn1ax0yic6Bbi3YJpU6a21%2ByGauO73Jb5TzIg9Y9afZiFFRSpGU7uz1dObEtkqQCgHzekxl36Pyn9vhf%2BIUAGmG18QuOhxyQvLLgJCqLa"}],"group":"cf-nel","max_age":604800}
content-type
image/gif
access-control-allow-origin
*
cache-control
max-age=2678400
accept-ranges
bytes
cf-ray
6b9920f09b58671f-DFW

Redirect headers

Pragma
no-cache
Date
Mon, 06 Dec 2021 23:00:08 GMT
Server
nginx
location
https://dl7.wapkizfile.info/download/e85ce45cef727a420f82e2f592bda428/5d8e6e5a829b841f3a75f89962d3593a/nghetaitruyen+aino+pk/img-1-1638607976306-(nghetaitruyen.aino.pk).jpg
Content-Type
text/html; charset=UTF-8
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, must-revalidate
Content-Length
0
X-XSS-Protection
1; mode=block
Expires
Thu, 19 Nov 1981 08:52:00 GMT
collect
www.google-analytics.com/g/
0
17 B
Ping
General
Full URL
https://www.google-analytics.com/g/collect?v=2&tid=G-GJ11EDJFL9&gtm=2oec10&_p=571259918&sr=1600x1200&ul=en-us&cid=397816071.1638831603&_s=2&dl=https%3A%2F%2Ftainhachay.us%2F&dt=TaiNhacHay.US%20-%20T%E1%BA%A3i%20Xu%E1%BB%91ng%20C%C3%A1c%20B%C3%A0i%20H%C3%A1t%20Mp3%2C%20T%E1%BA%A3i%20Xu%E1%BB%91ng%20Mi%E1%BB%85n%20Ph%C3%AD%20M%E1%BB%9Bi%20Nh%E1%BA%A5t%202021&sid=1638831602&sct=1&seg=0&en=tainhachay.us&_et=21&ep.event_category=tainhachay.us&ep.event_label=tainhachay.us
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-GJ11EDJFL9
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:807::200e , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://tainhachay.us/
Accept-Language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

pragma
no-cache
date
Mon, 06 Dec 2021 23:00:07 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://tainhachay.us
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
320x100
static.a-ads.com/a-ads-banners/118283/ Frame F463
223 KB
0
Image
General
Full URL
https://static.a-ads.com/a-ads-banners/118283/320x100?region=eu-central-1
Requested by
Host: ad.a-ads.com
URL: https://ad.a-ads.com/1699111?size=320x100
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
136.243.4.18 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.18.4.243.136.clients.your-server.de
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://ad.a-ads.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date
Mon, 06 Dec 2021 23:00:07 GMT
Last-Modified
Sun, 26 Apr 2020 08:04:42 GMT
Server
nginx/1.18.0 (Ubuntu)
x-amz-request-id
AAKV2HGK5BVDS4T1
ETag
"1763aab6b854e56cd527a753bf570c68"
Content-Type
image/gif
Cache-Control
max-age=315360000
Content-Length
536399
Connection
keep-alive
Accept-Ranges
bytes
x-amz-version-id
sIOihSO9skGRM5mfwdOrxFkH_ks0V5go
x-amz-id-2
VQJj2o/DCZq8Pt8cJTLc0jYLHQdyzEt7bbkiy6z09gvaFsZINtw5K3XvF1ksWw89jBoEL+0CNek=
Expires
Thu, 31 Dec 2037 23:55:55 GMT
truncated
/ Frame F463
305 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
95347f5a02237a0ff92fc87be7ad78f0fb44eebc125ffb61edc17da98a6d23d7

Request headers

Accept-Language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Content-Type
image/png
320x100
static.a-ads.com/a-ads-banners/319492/ Frame 1A98
97 KB
98 KB
Image
General
Full URL
https://static.a-ads.com/a-ads-banners/319492/320x100?region=eu-central-1
Requested by
Host: ad.a-ads.com
URL: https://ad.a-ads.com/1699111?size=320x100
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
136.243.4.18 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.18.4.243.136.clients.your-server.de
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
08fd1c94cf023e5e99098e3ca336d01b32a237f0e781ab06c61d18af2589666d

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://ad.a-ads.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date
Mon, 06 Dec 2021 23:00:08 GMT
Last-Modified
Mon, 06 Dec 2021 11:34:44 GMT
Server
nginx/1.18.0 (Ubuntu)
x-amz-request-id
S173HV67D0ZX2HJM
ETag
"3eaed3fe434808810cf7e5b48879b777"
Content-Type
image/gif
Cache-Control
max-age=315360000
x-amz-replication-status
COMPLETED
Content-Length
99707
Connection
keep-alive
Accept-Ranges
bytes
x-amz-version-id
Jv4WlpkWaQayYAR41qPblO0LoxVcMH1F
x-amz-id-2
5Qw2eK+SxPpU3fuVEsl6x6zy3Hh7H+0nFOeKrcV0Avaf2SBuEzZsSINmLncmDauZiag03agLvUA=
Expires
Thu, 31 Dec 2037 23:55:55 GMT
truncated
/ Frame 1A98
305 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
95347f5a02237a0ff92fc87be7ad78f0fb44eebc125ffb61edc17da98a6d23d7

Request headers

Accept-Language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Content-Type
image/png
/
1337x2.xyz/ Frame 86FB
361 B
806 B
Document
General
Full URL
https://1337x2.xyz/
Requested by
Host: tainhachay.us
URL: https://tainhachay.us/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3037::ac43:9bec , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / PHP/7.1.33
Resource Hash
7fd61fdc55ecaae7490bbbddb37dac943bb6ae61a6dfe81d86de2b49029d962c

Request headers

Upgrade-Insecure-Requests
1
Origin
https://1337x2.xyz
Content-Type
application/x-www-form-urlencoded
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language
en-US,en;q=0.9
Referer
https://1337x2.xyz/submit.php

Response headers

date
Mon, 06 Dec 2021 23:00:08 GMT
content-type
text/html; charset=UTF-8
vary
Accept-Encoding
x-powered-by
PHP/7.1.33
cf-cache-status
DYNAMIC
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=PouYaR4fwafTNOvJNoBl431hcSjB872DiD2JdgQMlKPxDelW3CgZTFZ58EjH3Ihls51Ddqzs2blgf5NGAuAqEdIBG%2FoJ25Dktthx%2BURP%2ByeYrBLrOK8J5MismwDb%2BoZ9oSz%2FNJNXFvow"}],"group":"cf-nel","max_age":604800}
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
cf-ray
6b9920eecf682fbd-DFW
content-encoding
br
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
bundle5.js
stream.vast.wtf/files/ytls/ Frame 998F
2 MB
619 KB
Script
General
Full URL
https://stream.vast.wtf/files/ytls/bundle5.js
Requested by
Host: stream.vast.wtf
URL: https://stream.vast.wtf/yt/ls?eu=https%3A%2F%2Fwww.google.com%2Furl%3Fsa%3DD%26q%3Dhttps%3A%2F%2Fwww.youtube.com%2Fembed%2FGGvZaKxAGzI%253Fenablejsapi%253D1%2526origin%253D%2A%2526playsinline%253D1%2526autoplay%253D1%2526mute%253D1&ee=https%3A%2F%2Fvs.javcosplay.com%2Fsts%2F&pid=43038&p=0.0200&oid=1132713&sp=0.0400&spp=1000&se=impression&vi=GGvZaKxAGzI&tcbbi=https%3A%2F%2F12007250.pix-cdn.org%2Fnative%2Ftmp%2Ftbz.jpg&tcbbc=https%3A%2F%2Ftube.biz%2F%3Futm_source%3Dtbz%26utm_medium%3Dbanner%26utm_campaign%3Dasites%26ref%3Dnq1a9fVMKw
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3036::6815:2206 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://stream.vast.wtf/yt/ls?eu=https%3A%2F%2Fwww.google.com%2Furl%3Fsa%3DD%26q%3Dhttps%3A%2F%2Fwww.youtube.com%2Fembed%2FGGvZaKxAGzI%253Fenablejsapi%253D1%2526origin%253D%2A%2526playsinline%253D1%2526autoplay%253D1%2526mute%253D1&ee=https%3A%2F%2Fvs.javcosplay.com%2Fsts%2F&pid=43038&p=0.0200&oid=1132713&sp=0.0400&spp=1000&se=impression&vi=GGvZaKxAGzI&tcbbi=https%3A%2F%2F12007250.pix-cdn.org%2Fnative%2Ftmp%2Ftbz.jpg&tcbbc=https%3A%2F%2Ftube.biz%2F%3Futm_source%3Dtbz%26utm_medium%3Dbanner%26utm_campaign%3Dasites%26ref%3Dnq1a9fVMKw
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Mon, 06 Dec 2021 23:00:08 GMT
via
1.1 google
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
5595
content-encoding
br
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
last-modified
Thu, 25 Nov 2021 07:55:58 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=aq8IVC8xtaRIChSqzkW0D9maSVwZtZDnyuNTekJzRJ0dTfNqmYtf2SO2yeYV2zxKqKMWroZOGFIGwH9A2sAxieF%2FeCtczqV4XWN0lfPh7E61%2Ft0AO%2FGYe2P5v6sdpMtqU7chN4X3vJmsrO2ATt8%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=14400
cf-ray
6b9920f00c4466d1-DFW
cf-bgj
minify
tbz.jpg
12007250.pix-cdn.org/native/tmp/ Frame 998F
0
0

/
1337x2.xyz/user/MoviesFD7/ Frame 86FB
0
0
Document
General
Full URL
https://1337x2.xyz/user/MoviesFD7/
Requested by
Host: tainhachay.us
URL: https://tainhachay.us/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3037::ac43:9bec , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / PHP/7.1.33
Resource Hash

Request headers

Upgrade-Insecure-Requests
1
Origin
https://1337x2.xyz
Content-Type
application/x-www-form-urlencoded
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language
en-US,en;q=0.9
Referer
https://1337x2.xyz/

Response headers

date
Mon, 06 Dec 2021 23:00:08 GMT
content-type
text/html; charset=UTF-8
vary
Accept-Encoding
x-powered-by
PHP/7.1.33
cf-cache-status
DYNAMIC
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=jvhNyGcqlLjuwgylTMfk9n0HSNBF55htqdVwmlQzt9unMNlN5eTANf8g43rB6r6pGjXZ1X4I1IdOMiMC%2FTIPF6GjiL5VnkwQjb3ucZT%2F6tt3ed9i8XUGM9e3S1M%2Bdo6tC6NO%2Fg1UIinM"}],"group":"cf-nel","max_age":604800}
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
cf-ray
6b9920f06af52fbd-DFW
content-encoding
br
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
font-awesome.css
netdna.bootstrapcdn.com/font-awesome/4.0.3/css/ Frame 6B10
0
0

jquery.min.js
ajax.googleapis.com/ajax/libs/jquery/1.10.2/ Frame 6B10
0
0

jquery-ui.min.js
ajax.googleapis.com/ajax/libs/jqueryui/1.10.3/ Frame 6B10
0
0

style.css
fastcdn.jdi5.com/css/nhacdj.wapkiz.com/ Frame 6B10
0
0

waWQiOjEwNjQ1OTMsInNpZCI6MTExNTc1NCwid2lkIjoyNzk0MTMsInNyYyI6Mn0=eyJ.js
yqmxfz.com/pw/ Frame 6B10
0
0

js
www.googletagmanager.com/gtag/ Frame 6B10
0
0

js.php
cs.u-on.eu/ Frame 6B10
0
0

online.js
counter.jdi5.com/ Frame 6B10
0
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
vs.javcosplay.com
URL
https://vs.javcosplay.com/sts/?eu=https%3A%2F%2Fwww.google.com%2Furl%3Fsa%3DD%26q%3Dhttps%3A%2F%2Fwww.youtube.com%2Fembed%2FGGvZaKxAGzI%253Fenablejsapi%253D1%2526origin%253D%2A%2526playsinline%253D1%2526autoplay%253D1%2526mute%253D1&ee=https%3A%2F%2Fvs.javcosplay.com%2Fsts%2F&pid=60807&p=0.0200&oid=1132713&sp=0.040000&spp=1000&se=impression&vi=GGvZaKxAGzI&tcbbi=https%3A%2F%2F12007250.pix-cdn.org%2Fnative%2Ftmp%2Ftbz.jpg&tcbbc=https%3A%2F%2Ftube.biz%2F%3Futm_source%3Dtbz%26utm_medium%3Dbanner%26utm_campaign%3Dasites%26ref%3Dnq1a9fVMKw&utm1=tcb&utm2=746359569-1&utm3=195-21720-0&utm4=0-9039089-14&type=impression&g_referer=https://tainhachay.us
Domain
stream.vast.wtf
URL
https://stream.vast.wtf/files/ytls/bundle6.js
Domain
www.google-analytics.com
URL
https://www.google-analytics.com/g/collect?v=2&tid=G-GJ11EDJFL9&gtm=2oec10&_p=321815229&sr=1600x1200&ul=en-us&cid=397816071.1638831603&dl=https%3A%2F%2Ftainhachay.us%2F&dr=https%3A%2F%2Ftainhachay.us%2F&dt=TaiNhacHay.US%20-%20T%E1%BA%A3i%20Xu%E1%BB%91ng%20C%C3%A1c%20B%C3%A0i%20H%C3%A1t%20Mp3%2C%20T%E1%BA%A3i%20Xu%E1%BB%91ng%20Mi%E1%BB%85n%20Ph%C3%AD%20M%E1%BB%9Bi%20Nh%E1%BA%A5t%202021&sid=1638831602&sct=1&seg=1&_s=1
Domain
12007250.pix-cdn.org
URL
https://12007250.pix-cdn.org/native/tmp/tbz.jpg
Domain
netdna.bootstrapcdn.com
URL
https://netdna.bootstrapcdn.com/font-awesome/4.0.3/css/font-awesome.css
Domain
ajax.googleapis.com
URL
https://ajax.googleapis.com/ajax/libs/jquery/1.10.2/jquery.min.js
Domain
ajax.googleapis.com
URL
https://ajax.googleapis.com/ajax/libs/jqueryui/1.10.3/jquery-ui.min.js
Domain
fastcdn.jdi5.com
URL
https://fastcdn.jdi5.com/css/nhacdj.wapkiz.com/style.css
Domain
yqmxfz.com
URL
https://yqmxfz.com/pw/waWQiOjEwNjQ1OTMsInNpZCI6MTExNTc1NCwid2lkIjoyNzk0MTMsInNyYyI6Mn0=eyJ.js
Domain
www.googletagmanager.com
URL
https://www.googletagmanager.com/gtag/js?id=G-GJ11EDJFL9
Domain
cs.u-on.eu
URL
https://cs.u-on.eu/js.php?u=76513
Domain
counter.jdi5.com
URL
https://counter.jdi5.com/online.js

Verdicts & Comments Add Verdict or Comment

45 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| 4 object| onbeforexrselect function| reportError boolean| originAgentCluster object| scheduler function| $ function| jQuery string| link_image string| link string| icon_close function| closePopupBeta function| setCookie function| getCookie function| gtag object| dataLayer string| r string| wh object| sc_olimg_var object| pn string| w_h function| online function| sc_onlineimagei function| ct_inserti function| drawText_onlinei function| errorMsgi string| title string| GoogleAnalyticsObject function| ga function| dlcount object| google_tag_manager object| google_tag_data object| gaGlobal function| onYouTubeIframeAPIReady object| __adm_override object| gaplugins object| gaData object| __adFormats object| __formatsGetters object| AdManager object| a3klsam function| __banner-init

11 Cookies

Domain/Path Name / Value
.tainhachay.us/ Name: tainhachay_us
Value: 479bcbdb6771c1394ee7e8cb8e86fc5c
tainhachay.us/ Name: _rce
Value: US
.tainhachay.us/ Name: _gid
Value: GA1.2.1531865707.1638831603
.tainhachay.us/ Name: _gat
Value: 1
.tainhachay.us/ Name: _gat_gtag_UA_46789381_15
Value: 1
.tainhachay.us/ Name: _ga
Value: GA1.2.397816071.1638831603
tcimp.zog.link/ Name: 750.0
Value: 1
tb.baimgfroggd.site/ Name: 1816.1132713
Value: 1
.tainhachay.us/ Name: _ga_GJ11EDJFL9
Value: GS1.1.1638831602.1.1.1638831605.0
tb.baimgfroggd.site/ Name: 1739.1132653
Value: 1
tb.baimgfroggd.site/ Name: 1739.1132713
Value: 1

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
X-Xss-Protection 1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

12007250.pix-cdn.org
1337x2.xyz
ad.a-ads.com
ad.jetx.info
afarkas.github.io
ajax.googleapis.com
cloudflare.com
counter.jdi5.com
cs.u-on.eu
d1esebcdm6wx7j.cloudfront.net
dl7.wapkizfile.info
fastcdn.jdi5.com
fonts.googleapis.com
fonts.gstatic.com
imgcdn1.jdi5.com
js.cabnnr.com
js.wpadmngr.com
js.wpushsdk.com
metricswpsh.com
na.nawpush.com
netdna.bootstrapcdn.com
nghetaitruyen.aino.pk
rtbbnr.com
static.a-ads.com
stats.g.doubleclick.net
stream.vast.wtf
tainhachay.us
tb.baimgfroggd.site
tcimp.zog.link
vs.javcosplay.com
www.google-analytics.com
www.google.com
www.googletagmanager.com
yfetyg.com
yqmxfz.com
12007250.pix-cdn.org
ajax.googleapis.com
counter.jdi5.com
cs.u-on.eu
fastcdn.jdi5.com
netdna.bootstrapcdn.com
stream.vast.wtf
vs.javcosplay.com
www.google-analytics.com
www.googletagmanager.com
yqmxfz.com
136.243.4.18
163.172.215.201
168.119.25.18
2600:9000:21ea:2200:15:c747:87c0:21
2606:4700:3030::ac43:d46f
2606:4700:3032::6815:28ba
2606:4700:3033::6815:f54
2606:4700:3036::6815:2206
2606:4700:3036::ac43:9c4b
2606:4700:3036::ac43:c555
2606:4700:3037::ac43:9bec
2606:4700:3038::6815:ea45
2606:4700::6810:85e5
2606:4700::6812:bcf
2606:50c0:8001::153
2607:f8b0:4006:807::200e
2607:f8b0:4006:817::200a
2607:f8b0:4006:81d::2004
2607:f8b0:4006:81d::200a
2607:f8b0:4006:81e::2008
2607:f8b0:4006:823::2003
2607:f8b0:4023:1404::9d
2a01:4f8:252:564d::2
2a02:128:7:5241::2
2a02:128:7:5242::2
2a02:b4a:1:7::9166:1
45.133.44.24
45.133.44.25
45.14.224.146
08fd1c94cf023e5e99098e3ca336d01b32a237f0e781ab06c61d18af2589666d
0a500f83955139786d6ad6b9c95cbe603dceb315cf5c87005cfcf3fe2b199c2e
0fd28fece9ebd606b8b071460ebd3fc2ed7bc7a66ef91c8834f11dfacab4a849
1ad2090f0621999104947850b2f170e36f6326b49d895bb3709181cec8a3cd3f
2b26a74f3c0e529bc8fccfa6b1db8e083e738992266359fde1a5bd0aaa81cbc3
2c614af4a4f47e851f2db41f2c3896682ff7dd66c464903962906ac9d4af3aab
2d054b502d829accd15ff9cb78d1431df1c3ec2c67ca18d4008d2cbc973c6384
2d91726619e3a826e7f0ee795f192f1cec70bca40a48bf2c55cfb9b5f8130417
2eb97be0ca7a4944963a9d01e2c2a8e44b18d6dbe062ff7ddddd880172d0090a
2f499c632d806f66b96dda6cbd4cac0363d331885476a8ac1d9e8ac60954d720
3083e8d3b21ddc3f0e6d65ec3580aa6edfaadca5d9737d9caa27e6a233e1ccf3
398c8f241f8a1d33dccb17aacb940c807860fa903f52b60c691eb535a6f6022c
3d9120fa621da6d613c1698b7014ec6bdf4620366e8f2b7b547059f4b6f6272b
41748e786a5e736c2b5d0390d2b362e8cb4689bd0854b2a4d833bfef74aa1302
449bc31ec664d74976a43b6c8f35f10cc4ce94be905d3c4e4cf92f4b788b7fe8
483b61aab2517acf9fd9c941dfa23bb50b600822433794052d9d1dd14ff7b5fa
5183e8686cc20c1163b6f88b76a0a186066d6c4a2a69e56d89b9f3a4924df29f
5400a57a5051b8e339aa10ba25409f825aa52e50ce5e5f867772ec7666e2602a
6068f86ff5e6d3a3e100e95fd0ab03a5fb9ebfca9386b2c0ee131361a62526c2
66ebd4ac253961eb0f81cd79787f1121e7dca85ecd5ad4ea4b513b43f7eb3332
6927b4a6789de5a2e3ad959130de87e09bfdcb72fc62115c435febacf386fa7c
73690468d47d18015acd2ae64d297cd325b6588e23edc9c6d12592526a1c1273
74b5019fec8510532b4021ecfbdace057a8090c56eb563e1054dc3372dfd02ef
7ed08cb5cc454b867ea14268279a4fe72cd2583d119959241899265bd0bf2d3d
7ed9f306dbc0a60b775ccf447f0753f26560c57f71e6e39c131f1df4ade86433
7fd61fdc55ecaae7490bbbddb37dac943bb6ae61a6dfe81d86de2b49029d962c
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
88ca48315a76355607cb683a32cf25f153c1c431daa180a36d82f8338d03e78b
89a15e9c40bc6b14809f236ee8cd3ed1ea42393c1f6ca55c7855cd779b3f922e
8e25546647979751db83ff8bcf88950356f081b82919e6d1ad3ca93688430d27
8e450ad54f09c663888f4af6c1e65f8e688fab4fdf5b6a95f41834f7c808b3f3
8f530bfa2c38b91f1fc244604bb6db7381662a0a44f151bf368d310ced331442
95347f5a02237a0ff92fc87be7ad78f0fb44eebc125ffb61edc17da98a6d23d7
9671f8be70ad94a5362e60f4656d5d53ba214d32ab70a3f9d1603d7dadf9d1c1
97ec3e849c2c3cbb2b4e52b254c9c01a9a59ff9355a1c9e9a6c51ce93a102fc7
a048e640908046be06e00eab37742b5d5ff80964af58cfd22f7cb2de4dfe375f
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
ab5dce5dce629c311054495294d567cfa75afb1381720c53c992f64a33b94f48
acf137af3e303c4d781898efe19ab0b3c8910515986799fe46fa1c2f29a454f7
ad031b78237d16f15269da1375864b47de6ffd5fb5caad4309d5c400cee4f371
aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8
aef5a06805b71a34c37e45b967d67aaf1391df3ed2613b84a88e4c4f6e2cc7f3
b140feb2368ebae9a4a45d927f1b07c77e343aae3cc7a3522f100a0d37e55eab
b482ac0d51dbe763832e72e96adb288550d827d0360a7085ddaae016247b4114
bd89c9e7d6048ee176b38666f2003a0d976bce1c643c5a56139e553b2ff28a33
c3b4f77d5381aed1035dfd325c92572507530e8f732002a7613caee1774a532a
c91a75b4331f5f78cdb3b1264724d73a79d10c83d0bd186261a7f7a2b8d04f1e
ca60e9251383538dd4e5d724cbf4f26acd7c1888b7fc7ea88be59c45e3ccb287
cba8021d40885cd127e578ef3519b60fe58018c97992bf06d4958572b750d770
cfdb3dbf59739013469663a73f5cf5443f2c06733ad8acc5807bff7dc7a4569b
dbc1d23b68353dba50fe546bd25eec8abadeb688a53624cb8df4e72cfe492c96
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
df71a2edd9fecb972acfb44fa91c8eb2456e4e424039a41ee45dab262ebc8028
df8f4ca8b711f4c2ba235b234bab9acd7aa2de8d40195f24301b644b144fa4c3
e2852d2462d64cf4179aa9397380ee32b82fea35d0a79dfd9ad94cca5cde0859
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e6a0e7518367ceaafa98eb2fcbfdb0bdc66ac106b4eb47982eb3c766b7a149f3
e9b281d1d3a53a42aaa13f8b0e5b332da80515dd3f010481193953038d8fa7ef
ecdf4ae5f5c9297579dbe49dc256ca07afa3c768f723a8bfac5b9a9f749baede
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f55305c1eb95d27c0b58235590a184a11b5093f7481b48862645b2dc45d458cf
f5a06b873144ea51bdac8574b7da792811cc74e892bdd036be776969e21d1fd2