urlscan.io logo urlscan.io
SecurityTrails logo

file.fan Open in urlscan Pro
188.114.97.3  Private Scan

Go To Rescan Add Verdict Report
URL: https://file.fan/3813e1da0f904a05
Submission: On June 27 via api from FI — Scanned from NL
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 16 IPs in 4 countries across 16 domains to perform 66 HTTP transactions. The main IP is 188.114.97.3, located in Amsterdam, Netherlands and belongs to CLOUDFLARENET, US. The main domain is file.fan.
TLS certificate: Issued by GTS CA 1P5 on May 28th 2024. Valid for: 3 months.
This is the only time file.fan was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
30 188.114.97.3 13335 (CLOUDFLAR...)
2 2a00:1450:400... 15169 (GOOGLE)
1 172.240.127.234 7979 (SERVERS-COM)
1 172.240.108.68 7979 (SERVERS-COM)
1 188.114.96.3 13335 (CLOUDFLAR...)
2 192.243.59.12 39572 (ADVANCEDH...)
2 2a00:1450:400... 15169 (GOOGLE)
10 139.45.197.242 9002 (RETN-AS)
2 139.45.195.8 9002 (RETN-AS)
8 139.45.197.250 9002 (RETN-AS)
3 139.45.197.244 9002 (RETN-AS)
1 172.67.193.52 13335 (CLOUDFLAR...)
1 139.45.195.254 9002 (RETN-AS)
1 139.45.197.151 9002 (RETN-AS)
1 172.64.152.106 13335 (CLOUDFLAR...)
66 16
30    188.114.97.3 (Amsterdam, Netherlands)

ASN13335 (CLOUDFLARENET, US)
file.fan
2    2a00:1450:4001:802::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
1    172.240.127.234 (United States)

ASN7979 (SERVERS-COM, US)
pl22904797.profitablegatecpm.com
1    172.240.108.68 (United States)

ASN7979 (SERVERS-COM, US)
pl22905469.profitablegatecpm.com
1    188.114.96.3 (Amsterdam, Netherlands)

ASN13335 (CLOUDFLARENET, US)
alwingulla.com
2    192.243.59.12 (Ashburn, United States)

ASN39572 (ADVANCEDHOSTERS-AS, NL)
www.topcreativeformat.com
2    2a00:1450:4001:829::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
10    139.45.197.242 (United Kingdom)

ASN9002 (RETN-AS, GB)
veepteero.com
soathoth.com
kukidsaidree.com
2    139.45.195.8 (United Kingdom)

ASN9002 (RETN-AS, GB)
my.rtmark.net
8    139.45.197.250 (United Kingdom)

ASN9002 (RETN-AS, GB)
moonoafy.net
3    139.45.197.244 (United Kingdom)

ASN9002 (RETN-AS, GB)
shoordaird.com
1    172.67.193.52 (United States)

ASN13335 (CLOUDFLARENET, US)
tzegilo.com
1    139.45.195.254 (United Kingdom)

ASN9002 (RETN-AS, GB)
fleraprt.com
1    139.45.197.151 (United Kingdom)

ASN9002 (RETN-AS, GB)
interstitial-08.com
1    172.64.152.106 (San Francisco, United States)

ASN13335 (CLOUDFLARENET, US)
c.adskeeper.com
Apex Domain
Subdomains		 Transfer
30 file.fan
file.fan
342 KB
8 moonoafy.net
moonoafy.net — Cisco Umbrella Rank: 198775
43 KB
5 kukidsaidree.com
kukidsaidree.com — Cisco Umbrella Rank: 52391
148 KB
3 soathoth.com
soathoth.com — Cisco Umbrella Rank: 942453
32 KB
3 shoordaird.com
shoordaird.com — Cisco Umbrella Rank: 74080
37 KB
2 rtmark.net
my.rtmark.net — Cisco Umbrella Rank: 8833
1 KB
2 veepteero.com
veepteero.com — Cisco Umbrella Rank: 196379
5 KB
2 gstatic.com
fonts.gstatic.com
67 KB
2 topcreativeformat.com
www.topcreativeformat.com — Cisco Umbrella Rank: 76390
2 profitablegatecpm.com
pl22904797.profitablegatecpm.com
pl22905469.profitablegatecpm.com
2 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 83
3 KB
1 adskeeper.com
c.adskeeper.com — Cisco Umbrella Rank: 29618
266 B
1 interstitial-08.com
interstitial-08.com — Cisco Umbrella Rank: 267504
1 fleraprt.com
fleraprt.com — Cisco Umbrella Rank: 16791
478 B
1 tzegilo.com
tzegilo.com — Cisco Umbrella Rank: 17855
8 KB
1 alwingulla.com
alwingulla.com — Cisco Umbrella Rank: 209166
26 KB
66 16
Domain Requested by
30 file.fan file.fan
8 moonoafy.net alwingulla.com
moonoafy.net
file.fan
5 kukidsaidree.com alwingulla.com
kukidsaidree.com
3 soathoth.com alwingulla.com
soathoth.com
3 shoordaird.com alwingulla.com
shoordaird.com
2 my.rtmark.net alwingulla.com
file.fan
2 veepteero.com alwingulla.com
2 fonts.gstatic.com fonts.googleapis.com
2 www.topcreativeformat.com file.fan
2 fonts.googleapis.com file.fan
1 c.adskeeper.com
1 interstitial-08.com kukidsaidree.com
1 fleraprt.com tzegilo.com
1 tzegilo.com soathoth.com
1 alwingulla.com file.fan
1 pl22905469.profitablegatecpm.com file.fan
1 pl22904797.profitablegatecpm.com file.fan
66 17

This site contains links to these domains. Also see Links.

Domain
yetishare.com
mfscripts.com
cookiesandyou.com
Subject Issuer Validity Valid
file.fan
GTS CA 1P5		 2024-05-28 -
2024-08-26		 3 months crt.sh
upload.video.google.com
WR2		 2024-06-13 -
2024-09-05		 3 months crt.sh
profitablegatecpm.com
R3		 2024-06-05 -
2024-09-03		 3 months crt.sh
alwingulla.com
GTS CA 1P5		 2024-05-10 -
2024-08-08		 3 months crt.sh
topcreativeformat.com
R3		 2024-05-19 -
2024-08-17		 3 months crt.sh
*.gstatic.com
WR2		 2024-06-13 -
2024-09-05		 3 months crt.sh
veepteero.com
R10		 2024-06-11 -
2024-09-09		 3 months crt.sh
rtmark.net
R3		 2024-05-11 -
2024-08-09		 3 months crt.sh
moonoafy.net
E6		 2024-06-17 -
2024-09-15		 3 months crt.sh
shoordaird.com
R3		 2024-06-06 -
2024-09-04		 3 months crt.sh
soathoth.com
R10		 2024-06-21 -
2024-09-19		 3 months crt.sh
kukidsaidree.com
R11		 2024-06-07 -
2024-09-05		 3 months crt.sh
tzegilo.com
GTS CA 1P5		 2024-05-28 -
2024-08-26		 3 months crt.sh
fleraprt.com
Sectigo RSA Domain Validation Secure Server CA		 2024-01-09 -
2025-01-13		 a year crt.sh
interstitial-08.com
R10		 2024-06-09 -
2024-09-07		 3 months crt.sh
adskeeper.com
GTS CA 1P5		 2024-05-24 -
2024-08-22		 3 months crt.sh

This page contains 2 frames:

Primary Page: https://file.fan/3813e1da0f904a05
Frame ID: 8981C29E4DF8AC98C4139A5A83FF430C
Requests: 61 HTTP requests in this frame

Frame: https://interstitial-08.com/?l=9PjAqTQETOzNIxm&cd_meta_crid=21588&trkintimp&target_url=https%3A%2F%2Fkukidsaidree.com%2F12%3Frnd%3D3423784323%26z%3D7276361%26b%3D5362695%26c%3D2755022%26var%3D%26varid%3D0%26d%3Dhttps%253A%252F%252Foovaufty.com%252F%253Fb%253D%257Bbannerid%257D%2526ba%253D1%2526campid%253D%257Bcampaignid%257D%2526did%253D%257Bdeviceid%257D%2526dm%253D0%2526ep%253D1%2526fp%253D0%2526g%253D%257Bgeo%257D%2526i18db%253D1%2526l%253DEf3r9LOIFX3llkF%2526oaid%253D%257Boaid%257D%2526pshr%253D0%2526s%253D%2524%257BSUBID%257D%2526ssk%253D%257Btimestamp_key%257D%2526svar%253D%257Btimestamp%257D%2526vi%253D1%2526vo%253D1%2526z%253D%257Bzoneid%257D%2526tr%253Ddefault%26cln%3D1%26btp%3D7%26rb%3DyGvoWawgAb4s4gq4ggXeFaNBNTbp0jRZzNvuBrM4NXrdyciuoHYnJZyQlIVPpoQIHgcXZ7a2xgPJn4Jsd4cSUpPbmad0RvM4DPajcCYiLGvYKxm3LEQPtAEe2A89s6pSfN75e1B5UNLDreABv3tSVqHt4DrqFLL8LI5OrxdzWW_oToDpysmsUjIstfFUsbM7eTMfgKybSjLlJiSZ3f47kWUrMJ2MLEsMwgPhJGZkGgDn-_IluCp3oqvqZW6d8difqCeh_H4kpGNgg3EY6yuQdWNx3BzxJJa9t3KQLTW-Hg8OVhYUjyRH-3qoMGg%3D%26bag%3DydU9kaAfa6I%3D%26ruid%3D02c3c6bc-41fb-4a6c-9970-e44cfee72f5e%26os%3Dwin32%26os_version%3D10.0.0%26browser_version%3D126.0.6478.126%26ng%3D1%26ix%3D0%26pt%3D0%26np%3D0%26gp%3D5%26bp%3D4%26nw%3D1%26nb%3D1%26sw%3D1600%26sh%3D1200%26pl%3Dhttps%253A%252F%252Ffile.fan%252F3813e1da0f904a05%26wy%3D110%26wx%3D110%26ww%3D1600%26wh%3D1200%26cw%3D1600%26wiw%3D1600%26wih%3D1200%26wfc%3D0%26sah%3D1200%26drf%3D%26hil%3D1%26ist%3D0%26os%3Dwin32%26os_version%3D10.0.0%26browser_version%3D126.0.6478.126%26tbc%3D1
Frame ID: 240D437492E6A4A20B1CA531B451875E
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

getkmspico.com-KMSpico-setup.zip - We are file fans!

Detected technologies

Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]*?bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.css
Overall confidence: 100%
Detected patterns
  • dataTables.*\.js
Overall confidence: 100%
Detected patterns
  • /flickity(?:\.pkgd)?(?:\.min)?\.js
Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]+(?:([\d.]+)/)?(?:css/)?font-awesome(?:\.min)?\.css
  • <link[^>]* href=[^>]*?(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
  • (?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com
Overall confidence: 100%
Detected patterns
  • <link [^>]*href="[^"]+lightbox(?:\.min)?\.css
Overall confidence: 100%
Detected patterns
  • jquery[.-]([\d.]*\d)[^/]*\.js
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

66
Requests

100 %
HTTPS

13 %
IPv6

16
Domains

17
Subdomains

16
IPs

4
Countries

711 kB
Transfer

2139 kB
Size

11
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

66 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request 3813e1da0f904a05
file.fan/ 		23 KB
4 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://file.fan/3813e1da0f904a05
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
55185b5f2b7dac76a5f3932a27418b24b7e21808e7ab81c8e050b60b85e86d3c

Request headers

Accept-Language
nl-NL,nl;q=0.9;q=0.9
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-mobile
?0
sec-ch-ua-platform
"Win32"

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Content-Type, Content-Range, Content-Disposition, Content-Description
access-control-allow-origin
https://file.fan
alt-svc
h3=":443"; ma=86400
cache-control
no-store, no-cache, must-revalidate no-cache, private
cf-cache-status
DYNAMIC
cf-ray
89a8bfd49c64667f-AMS
content-encoding
br
content-type
text/html; charset=UTF-8
date
Thu, 27 Jun 2024 22:07:20 GMT
expires
Thu, 19 Nov 1981 08:52:00 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
pragma
no-cache
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=ztK6Gk0PnFCBtxJaH5IbbT1Jg4V%2BzH%2F2fWXxKOUHjbB8Fwm%2F68LDUp%2Bf30Ib8bJKsPoYqSDUb5dPZ6YXsDXx3YLhuqPbnGm0vCGPQjGgJsgCYRU6G8dR%2B71b2w%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
bootstrap.min.css
file.fan/themes/spirit/assets/frontend/css/ 		75 KB
13 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://file.fan/themes/spirit/assets/frontend/css/bootstrap.min.css
Requested by
Host: file.fan
URL: https://file.fan/3813e1da0f904a05
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2642f94894419d1cebdc4a010b9380a7403063dd6d28ea8a80bd5ebd01186732

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://file.fan/3813e1da0f904a05
Accept-Language
nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 27 Jun 2024 22:07:20 GMT
content-encoding
gzip
cf-cache-status
REVALIDATED
last-modified
Fri, 15 Apr 2022 16:04:00 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
W/"62599770-12c7a"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=dxiIHyoVWhuPUsjRyIB%2B5TjQQGhQ%2FHkMO%2FE0BxQvDfCHRc9FlQGM2b2DsdV8ThZ3mh1Euj%2FcbBr7tkeynXDfbZNJ21bQ9YQ%2F1agwq0iZYwJxiieFo96Ehr0Z3A%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=14400
cf-ray
89a8bfd68dbc667f-AMS
alt-svc
h3=":443"; ma=86400
stack-interface.css
file.fan/themes/spirit/assets/frontend/css/ 		3 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://file.fan/themes/spirit/assets/frontend/css/stack-interface.css
Requested by
Host: file.fan
URL: https://file.fan/3813e1da0f904a05
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6910b6609166588208a24355d3c3666140dd0d7fcb3884b31eedb72773e44794

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://file.fan/3813e1da0f904a05
Accept-Language
nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 27 Jun 2024 22:07:20 GMT
content-encoding
gzip
cf-cache-status
REVALIDATED
last-modified
Fri, 15 Apr 2022 16:04:00 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
W/"62599770-c58"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=V9EL5zpFpUJnOOmgb60Cix2HT0BBE%2BCe6sdUED6jQscmPm5KJKo8qYSTFZm3KlIhMlLNZ2JzjyocCZ4369bD3KulkFIjUO%2B0YOF5JXxK6Db9xZjsgYlC9iecjw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=14400
cf-ray
89a8bfd68dbd667f-AMS
alt-svc
h3=":443"; ma=86400
socicon.css
file.fan/themes/spirit/assets/frontend/css/ 		10 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://file.fan/themes/spirit/assets/frontend/css/socicon.css
Requested by
Host: file.fan
URL: https://file.fan/3813e1da0f904a05
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
010e6ffb18715ededb10c4ae5a8518475c138fb63b83ec1c125d09b714ccdd8b

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://file.fan/3813e1da0f904a05
Accept-Language
nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 27 Jun 2024 22:07:20 GMT
content-encoding
gzip
cf-cache-status
REVALIDATED
last-modified
Fri, 15 Apr 2022 16:04:00 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
W/"62599770-266e"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=0JrEt2D7NMcnvny978dWa%2BVY8MNKQbJLllNRHlKq3ICbbsifpyXOIq5ZSLpPwZ5qF37eME4PORIiSY%2Fop3nlxH7ZdYiwYqPquhpIQM8q1x454Pw3l2l1zaEt0Q%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=14400
cf-ray
89a8bfd68dbe667f-AMS
alt-svc
h3=":443"; ma=86400
lightbox.min.css
file.fan/themes/spirit/assets/frontend/css/ 		4 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://file.fan/themes/spirit/assets/frontend/css/lightbox.min.css
Requested by
Host: file.fan
URL: https://file.fan/3813e1da0f904a05
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f9f33dca7f9a5a735a0a03502993e0a092df81d820beb1ed4071e4611a9630ed

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://file.fan/3813e1da0f904a05
Accept-Language
nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 27 Jun 2024 22:07:20 GMT
content-encoding
gzip
cf-cache-status
REVALIDATED
last-modified
Fri, 15 Apr 2022 16:04:00 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
W/"62599770-f31"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=N50sWvR0lVIPJmliVA5YK2afLvmab7tJdkrirgrGJCNJ8PmzPh2%2BzwOnBdbNe7DMvSMiy%2B5%2BN%2BCyE0Sea0qwUdfEMLrPcHDYwrrUyPLh94ZWzpIFru9l%2Fe1v9g%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=14400
cf-ray
89a8bfd68dbf667f-AMS
alt-svc
h3=":443"; ma=86400
flickity.css
file.fan/themes/spirit/assets/frontend/css/ 		2 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://file.fan/themes/spirit/assets/frontend/css/flickity.css
Requested by
Host: file.fan
URL: https://file.fan/3813e1da0f904a05
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ff5fe542e37297733305fb7e68a41b3269a681d64145945f2131a646044c016a

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://file.fan/3813e1da0f904a05
Accept-Language
nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 27 Jun 2024 22:07:20 GMT
content-encoding
gzip
cf-cache-status
REVALIDATED
last-modified
Fri, 15 Apr 2022 16:04:00 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
W/"62599770-9d9"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=yFwKUkuHe0%2B4wKpPPmScNpHGKykPUO%2FoZI%2BbPPWMGCvXn1eNk0%2BiJ8c03rHH5W5ClCgChG%2F6ptYZXkkNGJvXYU%2BdJ68Vs2fC96%2F5f9EhEhRoMHjE0uM%2FmW8ADw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=14400
cf-ray
89a8bfd68dc0667f-AMS
alt-svc
h3=":443"; ma=86400
iconsmind.css
file.fan/themes/spirit/assets/frontend/css/ 		100 KB
16 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://file.fan/themes/spirit/assets/frontend/css/iconsmind.css
Requested by
Host: file.fan
URL: https://file.fan/3813e1da0f904a05
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
fc190f724340fc20fd1d175f49c70e70f4acfdd9303ae4f68d9765a2a5958d9b

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://file.fan/3813e1da0f904a05
Accept-Language
nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 27 Jun 2024 22:07:20 GMT
content-encoding
gzip
cf-cache-status
REVALIDATED
last-modified
Fri, 15 Apr 2022 16:04:00 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
W/"62599770-19147"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=2jDx7b5abDpp9bsIkOr0PAFbxDuZvk0OGcwrvw5L2Yp5mxFTP6B1u6JQcvZG561S9aEag4bpfTyyfPcKf2Qcn0UE2GrzpO%2B3I3eV%2B0aw7dy3g3Tn0hmWdVbOqQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=14400
cf-ray
89a8bfd68dc1667f-AMS
alt-svc
h3=":443"; ma=86400
jquery.steps.css
file.fan/themes/spirit/assets/frontend/css/ 		6 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://file.fan/themes/spirit/assets/frontend/css/jquery.steps.css
Requested by
Host: file.fan
URL: https://file.fan/3813e1da0f904a05
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
709debbdebf13d8d6c85571caee6e44629142518e9336ed1aa01d6e94ab4d056

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://file.fan/3813e1da0f904a05
Accept-Language
nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 27 Jun 2024 22:07:20 GMT
content-encoding
gzip
cf-cache-status
REVALIDATED
last-modified
Fri, 15 Apr 2022 16:04:00 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
W/"62599770-1783"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=cLkytcvQGKx%2F%2F40ls7jqqdAIOj46TYPJxtUCb11%2BN0EzfTEUMfXxS5GNrXE1D7YbvLwkAJisJOQYfUZauDCxAPtKI1HtY00axJUScpCV4ujTPrY0zLcgaCOIdA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=14400
cf-ray
89a8bfd68dc2667f-AMS
alt-svc
h3=":443"; ma=86400
cookiealert.css
file.fan/themes/spirit/assets/frontend/css/ 		12 KB
9 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://file.fan/themes/spirit/assets/frontend/css/cookiealert.css
Requested by
Host: file.fan
URL: https://file.fan/3813e1da0f904a05
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
705d9fc8952ac3bf3d9300e3d9ea6753284cdd920c34be0213ec8bc862df7a28

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://file.fan/3813e1da0f904a05
Accept-Language
nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 27 Jun 2024 22:07:20 GMT
content-encoding
gzip
cf-cache-status
REVALIDATED
last-modified
Fri, 15 Apr 2022 16:04:00 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
W/"62599770-3051"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=FNDkGjaovED%2BqItqQOBjkMBrYjs7woYgb1396r%2B3Nmi%2BZoDjphIIqbnkMAQ9SixwAq4cYJieUUuLWWB9tr5eBz5w%2Bse%2BvFrlJ29lfyalj%2BPx4Py63hZOFR2BWg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=14400
cf-ray
89a8bfd68dc3667f-AMS
alt-svc
h3=":443"; ma=86400
theme.css
file.fan/themes/spirit/assets/frontend/css/ 		202 KB
30 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://file.fan/themes/spirit/assets/frontend/css/theme.css
Requested by
Host: file.fan
URL: https://file.fan/3813e1da0f904a05
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8a10549eed29cff62aa0098311b5c1c37601577a11de64f72095aacb90715c8a

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://file.fan/3813e1da0f904a05
Accept-Language
nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 27 Jun 2024 22:07:20 GMT
content-encoding
gzip
cf-cache-status
REVALIDATED
last-modified
Fri, 15 Apr 2022 16:04:00 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
W/"62599770-32678"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=kJ5zKKkq9yaUxEVPHITbXsiyhMM%2BpfT9gjmKYVt0yRMNbUtNeZDDV6UG3v5I20nbo0jWlEQRYh5fD6x5%2FL3H9xRiuxXBX8W3YTGbCwm0LeSDjyvSj03LFOYbEQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=14400
cf-ray
89a8bfd68dc4667f-AMS
alt-svc
h3=":443"; ma=86400
charcoal.css
file.fan/themes/spirit/assets/frontend/css/theme/ 		202 KB
30 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://file.fan/themes/spirit/assets/frontend/css/theme/charcoal.css
Requested by
Host: file.fan
URL: https://file.fan/3813e1da0f904a05
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
dbe98b73866341078c596a42b87af67c03a79cf591d02467842939ce0848a55d

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://file.fan/3813e1da0f904a05
Accept-Language
nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 27 Jun 2024 22:07:20 GMT
content-encoding
gzip
cf-cache-status
REVALIDATED
last-modified
Fri, 15 Apr 2022 16:04:00 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
W/"62599770-3269d"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=%2BTyK0P5V3pDBtpilANWtxNhj21mBxczDRpL%2BTtQtYr0DcF2bYENwXqDGO%2Fi%2F7KiX0%2BuCJdkDdZ6Dc9Mc62wcar8%2BjpMXTZXE2Pe47Pg0kXUOKdmE42%2F2TMXpJg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=14400
cf-ray
89a8bfd68dc5667f-AMS
alt-svc
h3=":443"; ma=86400
font-awesome.min.css
file.fan/themes/spirit/assets/frontend/css/ 		58 KB
13 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://file.fan/themes/spirit/assets/frontend/css/font-awesome.min.css
Requested by
Host: file.fan
URL: https://file.fan/3813e1da0f904a05
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c5d7f0d9e646698b20734ce6dcc2c0a8ecf6ebe27b4b7625bfcf42c4416fb7ed

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://file.fan/3813e1da0f904a05
Accept-Language
nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 27 Jun 2024 22:07:20 GMT
content-encoding
gzip
cf-cache-status
REVALIDATED
last-modified
Fri, 15 Apr 2022 16:04:00 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
W/"62599770-e6ef"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=4RD1jQgoeLJM70I3BmEm7x3JTIZeLe9TvAJR9k%2FxUYTx3VV1NQrcH0VTG5pLDk4lICnZNPuY2ofozMhvdRcf50I8c7rjvTLYkV44BlhdlLN1YYyPUxiw8BI3pw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=14400
cf-ray
89a8bfd68dc6667f-AMS
alt-svc
h3=":443"; ma=86400
custom.css
file.fan/themes/spirit/assets/frontend/css/ 		9 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://file.fan/themes/spirit/assets/frontend/css/custom.css
Requested by
Host: file.fan
URL: https://file.fan/3813e1da0f904a05
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c8dee41785c1f45859a70f3bb9a65b3cba83d866dd46ca0096d07067fec9d280

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://file.fan/3813e1da0f904a05
Accept-Language
nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 27 Jun 2024 22:07:20 GMT
content-encoding
gzip
cf-cache-status
REVALIDATED
last-modified
Fri, 15 Apr 2022 16:04:00 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
W/"62599770-22e8"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=qoumd%2BheU06PqEn%2FfOqSLb45K33qRzW%2BFTM%2FhXouV0or9%2B6ttE9UpGlowl8SoCyQtMQIV%2FULdg6H1QwGm7GgW4G0CGvs7bLUAfT6QsnVYq%2B6KgvCjktKxixRXA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=14400
cf-ray
89a8bfd68dc7667f-AMS
alt-svc
h3=":443"; ma=86400
css
fonts.googleapis.com/ 		36 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Open+Sans:200,300,400,400i,500,600,700%7CMerriweather:300,300i
Requested by
Host: file.fan
URL: https://file.fan/3813e1da0f904a05
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:802::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
1c593f4a688585b14c31e71fc64bfaa81d768984cdf182bca40ba8c524582685
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://file.fan/
Accept-Language
nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

strict-transport-security
max-age=31536000
date
Thu, 27 Jun 2024 22:07:20 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Thu, 27 Jun 2024 21:05:40 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Thu, 27 Jun 2024 22:07:20 GMT
icon
fonts.googleapis.com/ 		569 B
775 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/icon?family=Material+Icons
Requested by
Host: file.fan
URL: https://file.fan/3813e1da0f904a05
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:802::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
36b2057eb5eef261a2cbb8c149dcf3a11edaa15ccd8e3d462eb34999f5ff8f2a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://file.fan/
Accept-Language
nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

strict-transport-security
max-age=31536000
date
Thu, 27 Jun 2024 22:07:20 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Thu, 27 Jun 2024 22:07:20 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Thu, 27 Jun 2024 22:07:20 GMT
logo_inverse.png
file.fan/cache/themes/spirit/ 		6 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://file.fan/cache/themes/spirit/logo_inverse.png
Requested by
Host: file.fan
URL: https://file.fan/3813e1da0f904a05
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2076937d31897f7b8554840f8dde3661e3fb526155f8f2f0fb1ce3dfcc284d05

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://file.fan/3813e1da0f904a05
Accept-Language
nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 27 Jun 2024 22:07:20 GMT
cf-cache-status
REVALIDATED
last-modified
Tue, 13 Feb 2024 19:33:11 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
"65cbc3f7-1682"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=ZGJ54rq8Nw9PTDFFdQkfLAT3qOOvqq%2FIhf9leDtBrziaI63FvMWB0L8mQzGY7HW8CxbxsG%2F9Pa7re6am6B7uoMdRRY8X%2FDe7Y6ayRZGLQWlzWb2Q5oCAVZAFGA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
89a8bfd68dc8667f-AMS
alt-svc
h3=":443"; ma=86400
content-length
5762
logo.png
file.fan/cache/themes/spirit/ 		6 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://file.fan/cache/themes/spirit/logo.png
Requested by
Host: file.fan
URL: https://file.fan/3813e1da0f904a05
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2076937d31897f7b8554840f8dde3661e3fb526155f8f2f0fb1ce3dfcc284d05

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://file.fan/3813e1da0f904a05
Accept-Language
nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 27 Jun 2024 22:07:20 GMT
cf-cache-status
REVALIDATED
last-modified
Tue, 13 Feb 2024 19:33:11 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
"65cbc3f7-1682"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=C7iytvNn36kQMuzQPWCHjG47cq5URhWxNGvOe6W%2BuOdaLVxMpGTXSW%2BeXAMsv%2FPfrhpCsNDa3T1fB%2BtlAxgoIeQx%2B29seq3xtJVr2qFybcQ82Dsn2w%2BUkl0m8Q%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
89a8bfd68dc9667f-AMS
alt-svc
h3=":443"; ma=86400
content-length
5762
fecd0f4417f9b4fdabf946c710b0dfde.js
pl22904797.profitablegatecpm.com/fe/cd/0f/ 		0
0 		Script
General
Check archive.org
Download Go to
Full URL
https://pl22904797.profitablegatecpm.com/fe/cd/0f/fecd0f4417f9b4fdabf946c710b0dfde.js
Requested by
Host: file.fan
URL: https://file.fan/3813e1da0f904a05
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
172.240.127.234 , United States, ASN7979 (SERVERS-COM, US),
Reverse DNS
Software
nginx/1.21.6 /
Resource Hash

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://file.fan/
Accept-Language
nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Date
Thu, 27 Jun 2024 22:07:21 GMT
Server
nginx/1.21.6
Accept-CH
Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-PlatformUser-Agent,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
P3P
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin
*
Content-Type
application/javascript
Connection
keep-alive
Content-Length
0
5f1a5877141acfa140e676635a29c8de.js
pl22905469.profitablegatecpm.com/5f/1a/58/ 		0
0 		Script
General
Check archive.org
Download Go to
Full URL
https://pl22905469.profitablegatecpm.com/5f/1a/58/5f1a5877141acfa140e676635a29c8de.js
Requested by
Host: file.fan
URL: https://file.fan/3813e1da0f904a05
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
172.240.108.68 , United States, ASN7979 (SERVERS-COM, US),
Reverse DNS
Software
nginx/1.21.6 /
Resource Hash

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://file.fan/
Accept-Language
nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Date
Thu, 27 Jun 2024 22:07:21 GMT
Server
nginx/1.21.6
Accept-CH
Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-PlatformUser-Agent,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
P3P
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin
*
Content-Type
application/javascript
Connection
keep-alive
Content-Length
0
tag.min.js
alwingulla.com/88/ 		80 KB
26 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://alwingulla.com/88/tag.min.js
Requested by
Host: file.fan
URL: https://file.fan/3813e1da0f904a05
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
28f6cd9f984a78d6a8e072d240a28c50e2468ec500fd1935b90754d99493dd44

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://file.fan/
Accept-Language
nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 27 Jun 2024 22:07:20 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
12986
alt-svc
h3=":443"; ma=86400
x-trace-id
8a0995f9a8e5fb2a9712af86d74a2a4a
pragma
no-cache
last-modified
Thu, 27 Jun 2024 16:48:21 GMT
accept-ch
Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model
server
cloudflare
access-control-max-age
86400
access-control-allow-methods
GET, POST, OPTIONS
content-type
text/javascript; charset=utf-8
access-control-allow-origin
*
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=0JEXLYGJE2bKsNVhEsRAGtYwAH5%2BIXpTRyx6enrfzVK%2FSZMAwjs4%2F0jD3KqGtuOA52pSq5pn54Vf54UuXH2Tvh%2B6vgdTYER%2FJ0ua3u%2FfxjK%2FRPivmhS5aXZnxFxJv8xCeA%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control
max-age=86400
access-control-allow-credentials
true
vary
Accept-Encoding
timing-allow-origin
*
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding, baggage, sentry-trace, favicon
cf-ray
89a8bfd958be0e48-AMS
expires
Fri, 28 Jun 2024 18:30:54 GMT
jquery-3.1.1.min.js
file.fan/themes/spirit/assets/frontend/js/ 		85 KB
31 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://file.fan/themes/spirit/assets/frontend/js/jquery-3.1.1.min.js
Requested by
Host: file.fan
URL: https://file.fan/3813e1da0f904a05
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1cf30e59d21d4ae560af7143f5913efcc8222bcaa4fcc7508eb802b5faa9e94e

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://file.fan/3813e1da0f904a05
Accept-Language
nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 27 Jun 2024 22:07:20 GMT
content-encoding
br
cf-cache-status
REVALIDATED
last-modified
Fri, 15 Apr 2022 16:04:00 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
W/"62599770-152b9"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=NEA%2B4Fz8ShjhJeCZYEaAzwRBKoyiJVsVpDuAwNhfICSew%2F3%2FNQKwb4lxpWfXjbIfOIAYDsgZiPaQpmttAPru9Af6mKmf3O5%2F7YnddjMyT7A%2BfMumUX6If6nEMA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=14400
cf-ray
89a8bfd8ef50667f-AMS
alt-svc
h3=":443"; ma=86400
jquery.dataTables.min.js
file.fan/themes/spirit/assets/frontend/js/ 		68 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://file.fan/themes/spirit/assets/frontend/js/jquery.dataTables.min.js
Requested by
Host: file.fan
URL: https://file.fan/3813e1da0f904a05
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8ef749c3869991924150dc932c48cd57bf69ac25a378bb2e14f8e1733c17406f

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://file.fan/3813e1da0f904a05
Accept-Language
nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 27 Jun 2024 22:07:20 GMT
content-encoding
br
cf-cache-status
REVALIDATED
last-modified
Fri, 15 Apr 2022 16:04:00 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
W/"62599770-1107a"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=aj%2BC%2BllFu7%2FY9rHWMIiIO%2FEeiXUykfygCwU7lNqD4PMQ0ckPSXrZvNSxRbQtPXwxrwlhXW1sQDxWRL5hdpFN%2FvjDs%2F7qI5yFo8BTQpS8MPdMvAr5CNjFJ6ma%2Bg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=14400
cf-ray
89a8bfd8ef53667f-AMS
alt-svc
h3=":443"; ma=86400
flickity.min.js
file.fan/themes/spirit/assets/frontend/js/ 		53 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://file.fan/themes/spirit/assets/frontend/js/flickity.min.js
Requested by
Host: file.fan
URL: https://file.fan/3813e1da0f904a05
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c0b706b9b1ca12b631496228a0eb0fe15ccb14f21ab554f6c4b4f20474e4d3a6

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://file.fan/3813e1da0f904a05
Accept-Language
nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 27 Jun 2024 22:07:20 GMT
content-encoding
br
cf-cache-status
REVALIDATED
last-modified
Fri, 15 Apr 2022 16:04:00 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
W/"62599770-d271"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=5Kde0Ww1unozarBZDtIUU0XbsRGa%2ByOogC2mkx3GHEY18Vgg6kLo0wnbjthcWAQvyGcTsc9S13canF%2Bu0HFQ8ANDhVeIzTkXuStVFG%2Bo38YXpX39JyI2IinbAw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=14400
cf-ray
89a8bfd8ef55667f-AMS
alt-svc
h3=":443"; ma=86400
typed.min.js
file.fan/themes/spirit/assets/frontend/js/ 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://file.fan/themes/spirit/assets/frontend/js/typed.min.js
Requested by
Host: file.fan
URL: https://file.fan/3813e1da0f904a05
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
914df93a9770d8a0e132b6ce3e8f1cfba0e0fae8f3b9002a3f0eb47c3d0cc97b

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://file.fan/3813e1da0f904a05
Accept-Language
nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 27 Jun 2024 22:07:20 GMT
content-encoding
br
cf-cache-status
REVALIDATED
last-modified
Fri, 15 Apr 2022 16:04:00 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
W/"62599770-f6d"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Roq7HSlyWqp2bSqMUtzOdV%2Fn1p%2BnJ6OXPBglOgjWVjfaKtpx510p4mf6REds54HKMU7OvbVnx9Nyrg23TaDLsUJpN9SkMm7Rk2GtRt7wYQrJQ4%2FMmmwJu9RyXw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=14400
cf-ray
89a8bfd8ef59667f-AMS
alt-svc
h3=":443"; ma=86400
datepicker.js
file.fan/themes/spirit/assets/frontend/js/ 		20 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://file.fan/themes/spirit/assets/frontend/js/datepicker.js
Requested by
Host: file.fan
URL: https://file.fan/3813e1da0f904a05
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
804e3c2608de23694fa71684178e2f9815115d56ee022ec770e1fcb208847acc

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://file.fan/3813e1da0f904a05
Accept-Language
nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 27 Jun 2024 22:07:20 GMT
content-encoding
br
cf-cache-status
REVALIDATED
last-modified
Fri, 15 Apr 2022 16:04:00 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
W/"62599770-51ef"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=V%2FrN%2FUTomahuz0cSDQrhKoD%2BRoLGt6%2B670ci3W1RCLfIpgWUJHAvNe2NYDUpYiHkuXobI2X6ur44wmzGPz9iqV8whVsYgMYh86cDXsZQSPvn5w%2Bo%2F99BpL%2Bcxw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=14400
cf-ray
89a8bfd8ef5b667f-AMS
alt-svc
h3=":443"; ma=86400
granim.min.js
file.fan/themes/spirit/assets/frontend/js/ 		10 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://file.fan/themes/spirit/assets/frontend/js/granim.min.js
Requested by
Host: file.fan
URL: https://file.fan/3813e1da0f904a05
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e70b27194b8793b68cccee28a6d8a1e39aae2ce5d28d5e71ac204d7a3ac164e3

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://file.fan/3813e1da0f904a05
Accept-Language
nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 27 Jun 2024 22:07:20 GMT
content-encoding
br
cf-cache-status
REVALIDATED
last-modified
Fri, 15 Apr 2022 16:04:00 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
W/"62599770-298b"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=ZfF6nEuVibb5kfEh3nPX%2FN06Iy49KAzozuVqa1GStG%2FyPgsWbIvzsCIFm0dzPeSIgjSG694VQj9e9o182jkm7oruMwCJEr7OpnnhTKeY7E%2BnrAIShXOkKitrbQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=14400
cf-ray
89a8bfd8ef5d667f-AMS
alt-svc
h3=":443"; ma=86400
jquery.steps.min.js
file.fan/themes/spirit/assets/frontend/js/ 		14 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://file.fan/themes/spirit/assets/frontend/js/jquery.steps.min.js
Requested by
Host: file.fan
URL: https://file.fan/3813e1da0f904a05
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
95a14a4473ff130eb29f3cc02e135978505655e3c931b6c3726dedd4f558f843

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://file.fan/3813e1da0f904a05
Accept-Language
nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 27 Jun 2024 22:07:20 GMT
content-encoding
br
cf-cache-status
REVALIDATED
last-modified
Fri, 15 Apr 2022 16:04:00 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
W/"62599770-3626"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=FAI0IyspdBlYqkV%2FZHq6zatNznFVeL6ZaEudgPxZzXJWN3%2F0HbBSGPXDQ5u%2FrHxazCAcpVTGH9b9%2B844f60o%2B5rAwqBUvER1D%2BAqt2GUAZ7w0k6nuHaf%2BL8ZNg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=14400
cf-ray
89a8bfd8ef5f667f-AMS
alt-svc
h3=":443"; ma=86400
countdown.min.js
file.fan/themes/spirit/assets/frontend/js/ 		5 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://file.fan/themes/spirit/assets/frontend/js/countdown.min.js
Requested by
Host: file.fan
URL: https://file.fan/3813e1da0f904a05
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8f195573d6fa06641814b476fea2b92579c983cac46d683f356238207692c9f5

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://file.fan/3813e1da0f904a05
Accept-Language
nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 27 Jun 2024 22:07:20 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Fri, 15 Apr 2022 16:04:00 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
7194
etag
W/"62599770-14f0"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=wJgy2fHhJE2rZwSYiMrldmjHBOQzEBZclQ7g%2BlhF9D5kpNLI%2F22hKxz2o5AykFMO2LpNOG15Z5S8oy5bJ8OAnUTkJU8uVwSHFalhUlHG%2B0BbdssehCyzrWEQmw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=14400
cf-ray
89a8bfd8ef61667f-AMS
alt-svc
h3=":443"; ma=86400
smooth-scroll.min.js
file.fan/themes/spirit/assets/frontend/js/ 		6 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://file.fan/themes/spirit/assets/frontend/js/smooth-scroll.min.js
Requested by
Host: file.fan
URL: https://file.fan/3813e1da0f904a05
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
aeda362b1d693480453b895cbcf8b92629f58240c42ba8c643f0d5d338baf805

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://file.fan/3813e1da0f904a05
Accept-Language
nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 27 Jun 2024 22:07:20 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Fri, 15 Apr 2022 16:04:00 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
7194
etag
W/"62599770-178c"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=RaFK3AUQnumrYn4UDC7IuOB9VqeKD0BmJY2MchkbTyIxd%2FhtwkGw%2FsuDn%2FTVrg8dELlLZzblyxD%2FJUjeC06u%2F8K8VB18REAqOduKgUYoB3YUqttwzosKmVpq7w%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=14400
cf-ray
89a8bfd8ef64667f-AMS
alt-svc
h3=":443"; ma=86400
scripts.js
file.fan/themes/spirit/assets/frontend/js/ 		112 KB
24 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://file.fan/themes/spirit/assets/frontend/js/scripts.js
Requested by
Host: file.fan
URL: https://file.fan/3813e1da0f904a05
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ac331833ebf1c06b0f8565caaeb4760c2184bd89d1cb5574c3947a8d0b6dca1c

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://file.fan/3813e1da0f904a05
Accept-Language
nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 27 Jun 2024 22:07:20 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Fri, 15 Apr 2022 16:04:00 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
7194
etag
W/"62599770-1c0ae"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=eLj6cqRPVFNQp3wx1nV%2FK4jtd5Li1eLlMby19ontgg1d1sj1eofmLvbRnrkCUNnIpJsvjRNwP%2Fqy8sxZXr4jWIeAxcpWHXY6lcbcU5gWva%2BNQPgIeiv%2BsVhkgQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=14400
cf-ray
89a8bfd8ef65667f-AMS
alt-svc
h3=":443"; ma=86400
cookiealert.js
file.fan/themes/spirit/assets/frontend/js/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://file.fan/themes/spirit/assets/frontend/js/cookiealert.js
Requested by
Host: file.fan
URL: https://file.fan/3813e1da0f904a05
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5c6237178e88ab7f1c6e26c9e99547e58782450b8f2a182129448ff4d99e89ab

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://file.fan/3813e1da0f904a05
Accept-Language
nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 27 Jun 2024 22:07:20 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Fri, 15 Apr 2022 16:04:00 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
7194
etag
W/"62599770-72c"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=OwwO1fmCM59HRxTSdoB0NbzxgeGsDLMDrYHpEutV16WSNK6a2zpjqGKTRpk79Dj9elY0xkd3MUHW%2F4r9h1U00ZklV9U8rGVkVIvo7Yq8s%2BA0nrSRmS2aJQz6Xg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=14400
cf-ray
89a8bfd8ef68667f-AMS
alt-svc
h3=":443"; ma=86400
invoke.js
www.topcreativeformat.com/a5b515ab9d0858679d98fe8c9af33ac8/ 		0
0 		Script
General
Check archive.org
Download Go to
Full URL
https://www.topcreativeformat.com/a5b515ab9d0858679d98fe8c9af33ac8/invoke.js
Requested by
Host: file.fan
URL: https://file.fan/3813e1da0f904a05
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
192.243.59.12 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.19.5 /
Resource Hash

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://file.fan/
Accept-Language
nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Intervention
<https://www.chromestatus.com/feature/5718547946799104>; level="warning"
sec-ch-ua-platform
"Win32"

Response headers

Date
Thu, 27 Jun 2024 22:07:20 GMT
Server
nginx/1.19.5
Accept-CH
Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-PlatformUser-Agent,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
P3P
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin
*
Content-Type
application/javascript
Connection
keep-alive
Content-Length
0
memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
fonts.gstatic.com/s/opensans/v40/ 		47 KB
48 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/opensans/v40/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans:200,300,400,400i,500,600,700%7CMerriweather:300,300i
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
3c4d6a1421c7ddb7e404521fe8c4cd5be5af446d7689cd880be26612eaad3cfa
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://fonts.googleapis.com/
Origin
https://file.fan
Accept-Language
nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 27 Jun 2024 09:37:33 GMT
x-content-type-options
nosniff
age
44987
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
48236
x-xss-protection
0
last-modified
Thu, 14 Dec 2023 02:08:40 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 27 Jun 2025 09:37:33 GMT
invoke.js
www.topcreativeformat.com/a5b515ab9d0858679d98fe8c9af33ac8/ 		0
0 		Script
General
Check archive.org
Download Go to
Full URL
https://www.topcreativeformat.com/a5b515ab9d0858679d98fe8c9af33ac8/invoke.js
Requested by
Host: file.fan
URL: https://file.fan/3813e1da0f904a05
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
192.243.59.12 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.19.5 /
Resource Hash

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://file.fan/
Accept-Language
nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Intervention
<https://www.chromestatus.com/feature/5718547946799104>; level="warning"
sec-ch-ua-platform
"Win32"

Response headers

Date
Thu, 27 Jun 2024 22:07:20 GMT
Server
nginx/1.19.5
Accept-CH
Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-PlatformUser-Agent,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
P3P
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin
*
Content-Type
application/javascript
Connection
keep-alive
Content-Length
0
fa-solid-900.woff2
file.fan/themes/spirit/assets/frontend/fonts/font-awesome/ 		78 KB
79 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://file.fan/themes/spirit/assets/frontend/fonts/font-awesome/fa-solid-900.woff2
Requested by
Host: file.fan
URL: https://file.fan/themes/spirit/assets/frontend/css/font-awesome.min.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
cfe3b7382e477059da11be2099914b94f0e2a4f08240c60542c376957b8d9658

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://file.fan/themes/spirit/assets/frontend/css/font-awesome.min.css
Origin
https://file.fan
Accept-Language
nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 27 Jun 2024 22:07:21 GMT
cf-cache-status
REVALIDATED
last-modified
Fri, 15 Apr 2022 16:04:00 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
"62599770-13914"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=%2Fptpl4AiuWXkDowew9N026EIAIOSYo4fgGDHKPb7XMSqxlmjNOYKOiedIR7YR4S8eVnt%2Fwi%2BK5Qk3XNKOEqTwLg6QCUfat2lpx7RNlKBglAAe8tLf2CAp1URVg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
font/woff2
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
89a8bfdb48f0667f-AMS
alt-svc
h3=":443"; ma=86400
content-length
80148
stack-interface.woff2
file.fan/themes/spirit/assets/frontend/fonts/ 		4 KB
5 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://file.fan/themes/spirit/assets/frontend/fonts/stack-interface.woff2?33839631
Requested by
Host: file.fan
URL: https://file.fan/themes/spirit/assets/frontend/css/stack-interface.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
31205df908aed9881f6d2d3ae7d38975252bf99e38268978b4236dc3c314754b

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://file.fan/themes/spirit/assets/frontend/css/stack-interface.css
Origin
https://file.fan
Accept-Language
nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 27 Jun 2024 22:07:22 GMT
cf-cache-status
REVALIDATED
last-modified
Fri, 15 Apr 2022 16:04:00 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
"62599770-10c4"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=htAtyoDMCYg1mZJzoX1qxMAq4FIfquT0PimcUK8QmySgYi%2BhYXbRPQTvGpXTu9bnCmHXfFJ8utuO1L8TffUdAnr5PgvxjD7TTds4wQZPHnifOGXVcUJBmyAb6Q%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
font/woff2
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
89a8bfe11da3667f-AMS
alt-svc
h3=":443"; ma=86400
content-length
4292
memQYaGs126MiZpBA-UFUIcVXSCEkx2cmqvXlWq8tWZ0Pw86hd0Rk8ZkWVAewA.woff2
fonts.gstatic.com/s/opensans/v40/ 		19 KB
19 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/opensans/v40/memQYaGs126MiZpBA-UFUIcVXSCEkx2cmqvXlWq8tWZ0Pw86hd0Rk8ZkWVAewA.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans:200,300,400,400i,500,600,700%7CMerriweather:300,300i
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
b4855cc8ec721cbaf27f3c907345e101b1524858221c14faa79df34cb2f84991
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://fonts.googleapis.com/
Origin
https://file.fan
Accept-Language
nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 27 Jun 2024 21:12:51 GMT
x-content-type-options
nosniff
age
3270
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
19280
x-xss-protection
0
last-modified
Thu, 14 Dec 2023 02:02:23 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 27 Jun 2025 21:12:51 GMT
54279
veepteero.com/88/ 		3 KB
2 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://veepteero.com/88/54279
Requested by
Host: alwingulla.com
URL: https://alwingulla.com/88/tag.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
139.45.197.242 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software
nginx /
Resource Hash
50954e9a93d9b9e97ead0e8905024d4116f0f15f7b468bdaf0091be744e513cc

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://file.fan/
Accept-Language
nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

pragma
no-cache, no-cache
date
Thu, 27 Jun 2024 22:07:22 GMT
content-encoding
gzip
accept-ch
Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model
server
nginx
access-control-max-age
86400
access-control-allow-methods
GET, POST, OPTIONS
content-type
application/json
access-control-allow-origin
https://file.fan
cache-control
no-transform, no-store, no-cache, must-revalidate, max-age=0, no-store, no-cache, must-revalidate, max-age=0
access-control-allow-credentials
true
timing-allow-origin
*
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding, baggage, sentry-trace, favicon
expires
Tue, 11 Jan 1994 10:00:00 GMT, Mon, 26 Jul 1997 05:00:00 GMT
truncated
/ 		8 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
fe965e0f2d11ae258b9c98c819a32e06af3d19dd8cec9b830780f19ac01ade95

Request headers

Accept-Language
nl-NL,nl;q=0.9;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Content-Type
image/png
favicon.ico
file.fan/themes/spirit/assets/frontend/img/favicon/ 		15 KB
2 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://file.fan/themes/spirit/assets/frontend/img/favicon/favicon.ico
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ee57951709489c769b5ffe52c3bca5264caa967c841fda185e572f668e475ceb

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://file.fan/3813e1da0f904a05
Accept-Language
nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 27 Jun 2024 22:07:22 GMT
content-encoding
br
cf-cache-status
REVALIDATED
last-modified
Fri, 15 Apr 2022 16:04:00 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
W/"62599770-3c2e"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=hiyBPFmBnUGPS%2FnLVJyMw2LNrRFiV8xrcdLNjQ2hE%2F%2FWObrCAnuCyxwENoXiO5ZYGNAODnwwBqjon4PNqIDqsTTC5xwHKojkqrSgdlesgK50FniO8VCC8r1FkQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/x-icon
cache-control
max-age=14400
cf-ray
89a8bfe36f8d667f-AMS
alt-svc
h3=":443"; ma=86400
gid.js
my.rtmark.net/ 		65 B
539 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://my.rtmark.net/gid.js?userId=0080881afa4b456efc8dfc1e07cd4a5a
Requested by
Host: alwingulla.com
URL: https://alwingulla.com/88/tag.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
139.45.195.8 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software
nginx /
Resource Hash
a1e6cb080b1d6777fd6ad5ca5882eb0e1948dae1f3674a9c3e217dd7a6427e45
Security Headers
Name Value
Strict-Transport-Security max-age=1
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://file.fan/
Accept-Language
nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 27 Jun 2024 22:07:22 GMT
strict-transport-security
max-age=1
x-content-type-options
nosniff
server
nginx
access-control-allow-methods
POST, GET, OPTIONS, PUT, DELETE
content-type
application/json; charset=utf-8
access-control-allow-origin
https://file.fan
access-control-expose-headers
Authorization
access-control-allow-credentials
true
timing-allow-origin
*, *
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding, Authorization,X-CSRF-Token
content-length
65
tag.min.js
moonoafy.net/pfe/current/ 		14 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://moonoafy.net/pfe/current/tag.min.js?z=7276363
Requested by
Host: alwingulla.com
URL: https://alwingulla.com/88/tag.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
139.45.197.250 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software
nginx /
Resource Hash
315f1099a6bd5fe242173f80275a644d3c523f3833e0fc12645c65621bf33e69

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://file.fan/
Accept-Language
nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

pragma
no-cache
date
Thu, 27 Jun 2024 22:07:22 GMT
content-encoding
gzip
last-modified
Thu, 27 Jun 2024 15:26:00 GMT
server
nginx
etag
W/"667d8488-39e3"
content-type
application/javascript
cache-control
no-cache
access-control-allow-credentials
true
7276362
shoordaird.com/401/ 		87 KB
34 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://shoordaird.com/401/7276362
Requested by
Host: alwingulla.com
URL: https://alwingulla.com/88/tag.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
139.45.197.244 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software
nginx /
Resource Hash
1e74353ed9b68a06d2b3764001b97c47acd16333b5c3640b8ed75402d75307a9
Security Headers
Name Value
Strict-Transport-Security max-age=1
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://file.fan/
Accept-Language
nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 27 Jun 2024 22:07:22 GMT
strict-transport-security
max-age=1
x-content-type-options
nosniff
content-encoding
gzip
x-trace-id
1cde985ce62f30f5ac19eeffd2fe62ae
pragma
no-cache
server
nginx
accept-ch
Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model
vary
Origin
content-type
application/javascript
access-control-allow-origin
*
access-control-expose-headers
Link
cache-control
no-cache, no-store, no-transform, must-revalidate, private, max-age=0
access-control-allow-credentials
true
timing-allow-origin
*, *
expires
Tue, 11 Jan 1994 10:00:00 GMT
7276360
soathoth.com/400/ 		80 KB
31 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://soathoth.com/400/7276360
Requested by
Host: alwingulla.com
URL: https://alwingulla.com/88/tag.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
139.45.197.242 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software
nginx /
Resource Hash
8bc6ab8f039dcfa60f666f7be9fdbb2fce95af5573272be8a44f57702e4a8987
Security Headers
Name Value
Strict-Transport-Security max-age=1
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://file.fan/
Accept-Language
nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 27 Jun 2024 22:07:22 GMT
strict-transport-security
max-age=1
x-content-type-options
nosniff
content-encoding
gzip
x-trace-id
9280a3cf711da0d6717e9dce9cfd841d
pragma
no-cache
server
nginx
accept-ch
Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model
vary
Origin
content-type
application/javascript
access-control-allow-origin
*
access-control-expose-headers
Link
cache-control
no-cache, no-store, no-transform, must-revalidate, private, max-age=0
access-control-allow-credentials
true
timing-allow-origin
*, *
expires
Tue, 11 Jan 1994 10:00:00 GMT
1
kukidsaidree.com/ 		42 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://kukidsaidree.com/1?z=7276361
Requested by
Host: alwingulla.com
URL: https://alwingulla.com/88/tag.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
139.45.197.242 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software
nginx /
Resource Hash
90c34a3c0036c2c9dad40963f29a76e53a54d2fb6010a54f4a797699d7674b0b

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://file.fan/
Accept-Language
nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-trace-id
ea058a5aaca60d9bb08842baa305d91b
pragma
no-cache
date
Thu, 27 Jun 2024 22:07:22 GMT
content-encoding
gzip
x-sc
8354tbXTONCQfZw3iDKv5rmOv5tZb88Lvad7RTMUL8HfcMqO6tTybnhSxq61Hr_nZsxlBCjjVMmRttgY_NNrp-6eQlA=
server
nginx
access-control-allow-methods
POST, GET, OPTIONS, PUT, DELETE
content-type
text/javascript
access-control-allow-origin
access-control-expose-headers
X-Sc
cache-control
no-store, no-cache, must-revalidate, max-age=0
access-control-allow-credentials
true
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding, X-Sc, CVERSION, VERSION, X-Ancestor-Origins, X-Zone-ID, baggage, sentry-trace
expires
Mon, 26 Jul 1997 05:00:00 GMT
universal.min.js
moonoafy.net/3bT/27mJf/ 		89 KB
34 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://moonoafy.net/3bT/27mJf/universal.min.js?v=3.1.528
Requested by
Host: moonoafy.net
URL: https://moonoafy.net/pfe/current/tag.min.js?z=7276363
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
139.45.197.250 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software
nginx /
Resource Hash
37d1086e46f6a3da9353808d9c4deeb276433aaea3f6c5fad20958f8ec9d3c8b

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://file.fan/
Accept-Language
nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

pragma
no-cache
date
Thu, 27 Jun 2024 22:07:22 GMT
content-encoding
gzip
last-modified
Thu, 27 Jun 2024 15:26:00 GMT
server
nginx
etag
W/"667d8488-165f4"
content-type
application/javascript
access-control-allow-origin
https://file.fan
cache-control
no-cache
access-control-allow-credentials
true
zone
moonoafy.net/ 		878 B
1 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://moonoafy.net/zone?pub=0&zone_id=7276363&is_mobile=false&domain=file.fan&var=&ymid=&var_3=&tg=0&sw=3.1.528&drf=&ch=eyJhcmNoaXRlY3R1cmUiOiJ4ODYiLCJiaXRuZXNzIjoiNjQiLCJicmFuZHMiOlt7ImJyYW5kIjoiR29vZ2xlIENocm9tZSIsInZlcnNpb24iOiIxMjYifSx7ImJyYW5kIjoiTm90OkEtQnJhbmQiLCJ2ZXJzaW9uIjoiOCJ9LHsiYnJhbmQiOiJDaHJvbWl1bSIsInZlcnNpb24iOiIxMjYifV0sImZ1bGxWZXJzaW9uTGlzdCI6W3siYnJhbmQiOiJOb3QvQSlCcmFuZCIsInZlcnNpb24iOiI4LjAuMC4wIn0seyJicmFuZCI6IkNocm9taXVtIiwidmVyc2lvbiI6IjEyNi4wLjY0NzguMTI2In0seyJicmFuZCI6Ikdvb2dsZSBDaHJvbWUiLCJ2ZXJzaW9uIjoiMTI2LjAuNjQ3OC4xMjYifV0sIm1vYmlsZSI6ZmFsc2UsIm1vZGVsIjoiIiwicGxhdGZvcm0iOiJXaW4zMiIsInBsYXRmb3JtVmVyc2lvbiI6IjEwLjAuMCIsIndvdzY0IjpmYWxzZX0=
Requested by
Host: moonoafy.net
URL: https://moonoafy.net/pfe/current/tag.min.js?z=7276363
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
139.45.197.250 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software
nginx /
Resource Hash
6d6a458d39eb05b4602aa62a6660bdeddcfdbe3a9012fdcf8278227604953871
Security Headers
Name Value
Strict-Transport-Security max-age=1
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://file.fan/
Accept-Language
nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 27 Jun 2024 22:07:22 GMT
strict-transport-security
max-age=1
x-content-type-options
nosniff
server
nginx
accept-ch
Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model
content-type
application/json; charset=utf-8
access-control-allow-origin
https://file.fan
access-control-allow-credentials
true
access-control-allow-headers
Origin, X-Requested-With, X-Oaid, Content-Type, Accept
content-length
878
/
veepteero.com/ 		2 KB
3 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://veepteero.com/?rb=NNjqyTad93hgLrMxV8p1J5yc22OkUU_8zfxsNfmejt5-Ex_m0yrx8R9Sr-MZ13KyLe6a9eIdL0H3QpilZ8zQ2nLLL26N8RQutKSScIiVpQp3eChEmFeVAB21iw-ZRreLIsnKHTrPrtWQeN5kM-1avdtTz_KG8QCVyQAmv5gBH1Bwbxlv13b7wXxnbAls58zU18nxwexru2qLMFmBYHhmN-Ej0I5iPxR6WtRpj_RUCEq5xewcxQ54Bo_5O1OXcR0CT55c1TBWOnnCad1OwCu9ww1Bt-bmOFwErS1UfBE6r4r-sAERESExLgbVCjwjcK8y&request_ab2=0&zoneid=7276359&js_build=iclick-v1.829.9-auto&jsp=1&fs=0&cf=0&sw=1600&sh=1200&wih=1200&wiw=1600&ww=1600&wh=1200&sah=1200&wx=110&wy=110&cw=1600&wfc=0&pl=https%3A%2F%2Ffile.fan%2F3813e1da0f904a05&drf=&np=1&pt=0&nb=1&ng=1&ix=0&nw=1&tb=false&btz=Europe%2FAmsterdam&bto=-120&wgl=Intel%20Iris%20OpenGL%20Engine&js_build=iclick-v1.829.9-auto&navlng=nl-NL&pnt=0&pnrc=0&bs=4ef1f385-9cfd-4210-9a0a-9eac6d31223e&wasm=1&userId=0080881afa4b456efc8dfc1e07cd4a5a&os=win32&os_version=10.0.0&is_mobile=false&browser_version=126.0.6478.126&m=link
Requested by
Host: alwingulla.com
URL: https://alwingulla.com/88/tag.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
139.45.197.242 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software
nginx /
Resource Hash
3a48192b001f55fd65a6bf490a2b81c0f53ce3c35d8ab84e40126789e6a7d8e5
Security Headers
Name Value
Strict-Transport-Security max-age=1
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://file.fan/
Accept-Language
nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 27 Jun 2024 22:07:22 GMT
strict-transport-security
max-age=1
x-content-type-options
nosniff
content-encoding
gzip
x-trace-id
6992c304069ab415c8c55fa8cc73b536
pragma
no-cache
server
nginx
accept-ch
Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model
access-control-max-age
86400
access-control-allow-methods
GET, POST, OPTIONS
content-type
application/json
access-control-allow-origin
https://file.fan
cache-control
no-transform, no-store, no-cache, must-revalidate, max-age=0
access-control-allow-credentials
true
timing-allow-origin
*, *
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding, baggage, sentry-trace, favicon
expires
Tue, 11 Jan 1994 10:00:00 GMT
7552beb94fc0bdff7bbb33cad3d1ab0a
kukidsaidree.com/27/ 		404 KB
128 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://kukidsaidree.com/27/7552beb94fc0bdff7bbb33cad3d1ab0a
Requested by
Host: kukidsaidree.com
URL: https://kukidsaidree.com/1?z=7276361
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
139.45.197.242 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software
nginx /
Resource Hash
b2ba9d8b2216d22f8f31a594bc22ee21f60e2b539474a650be1e87dea87d5ed7
Security Headers
Name Value
Strict-Transport-Security max-age=1
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://file.fan/
Accept-Language
nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-trace-id
0f9061c1b6d77060a350c384a21bafa3
date
Thu, 27 Jun 2024 22:07:22 GMT
strict-transport-security
max-age=1
x-content-type-options
nosniff
last-modified
Thu, 18 Apr 2024 06:29:14 GMT
server
nginx
content-encoding
gzip
access-control-allow-methods
POST, GET, OPTIONS, PUT, DELETE
content-type
application/javascript
access-control-allow-origin
access-control-expose-headers
X-Sc
cache-control
max-age:290304000, public
access-control-allow-credentials
true
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding, X-Sc, CVERSION, VERSION, X-Ancestor-Origins, X-Zone-ID, baggage, sentry-trace
expires
Thu, 18 May 2084 06:29:14 GMT
stattag.js
tzegilo.com/ 		16 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tzegilo.com/stattag.js
Requested by
Host: soathoth.com
URL: https://soathoth.com/400/7276360
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.193.52 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
55d9a9f3965fa8c9d7ac125fb53798ebe9a8494be560cd583ce9003aeb5b2ba9

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://file.fan/
Accept-Language
nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 27 Jun 2024 22:07:22 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Tue, 25 Jun 2024 13:48:34 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
5609
etag
W/"667acab2-404e"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=QOqMLpqTb1tOqGpu4uat8iU6aMH9ulufda3C%2BdGHfRxCfgS34QWgcZXYQoVF%2BBCYkm16sQImYzGZGaobUP%2FnFJllHsTRSF2C96511UH%2Fs%2BswEiB%2B7AVkzRNWuKL7Ug%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=14400
cf-ray
89a8bfe518fdb743-AMS
link
<https://flerap.com/>; rel=preconnect; crossorigin, <https://fleraprt.com/>; rel=preconnect; crossorigin
alt-svc
h3=":443"; ma=86400
9
kukidsaidree.com/ 		6 KB
3 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://kukidsaidree.com/9?z=7276361&ng=1&ix=0&pt=0&np=0&gp=5&bp=4&nw=1&nb=1&sw=1600&sh=1200&pl=https%3A%2F%2Ffile.fan%2F3813e1da0f904a05&wy=110&wx=110&ww=1600&wh=1200&cw=1600&wiw=1600&wih=1200&wfc=0&sah=1200&drf=&hil=1&ist=0&oaid=0080881afa4b456efc8dfc1e07cd4a5a
Requested by
Host: kukidsaidree.com
URL: https://kukidsaidree.com/27/7552beb94fc0bdff7bbb33cad3d1ab0a
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
139.45.197.242 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software
nginx /
Resource Hash
294d10eeecc3f676fcb484a6ea55dda8eda37a3ef9818c780a4fa53cb4e445a4

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-platform
"Win32"
Referer
https://file.fan/
Accept-Language
nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Content-Type
application/json

Response headers

x-trace-id
9a99471c0c5032ec94c47551baadaf1a
pragma
no-cache
date
Thu, 27 Jun 2024 22:07:22 GMT
content-encoding
gzip
server
nginx
access-control-allow-methods
POST, GET, OPTIONS, PUT, DELETE
content-type
application/json
access-control-allow-origin
https://file.fan
access-control-expose-headers
X-Sc
cache-control
no-store, no-cache, must-revalidate, max-age=0
access-control-allow-credentials
true
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding, X-Sc, CVERSION, VERSION, X-Ancestor-Origins, X-Zone-ID, baggage, sentry-trace
expires
Mon, 26 Jul 1997 05:00:00 GMT
9
kukidsaidree.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://kukidsaidree.com/9?z=7276361&ng=1&ix=0&pt=0&np=0&gp=5&bp=4&nw=1&nb=1&sw=1600&sh=1200&pl=https%3A%2F%2Ffile.fan%2F3813e1da0f904a05&wy=110&wx=110&ww=1600&wh=1200&cw=1600&wiw=1600&wih=1200&wfc=0&sah=1200&drf=&hil=1&ist=0&oaid=0080881afa4b456efc8dfc1e07cd4a5a
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
139.45.197.242 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software
nginx /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://file.fan
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding, X-Sc, CVERSION, VERSION, X-Ancestor-Origins, X-Zone-ID, baggage, sentry-trace
access-control-allow-methods
POST, GET, OPTIONS, PUT, DELETE
access-control-allow-origin
https://file.fan
cache-control
no-store, no-cache, must-revalidate, max-age=0
date
Thu, 27 Jun 2024 22:07:22 GMT
expires
Mon, 26 Jul 1997 05:00:00 GMT
pragma
no-cache
server
nginx
add
fleraprt.com/log/ 		12 B
478 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://fleraprt.com/log/add?cid=1db9169f-90f4-4b2d-b517-bc47aab19c1f&ruid=f0e42b5f-c177-4d1d-aa37-93f80dc6b19f
Requested by
Host: tzegilo.com
URL: https://tzegilo.com/stattag.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
139.45.195.254 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software
nginx/1.19.10 /
Resource Hash
fe85cceb474303eb80a5ca9a60b16d92208a8e0b38647647654b0c42447b51f7

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-platform
"Win32"
Referer
https://file.fan/
Accept-Language
nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

Date
Thu, 27 Jun 2024 22:07:22 GMT
Server
nginx/1.19.10
Access-Control-Allow-Methods
POST, GET, OPTIONS, PUT, DELETE
Content-Type
application/json; charset=utf-8
Access-Control-Allow-Origin
https://file.fan
Access-Control-Allow-Credentials
true
Connection
keep-alive
Access-Control-Allow-Headers
Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-Forwarded-For, If-None-Match
Content-Length
12
11
kukidsaidree.com/ 		0
589 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://kukidsaidree.com/11?rnd=367438249&z=7276361&b=5362695&var=&varid=0&rqtdbc=1&rcvdbc=1&btp=7&rb=yGvoWawgAb4s4gq4ggXeFaNBNTbp0jRZzNvuBrM4NXrdyciuoHYnJZyQlIVPpoQIHgcXZ7a2xgPJn4Jsd4cSUpPbmad0RvM4DPajcCYiLGvYKxm3LEQPtAEe2A89s6pSfN75e1B5UNLDreABv3tSVqHt4DrqFLL8LI5OrxdzWW_oToDpysmsUjIstfFUsbM7eTMfgKybSjLlJiSZ3f47kWUrMJ2MLEsMwgPhJGZkGgDn-_IluCp3oqvqZW6d8difqCeh_H4kpGNgg3EY6yuQdWNx3BzxJJa9t3KQLTW-Hg8OVhYUjyRH-3qoMGg=&ruid=02c3c6bc-41fb-4a6c-9970-e44cfee72f5e&ng=1&ix=0&pt=0&np=0&gp=5&bp=4&nw=1&nb=1&sw=1600&sh=1200&pl=https%3A%2F%2Ffile.fan%2F3813e1da0f904a05&wy=110&wx=110&ww=1600&wh=1200&cw=1600&wiw=1600&wih=1200&wfc=0&sah=1200&drf=&hil=1&ist=0&os=win32&os_version=10.0.0&browser_version=126.0.6478.126&ot=128
Requested by
Host: kukidsaidree.com
URL: https://kukidsaidree.com/27/7552beb94fc0bdff7bbb33cad3d1ab0a
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
139.45.197.242 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://file.fan/
Accept-Language
nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-trace-id
1a5e2e374d47e4ca83c4a7a8f6a3750e
pragma
no-cache
date
Thu, 27 Jun 2024 22:07:22 GMT
server
nginx
access-control-allow-methods
POST, GET, OPTIONS, PUT, DELETE
content-type
image/jpeg
access-control-allow-origin
https://file.fan
access-control-expose-headers
X-Sc
cache-control
no-store, no-cache, must-revalidate, max-age=0
access-control-allow-credentials
true
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding, X-Sc, CVERSION, VERSION, X-Ancestor-Origins, X-Zone-ID, baggage, sentry-trace
content-length
0
expires
Mon, 26 Jul 1997 05:00:00 GMT
7276360
soathoth.com/500/ 		0
565 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://soathoth.com/500/7276360?excludes=&oaid=0080881afa4b456efc8dfc1e07cd4a5a&fs=0&cf=0&sw=1600&sh=1200&sah=1200&wx=110&wy=110&ww=1600&wh=1200&cw=1600&wiw=1600&wih=1200&wfc=0&pl=https%3A%2F%2Ffile.fan%2F3813e1da0f904a05&drf=&np=1&pt=0&nb=1&ng=1&ix=0&nw=1&tb=false&tzofs=120&btz=Europe%2FAmsterdam&bto=-120&os=win32&os_version=10.0.0&is_mobile=false&browser_version=126.0.6478.126&js_build=8&sw_version=v1.349.1
Requested by
Host: soathoth.com
URL: https://soathoth.com/400/7276360
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
139.45.197.242 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=1
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-platform
"Win32"
Referer
https://file.fan/
Accept-Language
nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Content-Type
application/json

Response headers

x-trace-id
cfe542e21742f002b2acb23c955875fb
pragma
no-cache
date
Thu, 27 Jun 2024 22:07:22 GMT
strict-transport-security
max-age=1
x-content-type-options
nosniff
server
nginx
accept-ch
Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model
vary
Origin
access-control-allow-origin
https://file.fan
access-control-expose-headers
Link
cache-control
no-cache, no-store, no-transform, must-revalidate, private, max-age=0
access-control-allow-credentials
true
timing-allow-origin
*, *
expires
Tue, 11 Jan 1994 10:00:00 GMT
7276360
soathoth.com/500/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://soathoth.com/500/7276360?excludes=&oaid=0080881afa4b456efc8dfc1e07cd4a5a&fs=0&cf=0&sw=1600&sh=1200&sah=1200&wx=110&wy=110&ww=1600&wh=1200&cw=1600&wiw=1600&wih=1200&wfc=0&pl=https%3A%2F%2Ffile.fan%2F3813e1da0f904a05&drf=&np=1&pt=0&nb=1&ng=1&ix=0&nw=1&tb=false&tzofs=120&btz=Europe%2FAmsterdam&bto=-120&os=win32&os_version=10.0.0&is_mobile=false&browser_version=126.0.6478.126&js_build=8&sw_version=v1.349.1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
139.45.197.242 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software
nginx /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=1
X-Content-Type-Options nosniff

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
GET
Origin
https://file.fan
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

accept-ch
Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model
access-control-allow-credentials
true
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding, baggage, sentry-trace
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
https://file.fan
access-control-max-age
600
allow
GET, OPTIONS
content-length
0
date
Thu, 27 Jun 2024 22:07:22 GMT
server
nginx
strict-transport-security
max-age=1
timing-allow-origin
*
vary
Origin Access-Control-Request-Method Access-Control-Request-Headers
x-content-type-options
nosniff
/
interstitial-08.com/ Frame 240D 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://interstitial-08.com/?l=9PjAqTQETOzNIxm&cd_meta_crid=21588&trkintimp&target_url=https%3A%2F%2Fkukidsaidree.com%2F12%3Frnd%3D3423784323%26z%3D7276361%26b%3D5362695%26c%3D2755022%26var%3D%26varid%3D0%26d%3Dhttps%253A%252F%252Foovaufty.com%252F%253Fb%253D%257Bbannerid%257D%2526ba%253D1%2526campid%253D%257Bcampaignid%257D%2526did%253D%257Bdeviceid%257D%2526dm%253D0%2526ep%253D1%2526fp%253D0%2526g%253D%257Bgeo%257D%2526i18db%253D1%2526l%253DEf3r9LOIFX3llkF%2526oaid%253D%257Boaid%257D%2526pshr%253D0%2526s%253D%2524%257BSUBID%257D%2526ssk%253D%257Btimestamp_key%257D%2526svar%253D%257Btimestamp%257D%2526vi%253D1%2526vo%253D1%2526z%253D%257Bzoneid%257D%2526tr%253Ddefault%26cln%3D1%26btp%3D7%26rb%3DyGvoWawgAb4s4gq4ggXeFaNBNTbp0jRZzNvuBrM4NXrdyciuoHYnJZyQlIVPpoQIHgcXZ7a2xgPJn4Jsd4cSUpPbmad0RvM4DPajcCYiLGvYKxm3LEQPtAEe2A89s6pSfN75e1B5UNLDreABv3tSVqHt4DrqFLL8LI5OrxdzWW_oToDpysmsUjIstfFUsbM7eTMfgKybSjLlJiSZ3f47kWUrMJ2MLEsMwgPhJGZkGgDn-_IluCp3oqvqZW6d8difqCeh_H4kpGNgg3EY6yuQdWNx3BzxJJa9t3KQLTW-Hg8OVhYUjyRH-3qoMGg%3D%26bag%3DydU9kaAfa6I%3D%26ruid%3D02c3c6bc-41fb-4a6c-9970-e44cfee72f5e%26os%3Dwin32%26os_version%3D10.0.0%26browser_version%3D126.0.6478.126%26ng%3D1%26ix%3D0%26pt%3D0%26np%3D0%26gp%3D5%26bp%3D4%26nw%3D1%26nb%3D1%26sw%3D1600%26sh%3D1200%26pl%3Dhttps%253A%252F%252Ffile.fan%252F3813e1da0f904a05%26wy%3D110%26wx%3D110%26ww%3D1600%26wh%3D1200%26cw%3D1600%26wiw%3D1600%26wih%3D1200%26wfc%3D0%26sah%3D1200%26drf%3D%26hil%3D1%26ist%3D0%26os%3Dwin32%26os_version%3D10.0.0%26browser_version%3D126.0.6478.126%26tbc%3D1
Requested by
Host: kukidsaidree.com
URL: https://kukidsaidree.com/27/7552beb94fc0bdff7bbb33cad3d1ab0a
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
139.45.197.151 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software
nginx / PHP/7.4.33
Resource Hash

Request headers

Accept-Language
nl-NL,nl;q=0.9;q=0.9
Referer
https://file.fan/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-mobile
?0
sec-ch-ua-platform
"Win32"

Response headers

access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range
access-control-allow-methods
GET, POST, OPTIONS, HEAD
access-control-allow-origin
*
access-control-expose-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range
content-encoding
br
content-type
text/html; charset=UTF-8
date
Thu, 27 Jun 2024 22:07:22 GMT
server
nginx
vary
Accept-Encoding
x-powered-by
PHP/7.4.33
custom
moonoafy.net/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://moonoafy.net/custom
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
139.45.197.250 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software
nginx /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://file.fan
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization-Token,X-Oaid
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
https://file.fan
access-control-max-age
86400
content-length
0
content-type
text/plain; charset=utf-8
date
Thu, 27 Jun 2024 22:07:22 GMT
server
nginx
custom
moonoafy.net/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://moonoafy.net/custom
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
139.45.197.250 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software
nginx /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://file.fan
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization-Token,X-Oaid
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
https://file.fan
access-control-max-age
86400
content-length
0
content-type
text/plain; charset=utf-8
date
Thu, 27 Jun 2024 22:07:22 GMT
server
nginx
custom
moonoafy.net/ 		39 B
403 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://moonoafy.net/custom
Requested by
Host: file.fan
URL: https://file.fan/3813e1da0f904a05
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
139.45.197.250 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software
nginx /
Resource Hash
ff752c1c79bb2c0347c5a8b7f069fa2772047324dbbadf77d21cec4b26ee3881
Security Headers
Name Value
Strict-Transport-Security max-age=1
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-platform
"Win32"
Referer
https://file.fan/
Accept-Language
nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Content-Type
application/json

Response headers

date
Thu, 27 Jun 2024 22:07:22 GMT
strict-transport-security
max-age=1
x-content-type-options
nosniff
server
nginx
accept-ch
Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model
content-type
application/json; charset=utf-8
access-control-allow-origin
https://file.fan
access-control-allow-credentials
true
access-control-allow-headers
Origin, X-Requested-With, X-Oaid, Content-Type, Accept
content-length
39
custom
moonoafy.net/ 		39 B
403 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://moonoafy.net/custom
Requested by
Host: file.fan
URL: https://file.fan/3813e1da0f904a05
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
139.45.197.250 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software
nginx /
Resource Hash
ff752c1c79bb2c0347c5a8b7f069fa2772047324dbbadf77d21cec4b26ee3881
Security Headers
Name Value
Strict-Transport-Security max-age=1
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-platform
"Win32"
Referer
https://file.fan/
Accept-Language
nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Content-Type
application/json

Response headers

date
Thu, 27 Jun 2024 22:07:22 GMT
strict-transport-security
max-age=1
x-content-type-options
nosniff
server
nginx
accept-ch
Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model
content-type
application/json; charset=utf-8
access-control-allow-origin
https://file.fan
access-control-allow-credentials
true
access-control-allow-headers
Origin, X-Requested-With, X-Oaid, Content-Type, Accept
content-length
39
sw.js
file.fan/ 		5 KB
3 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://file.fan/sw.js
Requested by
Host: file.fan
URL: https://file.fan/3813e1da0f904a05
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
14fe481bc98aec6101675af29d1220f3ed1c9f296792583a3c150d3108b3a7ac

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://file.fan/3813e1da0f904a05
Accept-Language
nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 27 Jun 2024 22:07:22 GMT
content-encoding
br
cf-cache-status
REVALIDATED
last-modified
Wed, 27 Mar 2024 18:16:40 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
W/"66046288-1474"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=JE41usMoW72mg4SQ6P2o9u2%2BRZcBciryxZqmJ4ojCMRb%2BtoYRF%2FLMArQVkm1rxwYtrMK%2B2w7d7XrkmJYwLz8BK%2FuZVVj5jEz0t%2Bhzp%2BGPpDxTlnMOxstls37bA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=14400
cf-ray
89a8bfe6291a667f-AMS
alt-svc
h3=":443"; ma=86400
7276362
shoordaird.com/500/ 		3 KB
3 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://shoordaird.com/500/7276362?excludes=&oaid=0080881afa4b456efc8dfc1e07cd4a5a&fs=0&cf=0&sw=1600&sh=1200&sah=1200&wx=110&wy=110&ww=1600&wh=1200&cw=1600&wiw=1600&wih=1200&wfc=1&pl=https%3A%2F%2Ffile.fan%2F3813e1da0f904a05&drf=&np=1&pt=0&nb=1&ng=1&ix=0&nw=1&tb=false&tzofs=120&btz=Europe%2FAmsterdam&bto=-120&os=win32&os_version=10.0.0&is_mobile=false&browser_version=126.0.6478.126&js_build=8&sw_version=v1.349.1
Requested by
Host: shoordaird.com
URL: https://shoordaird.com/401/7276362
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
139.45.197.244 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software
nginx /
Resource Hash
f309ed3f4aa6c29a8e82811b194f31fd0976da3d50be119bdc8be49d166207f4
Security Headers
Name Value
Strict-Transport-Security max-age=1
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-platform
"Win32"
Referer
https://file.fan/
Accept-Language
nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Content-Type
application/json

Response headers

date
Thu, 27 Jun 2024 22:07:22 GMT
strict-transport-security
max-age=1
x-content-type-options
nosniff
content-encoding
gzip
x-trace-id
81063f0d738cd9506d62d6c43d2c22c3
pragma
no-cache
server
nginx
accept-ch
Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model
vary
Origin
content-type
application/javascript
access-control-allow-origin
https://file.fan
access-control-expose-headers
Link
cache-control
no-cache, no-store, no-transform, must-revalidate, private, max-age=0
access-control-allow-credentials
true
timing-allow-origin
*, *
expires
Tue, 11 Jan 1994 10:00:00 GMT
7276362
shoordaird.com/500/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://shoordaird.com/500/7276362?excludes=&oaid=0080881afa4b456efc8dfc1e07cd4a5a&fs=0&cf=0&sw=1600&sh=1200&sah=1200&wx=110&wy=110&ww=1600&wh=1200&cw=1600&wiw=1600&wih=1200&wfc=1&pl=https%3A%2F%2Ffile.fan%2F3813e1da0f904a05&drf=&np=1&pt=0&nb=1&ng=1&ix=0&nw=1&tb=false&tzofs=120&btz=Europe%2FAmsterdam&bto=-120&os=win32&os_version=10.0.0&is_mobile=false&browser_version=126.0.6478.126&js_build=8&sw_version=v1.349.1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
139.45.197.244 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software
nginx /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=1
X-Content-Type-Options nosniff

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
GET
Origin
https://file.fan
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

accept-ch
Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model
access-control-allow-credentials
true
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding, baggage, sentry-trace
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
https://file.fan
access-control-max-age
600
allow
GET, OPTIONS
content-length
0
date
Thu, 27 Jun 2024 22:07:22 GMT
server
nginx
strict-transport-security
max-age=1
timing-allow-origin
*
vary
Origin Access-Control-Request-Method Access-Control-Request-Headers
x-content-type-options
nosniff
custom
moonoafy.net/ 		39 B
403 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://moonoafy.net/custom
Requested by
Host: file.fan
URL: https://file.fan/3813e1da0f904a05
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
139.45.197.250 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software
nginx /
Resource Hash
ff752c1c79bb2c0347c5a8b7f069fa2772047324dbbadf77d21cec4b26ee3881
Security Headers
Name Value
Strict-Transport-Security max-age=1
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-platform
"Win32"
Referer
https://file.fan/
Accept-Language
nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Content-Type
application/json

Response headers

date
Thu, 27 Jun 2024 22:07:22 GMT
strict-transport-security
max-age=1
x-content-type-options
nosniff
server
nginx
accept-ch
Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model
content-type
application/json; charset=utf-8
access-control-allow-origin
https://file.fan
access-control-allow-credentials
true
access-control-allow-headers
Origin, X-Requested-With, X-Oaid, Content-Type, Accept
content-length
39
c
c.adskeeper.com/ 		43 B
266 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://c.adskeeper.com/c?pv=2&v=0|0|0|I2jxei5Wj6gXlVtLVyRTfkmOMf-Yqk_KFDJ6cg4TECqDOJMojuRR8ez7o58DNCiRpRWsIMgWcPyULdWITvZGWo35gJH1u18bfyuwk_hngQs*&cid=1605225&f=1&h2=hivDUb_g1du7or-JgaA8tMBE2jaiK1qq8RJq43zft0uw3l43Dy6wVwIccUKw8vqu&rid=z7276362zb11875684bcNLcp1ph2024062717h&psid=7276362
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.64.152.106 San Francisco, United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22
Security Headers
Name Value
Strict-Transport-Security max-age=15768000; includeSubdomains; preload
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://file.fan/
Accept-Language
nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 27 Jun 2024 22:07:22 GMT
strict-transport-security
max-age=15768000; includeSubdomains; preload
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
x-mg-request-uuid
b2a6cf21-8d77-43c2-a12f-56599435e4c2
server
cloudflare
content-type
image/gif
cf-ray
89a8bfe88f659ff8-AMS
alt-svc
h3=":443"; ma=86400
content-length
43
gid.js
my.rtmark.net/ 		65 B
538 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://my.rtmark.net/gid.js?pub=0&userId=f051ab98e94a4e119ca04cc33d7edc2c&zoneId=7276363&checkDuplicate=true&ymid=&var=&source=pusher
Requested by
Host: file.fan
URL: https://file.fan/3813e1da0f904a05
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
139.45.195.8 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software
nginx /
Resource Hash
a1e6cb080b1d6777fd6ad5ca5882eb0e1948dae1f3674a9c3e217dd7a6427e45
Security Headers
Name Value
Strict-Transport-Security max-age=1
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://file.fan/
Accept-Language
nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 27 Jun 2024 22:07:24 GMT
strict-transport-security
max-age=1
x-content-type-options
nosniff
server
nginx
access-control-allow-methods
POST, GET, OPTIONS, PUT, DELETE
content-type
application/json; charset=utf-8
access-control-allow-origin
https://file.fan
access-control-expose-headers
Authorization
access-control-allow-credentials
true
timing-allow-origin
*, *
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding, Authorization,X-CSRF-Token
content-length
65

Verdicts & Comments Add Verdict or Comment

47 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 undefined| event object| fence object| sharedStorage boolean| LOGGED_IN object| atOptions function| $ function| jQuery function| jQueryBridget function| EvEmitter function| getSize function| matchesSelector object| fizzyUIUtils function| Flickity function| Unipointer function| Unidragger function| TapListener function| imagesLoaded function| Picker function| Granim object| smoothScroll object| mr function| mrFormsCaptchaInit number| seconds boolean| started function| display function| triggerFreeDownload object| zfgstorage object| 5bxjpot6ueu object| zfgformats function| onClickTrigger boolean| zfgonclickfirst object| syncCallbacks boolean| zfgloadedpopup object| regeneratorRuntime boolean| zfgloadednative boolean| __lwkemfd9q__ object| webpushlogs object| sdk function| _retranber object| __ds3dcV__ object| _nps boolean| installOnFly number| __qwe33wweq__ boolean| zfgloadedpush boolean| zfgloadedpushopt boolean| zfgloadedpushcode

11 Cookies

Domain/Path Name / Value
file.fan/ Name: filehosting
Value: 37mjml9oshest0ootjbfsmh51t
my.rtmark.net/ Name: ID
Value: 0080881afa4b456efc8dfc1e07cd4a5a
file.fan/ Name: prefetchAd_7276359
Value: true
kukidsaidree.com/ Name: scm
Value: 1
kukidsaidree.com/ Name: oaidts
Value: 1719526042
veepteero.com/ Name: OAID
Value: 0080881afa4b456efc8dfc1e07cd4a5a
veepteero.com/ Name: oaidts
Value: 1719526042
veepteero.com/ Name: syncedCookie
Value: true
kukidsaidree.com/ Name: OAID
Value: 0080881afa4b456efc8dfc1e07cd4a5a
soathoth.com/ Name: OAID
Value: 0080881afa4b456efc8dfc1e07cd4a5a
shoordaird.com/ Name: OAID
Value: 0080881afa4b456efc8dfc1e07cd4a5a

8 Console Messages

Source Level URL
Text
javascript warning URL: https://file.fan/3813e1da0f904a05(Line 114)
Message:
A parser-blocking, cross site (i.e. different eTLD+1) script, https://www.topcreativeformat.com/a5b515ab9d0858679d98fe8c9af33ac8/invoke.js, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
javascript warning URL: https://file.fan/3813e1da0f904a05(Line 114)
Message:
A parser-blocking, cross site (i.e. different eTLD+1) script, https://www.topcreativeformat.com/a5b515ab9d0858679d98fe8c9af33ac8/invoke.js, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
network error URL: https://www.topcreativeformat.com/a5b515ab9d0858679d98fe8c9af33ac8/invoke.js
Message:
Failed to load resource: the server responded with a status of 403 (Forbidden)
javascript warning URL: https://file.fan/3813e1da0f904a05(Line 266)
Message:
A parser-blocking, cross site (i.e. different eTLD+1) script, https://www.topcreativeformat.com/a5b515ab9d0858679d98fe8c9af33ac8/invoke.js, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
javascript warning URL: https://file.fan/3813e1da0f904a05(Line 266)
Message:
A parser-blocking, cross site (i.e. different eTLD+1) script, https://www.topcreativeformat.com/a5b515ab9d0858679d98fe8c9af33ac8/invoke.js, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
network error URL: https://www.topcreativeformat.com/a5b515ab9d0858679d98fe8c9af33ac8/invoke.js
Message:
Failed to load resource: the server responded with a status of 403 (Forbidden)
network error URL: https://pl22904797.profitablegatecpm.com/fe/cd/0f/fecd0f4417f9b4fdabf946c710b0dfde.js
Message:
Failed to load resource: the server responded with a status of 403 (Forbidden)
network error URL: https://pl22905469.profitablegatecpm.com/5f/1a/58/5f1a5877141acfa140e676635a29c8de.js
Message:
Failed to load resource: the server responded with a status of 403 (Forbidden)

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

alwingulla.com
c.adskeeper.com
file.fan
fleraprt.com
fonts.googleapis.com
fonts.gstatic.com
interstitial-08.com
kukidsaidree.com
moonoafy.net
my.rtmark.net
pl22904797.profitablegatecpm.com
pl22905469.profitablegatecpm.com
shoordaird.com
soathoth.com
tzegilo.com
veepteero.com
www.topcreativeformat.com
139.45.195.254
139.45.195.8
139.45.197.151
139.45.197.242
139.45.197.244
139.45.197.250
172.240.108.68
172.240.127.234
172.64.152.106
172.67.193.52
188.114.96.3
188.114.97.3
192.243.59.12
2a00:1450:4001:802::200a
2a00:1450:4001:829::2003
010e6ffb18715ededb10c4ae5a8518475c138fb63b83ec1c125d09b714ccdd8b
14fe481bc98aec6101675af29d1220f3ed1c9f296792583a3c150d3108b3a7ac
1c593f4a688585b14c31e71fc64bfaa81d768984cdf182bca40ba8c524582685
1cf30e59d21d4ae560af7143f5913efcc8222bcaa4fcc7508eb802b5faa9e94e
1e74353ed9b68a06d2b3764001b97c47acd16333b5c3640b8ed75402d75307a9
2076937d31897f7b8554840f8dde3661e3fb526155f8f2f0fb1ce3dfcc284d05
2642f94894419d1cebdc4a010b9380a7403063dd6d28ea8a80bd5ebd01186732
28f6cd9f984a78d6a8e072d240a28c50e2468ec500fd1935b90754d99493dd44
294d10eeecc3f676fcb484a6ea55dda8eda37a3ef9818c780a4fa53cb4e445a4
31205df908aed9881f6d2d3ae7d38975252bf99e38268978b4236dc3c314754b
315f1099a6bd5fe242173f80275a644d3c523f3833e0fc12645c65621bf33e69
36b2057eb5eef261a2cbb8c149dcf3a11edaa15ccd8e3d462eb34999f5ff8f2a
37d1086e46f6a3da9353808d9c4deeb276433aaea3f6c5fad20958f8ec9d3c8b
3a48192b001f55fd65a6bf490a2b81c0f53ce3c35d8ab84e40126789e6a7d8e5
3c4d6a1421c7ddb7e404521fe8c4cd5be5af446d7689cd880be26612eaad3cfa
50954e9a93d9b9e97ead0e8905024d4116f0f15f7b468bdaf0091be744e513cc
55185b5f2b7dac76a5f3932a27418b24b7e21808e7ab81c8e050b60b85e86d3c
55d9a9f3965fa8c9d7ac125fb53798ebe9a8494be560cd583ce9003aeb5b2ba9
5c6237178e88ab7f1c6e26c9e99547e58782450b8f2a182129448ff4d99e89ab
6910b6609166588208a24355d3c3666140dd0d7fcb3884b31eedb72773e44794
6d6a458d39eb05b4602aa62a6660bdeddcfdbe3a9012fdcf8278227604953871
705d9fc8952ac3bf3d9300e3d9ea6753284cdd920c34be0213ec8bc862df7a28
709debbdebf13d8d6c85571caee6e44629142518e9336ed1aa01d6e94ab4d056
804e3c2608de23694fa71684178e2f9815115d56ee022ec770e1fcb208847acc
8a10549eed29cff62aa0098311b5c1c37601577a11de64f72095aacb90715c8a
8bc6ab8f039dcfa60f666f7be9fdbb2fce95af5573272be8a44f57702e4a8987
8ef749c3869991924150dc932c48cd57bf69ac25a378bb2e14f8e1733c17406f
8f195573d6fa06641814b476fea2b92579c983cac46d683f356238207692c9f5
90c34a3c0036c2c9dad40963f29a76e53a54d2fb6010a54f4a797699d7674b0b
914df93a9770d8a0e132b6ce3e8f1cfba0e0fae8f3b9002a3f0eb47c3d0cc97b
95a14a4473ff130eb29f3cc02e135978505655e3c931b6c3726dedd4f558f843
a1e6cb080b1d6777fd6ad5ca5882eb0e1948dae1f3674a9c3e217dd7a6427e45
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22
ac331833ebf1c06b0f8565caaeb4760c2184bd89d1cb5574c3947a8d0b6dca1c
aeda362b1d693480453b895cbcf8b92629f58240c42ba8c643f0d5d338baf805
b2ba9d8b2216d22f8f31a594bc22ee21f60e2b539474a650be1e87dea87d5ed7
b4855cc8ec721cbaf27f3c907345e101b1524858221c14faa79df34cb2f84991
c0b706b9b1ca12b631496228a0eb0fe15ccb14f21ab554f6c4b4f20474e4d3a6
c5d7f0d9e646698b20734ce6dcc2c0a8ecf6ebe27b4b7625bfcf42c4416fb7ed
c8dee41785c1f45859a70f3bb9a65b3cba83d866dd46ca0096d07067fec9d280
cfe3b7382e477059da11be2099914b94f0e2a4f08240c60542c376957b8d9658
dbe98b73866341078c596a42b87af67c03a79cf591d02467842939ce0848a55d
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e70b27194b8793b68cccee28a6d8a1e39aae2ce5d28d5e71ac204d7a3ac164e3
ee57951709489c769b5ffe52c3bca5264caa967c841fda185e572f668e475ceb
f309ed3f4aa6c29a8e82811b194f31fd0976da3d50be119bdc8be49d166207f4
f9f33dca7f9a5a735a0a03502993e0a092df81d820beb1ed4071e4611a9630ed
fc190f724340fc20fd1d175f49c70e70f4acfdd9303ae4f68d9765a2a5958d9b
fe85cceb474303eb80a5ca9a60b16d92208a8e0b38647647654b0c42447b51f7
fe965e0f2d11ae258b9c98c819a32e06af3d19dd8cec9b830780f19ac01ade95
ff5fe542e37297733305fb7e68a41b3269a681d64145945f2131a646044c016a
ff752c1c79bb2c0347c5a8b7f069fa2772047324dbbadf77d21cec4b26ee3881