urlscan.io logo urlscan.io
SecurityTrails logo

storiesdown.fun Open in urlscan Pro
2606:4700:3030::ac43:ccb8  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://storiesdown.fun/
Effective URL: https://storiesdown.fun/
Submission: On May 14 via manual from US — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 10 IPs in 3 countries across 8 domains to perform 32 HTTP transactions. The main IP is 2606:4700:3030::ac43:ccb8, located in United States and belongs to CLOUDFLARENET, US. The main domain is storiesdown.fun.
TLS certificate: Issued by GTS CA 1P5 on May 12th 2024. Valid for: 3 months.
This is the only time storiesdown.fun was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
4 2606:4700:303... 13335 (CLOUDFLAR...)
1 2a00:1450:400... 15169 (GOOGLE)
12 172.217.16.194 15169 (GOOGLE)
3 172.67.138.88 13335 (CLOUDFLAR...)
2 172.67.204.184 13335 (CLOUDFLAR...)
2 2a00:1450:400... 15169 (GOOGLE)
3 7 2a02:6b8::1:119 13238 (YANDEX)
1 2001:4860:480... 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
32 10
4    2606:4700:3030::ac43:ccb8 (United States)

ASN13335 (CLOUDFLARENET, US)
storiesdown.fun
1    2a00:1450:4001:81c::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
12    172.217.16.194 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s08-in-f194.1e100.net
pagead2.googlesyndication.com
3    172.67.138.88 (United States)

ASN13335 (CLOUDFLARENET, US)
shynet.misterpah.com
2    172.67.204.184 (United States)

ASN13335 (CLOUDFLARENET, US)
storiesdown.fun
2    2a00:1450:4001:82b::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
7    2a02:6b8::1:119 (Moscow, Russian Federation)

ASN13238 (YANDEX, RU)
mc.yandex.ru
mc.yandex.com
1    2001:4860:4802:34::36 (United States)

ASN15169 (GOOGLE, US)
region1.google-analytics.com
2    2a00:1450:4001:830::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
tpc.googlesyndication.com
Apex Domain
Subdomains		 Transfer
14 googlesyndication.com
pagead2.googlesyndication.com — Cisco Umbrella Rank: 103
tpc.googlesyndication.com — Cisco Umbrella Rank: 164
209 KB
6 storiesdown.fun
storiesdown.fun
16 KB
5 yandex.com
mc.yandex.com — Cisco Umbrella Rank: 9603
4 KB
3 misterpah.com
shynet.misterpah.com
2 KB
2 yandex.ru
mc.yandex.ru — Cisco Umbrella Rank: 4550
73 KB
2 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 39
173 KB
1 google-analytics.com
region1.google-analytics.com — Cisco Umbrella Rank: 2533
254 B
1 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 33
1 KB
32 8
Domain Requested by
12 pagead2.googlesyndication.com storiesdown.fun
pagead2.googlesyndication.com
6 storiesdown.fun storiesdown.fun
5 mc.yandex.com 2 redirects storiesdown.fun
3 shynet.misterpah.com storiesdown.fun
shynet.misterpah.com
2 tpc.googlesyndication.com pagead2.googlesyndication.com
tpc.googlesyndication.com
2 mc.yandex.ru 1 redirects storiesdown.fun
2 www.googletagmanager.com storiesdown.fun
www.googletagmanager.com
1 region1.google-analytics.com www.googletagmanager.com
1 fonts.googleapis.com storiesdown.fun
32 9

This site contains no links.

Subject Issuer Validity Valid
storiesdown.fun
GTS CA 1P5		 2024-05-12 -
2024-08-10		 3 months crt.sh
upload.video.google.com
WR2		 2024-05-06 -
2024-07-29		 3 months crt.sh
*.g.doubleclick.net
WR2		 2024-05-06 -
2024-07-29		 3 months crt.sh
misterpah.com
GTS CA 1P5		 2024-04-14 -
2024-07-13		 3 months crt.sh
*.google-analytics.com
WR2		 2024-05-06 -
2024-07-29		 3 months crt.sh
mc.yandex.ru
GlobalSign ECC OV SSL CA 2018		 2023-12-26 -
2024-06-05		 5 months crt.sh
tpc.googlesyndication.com
WR2		 2024-05-06 -
2024-07-29		 3 months crt.sh

This page contains 8 frames:

Primary Page: https://storiesdown.fun/
Frame ID: 2F7F24F2671A1FBBCAFC78630125E25A
Requests: 24 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/html/r20240509/r20110914/zrt_lookup_fy2021.html
Frame ID: 5EC1A46ADBEE2DA0DC8A18F034F5E6CB
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/ads?ltd_cs=1&client=ca-pub-5616127056097007&output=html&adk=1812271804&adf=3025194257&abgtt=1&lmt=1715719724&plat=1%3A16777216%2C8%3A4194304%2C9%3A134250504%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&plas=140x1080_l%7C140x1080_r&format=0x0&url=https%3A%2F%2Fstoriesdown.fun%2F&pra=5&wgl=1&easpi=0&aihb=0&asro=0&aslmct=0.7&asamct=0.7&uach=WyJXaW4zMiIsIjEwLjAuMCIsIng4NiIsIiIsIjEyNC4wLjYzNjcuMjAxIixudWxsLDAsbnVsbCwiNjQiLFtbIkNocm9taXVtIiwiMTI0LjAuNjM2Ny4yMDEiXSxbIkdvb2dsZSBDaHJvbWUiLCIxMjQuMC42MzY3LjIwMSJdLFsiTm90LUEuQnJhbmQiLCI5OS4wLjAuMCJdXSwwXQ..&dt=1715719724677&bpp=3&bdt=414&idt=181&shv=r20240509&mjsv=m202405080101&ptt=9&saldr=aa&abxe=1&eoidce=1&nras=1&correlator=6690676962417&frm=20&pv=2&ga_vid=1440906100.1715719725&ga_sid=1715719725&ga_hid=1991750937&ga_fc=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C31083637%2C31083638%2C44795921%2C95329729%2C95331983%2C95331711%2C95332416&oid=2&pvsid=3172579563478621&tmod=325904600&uas=0&nvt=1&fsapi=1&fc=1920&brdim=1570%2C1170%2C1570%2C1170%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&bz=1&ifi=1&uci=a!1&fsb=1&dtd=194
Frame ID: 1F014DA8F9028F5986935833DDC348D1
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/ads?ltd_cs=1&client=ca-pub-5616127056097007&output=html&h=280&adk=3809598800&adf=854766408&pi=t.aa~a.1524871759~rp.4&w=1200&abgtt=1&fwrn=4&fwrnh=100&lmt=1715719725&rafmt=1&to=qs&pwprc=8743583978&format=1200x280&url=https%3A%2F%2Fstoriesdown.fun%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyJXaW4zMiIsIjEwLjAuMCIsIng4NiIsIiIsIjEyNC4wLjYzNjcuMjAxIixudWxsLDAsbnVsbCwiNjQiLFtbIkNocm9taXVtIiwiMTI0LjAuNjM2Ny4yMDEiXSxbIkdvb2dsZSBDaHJvbWUiLCIxMjQuMC42MzY3LjIwMSJdLFsiTm90LUEuQnJhbmQiLCI5OS4wLjAuMCJdXSwwXQ..&dt=1715719725431&bpp=1&bdt=1169&idt=-M&shv=r20240509&mjsv=m202405080101&ptt=9&saldr=aa&abxe=1&eoidce=1&prev_fmts=0x0&nras=2&correlator=6690676962417&frm=20&pv=1&ga_vid=1440906100.1715719725&ga_sid=1715719725&ga_hid=1991750937&ga_fc=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=1346&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C31083637%2C31083638%2C44795921%2C95329729%2C95331983%2C95331711%2C95332416&oid=2&pvsid=3172579563478621&tmod=325904600&uas=0&nvt=1&fc=1920&brdim=1570%2C1170%2C1570%2C1170%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&bz=1&ifi=2&uci=a!2&btvi=1&fsb=1&dtd=3
Frame ID: BC6F75D9655FCBC2FE577222AD8A089E
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/ads?ltd_cs=1&client=ca-pub-5616127056097007&output=html&h=280&adk=3809598800&adf=1839787983&pi=t.aa~a.1524948741~rp.4&w=1200&abgtt=1&fwrn=4&fwrnh=100&lmt=1715719725&rafmt=1&to=qs&pwprc=8743583978&format=1200x280&url=https%3A%2F%2Fstoriesdown.fun%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyJXaW4zMiIsIjEwLjAuMCIsIng4NiIsIiIsIjEyNC4wLjYzNjcuMjAxIixudWxsLDAsbnVsbCwiNjQiLFtbIkNocm9taXVtIiwiMTI0LjAuNjM2Ny4yMDEiXSxbIkdvb2dsZSBDaHJvbWUiLCIxMjQuMC42MzY3LjIwMSJdLFsiTm90LUEuQnJhbmQiLCI5OS4wLjAuMCJdXSwwXQ..&dt=1715719725431&bpp=1&bdt=1169&idt=-M&shv=r20240509&mjsv=m202405080101&ptt=9&saldr=aa&abxe=1&eoidce=1&prev_fmts=0x0%2C1200x280&nras=3&correlator=6690676962417&frm=20&pv=1&ga_vid=1440906100.1715719725&ga_sid=1715719725&ga_hid=1991750937&ga_fc=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=2400&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C31083637%2C31083638%2C44795921%2C95329729%2C95331983%2C95331711%2C95332416&oid=2&pvsid=3172579563478621&tmod=325904600&uas=0&nvt=1&fc=1920&brdim=1570%2C1170%2C1570%2C1170%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&bz=1&ifi=3&uci=a!3&btvi=2&fsb=1&dtd=9
Frame ID: D5EF92991F6681892A8AF25BCFD56633
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/ads?ltd_cs=1&client=ca-pub-5616127056097007&output=html&h=280&adk=3809598800&adf=54630664&pi=t.aa~a.1524947740~rp.4&w=1200&abgtt=1&fwrn=4&fwrnh=100&lmt=1715719725&rafmt=1&to=qs&pwprc=8743583978&format=1200x280&url=https%3A%2F%2Fstoriesdown.fun%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyJXaW4zMiIsIjEwLjAuMCIsIng4NiIsIiIsIjEyNC4wLjYzNjcuMjAxIixudWxsLDAsbnVsbCwiNjQiLFtbIkNocm9taXVtIiwiMTI0LjAuNjM2Ny4yMDEiXSxbIkdvb2dsZSBDaHJvbWUiLCIxMjQuMC42MzY3LjIwMSJdLFsiTm90LUEuQnJhbmQiLCI5OS4wLjAuMCJdXSwwXQ..&dt=1715719725431&bpp=1&bdt=1169&idt=-M&shv=r20240509&mjsv=m202405080101&ptt=9&saldr=aa&abxe=1&eoidce=1&prev_fmts=0x0%2C1200x280%2C1200x280&nras=4&correlator=6690676962417&frm=20&pv=1&ga_vid=1440906100.1715719725&ga_sid=1715719725&ga_hid=1991750937&ga_fc=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=3930&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C31083637%2C31083638%2C44795921%2C95329729%2C95331983%2C95331711%2C95332416&oid=2&pvsid=3172579563478621&tmod=325904600&uas=0&nvt=1&fc=1920&brdim=1570%2C1170%2C1570%2C1170%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&bz=1&ifi=4&uci=a!4&btvi=3&fsb=1&dtd=16
Frame ID: 35B3124D5C2D11AC56C66423D070EC05
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/ads?ltd_cs=1&client=ca-pub-5616127056097007&output=html&h=280&adk=3088186576&adf=1409212968&pi=t.aa~a.85842727~rp.4&w=1200&abgtt=1&fwrn=4&fwrnh=100&lmt=1715719725&rafmt=1&to=qs&pwprc=8743583978&format=1200x280&url=https%3A%2F%2Fstoriesdown.fun%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyJXaW4zMiIsIjEwLjAuMCIsIng4NiIsIiIsIjEyNC4wLjYzNjcuMjAxIixudWxsLDAsbnVsbCwiNjQiLFtbIkNocm9taXVtIiwiMTI0LjAuNjM2Ny4yMDEiXSxbIkdvb2dsZSBDaHJvbWUiLCIxMjQuMC42MzY3LjIwMSJdLFsiTm90LUEuQnJhbmQiLCI5OS4wLjAuMCJdXSwwXQ..&dt=1715719725431&bpp=1&bdt=1169&idt=0&shv=r20240509&mjsv=m202405080101&ptt=9&saldr=aa&abxe=1&eoidce=1&prev_fmts=0x0%2C1200x280%2C1200x280%2C1200x280&nras=5&correlator=6690676962417&frm=20&pv=1&ga_vid=1440906100.1715719725&ga_sid=1715719725&ga_hid=1991750937&ga_fc=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=4327&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C31083637%2C31083638%2C44795921%2C95329729%2C95331983%2C95331711%2C95332416&oid=2&pvsid=3172579563478621&tmod=325904600&uas=0&nvt=1&fc=1920&brdim=1570%2C1170%2C1570%2C1170%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&bz=1&ifi=5&uci=a!5&btvi=4&fsb=1&dtd=22
Frame ID: 47AF4BA1CDE69083956E17ADAB1056F3
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 3FCB916D196274022E70CC81D156FE62
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

StorySaver — Anonymous Insta Story Viewer

Page URL History Show full URLs

  1. http://storiesdown.fun/ HTTP 307
    https://storiesdown.fun/ Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • googlesyndication\.com/
Overall confidence: 100%
Detected patterns
Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com
Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/ns\.html[^>]+></iframe>
  • googletagmanager\.com/gtm\.js
  • googletagmanager\.com/gtag/js
Overall confidence: 100%
Detected patterns
  • mc\.yandex\.ru/metrika/(?:tag|watch)\.js
Overall confidence: 100%
Detected patterns
  • <link [^>]*?href="?[a-zA-Z]*?:?//cdn\.jsdelivr\.net/

Page Statistics

32
Requests

91 %
HTTPS

67 %
IPv6

8
Domains

9
Subdomains

10
IPs

3
Countries

477 kB
Transfer

1376 kB
Size

25
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://storiesdown.fun/ HTTP 307
    https://storiesdown.fun/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 15
  • https://mc.yandex.com/sync_cookie_image_check HTTP 302
  • https://mc.yandex.ru/sync_cookie_image_start?redirect_domain=mc.yandex.com&token=10369.MpUi8UfY1Ii8ZN2nv65pEr_XEQluzk0-btO4cf059f8m_Z1yJD9CJOBNXqKAstmL.q-39atgnpprQTkO774XS6Ysp9oM%2C HTTP 302
  • https://mc.yandex.com/sync_cookie_image_decide?token=10369.kfAB-KFjqgVGDLF4VKJaecnyOXEI2YM8ZXhGgKLaX6Srmgss4ntayxXG7RIvJWJ5Hpqw6f1oufEzqfhHSdNYl9V4-pouJ88g8mvTt-n29GT8AZG2t9xskwr3y1jtqD31ZEA0h_eW4_9Mi0UzUE2sfDaC5bb3sZEOgSUPWUQNpfO2FLjeIsGPWr1-Vxsn8hAZy3Bpk33fkzdxKDTD61p-VB4ISDA6AUJ9fRm0EluZoKQ%2C.kbf5wJhL4EeOInnwR1GJqxtJTBM%2C
Request Chain 22
  • https://mc.yandex.com/watch/96737528?wmode=7&page-url=https%3A%2F%2Fstoriesdown.fun%2F&charset=utf-8&uah=chu%0A%22Google%20Chrome%22%3Bv%3D%22124%22%2C%22Not%3AA-Brand%22%3Bv%3D%228%22%2C%22Chromium%22%3Bv%3D%22124%22%0Acha%0Ax86%0Achb%0A64%0Achf%0A124.0.6367.201%0Achl%0A%22Chromium%22%3Bv%3D%22124.0.6367.201%22%2C%22Google%20Chrome%22%3Bv%3D%22124.0.6367.201%22%2C%22Not-A.Brand%22%3Bv%3D%2299.0.0.0%22%0Achm%0A%3F0%0Achp%0AWin32%0Achv%0A10.0.0&browser-info=pv%3A1%3Avf%3Adgbrch0rrwskrrnckuobefkyj%3Afu%3A0%3Aen%3Autf-8%3Ala%3Ade-DE%3Av%3A1331%3Acn%3A1%3Adp%3A0%3Als%3A1696809596557%3Ahid%3A236228839%3Az%3A120%3Ai%3A20240514224845%3Aet%3A1715719725%3Ac%3A1%3Arn%3A294335298%3Arqn%3A1%3Au%3A1715719725670399009%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Afp%3A615%3Awv%3A2%3Ads%3A0%2C89%2C192%2C54%2C1%2C0%2C%2C224%2C0%2C%2C%2C%2C784%3Aco%3A0%3Acpf%3A1%3Ans%3A1715719723957%3Agi%3AR0ExLjEuMTQ0MDkwNjEwMC4xNzE1NzE5NzI1%3Aadb%3A2%3Arqnl%3A1%3Ast%3A1715719725%3At%3AStorySaver%20%E2%80%94%20Anonymous%20Insta%20Story%20Viewer&t=gdpr(14)clc(0-0-0)rqnt(1)aw(1)rcm(1)cdl(na)eco(21037568)ti(1) HTTP 302
  • https://mc.yandex.com/watch/96737528/1?wmode=7&page-url=https%3A%2F%2Fstoriesdown.fun%2F&charset=utf-8&uah=chu%0A%22Google%20Chrome%22%3Bv%3D%22124%22%2C%22Not%3AA-Brand%22%3Bv%3D%228%22%2C%22Chromium%22%3Bv%3D%22124%22%0Acha%0Ax86%0Achb%0A64%0Achf%0A124.0.6367.201%0Achl%0A%22Chromium%22%3Bv%3D%22124.0.6367.201%22%2C%22Google%20Chrome%22%3Bv%3D%22124.0.6367.201%22%2C%22Not-A.Brand%22%3Bv%3D%2299.0.0.0%22%0Achm%0A%3F0%0Achp%0AWin32%0Achv%0A10.0.0&browser-info=pv%3A1%3Avf%3Adgbrch0rrwskrrnckuobefkyj%3Afu%3A0%3Aen%3Autf-8%3Ala%3Ade-DE%3Av%3A1331%3Acn%3A1%3Adp%3A0%3Als%3A1696809596557%3Ahid%3A236228839%3Az%3A120%3Ai%3A20240514224845%3Aet%3A1715719725%3Ac%3A1%3Arn%3A294335298%3Arqn%3A1%3Au%3A1715719725670399009%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Afp%3A615%3Awv%3A2%3Ads%3A0%2C89%2C192%2C54%2C1%2C0%2C%2C224%2C0%2C%2C%2C%2C784%3Aco%3A0%3Acpf%3A1%3Ans%3A1715719723957%3Agi%3AR0ExLjEuMTQ0MDkwNjEwMC4xNzE1NzE5NzI1%3Aadb%3A2%3Arqnl%3A1%3Ast%3A1715719725%3At%3AStorySaver%20%E2%80%94%20Anonymous%20Insta%20Story%20Viewer&t=gdpr%2814%29clc%280-0-0%29rqnt%281%29aw%281%29rcm%281%29cdl%28na%29eco%2821037568%29ti%281%29

32 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
storiesdown.fun/
Redirect Chain
  • http://storiesdown.fun/
  • https://storiesdown.fun/
28 KB
10 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://storiesdown.fun/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3030::ac43:ccb8 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
38ebb9bf9bdeba8567853cbb2926575224bb4ae859a3254043414669a55ce933
Security Headers
Name Value
Strict-Transport-Security max-age=31556926; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options ALLOW-FROM webvisor.com
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With
alt-svc
h3=":443"; ma=86400
cache-control
max-age=315360000
cf-cache-status
DYNAMIC
cf-ray
883dc03388339b31-FRA
content-encoding
br
content-type
text/html; charset=utf-8
date
Tue, 14 May 2024 20:48:44 GMT
expires
Thu, 31 Dec 2037 23:55:55 GMT
feature-policy
geolocation 'none'
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
permissions-policy
interest-cohort=()
referrer-policy
same-origin
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=cJ7xwx1A4z7JQ6ybPbzUK%2B13nzq%2BA7jJqkBcEBzNjkRRNJeazQD4VH5ulCLk%2FEGwwMvCbL7p4YAhGx1SVS5gfYn218A7YqGrszQXzbk%2FkpwgDfovxBmFa6YkCsBFE148zaihPb4DVsukYbhXlAQ%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
strict-transport-security
max-age=31556926; includeSubDomains
x-content-type-options
nosniff
x-frame-options
ALLOW-FROM webvisor.com
x-xss-protection
1; mode=block

Redirect headers

Location
https://storiesdown.fun/
Non-Authoritative-Reason
HttpsUpgrades
styles.css
storiesdown.fun/assets/ 		10 KB
4 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://storiesdown.fun/assets/styles.css
Requested by
Host: storiesdown.fun
URL: https://storiesdown.fun/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3030::ac43:ccb8 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6036edafe78771d0228095f13434bdba0ce39e292ca1ba21e071d4ee86f2ca77
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options ALLOW-FROM webvisor.com
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://storiesdown.fun/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 14 May 2024 20:48:44 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400
x-xss-protection
1; mode=block
last-modified
Sat, 30 Mar 2024 14:00:49 GMT
server
cloudflare
etag
W/"66081b11-2769"
x-frame-options
ALLOW-FROM webvisor.com
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=QPKxSW87d11fspmeCg8PsJGw58xeKu9GI%2FbdHxjVyIUEAgmbsloVsROFd3OTtPxSIqHH75xitCVD8QwkEzvLUCeONfd6v9yI%2BsVtFJaWXO4gu0UgDODefO9ElJlXKnPTeg4mSfDAOkh72%2Fsm33w%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
vary
Accept-Encoding
cache-control
public, max-age=315360000
cf-ray
883dc034c9429b31-FRA
expires
Thu, 31 Dec 2037 23:55:55 GMT
css
fonts.googleapis.com/ 		5 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Source+Sans+Pro:300,400&display=swap&subset=cyrillic
Requested by
Host: storiesdown.fun
URL: https://storiesdown.fun/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81c::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
b9b50ec9ef83d1f48b979dff1d18403586c56f14ea2c5ae02c29ac83bb0b1144
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

strict-transport-security
max-age=31536000
date
Tue, 14 May 2024 20:48:44 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Tue, 14 May 2024 20:48:44 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Tue, 14 May 2024 20:48:44 GMT
adsbygoogle.js
pagead2.googlesyndication.com/pagead/js/ 		150 KB
51 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Requested by
Host: storiesdown.fun
URL: https://storiesdown.fun/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.16.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s08-in-f194.1e100.net
Software
cafe /
Resource Hash
7971ed3967d0a9d35984fe8c2475702206d21e7044a236d0189e771b75109752
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 14 May 2024 20:48:44 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
52002
x-xss-protection
0
server
cafe
etag
18337889248564708609
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin
*
link
<https://googleads.g.doubleclick.net>; rel="preconnect"; crossorigin
expires
Tue, 14 May 2024 20:48:44 GMT
script.js
shynet.misterpah.com/ingress/7f0d2d17-1f31-4ce1-922b-aa0a582b0c49/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://shynet.misterpah.com/ingress/7f0d2d17-1f31-4ce1-922b-aa0a582b0c49/script.js
Requested by
Host: storiesdown.fun
URL: https://storiesdown.fun/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.138.88 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ccdd0c362c6a8de0ba8a279cf3cd6d9fddb80eae17931f3e404280b0294722b1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 14 May 2024 20:48:44 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
EXPIRED
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400
referrer-policy
same-origin
last-modified
Mon, 13 May 2024 20:05:47 GMT
server
cloudflare
x-frame-options
DENY
access-control-allow-methods
GET,HEAD,OPTIONS,POST
content-type
application/javascript
access-control-allow-origin
*
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=lGPRSet50sHcLnTAI%2FcoaSLHA0mXV4VWfm1SiFlZ1QKLzrwwL1D71fkBbo6uO%2BGS9bzg3jXVwB%2FjCX6Y9wE5rqMhKKVsls%2F36irraTS50yDHNKJ9vtuMKFnZa30gvjNIrgfOA2G4jg%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control
max-age=14400
vary
Accept-Encoding
cf-ray
883dc03658ed9143-FRA
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept, Authorization, Referer
/
storiesdown.fun/app/ 		0
2 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://storiesdown.fun/app/
Requested by
Host: storiesdown.fun
URL: https://storiesdown.fun/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.204.184 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://storiesdown.fun/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

pragma
no-cache
date
Tue, 14 May 2024 20:48:44 GMT
content-encoding
br
cf-cache-status
DYNAMIC
last-modified
Tuesday, 14-May-2024 20:48:44 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=MSRFSS8MzYunu9QfCMN52PsIbTijr4ccgflA3AXKp%2FLV9kAvxskTr%2FGuFObe4cftzMIEj%2BHp1PnBAbZ7oLSlwgNapNA51sSYvLnIUYunro5l1HRkpbUEDdeHBL9A9epak8k%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/html; charset=utf8
cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
x-robots-tag
noindex, nofollow, nosnippet, noarchive
cf-ray
883dc035fe8b5d8a-FRA
alt-svc
h3=":443"; ma=86400
scripts.js
storiesdown.fun/assets/js/ 		0
0 		Other
General
Check archive.org
Download Go to
Full URL
https://storiesdown.fun/assets/js/scripts.js
Requested by
Host: storiesdown.fun
URL: https://storiesdown.fun/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3030::ac43:ccb8 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options ALLOW-FROM webvisor.com
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://storiesdown.fun/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 14 May 2024 20:48:44 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400
x-xss-protection
1; mode=block
last-modified
Sat, 30 Mar 2024 14:00:49 GMT
server
cloudflare
etag
W/"66081b11-6db"
x-frame-options
ALLOW-FROM webvisor.com
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=4lw1Bsd9eYomnZPo0Yk104xLtVOTj%2BHEL2L%2B4oUeO3yIOFMShuyr0m1%2Fu4alY%2BIQ8CvbiUXWGmulh5Qg34J2Qqg0I213zROoMkvB72nYZJPk8vDdAZLTjPsoVBnNwu1p9ZardugClyu7q4aOBAQ%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf8
vary
Accept-Encoding
cache-control
public, max-age=315360000
cf-ray
883dc035097e9b31-FRA
expires
Thu, 31 Dec 2037 23:55:55 GMT
scripts.js
storiesdown.fun/assets/js/ 		2 KB
950 B 		Script
General
Check archive.org
Download Go to
Full URL
https://storiesdown.fun/assets/js/scripts.js
Requested by
Host: storiesdown.fun
URL: https://storiesdown.fun/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3030::ac43:ccb8 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3c64a56f7c3681e67181e9bb6ec8d56a4f177c0c7c53268bcef026aa5ab23e9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options ALLOW-FROM webvisor.com
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://storiesdown.fun/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 14 May 2024 20:48:44 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400
x-xss-protection
1; mode=block
last-modified
Sat, 30 Mar 2024 14:00:49 GMT
server
cloudflare
etag
W/"66081b11-6db"
x-frame-options
ALLOW-FROM webvisor.com
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=4lw1Bsd9eYomnZPo0Yk104xLtVOTj%2BHEL2L%2B4oUeO3yIOFMShuyr0m1%2Fu4alY%2BIQ8CvbiUXWGmulh5Qg34J2Qqg0I213zROoMkvB72nYZJPk8vDdAZLTjPsoVBnNwu1p9ZardugClyu7q4aOBAQ%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf8
vary
Accept-Encoding
cache-control
public, max-age=315360000
cf-ray
883dc035097e9b31-FRA
expires
Thu, 31 Dec 2037 23:55:55 GMT
gtm.js
www.googletagmanager.com/ 		209 KB
73 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-5DQVNZ6Z
Requested by
Host: storiesdown.fun
URL: https://storiesdown.fun/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
433f89204f59144626201646e11db184de74f035449bf17b2a453bfaaafe085a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 14 May 2024 20:48:44 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
74759
x-xss-protection
0
last-modified
Tue, 14 May 2024 18:00:00 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Tue, 14 May 2024 20:48:44 GMT
show_ads_impl_with_ama_fy2021.js
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202405080101/ 		412 KB
139 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202405080101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-5616127056097007&plah=storiesdown.fun&aplac=true
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.16.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s08-in-f194.1e100.net
Software
cafe /
Resource Hash
e67c2040d51b0ee01ac0c69316e6737232c493469ca8841e50c9391650979a59
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 14 May 2024 20:48:44 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
142568
x-xss-protection
0
server
cafe
etag
10397679994587454543
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin
*
expires
Tue, 14 May 2024 20:48:44 GMT
js
www.googletagmanager.com/gtag/ 		302 KB
100 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-D3Z2DT3587&l=dataLayer&cx=c
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-5DQVNZ6Z
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
14345ad488fa078c6d600f2eaab56b959f42e47e35db86cad518f2b900a65325
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 14 May 2024 20:48:44 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
102282
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Tue, 14 May 2024 20:48:44 GMT
tag.js
mc.yandex.ru/metrika/ 		208 KB
73 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://mc.yandex.ru/metrika/tag.js
Requested by
Host: storiesdown.fun
URL: https://storiesdown.fun/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6b8::1:119 Moscow, Russian Federation, ASN13238 (YANDEX, RU),
Reverse DNS
Software
/
Resource Hash
aaa2326f42507022619917a2abe599d6312c3294846cc66f008baf084dc39ed4
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 14 May 2024 20:48:44 GMT
content-encoding
br
strict-transport-security
max-age=31536000
last-modified
Tue, 14 May 2024 12:07:07 GMT
accept-ch
Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
etag
"664353eb-11f0d"
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=3600
timing-allow-origin
*
content-length
73485
expires
Tue, 14 May 2024 21:48:44 GMT
collect
region1.google-analytics.com/g/ 		0
254 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://region1.google-analytics.com/g/collect?v=2&tid=G-D3Z2DT3587&gtm=45je45d0v9180135348z89180132724za200&_p=1715719724452&gcd=13l3l3l2l1&npa=1&dma_cps=sypham&dma=1&cid=1440906100.1715719725&ul=de-de&sr=1600x1200&uaa=x86&uab=64&uafvl=Chromium%3B124.0.6367.201%7CGoogle%2520Chrome%3B124.0.6367.201%7CNot-A.Brand%3B99.0.0.0&uamb=0&uam=&uap=Win32&uapv=10.0.0&uaw=0&frm=0&pscdl=noapi&_s=1&sid=1715719724&sct=1&seg=0&dl=https%3A%2F%2Fstoriesdown.fun%2F&dt=StorySaver%20%E2%80%94%20Anonymous%20Insta%20Story%20Viewer&en=page_view&_fv=1&_nsi=1&_ss=1&tfd=894
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-D3Z2DT3587&l=dataLayer&cx=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

pragma
no-cache
date
Tue, 14 May 2024 20:48:44 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://storiesdown.fun
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
zrt_lookup_fy2021.html
pagead2.googlesyndication.com/pagead/html/r20240509/r20110914/ Frame 5EC1 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/html/r20240509/r20110914/zrt_lookup_fy2021.html
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202405080101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-5616127056097007&plah=storiesdown.fun&aplac=true
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.16.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s08-in-f194.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
sec-ch-ua-mobile
?0
sec-ch-ua-platform
"Win32"

Response headers

age
24240
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=1209600
content-encoding
br
content-length
4155
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Tue, 14 May 2024 14:04:45 GMT
etag
5035419970550746386
expires
Tue, 28 May 2024 14:04:45 GMT
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
ads
pagead2.googlesyndication.com/pagead/ Frame 1F01 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/ads?ltd_cs=1&client=ca-pub-5616127056097007&output=html&adk=1812271804&adf=3025194257&abgtt=1&lmt=1715719724&plat=1%3A16777216%2C8%3A4194304%2C9%3A134250504%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&plas=140x1080_l%7C140x1080_r&format=0x0&url=https%3A%2F%2Fstoriesdown.fun%2F&pra=5&wgl=1&easpi=0&aihb=0&asro=0&aslmct=0.7&asamct=0.7&uach=WyJXaW4zMiIsIjEwLjAuMCIsIng4NiIsIiIsIjEyNC4wLjYzNjcuMjAxIixudWxsLDAsbnVsbCwiNjQiLFtbIkNocm9taXVtIiwiMTI0LjAuNjM2Ny4yMDEiXSxbIkdvb2dsZSBDaHJvbWUiLCIxMjQuMC42MzY3LjIwMSJdLFsiTm90LUEuQnJhbmQiLCI5OS4wLjAuMCJdXSwwXQ..&dt=1715719724677&bpp=3&bdt=414&idt=181&shv=r20240509&mjsv=m202405080101&ptt=9&saldr=aa&abxe=1&eoidce=1&nras=1&correlator=6690676962417&frm=20&pv=2&ga_vid=1440906100.1715719725&ga_sid=1715719725&ga_hid=1991750937&ga_fc=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C31083637%2C31083638%2C44795921%2C95329729%2C95331983%2C95331711%2C95332416&oid=2&pvsid=3172579563478621&tmod=325904600&uas=0&nvt=1&fsapi=1&fc=1920&brdim=1570%2C1170%2C1570%2C1170%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&bz=1&ifi=1&uci=a!1&fsb=1&dtd=194
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202405080101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-5616127056097007&plah=storiesdown.fun&aplac=true
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.16.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s08-in-f194.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
sec-ch-ua-mobile
?0
sec-ch-ua-platform
"Win32"

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding
br
content-length
5764
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Tue, 14 May 2024 20:48:45 GMT
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
gen_204
pagead2.googlesyndication.com/pagead/ 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=ach_evt&tn=DIV&id=cookie_notification&cls=cookie_notification%20show&ign=false&pw=1600&ph=1200&x=800&y=1130.4
Requested by
Host: storiesdown.fun
URL: https://storiesdown.fun/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.16.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s08-in-f194.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

pragma
no-cache
date
Tue, 14 May 2024 20:48:44 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
sync_cookie_image_decide
mc.yandex.com/
Redirect Chain
  • https://mc.yandex.com/sync_cookie_image_check
  • https://mc.yandex.ru/sync_cookie_image_start?redirect_domain=mc.yandex.com&token=10369.MpUi8UfY1Ii8ZN2nv65pEr_XEQluzk0-btO4cf059f8m_Z1yJD9CJOBNXqKAstmL.q-39atgnpprQTkO774XS6Ysp9oM%2C
  • https://mc.yandex.com/sync_cookie_image_decide?token=10369.kfAB-KFjqgVGDLF4VKJaecnyOXEI2YM8ZXhGgKLaX6Srmgss4ntayxXG7RIvJWJ5Hpqw6f1oufEzqfhHSdNYl9V4-pouJ88g8mvTt-n29GT8AZG2t9xskwr3y1jtqD31ZEA0h_eW4_...
43 B
673 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mc.yandex.com/sync_cookie_image_decide?token=10369.kfAB-KFjqgVGDLF4VKJaecnyOXEI2YM8ZXhGgKLaX6Srmgss4ntayxXG7RIvJWJ5Hpqw6f1oufEzqfhHSdNYl9V4-pouJ88g8mvTt-n29GT8AZG2t9xskwr3y1jtqD31ZEA0h_eW4_9Mi0UzUE2sfDaC5bb3sZEOgSUPWUQNpfO2FLjeIsGPWr1-Vxsn8hAZy3Bpk33fkzdxKDTD61p-VB4ISDA6AUJ9fRm0EluZoKQ%2C.kbf5wJhL4EeOInnwR1GJqxtJTBM%2C
Requested by
Host: storiesdown.fun
URL: https://storiesdown.fun/
Protocol
H2
Server
2a02:6b8::1:119 Moscow, Russian Federation, ASN13238 (YANDEX, RU),
Reverse DNS
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36

Response headers

date
Tue, 14 May 2024 20:48:45 GMT
strict-transport-security
max-age=31536000
content-length
43
x-xss-protection
1; mode=block
content-type
image/gif

Redirect headers

location
https://mc.yandex.com/sync_cookie_image_decide?token=10369.kfAB-KFjqgVGDLF4VKJaecnyOXEI2YM8ZXhGgKLaX6Srmgss4ntayxXG7RIvJWJ5Hpqw6f1oufEzqfhHSdNYl9V4-pouJ88g8mvTt-n29GT8AZG2t9xskwr3y1jtqD31ZEA0h_eW4_9Mi0UzUE2sfDaC5bb3sZEOgSUPWUQNpfO2FLjeIsGPWr1-Vxsn8hAZy3Bpk33fkzdxKDTD61p-VB4ISDA6AUJ9fRm0EluZoKQ%2C.kbf5wJhL4EeOInnwR1GJqxtJTBM%2C
date
Tue, 14 May 2024 20:48:45 GMT
strict-transport-security
max-age=31536000
x-xss-protection
1; mode=block
advert.gif
mc.yandex.com/metrika/ 		43 B
595 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mc.yandex.com/metrika/advert.gif
Requested by
Host: storiesdown.fun
URL: https://storiesdown.fun/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6b8::1:119 Moscow, Russian Federation, ASN13238 (YANDEX, RU),
Reverse DNS
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 14 May 2024 20:48:45 GMT
strict-transport-security
max-age=31536000
last-modified
Tue, 14 May 2024 12:07:07 GMT
accept-ch
Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
etag
"664353eb-2b"
content-type
image/gif
access-control-allow-origin
*
cache-control
max-age=3600
accept-ranges
bytes
timing-allow-origin
*
content-length
43
expires
Tue, 14 May 2024 21:48:45 GMT
ads
pagead2.googlesyndication.com/pagead/ Frame BC6F 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/ads?ltd_cs=1&client=ca-pub-5616127056097007&output=html&h=280&adk=3809598800&adf=854766408&pi=t.aa~a.1524871759~rp.4&w=1200&abgtt=1&fwrn=4&fwrnh=100&lmt=1715719725&rafmt=1&to=qs&pwprc=8743583978&format=1200x280&url=https%3A%2F%2Fstoriesdown.fun%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyJXaW4zMiIsIjEwLjAuMCIsIng4NiIsIiIsIjEyNC4wLjYzNjcuMjAxIixudWxsLDAsbnVsbCwiNjQiLFtbIkNocm9taXVtIiwiMTI0LjAuNjM2Ny4yMDEiXSxbIkdvb2dsZSBDaHJvbWUiLCIxMjQuMC42MzY3LjIwMSJdLFsiTm90LUEuQnJhbmQiLCI5OS4wLjAuMCJdXSwwXQ..&dt=1715719725431&bpp=1&bdt=1169&idt=-M&shv=r20240509&mjsv=m202405080101&ptt=9&saldr=aa&abxe=1&eoidce=1&prev_fmts=0x0&nras=2&correlator=6690676962417&frm=20&pv=1&ga_vid=1440906100.1715719725&ga_sid=1715719725&ga_hid=1991750937&ga_fc=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=1346&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C31083637%2C31083638%2C44795921%2C95329729%2C95331983%2C95331711%2C95332416&oid=2&pvsid=3172579563478621&tmod=325904600&uas=0&nvt=1&fc=1920&brdim=1570%2C1170%2C1570%2C1170%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&bz=1&ifi=2&uci=a!2&btvi=1&fsb=1&dtd=3
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202405080101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-5616127056097007&plah=storiesdown.fun&aplac=true
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.16.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s08-in-f194.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
sec-ch-ua-mobile
?0
sec-ch-ua-platform
"Win32"

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding
br
content-length
304
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Tue, 14 May 2024 20:48:45 GMT
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
ads
pagead2.googlesyndication.com/pagead/ Frame D5EF 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/ads?ltd_cs=1&client=ca-pub-5616127056097007&output=html&h=280&adk=3809598800&adf=1839787983&pi=t.aa~a.1524948741~rp.4&w=1200&abgtt=1&fwrn=4&fwrnh=100&lmt=1715719725&rafmt=1&to=qs&pwprc=8743583978&format=1200x280&url=https%3A%2F%2Fstoriesdown.fun%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyJXaW4zMiIsIjEwLjAuMCIsIng4NiIsIiIsIjEyNC4wLjYzNjcuMjAxIixudWxsLDAsbnVsbCwiNjQiLFtbIkNocm9taXVtIiwiMTI0LjAuNjM2Ny4yMDEiXSxbIkdvb2dsZSBDaHJvbWUiLCIxMjQuMC42MzY3LjIwMSJdLFsiTm90LUEuQnJhbmQiLCI5OS4wLjAuMCJdXSwwXQ..&dt=1715719725431&bpp=1&bdt=1169&idt=-M&shv=r20240509&mjsv=m202405080101&ptt=9&saldr=aa&abxe=1&eoidce=1&prev_fmts=0x0%2C1200x280&nras=3&correlator=6690676962417&frm=20&pv=1&ga_vid=1440906100.1715719725&ga_sid=1715719725&ga_hid=1991750937&ga_fc=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=2400&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C31083637%2C31083638%2C44795921%2C95329729%2C95331983%2C95331711%2C95332416&oid=2&pvsid=3172579563478621&tmod=325904600&uas=0&nvt=1&fc=1920&brdim=1570%2C1170%2C1570%2C1170%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&bz=1&ifi=3&uci=a!3&btvi=2&fsb=1&dtd=9
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202405080101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-5616127056097007&plah=storiesdown.fun&aplac=true
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.16.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s08-in-f194.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
sec-ch-ua-mobile
?0
sec-ch-ua-platform
"Win32"

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding
br
content-length
306
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Tue, 14 May 2024 20:48:45 GMT
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
ads
pagead2.googlesyndication.com/pagead/ Frame 35B3 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/ads?ltd_cs=1&client=ca-pub-5616127056097007&output=html&h=280&adk=3809598800&adf=54630664&pi=t.aa~a.1524947740~rp.4&w=1200&abgtt=1&fwrn=4&fwrnh=100&lmt=1715719725&rafmt=1&to=qs&pwprc=8743583978&format=1200x280&url=https%3A%2F%2Fstoriesdown.fun%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyJXaW4zMiIsIjEwLjAuMCIsIng4NiIsIiIsIjEyNC4wLjYzNjcuMjAxIixudWxsLDAsbnVsbCwiNjQiLFtbIkNocm9taXVtIiwiMTI0LjAuNjM2Ny4yMDEiXSxbIkdvb2dsZSBDaHJvbWUiLCIxMjQuMC42MzY3LjIwMSJdLFsiTm90LUEuQnJhbmQiLCI5OS4wLjAuMCJdXSwwXQ..&dt=1715719725431&bpp=1&bdt=1169&idt=-M&shv=r20240509&mjsv=m202405080101&ptt=9&saldr=aa&abxe=1&eoidce=1&prev_fmts=0x0%2C1200x280%2C1200x280&nras=4&correlator=6690676962417&frm=20&pv=1&ga_vid=1440906100.1715719725&ga_sid=1715719725&ga_hid=1991750937&ga_fc=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=3930&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C31083637%2C31083638%2C44795921%2C95329729%2C95331983%2C95331711%2C95332416&oid=2&pvsid=3172579563478621&tmod=325904600&uas=0&nvt=1&fc=1920&brdim=1570%2C1170%2C1570%2C1170%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&bz=1&ifi=4&uci=a!4&btvi=3&fsb=1&dtd=16
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202405080101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-5616127056097007&plah=storiesdown.fun&aplac=true
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.16.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s08-in-f194.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
sec-ch-ua-mobile
?0
sec-ch-ua-platform
"Win32"

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding
br
content-length
303
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Tue, 14 May 2024 20:48:45 GMT
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
ads
pagead2.googlesyndication.com/pagead/ Frame 47AF 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/ads?ltd_cs=1&client=ca-pub-5616127056097007&output=html&h=280&adk=3088186576&adf=1409212968&pi=t.aa~a.85842727~rp.4&w=1200&abgtt=1&fwrn=4&fwrnh=100&lmt=1715719725&rafmt=1&to=qs&pwprc=8743583978&format=1200x280&url=https%3A%2F%2Fstoriesdown.fun%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyJXaW4zMiIsIjEwLjAuMCIsIng4NiIsIiIsIjEyNC4wLjYzNjcuMjAxIixudWxsLDAsbnVsbCwiNjQiLFtbIkNocm9taXVtIiwiMTI0LjAuNjM2Ny4yMDEiXSxbIkdvb2dsZSBDaHJvbWUiLCIxMjQuMC42MzY3LjIwMSJdLFsiTm90LUEuQnJhbmQiLCI5OS4wLjAuMCJdXSwwXQ..&dt=1715719725431&bpp=1&bdt=1169&idt=0&shv=r20240509&mjsv=m202405080101&ptt=9&saldr=aa&abxe=1&eoidce=1&prev_fmts=0x0%2C1200x280%2C1200x280%2C1200x280&nras=5&correlator=6690676962417&frm=20&pv=1&ga_vid=1440906100.1715719725&ga_sid=1715719725&ga_hid=1991750937&ga_fc=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=4327&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C31083637%2C31083638%2C44795921%2C95329729%2C95331983%2C95331711%2C95332416&oid=2&pvsid=3172579563478621&tmod=325904600&uas=0&nvt=1&fc=1920&brdim=1570%2C1170%2C1570%2C1170%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&bz=1&ifi=5&uci=a!5&btvi=4&fsb=1&dtd=22
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202405080101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-5616127056097007&plah=storiesdown.fun&aplac=true
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.16.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s08-in-f194.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
sec-ch-ua-mobile
?0
sec-ch-ua-platform
"Win32"

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding
br
content-length
304
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Tue, 14 May 2024 20:48:45 GMT
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
gen_204
pagead2.googlesyndication.com/pagead/ 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=ama_auto_rs&sts=pfno&evt=place&vh=1200&eid=42532561&hl=en&pvc=3172579563478621
Requested by
Host: storiesdown.fun
URL: https://storiesdown.fun/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.16.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s08-in-f194.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

pragma
no-cache
date
Tue, 14 May 2024 20:48:45 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
1
mc.yandex.com/watch/96737528/
Redirect Chain
  • https://mc.yandex.com/watch/96737528?wmode=7&page-url=https%3A%2F%2Fstoriesdown.fun%2F&charset=utf-8&uah=chu%0A%22Google%20Chrome%22%3Bv%3D%22124%22%2C%22Not%3AA-Brand%22%3Bv%3D%228%22%2C%22Chromiu...
  • https://mc.yandex.com/watch/96737528/1?wmode=7&page-url=https%3A%2F%2Fstoriesdown.fun%2F&charset=utf-8&uah=chu%0A%22Google%20Chrome%22%3Bv%3D%22124%22%2C%22Not%3AA-Brand%22%3Bv%3D%228%22%2C%22Chrom...
447 B
539 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://mc.yandex.com/watch/96737528/1?wmode=7&page-url=https%3A%2F%2Fstoriesdown.fun%2F&charset=utf-8&uah=chu%0A%22Google%20Chrome%22%3Bv%3D%22124%22%2C%22Not%3AA-Brand%22%3Bv%3D%228%22%2C%22Chromium%22%3Bv%3D%22124%22%0Acha%0Ax86%0Achb%0A64%0Achf%0A124.0.6367.201%0Achl%0A%22Chromium%22%3Bv%3D%22124.0.6367.201%22%2C%22Google%20Chrome%22%3Bv%3D%22124.0.6367.201%22%2C%22Not-A.Brand%22%3Bv%3D%2299.0.0.0%22%0Achm%0A%3F0%0Achp%0AWin32%0Achv%0A10.0.0&browser-info=pv%3A1%3Avf%3Adgbrch0rrwskrrnckuobefkyj%3Afu%3A0%3Aen%3Autf-8%3Ala%3Ade-DE%3Av%3A1331%3Acn%3A1%3Adp%3A0%3Als%3A1696809596557%3Ahid%3A236228839%3Az%3A120%3Ai%3A20240514224845%3Aet%3A1715719725%3Ac%3A1%3Arn%3A294335298%3Arqn%3A1%3Au%3A1715719725670399009%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Afp%3A615%3Awv%3A2%3Ads%3A0%2C89%2C192%2C54%2C1%2C0%2C%2C224%2C0%2C%2C%2C%2C784%3Aco%3A0%3Acpf%3A1%3Ans%3A1715719723957%3Agi%3AR0ExLjEuMTQ0MDkwNjEwMC4xNzE1NzE5NzI1%3Aadb%3A2%3Arqnl%3A1%3Ast%3A1715719725%3At%3AStorySaver%20%E2%80%94%20Anonymous%20Insta%20Story%20Viewer&t=gdpr%2814%29clc%280-0-0%29rqnt%281%29aw%281%29rcm%281%29cdl%28na%29eco%2821037568%29ti%281%29
Requested by
Host: storiesdown.fun
URL: https://storiesdown.fun/
Protocol
H2
Server
2a02:6b8::1:119 Moscow, Russian Federation, ASN13238 (YANDEX, RU),
Reverse DNS
Software
/
Resource Hash
e7c9effea034c7d8c349afe72647170d6b3d3d2dc065b1f6200240619a2db65e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 14 May 2024 20:48:45 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
last-modified
Tue, 14-May-2024 20:48:45 GMT
accept-ch
Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
content-type
application/json; charset=utf-8
access-control-allow-origin
https://storiesdown.fun
cache-control
private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials
true
content-length
447
x-xss-protection
1; mode=block
expires
Tue, 14-May-2024 20:48:45 GMT

Redirect headers

pragma
no-cache
date
Tue, 14 May 2024 20:48:45 GMT
strict-transport-security
max-age=31536000
last-modified
Tue, 14-May-2024 20:48:45 GMT
accept-ch
Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
location
/watch/96737528/1?wmode=7&page-url=https%3A%2F%2Fstoriesdown.fun%2F&charset=utf-8&uah=chu%0A%22Google%20Chrome%22%3Bv%3D%22124%22%2C%22Not%3AA-Brand%22%3Bv%3D%228%22%2C%22Chromium%22%3Bv%3D%22124%22%0Acha%0Ax86%0Achb%0A64%0Achf%0A124.0.6367.201%0Achl%0A%22Chromium%22%3Bv%3D%22124.0.6367.201%22%2C%22Google%20Chrome%22%3Bv%3D%22124.0.6367.201%22%2C%22Not-A.Brand%22%3Bv%3D%2299.0.0.0%22%0Achm%0A%3F0%0Achp%0AWin32%0Achv%0A10.0.0&browser-info=pv%3A1%3Avf%3Adgbrch0rrwskrrnckuobefkyj%3Afu%3A0%3Aen%3Autf-8%3Ala%3Ade-DE%3Av%3A1331%3Acn%3A1%3Adp%3A0%3Als%3A1696809596557%3Ahid%3A236228839%3Az%3A120%3Ai%3A20240514224845%3Aet%3A1715719725%3Ac%3A1%3Arn%3A294335298%3Arqn%3A1%3Au%3A1715719725670399009%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Afp%3A615%3Awv%3A2%3Ads%3A0%2C89%2C192%2C54%2C1%2C0%2C%2C224%2C0%2C%2C%2C%2C784%3Aco%3A0%3Acpf%3A1%3Ans%3A1715719723957%3Agi%3AR0ExLjEuMTQ0MDkwNjEwMC4xNzE1NzE5NzI1%3Aadb%3A2%3Arqnl%3A1%3Ast%3A1715719725%3At%3AStorySaver%20%E2%80%94%20Anonymous%20Insta%20Story%20Viewer&t=gdpr%2814%29clc%280-0-0%29rqnt%281%29aw%281%29rcm%281%29cdl%28na%29eco%2821037568%29ti%281%29
access-control-allow-origin
https://storiesdown.fun
cache-control
private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials
true
x-xss-protection
1; mode=block
expires
Tue, 14-May-2024 20:48:45 GMT
ping
pagead2.googlesyndication.com/pagead/ 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/ping?e=1
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202405080101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-5616127056097007&plah=storiesdown.fun&aplac=true
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.16.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s08-in-f194.1e100.net
Software
/
Resource Hash

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
sec-ch-ua-platform
"Win32"
Referer
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers
script.js
shynet.misterpah.com/ingress/7f0d2d17-1f31-4ce1-922b-aa0a582b0c49/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://shynet.misterpah.com/ingress/7f0d2d17-1f31-4ce1-922b-aa0a582b0c49/script.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.138.88 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://storiesdown.fun
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36

Response headers

access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept, Authorization, Referer
access-control-allow-methods
GET,HEAD,OPTIONS,POST
access-control-allow-origin
*
allow
GET, POST, HEAD, OPTIONS
alt-svc
h3=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
883dc03ddc15bbe3-FRA
content-encoding
br
content-type
text/html; charset=utf-8
date
Tue, 14 May 2024 20:48:45 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
referrer-policy
same-origin
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=z7tzTw0%2FE02821Hw9CZTSyX6fxs%2FjtrjLIXgpjjvM7h79Nbx8UFDBBQTLHuA3ByNxNX0Lrf%2FyI6kFIvAXX%2FoFhi1bE9QKBBz83JjVh84InqxJDKFiJmjv42sJ52ZcovG2XwvmI%2Fk0g%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
x-content-type-options
nosniff
x-frame-options
DENY
script.js
shynet.misterpah.com/ingress/7f0d2d17-1f31-4ce1-922b-aa0a582b0c49/ 		16 B
510 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://shynet.misterpah.com/ingress/7f0d2d17-1f31-4ce1-922b-aa0a582b0c49/script.js
Requested by
Host: shynet.misterpah.com
URL: https://shynet.misterpah.com/ingress/7f0d2d17-1f31-4ce1-922b-aa0a582b0c49/script.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.138.88 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d1940c2dfeffce4d29a89fe68aca6bf9b111771fe66829d5fbe238d49f3f0342
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
sec-ch-ua-platform
"Win32"
Referer
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
Content-Type
application/json

Response headers

date
Tue, 14 May 2024 20:48:46 GMT
x-content-type-options
nosniff
referrer-policy
same-origin
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
x-frame-options
DENY
access-control-allow-methods
GET,HEAD,OPTIONS,POST
content-type
application/json
access-control-allow-origin
*
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=brPV54UDipFAYkeQFehz1vLhUrav9pN2Szdak6OJ%2B2Qpxi95l7J7yfEqG%2F9Bg6wMolztLSvV3y7UazJWp7fEO5cpovBGRvG2kBSspoaK1VrbpfcBBjytwaz5t68TtmWVIkm16S5eYw%3D%3D"}],"group":"cf-nel","max_age":604800}
cf-ray
883dc0409fe1bbe3-FRA
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept, Authorization, Referer
content-length
16
alt-svc
h3=":443"; ma=86400
sodar
pagead2.googlesyndication.com/getconfig/ 		16 KB
12 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20240509&st=env
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202405080101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-5616127056097007&plah=storiesdown.fun&aplac=true
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.16.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s08-in-f194.1e100.net
Software
cafe /
Resource Hash
c288c46322099bab5ec806df4cd64ccd3cc04dc90811618bafdc9a3f7cb8ce90
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 14 May 2024 20:48:45 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
12452
x-xss-protection
0
favicon.ico
storiesdown.fun/ 		15 KB
0 		Other
General
Check archive.org
Download Go to
Full URL
https://storiesdown.fun/favicon.ico
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.204.184 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
55befdd8bd940fcf080ba3ab5925101731685254ea08132d72130caa72f0d8da
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options ALLOW-FROM webvisor.com
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://storiesdown.fun/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 14 May 2024 20:48:44 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
459692
alt-svc
h3=":443"; ma=86400
x-xss-protection
1; mode=block
last-modified
Sat, 30 Mar 2024 14:00:49 GMT
server
cloudflare
etag
W/"66081b11-3aee"
x-frame-options
ALLOW-FROM webvisor.com
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=ZvtoeTfttAU0a6tLKGKZQoDRB76CWrS0Nuu7eJMyemQUGc7Tm8xDHJHwHQplHW%2FHsU%2B3XrUBVcLzzBaOjzHnANmJfvOo5t9eaX1ZJySxmtr6oEslFjwQIcyNlay5aLohjSU%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/x-icon
vary
Accept-Encoding
cache-control
public, max-age=315360000
cf-ray
883dc037a82b5d8a-FRA
expires
Thu, 31 Dec 2037 23:55:55 GMT
sodar2.js
tpc.googlesyndication.com/sodar/ 		17 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202405080101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-5616127056097007&plah=storiesdown.fun&aplac=true
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 14 May 2024 20:48:45 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Tue, 14 May 2024 20:48:45 GMT
runner.html
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 3FCB 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
sec-ch-ua-mobile
?0
sec-ch-ua-platform
"Win32"

Response headers

accept-ranges
bytes
age
30478
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
5046
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Tue, 14 May 2024 12:20:48 GMT
expires
Wed, 14 May 2025 12:20:48 GMT
last-modified
Mon, 21 Jun 2021 20:47:05 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
sodar
pagead2.googlesyndication.com/pagead/ 		0
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
pagead2.googlesyndication.com
URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gda_r20240509&jk=3172579563478621&bg=!hoWlhcrNAAbZcyKb-XM7ADQBe5WfOKN3U_gMVs5XJ9S8ihp6X1NJsKEb-bP4g7xepl3TJq-v5BSWISxMFNukdXwQIB7OAgAAAFhSAAAAAmgBB34ANcH68TyWuSZRXcOefksMM1CbtEpSZaH7y8oZl05Qk2WjrLeslER3ESjt_wOtKYNjnvMT1hsjmQKb4UHvY9GftgRj8sCPBZCUDWR11xtrXwhfAcmHlFDbfuZLQLdNto3viXqRwR2chL55j382H8c5k0beKgI2h6eLyRESvj8k8U1soPSHjBZvCSH9WzZ9Fkqdl1UhYTWhwfVPMs1E92dmizv_uGp22icmVGQQoACNu3xqWEzAGxZS4-qeRbVoNU1bIDsLLQtneaaXgH5Ed0z0dcrVF-x8MMzC1_JsF_FUNr62GuqBCJf_RNDhrQXxe12cj5BSIouqqXFtQkcgzkd9bk_WzvWDrj29_GLqdTrr96woOIFAY2ll9jyVTU-NdFbrbe77wD1HgpsDRaI9jD8jeQaI9P0HzYe1S1Qy5FbjC2zHt9k_0elcx8CEfKNxK-lZCFm6xjWuZX3YsjCnyhH9sngQ8xBFJD4zPvS1w4_0LRWFTuWmuXlP9DeOGFyqYN-nHK-gtO4ij3BpwvCrwdljA10A0UC96Z3KibZ4PYD0GWa5YSrsqeXX0UZ5ypM-rnDlzbyZ-UsgNvJMOYtML13CHBbfseVpPBzzbBhy3x10pyZV-vnli7LM7OGApNgy9cf623JXypGg64sCuw5a6s331FI2cPj_vkpZcvqtsLAsmio3cKhwjbnqbtC2qYTgVmY8h_iK99-clxRmUHtp0BoW0sAed42-DYcft4iOdcjlswG2lW2CiyG-52wTpju1ksRqAn9JvBAM3BjVVVFY-IM71KSN6PuBC-QJXdo0jvZXkV9MgmlNnbENlyA-1sqn32yjC86w0hW358yKfn9fDpmP-Z2nk7ahsPxeFazmcQ_yQYDezMYBVfHOcUFDe8rpEX-ZCiybcOnfm8XuMFjVmV1269G3enDMDW2UYA6AgW-dyw0YZKUIA7bpXUKKQ5pj5HBWL02DBQ

Verdicts & Comments Add Verdict or Comment

64 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| 4 object| 5 object| dataLayer object| adsbygoogle function| checkCookies object| input object| submitBtn string| username function| submitClick function| noselect function| catchControlKeys object| google_js_reporting_queue number| google_srt object| google_persistent_state_async object| google_logging_queue number| tmod object| google_ad_modifications object| ggeac boolean| google_measure_js_timing object| google_tag_data object| google_reactive_ads_global_state object| google_sa_queue function| google_process_slots function| google_spfd number| google_unique_id object| google_sv_map number| google_rum_task_id_counter string| google_user_agent_client_hint object| google_tag_manager function| ym number| width boolean| SpySureOnlineEnable boolean| payopFirst number| setActivity60sec boolean| paypalEnable string| fakestoryImg1 string| fakestoryImg2 string| fakestoryImg3 string| fakestoryLink object| Shynet function| onYouTubeIframeAPIReady object| gaGlobal function| google_sa_impl object| google_image_requests number| google_global_correlator object| google_prev_clients object| ampInaboxIframes object| ampInaboxPendingMessages object| Ya object| yaCounter96737528 object| googTempStyleOverrideInfo object| googNavStack function| Activity60sec number| loop number| testPeriod number| watchEvery object| counter number| eventFlag number| timerHand object| GoogleGcLKhOms

25 Cookies

Domain/Path Name / Value
.yandex.ru/ Name: receive-cookie-deprecation
Value: 1
yandex.ru/ Name: bh
Value: EkEiQ2hyb21pdW0iO3Y9IjEyNCIsICJHb29nbGUgQ2hyb21lIjt2PSIxMjQiLCAiTm90LUEuQnJhbmQiO3Y9Ijk5IioCPzA6ByJMaW51eCI=
.storiesdown.fun/ Name: _ga_D3Z2DT3587
Value: GS1.1.1715719724.1.0.1715719724.0.0.0
.storiesdown.fun/ Name: _ga
Value: GA1.1.1440906100.1715719725
.yandex.ru/ Name: i
Value: /6xwHRXnYf7jyJp68jwaCU8AnAZdPHAU+iG8d8TkBn9SfqtFJVeECe26ehaV0uUycWwokRarG6aCFFz/vdjiZIAgOec=
.yandex.ru/ Name: yandexuid
Value: 2118897681715719724
.yandex.ru/ Name: yashr
Value: 5953511431715719724
mc.yandex.ru/ Name: bh
Value: EkAiR29vZ2xlIENocm9tZSI7dj0iMTI0IiwgIk5vdDpBLUJyYW5kIjt2PSI4IiwgIkNocm9taXVtIjt2PSIxMjQiKgI/MDoHIldpbjMyIg==
.storiesdown.fun/ Name: _ym_uid
Value: 1715719725670399009
.storiesdown.fun/ Name: _ym_d
Value: 1715719725
.mc.yandex.com/ Name: sync_cookie_csrf
Value: 2653420367fake
mc.yandex.com/ Name: bh
Value: EkAiR29vZ2xlIENocm9tZSI7dj0iMTI0IiwgIk5vdDpBLUJyYW5kIjt2PSI4IiwgIkNocm9taXVtIjt2PSIxMjQiKgI/MDoHIldpbjMyIg==
.yandex.com/ Name: yashr
Value: 7967316481715719725
.storiesdown.fun/ Name: _ym_isad
Value: 2
.mc.yandex.ru/ Name: sync_cookie_csrf
Value: 1239333049fake
.yandex.com/ Name: yandexuid
Value: 2118897681715719724
.yandex.com/ Name: yuidss
Value: 2118897681715719724
.yandex.com/ Name: i
Value: /6xwHRXnYf7jyJp68jwaCU8AnAZdPHAU+iG8d8TkBn9SfqtFJVeECe26ehaV0uUycWwokRarG6aCFFz/vdjiZIAgOec=
.yandex.com/ Name: yp
Value: 1715806125.yu.9127736621715719725
.mc.yandex.com/ Name: sync_cookie_ok
Value: synced
mc.yandex.com/ Name: yabs-sid
Value: 2569513311715719725
.yandex.com/ Name: ymex
Value: 1718311725.oyu.9127736621715719725#1747255725.yrts.1715719725
.yandex.com/ Name: receive-cookie-deprecation
Value: 1
.yandex.com/ Name: bh
Value: Ej4iR29vZ2xlIENocm9tZSI7dj0iMTI0IiwiTm90OkEtQnJhbmQiO3Y9IjgiLCJDaHJvbWl1bSI7dj0iMTI0IhoFIng4NiIiECIxMjQuMC42MzY3LjIwMSIqAj8wOgciV2luMzIiQggiMTAuMC4wIkoEIjY0IlJcIkNocm9taXVtIjt2PSIxMjQuMC42MzY3LjIwMSIsIkdvb2dsZSBDaHJvbWUiO3Y9IjEyNC4wLjYzNjcuMjAxIiwiTm90LUEuQnJhbmQiO3Y9Ijk5LjAuMC4wIiI=
.storiesdown.fun/ Name: __eoi
Value: ID=065736a6d44cb852:T=1715719725:RT=1715719725:S=AA-AfjbDTgZg7yKnlYFfqd-HGY0T

53 Console Messages

Source Level URL
Text
security warning
Message:
Error with Permissions-Policy header: Origin trial controlled feature not enabled: 'interest-cohort'.
other warning URL: https://storiesdown.fun/
Message:
<link rel=preload> uses an unsupported `as` value
other warning URL: https://storiesdown.fun/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://storiesdown.fun/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://storiesdown.fun/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://storiesdown.fun/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://storiesdown.fun/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://storiesdown.fun/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://storiesdown.fun/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://storiesdown.fun/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://storiesdown.fun/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://storiesdown.fun/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://storiesdown.fun/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://storiesdown.fun/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://storiesdown.fun/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://storiesdown.fun/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://storiesdown.fun/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://storiesdown.fun/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://storiesdown.fun/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://storiesdown.fun/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://storiesdown.fun/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://storiesdown.fun/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://storiesdown.fun/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://storiesdown.fun/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://storiesdown.fun/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://storiesdown.fun/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://storiesdown.fun/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://storiesdown.fun/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://storiesdown.fun/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://storiesdown.fun/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://storiesdown.fun/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://storiesdown.fun/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://storiesdown.fun/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://storiesdown.fun/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://storiesdown.fun/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://storiesdown.fun/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://storiesdown.fun/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://storiesdown.fun/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://storiesdown.fun/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://storiesdown.fun/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://storiesdown.fun/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://storiesdown.fun/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://storiesdown.fun/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://storiesdown.fun/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://storiesdown.fun/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://storiesdown.fun/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://storiesdown.fun/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://storiesdown.fun/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://storiesdown.fun/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://storiesdown.fun/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://storiesdown.fun/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://storiesdown.fun/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://storiesdown.fun/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Strict-Transport-Security max-age=31556926; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options ALLOW-FROM webvisor.com
X-Xss-Protection 1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

fonts.googleapis.com
mc.yandex.com
mc.yandex.ru
pagead2.googlesyndication.com
region1.google-analytics.com
shynet.misterpah.com
storiesdown.fun
tpc.googlesyndication.com
www.googletagmanager.com
pagead2.googlesyndication.com
172.217.16.194
172.67.138.88
172.67.204.184
2001:4860:4802:34::36
2606:4700:3030::ac43:ccb8
2a00:1450:4001:81c::200a
2a00:1450:4001:82b::2008
2a00:1450:4001:830::2001
2a02:6b8::1:119
14345ad488fa078c6d600f2eaab56b959f42e47e35db86cad518f2b900a65325
38ebb9bf9bdeba8567853cbb2926575224bb4ae859a3254043414669a55ce933
433f89204f59144626201646e11db184de74f035449bf17b2a453bfaaafe085a
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
55befdd8bd940fcf080ba3ab5925101731685254ea08132d72130caa72f0d8da
6036edafe78771d0228095f13434bdba0ce39e292ca1ba21e071d4ee86f2ca77
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
7971ed3967d0a9d35984fe8c2475702206d21e7044a236d0189e771b75109752
aaa2326f42507022619917a2abe599d6312c3294846cc66f008baf084dc39ed4
b9b50ec9ef83d1f48b979dff1d18403586c56f14ea2c5ae02c29ac83bb0b1144
c288c46322099bab5ec806df4cd64ccd3cc04dc90811618bafdc9a3f7cb8ce90
ccdd0c362c6a8de0ba8a279cf3cd6d9fddb80eae17931f3e404280b0294722b1
d1940c2dfeffce4d29a89fe68aca6bf9b111771fe66829d5fbe238d49f3f0342
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e3c64a56f7c3681e67181e9bb6ec8d56a4f177c0c7c53268bcef026aa5ab23e9
e67c2040d51b0ee01ac0c69316e6737232c493469ca8841e50c9391650979a59
e7c9effea034c7d8c349afe72647170d6b3d3d2dc065b1f6200240619a2db65e