afly.pro Open in urlscan Pro
2606:4700:3036::6818:70c3 Public Scan

URL:
https://afly.pro/6oS4
Submission: On September 10 via manual (September 10th 2020, 9:50:15 am UTC) from ES

Summary HTTP 69 Redirects Links 15 Behaviour Indicators

Summary

This website contacted 25 IPs in 5 countries across 21 domains to perform 69 HTTP transactions. The main IP is 2606:4700:3036::6818:70c3, located in United States and belongs to CLOUDFLARENET, US. The main domain is afly.pro.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on August 7th 2020. Valid for: a year.

This is the only time afly.pro was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
4	2606:4700:303... 2606:4700:3036::6818:70c3	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a00:1450:400... 2a00:1450:4001:809::200a	15169 (GOOGLE) (GOOGLE)
5	139.45.197.194 139.45.197.194	9002 (RETN-AS) (RETN-AS)
1	217.182.11.204 217.182.11.204	16276 (OVH) (OVH)
1	51.68.161.27 51.68.161.27	16276 (OVH) (OVH)
1	2606:4700::68... 2606:4700::6810:a723	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a00:1450:400... 2a00:1450:4001:819::2003	15169 (GOOGLE) (GOOGLE)
6	216.58.206.2 216.58.206.2	15169 (GOOGLE) (GOOGLE)
6	23.210.250.44 23.210.250.44	16625 (AKAMAI-AS) (AKAMAI-AS)
1	2a00:1450:400... 2a00:1450:4001:824::2008	15169 (GOOGLE) (GOOGLE)
2	18.211.226.152 18.211.226.152	14618 (AMAZON-AES) (AMAZON-AES)
1	2a00:1450:400... 2a00:1450:4001:815::2003	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:825::200e	15169 (GOOGLE) (GOOGLE)
13	104.108.145.205 104.108.145.205	16625 (AKAMAI-AS) (AKAMAI-AS)
2	2a00:1450:400... 2a00:1450:4001:814::2004	15169 (GOOGLE) (GOOGLE)
1	139.45.197.193 139.45.197.193	9002 (RETN-AS) (RETN-AS)
7	70.42.32.191 70.42.32.191	22075 (AS-OUTBRAIN) (AS-OUTBRAIN)
1	2a00:1450:400... 2a00:1450:4001:818::2002	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:81e::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:809::2001	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:820::2001	15169 (GOOGLE) (GOOGLE)
2	151.101.114.2 151.101.114.2	54113 (FASTLY) (FASTLY)
3 4	104.19.133.78 104.19.133.78	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	104.19.139.80 104.19.139.80	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	139.45.196.102 139.45.196.102	9002 (RETN-AS) (RETN-AS)
69	25

4 2606:4700:3036::6818:70c3 (United States)

ASN13335 (CLOUDFLARENET, US)

afly.pro	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:809::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 139.45.197.194 (Ascension Island)

ASN9002 (RETN-AS, EU)

inpagepush.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 217.182.11.204 (France)

ASN16276 (OVH, FR)
PTR: ip204.ip-217-182-11.eu

eyefuneve.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 51.68.161.27 (France)

ASN16276 (OVH, FR)
PTR: ip27.ip-51-68-161.eu

thetarhaw.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6810:a723 (United States)

ASN13335 (CLOUDFLARENET, US)

ajax.cloudflare.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:819::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.recaptcha.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 216.58.206.2 (Mountain View, United States)

ASN15169 (GOOGLE, US)
PTR: fra16s20-in-f2.1e100.net

securepubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 23.210.250.44 (Netherlands)

ASN16625 (AKAMAI-AS, US)
PTR: a23-210-250-44.deploy.static.akamaitechnologies.com

widgets.outbrain.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:824::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 18.211.226.152 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-18-211-226-152.compute-1.amazonaws.com

powerad.ai	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:815::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:825::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

13 104.108.145.205 (United States)

ASN16625 (AKAMAI-AS, US)
PTR: a104-108-145-205.deploy.static.akamaitechnologies.com

tcheck.outbrainimg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
images.outbrainimg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:814::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 139.45.197.193 (Ascension Island)

ASN9002 (RETN-AS, EU)

my.rtmark.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 70.42.32.191 (United States)

ASN22075 (AS-OUTBRAIN, US)
PTR: ny.outbrain.com

log.outbrainimg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
mcdp-nydc1.outbrain.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:818::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.cz	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:81e::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:809::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

181f5d08ee63f2a1d34615851e2cc18c.safeframe.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:820::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 151.101.114.2 (Frankfurt am Main, Germany)

ASN54113 (FASTLY, US)

odb.outbrain.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
mv.outbrain.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 104.19.133.78 (United States) 3 redirects

ASN13335 (CLOUDFLARENET, US)

c.mgid.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
s-img.mgid.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 104.19.139.80 (United States)

ASN13335 (CLOUDFLARENET, US)

s-img.steepto.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 139.45.196.102 (Ascension Island)

ASN9002 (RETN-AS, EU)

onstunkyr.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
16	outbrainimg.com tcheck.outbrainimg.com log.outbrainimg.com images.outbrainimg.com	307 KB
12	outbrain.com widgets.outbrain.com odb.outbrain.com mcdp-nydc1.outbrain.com mv.outbrain.com	105 KB
6	googlesyndication.com 181f5d08ee63f2a1d34615851e2cc18c.safeframe.googlesyndication.com tpc.googlesyndication.com pagead2.googlesyndication.com	13 KB
6	doubleclick.net securepubads.g.doubleclick.net	113 KB
5	inpagepush.com inpagepush.com	28 KB
4	mgid.com 3 redirects c.mgid.com s-img.mgid.com	11 KB
4	afly.pro afly.pro	94 KB
3	google.com www.google.com adservice.google.com	890 B
2	steepto.com s-img.steepto.com	14 KB
2	google-analytics.com www.google-analytics.com	19 KB
2	powerad.ai powerad.ai	23 KB
1	onstunkyr.com onstunkyr.com	482 B
1	google.cz adservice.google.cz	890 B
1	rtmark.net my.rtmark.net	766 B
1	gstatic.com www.gstatic.com	132 KB
1	googletagmanager.com www.googletagmanager.com	35 KB
1	recaptcha.net www.recaptcha.net	947 B
1	cloudflare.com ajax.cloudflare.com	4 KB
1	thetarhaw.com thetarhaw.com	1 KB
1	eyefuneve.com eyefuneve.com	1 KB
1	googleapis.com fonts.googleapis.com	590 B
69	21

	Domain	Requested by
12	images.outbrainimg.com
6	widgets.outbrain.com	ajax.cloudflare.com widgets.outbrain.com afly.pro
6	securepubads.g.doubleclick.net	ajax.cloudflare.com securepubads.g.doubleclick.net
5	inpagepush.com	afly.pro inpagepush.com
4	mcdp-nydc1.outbrain.com	widgets.outbrain.com
4	afly.pro	afly.pro ajax.cloudflare.com
3	c.mgid.com	3 redirects
3	tpc.googlesyndication.com	securepubads.g.doubleclick.net tpc.googlesyndication.com
3	log.outbrainimg.com	widgets.outbrain.com
2	s-img.steepto.com
2	pagead2.googlesyndication.com	securepubads.g.doubleclick.net
2	www.google.com	www.gstatic.com
2	www.google-analytics.com	www.googletagmanager.com www.google-analytics.com
2	powerad.ai	ajax.cloudflare.com powerad.ai
1	s-img.mgid.com
1	onstunkyr.com
1	mv.outbrain.com	widgets.outbrain.com
1	odb.outbrain.com	widgets.outbrain.com
1	181f5d08ee63f2a1d34615851e2cc18c.safeframe.googlesyndication.com	securepubads.g.doubleclick.net
1	adservice.google.com	securepubads.g.doubleclick.net
1	adservice.google.cz	securepubads.g.doubleclick.net
1	my.rtmark.net	inpagepush.com
1	tcheck.outbrainimg.com	widgets.outbrain.com
1	www.gstatic.com	www.recaptcha.net
1	www.googletagmanager.com	ajax.cloudflare.com
1	www.recaptcha.net	ajax.cloudflare.com
1	ajax.cloudflare.com	afly.pro
1	thetarhaw.com	afly.pro
1	eyefuneve.com	afly.pro
1	fonts.googleapis.com	afly.pro
69	30

This site contains links to these domains. Also see Links.

Domain
afly.in
onroid.com
www.outbrain.com
go.babbel.com
www.your-health-today.com
www.harpersbazaar.com.sg
content.microfocus.com
opentech.page
trendingstock.today
www.facebook.com

Subject Issuer	Validity	Valid
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2020-08-07` - `2021-08-07`	a year	crt.sh
upload.video.google.com GTS CA 1O1	`2020-08-19` - `2020-11-11`	3 months	crt.sh
inpagepush.com Let's Encrypt Authority X3	`2020-08-15` - `2020-11-13`	3 months	crt.sh
eyefuneve.com Let's Encrypt Authority X3	`2020-07-20` - `2020-10-18`	3 months	crt.sh
thetarhaw.com Let's Encrypt Authority X3	`2020-07-20` - `2020-10-18`	3 months	crt.sh
ajax.cloudflare.com DigiCert ECC Secure Server CA	`2020-08-11` - `2022-08-16`	2 years	crt.sh
misc.google.com GTS CA 1O1	`2020-08-19` - `2020-11-11`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1O1	`2020-08-26` - `2020-11-18`	3 months	crt.sh
*.outbrain.com DigiCert SHA2 Secure Server CA	`2020-03-09` - `2021-06-08`	a year	crt.sh
*.google-analytics.com GTS CA 1O1	`2020-08-19` - `2020-11-11`	3 months	crt.sh
powerad.ai Go Daddy Secure Certificate Authority - G2	`2019-11-10` - `2020-11-08`	a year	crt.sh
*.gstatic.com GTS CA 1O1	`2020-08-19` - `2020-11-11`	3 months	crt.sh
*.outbrainimg.com DigiCert Secure Site ECC CA-1	`2020-03-26` - `2021-06-25`	a year	crt.sh
www.google.com GTS CA 1O1	`2020-08-19` - `2020-11-11`	3 months	crt.sh
*.rtmark.net Let's Encrypt Authority X3	`2020-08-28` - `2020-11-26`	3 months	crt.sh
*.google.cz GTS CA 1O1	`2020-08-19` - `2020-11-11`	3 months	crt.sh
*.google.com GTS CA 1O1	`2020-08-26` - `2020-11-18`	3 months	crt.sh
tpc.googlesyndication.com GTS CA 1O1	`2020-08-19` - `2020-11-11`	3 months	crt.sh
f2.shared.global.fastly.net GlobalSign CloudSSL CA - SHA256 - G3	`2020-08-25` - `2021-04-23`	8 months	crt.sh
onstunkyr.com Let's Encrypt Authority X3	`2020-07-15` - `2020-10-13`	3 months	crt.sh

This page contains 7 frames:

Primary Page: https://afly.pro/6oS4
Frame ID: CC8A7085D08858E4100EE6BE8A501C02
Requests: 61 HTTP requests in this frame

Frame: https://widgets.outbrain.com/nanoWidget/externals/cookie/put.html
Frame ID: B6B59488BD6A452674C041E91F343F7D
Requests: 1 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6Lf2oGkUAAAAAPnWjjWViiU1xARFdo28x_ugoDrc&co=aHR0cHM6Ly9hZmx5LnBybzo0NDM.&hl=en&v=iSHzt4kCrNgSxGUYDFqaZAL9&size=normal&cb=bsojt84de7ag
Frame ID: EEEBEA95AD5EDE4A329586D70576C1AF
Requests: 1 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/bframe?hl=en&v=iSHzt4kCrNgSxGUYDFqaZAL9&k=6Lf2oGkUAAAAAPnWjjWViiU1xARFdo28x_ugoDrc&cb=xpuunebq184x
Frame ID: 8B688537E0E0AC45AE225C0050FABE5C
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/210/runner.html
Frame ID: 8DA329CC9FA94AF13C585F5CE4C6F6AB
Requests: 1 HTTP requests in this frame

Frame: https://widgets.outbrain.com/widgetOBUserSync/obUserSync.html
Frame ID: 2D85B44A3299D959DD5347B3E6E47134
Requests: 1 HTTP requests in this frame

Frame: https://s-img.steepto.com/g/3839417/328x328/142x89x688x458/aHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMTktMDcvMTAxOTI0L2Q1NjkxMWVhNjliYzRhOGVkZDRkODg1ZWQ2ZTY5YThmLnBuZw%2A%2A.webp
Frame ID: DE755A1CB0F7C086DA3CB2D8C1B5B80E
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Detected technologies

CloudFlare (CDN) Expand

Overall confidence: 100%
Detected patterns

headers server /^cloudflare$/i

Page Statistics

69
Requests

100 %
HTTPS

48 %
IPv6

21
Domains

30
Subdomains

25
IPs

5
Countries

903 kB
Transfer

2013 kB
Size

3
Cookies

15 Outgoing links

These are links going to different origins than the main page.

URL: https://afly.in/

Search URL Search Domain Scan URL

URL: https://onroid.com/?utm_source=newsletter&utm_medium=email&utm_campaign=a
Title: Submit

Search URL Search Domain Scan URL

URL: https://www.outbrain.com/what-is/default/en

Search URL Search Domain Scan URL

URL: https://go.babbel.com/v1/ob?bsc=engmag-beginwithbabbel2020-cd-global-xo-ob&btp=default&utm_source=Outbrain&utm_medium=CON&utm_content=$publisher_id$_$section_id$_00520c81a3bda27072b11aea32647fd45d_00eb1caad2718c478fee27b8269c2d12ab&ocid=$ob_click_id$&obOrigUrl=true
Title: Learning a new language in 2020? - This app gets you speaking in just 3 weeks Sponsored | Babbel

Search URL Search Domain Scan URL

URL: https://www.your-health-today.com/tinnitus_terminator?ob_click_id=$ob_click_id$&ac=Fabes_ES&ps=tinnitus_911_usa&prod_id=1301&pli=0036db9d48acd10a6c87cf1c038319ee6a&ci=00992cbb419cda5163e7753fe5ee158c17&si=$section_id$&pi=$publisher_id$&pn=$publisher_name$&cn=charly25mayo-tinnitus911-c-1-c-2-c-10-d-1_d_6&sn=$section_name$&obOrigUrl=true
Title: Surgeon: Tinnitus? When The Ringing Won't Stop, Do This (Watch) Sponsored | www.your-health-today.com

Search URL Search Domain Scan URL

URL: https://www.your-health-today.com/prostate?ob_click_id=$ob_click_id$&ac=Pote&ps=prostate-911-mg-desk_1594049115&prod_id=100213&pli=00e53d0515cdc8f84efc3f02d2e608b981&ci=00ffa16621c9bbc5e580449a188ab8f21a&si=$section_id$&pi=$publisher_id$&pn=$publisher_name$&cn=julioprostatecharly-mg-desk_d_19&sn=$section_name$&obOrigUrl=true
Title: If You Have An Enlarged Prostate Do This Immediately (Genius) Sponsored | www.your-health-today.com

Search URL Search Domain Scan URL

URL: https://www.your-health-today.com/backpain?ob_click_id=$ob_click_id$&ac=Coquinas&ps=backpain_mg&prod_id=102&pli=0077ce47649cd5114f0dd09f609b62046e&ci=0090d8480230185780020b81cd23813359&si=$section_id$&pi=$publisher_id$&pn=$publisher_name$&cn=bp-pm-1mayo-c-5-c-4_c_8&sn=$section_name$&obOrigUrl=true
Title: Chiropractors Baffled: "30 Second" Stretch Relieves Years Of Back Pain (Watch) Sponsored | www.your-health-today.com

Search URL Search Domain Scan URL

URL: https://www.harpersbazaar.com.sg/exclusives/extraordinary-women-singapore/?utm_medium=dc-social-sponsored&utm_campaign=apx27742&obOrigUrl=true
Title: BAZAAR’S League Of Extraordinary Women In Singapore Sponsored | Harper's Bazaar Singapore

Search URL Search Domain Scan URL

URL: https://content.microfocus.com/inspire-20-podcast-series-tb/inspire-20-podcast-j-1?lx=jqkCtc&utm_content=richiob&obOrigUrl=true
Title: Inclusion, diversity and race: Making a difference Listen NowIt's important for business leaders to ensure that there are more diverse voices in the room, not fewer. Sponsored | TechBeacon

Search URL Search Domain Scan URL

URL: https://opentech.page/view/MxLsCWmDCWby0o9YNsULp5JoKhSalSEuS7dV6LGsgAu287rsrw?c=35383&pid=328&site=ALLww2708_$publisher_name$_$section_name$_001566fec3dd9c32f71fe90067e6a17fd6&tid=$ob_click_id$&ob_marketer=Photostick_Sales&ob_publisher_id=$publisher_id$&ob_section_id=$section_id$&ob_ad_id=001566fec3dd9c32f71fe90067e6a17fd6&ob_timestamp=$time_stamp$&ob_platform=WAP&ob_campaign_id=0060b3778d5fbd49e0634c37f512dc2ad8&force302=1&adid=The+cost+of+real+estate+in+New+York+might+surprise+you&cat=$section_name$&pub=$publisher_name$&compkey=The+cost+of+real+estate+in+New+York+might+surprise+you&force302=1&mavcid=MANAGERCAMPAIGNID&ob_marketer_id=0030eff4186dccfb870e3d6d6c0d77278c&obOrigUrl=true
Title: The cost of real estate in New York might surprise you Sponsored | Real Estate NYC | Sponsored Listing

Search URL Search Domain Scan URL

URL: https://trendingstock.today/news/celebrity-endorsement-deals-with-insane-payouts/?utm_source=ts-oum&utm_medium=$publisher_name$&utm_term=$section_name$&utm_campaign=ts-oum-ww1-d-endorsement-430&utm_content=Biggest+Celebrity+Endorsement+Deals&obOrigUrl=true
Title: Biggest Celebrity Endorsement Deals Sponsored | Trendingstock.today

Search URL Search Domain Scan URL

URL: https://afly.in/pages/privacy
Title: Privacy Policy

Search URL Search Domain Scan URL

URL: https://afly.in/pages/terms
Title: Terms of Use

Search URL Search Domain Scan URL

URL: https://afly.in/pages/dmca
Title: DMCA

Search URL Search Domain Scan URL

URL: https://www.facebook.com/afly.in

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 39

https://c.mgid.com/c?pv=2&v=0|0|0|rTQQf7XoBUiMsHnBUdx8FBcO95-bwuPikvZ-eW677rMmYXIBuwc9zeH8ev6TOdGi&cid=949756&f=1&h2=ogT0kCMhR4zwVQBbI6KA91lBrYxyUp2E5JVj1l4HvK8*&rid=z3416274zb6445621bcCZcp2ph2020091004h&psid=3416274&cp=154&iub=aHR0cHM6Ly9zLWltZy5zdGVlcHRvLmNvbS9nLzM4Mzk0MTcvMzI4eDMyOC8xNDJ4ODl4Njg4eDQ1OC9hSFIwY0RvdkwybHRaMmh2YzNSekxtTnZiUzkwTHpJd01Ua3RNRGN2TVRBeE9USTBMMlExTmpreE1XVmhOamxpWXpSaE9HVmtaRFJrT0RnMVpXUTJaVFk1WVRobUxuQnVadyoqLndlYnA= HTTP 301
https://s-img.steepto.com/g/3839417/328x328/142x89x688x458/aHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMTktMDcvMTAxOTI0L2Q1NjkxMWVhNjliYzRhOGVkZDRkODg1ZWQ2ZTY5YThmLnBuZw%2A%2A.webp

Request Chain 64

https://c.mgid.com/c?pv=2&v=0|0|0|rTQQf7XoBUiMsHnBUdx8FBcO95-bwuPikvZ-eW677rMmYXIBuwc9zeH8ev6TOdGi&cid=949756&f=1&h2=ogT0kCMhR4zwVQBbI6KA91lBrYxyUp2E5JVj1l4HvK8*&rid=z3416274zb6445621bcCZcp2ph2020091004h&psid=3416274&cp=154&iub=aHR0cHM6Ly9zLWltZy5zdGVlcHRvLmNvbS9nLzM4Mzk0MTcvMzI4eDMyOC8xNDJ4ODl4Njg4eDQ1OC9hSFIwY0RvdkwybHRaMmh2YzNSekxtTnZiUzkwTHpJd01Ua3RNRGN2TVRBeE9USTBMMlExTmpreE1XVmhOamxpWXpSaE9HVmtaRFJrT0RnMVpXUTJaVFk1WVRobUxuQnVadyoqLndlYnA= HTTP 301
https://s-img.steepto.com/g/3839417/328x328/142x89x688x458/aHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMTktMDcvMTAxOTI0L2Q1NjkxMWVhNjliYzRhOGVkZDRkODg1ZWQ2ZTY5YThmLnBuZw%2A%2A.webp

Request Chain 67

https://c.mgid.com/c?pv=2&v=0|0|0|NRT7mgar_z29Jg9LcQip-W9F18GHtJAJ7GTwO3P2VdX7QoEdfO4VYHOQVY5y0OuN&cid=218581&f=1&h2=ogT0kCMhR4zwVQBbI6KA91lBrYxyUp2E5JVj1l4HvK8*&rid=z3416274zb5295256bcCZcp2ph2020091004h&psid=1_3416274&cp=154&iub=aHR0cHM6Ly9zLWltZy5tZ2lkLmNvbS9nLzM5MDEyMzgvMzI4eDMyOC8weDUxOHg3MTN4NDc1L2FIUjBjRG92TDJsdFoyaHZjM1J6TG1OdmJTOTBMekl3TVRrdE1EY3ZNVEF4T1RJMEx6RTVZakZpTWpsa1pqWTVaVEJrTlRneVpUUTRPREF5T1RNMU1qWTNaRFZrTG1wd1pXYyoud2VicA== HTTP 301
https://s-img.mgid.com/g/3901238/328x328/0x518x713x475/aHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMTktMDcvMTAxOTI0LzE5YjFiMjlkZjY5ZTBkNTgyZTQ4ODAyOTM1MjY3ZDVkLmpwZWc%2A.webp

69 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request 6oS4 Show response
afly.pro/ 35 KB
12 KB 414ms
390ms Document
text/html 2606:4700:3036::6818:70c3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://afly.pro/6oS4

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3036::6818:70c3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e70f1d93069ac8fd30510c03030bbfc63107eada04f5d3cec9c30ea4c10ed76a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN, SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

:method: GET
:authority: afly.pro
:scheme: https
:path: /6oS4
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: none
sec-fetch-mode: navigate
sec-fetch-user: ?1
sec-fetch-dest: document
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

status: 200
date: Thu, 10 Sep 2020 09:49:57 GMT
content-type: text/html; charset=UTF-8
set-cookie: __cfduid=d5bae5140bbb6436dee5b04504790bf9b1599731397; expires=Sat, 10-Oct-20 09:49:57 GMT; path=/; domain=.afly.pro; HttpOnly; SameSite=Lax; Secure AppSession=839a35699f4d97178201323c132a5fb2; path=/; HttpOnly csrfToken=a7cddde5b1582a1800ae68690d68f08e86c9c723078b02787d23946e5892d2854e0df571c083741c80143a3767b85b533db2287c232ec35ec0553d5934eb10b3; path=/; HttpOnly
expires: Thu, 19 Nov 1981 08:52:00 GMT
cache-control: no-store, no-cache, must-revalidate
pragma: no-cache
x-frame-options: SAMEORIGIN, SAMEORIGIN
x-robots-tag: noindex, nofollow
vary: Accept-Encoding,User-Agent
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
cf-request-id: 0519050a790000175aeca16200000001
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server: cloudflare
cf-ray: 5d083df0cb29175a-FRA
content-encoding: br

GET
H2 200 css
fonts.googleapis.com/ 3 KB
590 B 15ms
14ms Stylesheet
text/css 2a00:1450:4001:809::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Lato:300,400,700,900

Requested by

Host: afly.pro
URL: https://afly.pro/6oS4

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

3ba110c59f4fdd97a91d83fb41f2acfa25928f830382f45c3e0b8bb1082fc06a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://afly.pro/6oS4
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
status: 200
alt-svc: h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Thu, 10 Sep 2020 08:58:19 GMT
server: ESF
date: Thu, 10 Sep 2020 09:49:57 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Thu, 10 Sep 2020 09:49:57 GMT

GET
H2 200 styles.min.css
afly.pro/cloud_theme/build/css/ 164 KB
25 KB 21ms
18ms Stylesheet
text/css 2606:4700:3036::6818:70c3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://afly.pro/cloud_theme/build/css/styles.min.css?ver=6.4.0

Requested by

Host: afly.pro
URL: https://afly.pro/6oS4

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3036::6818:70c3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f793c5ef218436bab06ea936132f7e566c8a3b535e8a91cd8ebbe94194eae42d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://afly.pro/6oS4
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 10 Sep 2020 09:49:57 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
age: 2784
status: 200
cf-request-id: 0519050c0d0000175aeca25200000001
last-modified: Sat, 15 Aug 2020 12:07:18 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding,User-Agent
content-type: text/css
x-xss-protection: 1; mode=block
cache-control: max-age=2678400
cf-ray: 5d083df3482b175a-FRA
expires: Sat, 10 Oct 2020 09:03:33 GMT

GET
H/1.1 200
OK 3416274 Show response
inpagepush.com/400/ 65 KB
24 KB 201ms
68ms Script
application/javascript 139.45.197.194
RETN-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://inpagepush.com/400/3416274

Requested by

Host: afly.pro
URL: https://afly.pro/6oS4

Protocol

HTTP/1.1

Security

TLS 1.2, RSA, AES_128_CBC

Server

139.45.197.194 , Ascension Island, ASN9002 (RETN-AS, EU),

Reverse DNS

Software

nginx /

Resource Hash

6b19f5d0269b6e12da9298bafdfca6f0badaa53c27f45f637c28cb81a91c5fbd

Security Headers

Name	Value
Strict-Transport-Security	max-age=1
X-Content-Type-Options	nosniff

Request headers

Referer: https://afly.pro/6oS4
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

X-Trace-Id: ab66c7bbe6e1447079ad9ac76c4d2e97
Pragma: no-cache
Date: Thu, 10 Sep 2020 09:49:57 GMT
Content-Encoding: gzip
Vary: Origin
Server: nginx
Strict-Transport-Security: max-age=1
Content-Type: application/javascript
Cache-Control: no-cache, no-store, no-transform, must-revalidate, private, max-age=0
Transfer-Encoding: chunked
Connection: keep-alive
Timing-Allow-Origin: *
X-Content-Type-Options: nosniff
Expires: Wed, 31 Dec 1969 19:00:00 EST

GET
H/1.1 200
OK 23349 Show response
eyefuneve.com/tizwOxBFisjQ1BEQ/ 0
1 KB 137ms
37ms Script
text/html 217.182.11.204
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://eyefuneve.com/tizwOxBFisjQ1BEQ/23349

Requested by

Host: afly.pro
URL: https://afly.pro/6oS4

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_CBC

Server

217.182.11.204 , France, ASN16276 (OVH, FR),

Reverse DNS

ip204.ip-217-182-11.eu

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://afly.pro/6oS4
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Thu, 10 Sep 2020 09:49:57 GMT
Content-Encoding: gzip
Server: nginx
X-Frame-Options: SAMEORIGIN
Vary: Accept-Encoding
Access-Control-Allow-Methods: *
Content-Type: text/html; charset=UTF-8
Access-Control-Allow-Origin: *
Transfer-Encoding: chunked
Connection: keep-alive
Access-Control-Allow-Credentials: true
Access-Control-Allow-Headers: *
Keep-Alive: timeout=20

GET
H/1.1 200
OK 23290 Show response
thetarhaw.com/tjo9GUZYInvd1Hz8/ 0
1 KB 138ms
34ms Script
text/html 51.68.161.27
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://thetarhaw.com/tjo9GUZYInvd1Hz8/23290

Requested by

Host: afly.pro
URL: https://afly.pro/6oS4

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_CBC

Server

51.68.161.27 , France, ASN16276 (OVH, FR),

Reverse DNS

ip27.ip-51-68-161.eu

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://afly.pro/6oS4
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Thu, 10 Sep 2020 09:49:57 GMT
Content-Encoding: gzip
Server: nginx
X-Frame-Options: SAMEORIGIN
Vary: Accept-Encoding
Access-Control-Allow-Methods: *
Content-Type: text/html; charset=UTF-8
Access-Control-Allow-Origin: *
Transfer-Encoding: chunked
Connection: keep-alive
Access-Control-Allow-Credentials: true
Access-Control-Allow-Headers: *
Keep-Alive: timeout=20

GET
H2 200 ads.js Show response
afly.pro/js/ 190 B
322 B 17ms
14ms Script
application/javascript 2606:4700:3036::6818:70c3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://afly.pro/js/ads.js

Requested by

Host: afly.pro
URL: https://afly.pro/6oS4

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3036::6818:70c3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

9d807c16e2160c2660ffd43bf8b8bc54eb39ecd044e823209c0ade70db965d5a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://afly.pro/6oS4
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 10 Sep 2020 09:49:57 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
age: 2902
cf-polished: origSize=191
status: 200
cf-bgj: minify
cf-request-id: 0519050c0d0000175aeca26200000001
last-modified: Wed, 08 Apr 2020 13:21:03 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding,User-Agent
content-type: application/javascript
x-xss-protection: 1; mode=block
cache-control: max-age=2678400
cf-ray: 5d083df3482c175a-FRA
expires: Sat, 10 Oct 2020 09:01:35 GMT

GET
H2 200 rocket-loader.min.js Show response
ajax.cloudflare.com/cdn-cgi/scripts/7089c43e/cloudflare-static/ 12 KB
4 KB 29ms
8ms Script
application/javascript 2606:4700::6810:a723
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://ajax.cloudflare.com/cdn-cgi/scripts/7089c43e/cloudflare-static/rocket-loader.min.js

Requested by

Host: afly.pro
URL: https://afly.pro/6oS4

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:a723 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b08cdbc2d30e656a86b20f8342428d5863f70f4b30135b4f4061f754ce932f5e

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000; includeSubDomains
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://afly.pro/6oS4
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 10 Sep 2020 09:49:57 GMT
content-encoding: gzip
vary: Accept-Encoding
last-modified: Tue, 01 Sep 2020 23:28:18 GMT
server: cloudflare
etag: W/"5f4ed912-3016"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-frame-options: SAMEORIGIN
content-type: application/javascript
status: 200
cache-control: max-age=172800, public
strict-transport-security: max-age=15780000; includeSubDomains
cf-ray: 5d083df36e2f2c56-FRA
cf-request-id: 0519050c2000002c56213de200000001
expires: Sat, 12 Sep 2020 09:49:57 GMT

GET
H2 200 api.js Show response
www.recaptcha.net/recaptcha/ 804 B
947 B 42ms
15ms Script
text/javascript 2a00:1450:4001:819::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.recaptcha.net/recaptcha/api.js?onload=onloadRecaptchaCallback&render=explicit

Requested by

Host: ajax.cloudflare.com
URL: https://ajax.cloudflare.com/cdn-cgi/scripts/7089c43e/cloudflare-static/rocket-loader.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:819::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

13b674bf58b545f8d166d7ed7b12de71ff9a176b230341429b14653c56ae3f39

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://afly.pro/6oS4
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 10 Sep 2020 09:49:57 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: GSE
x-frame-options: SAMEORIGIN
content-type: text/javascript; charset=UTF-8
status: 200
cache-control: private, max-age=300
cross-origin-resource-policy: cross-origin
content-security-policy: frame-ancestors 'self'
alt-svc: h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 490
x-xss-protection: 1; mode=block
expires: Thu, 10 Sep 2020 09:49:57 GMT

GET
H2 200 script.min.js Show response
afly.pro/cloud_theme/build/js/ 202 KB
57 KB 25ms
23ms Script
application/javascript 2606:4700:3036::6818:70c3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://afly.pro/cloud_theme/build/js/script.min.js?ver=6.4.0

Requested by

Host: ajax.cloudflare.com
URL: https://ajax.cloudflare.com/cdn-cgi/scripts/7089c43e/cloudflare-static/rocket-loader.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3036::6818:70c3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

852593ea1830ce3d6821822385a17af199442f4938b588ed7c84942c351d9f16

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://afly.pro/6oS4
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 10 Sep 2020 09:49:57 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
age: 212
status: 200
cf-request-id: 0519050ca00000175aeca2c200000001
last-modified: Wed, 08 Apr 2020 13:21:03 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding,User-Agent
content-type: application/javascript
x-xss-protection: 1; mode=block
cache-control: max-age=2678400
cf-ray: 5d083df439d9175a-FRA
expires: Sat, 10 Oct 2020 09:46:25 GMT

GET
H2 200 gpt.js Show response
securepubads.g.doubleclick.net/tag/js/ 55 KB
19 KB 158ms
77ms Script
text/javascript 216.58.206.2
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/tag/js/gpt.js

Requested by

Host: ajax.cloudflare.com
URL: https://ajax.cloudflare.com/cdn-cgi/scripts/7089c43e/cloudflare-static/rocket-loader.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

216.58.206.2 Mountain View, United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s20-in-f2.1e100.net

Software

sffe /

Resource Hash

ceed67f36f66645ad65172727e84d75989a73a99992c2b51294c5932869d9e6e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://afly.pro/6oS4
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 10 Sep 2020 09:49:57 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "628 / 588 of 1000 / last-modified: 1599730851"
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 18728
x-xss-protection: 0
expires: Thu, 10 Sep 2020 09:49:57 GMT

GET
H2 200 outbrain.js Show response
widgets.outbrain.com/ 144 KB
48 KB 145ms
47ms Script
application/x-javascript 23.210.250.44
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://widgets.outbrain.com/outbrain.js
Requested by: Host: ajax.cloudflare.com
URL: https://ajax.cloudflare.com/cdn-cgi/scripts/7089c43e/cloudflare-static/rocket-loader.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.210.250.44 , Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-210-250-44.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 544e5c366fc01594b232f194eca2b32a400d7489c194abe786b0a4494c26f7e5

Request headers

Referer: https://afly.pro/6oS4
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 10 Sep 2020 09:49:57 GMT
content-encoding: gzip
last-modified: Wed, 09 Sep 2020 10:49:46 GMT
status: 200
etag: W/"23efb-cJsF9CvpWvVM7O2OXdgANMhpYBY"
vary: Accept-Encoding
edge-cache-tag: widget-cheetah
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=14400
access-control-allow-credentials: false
access-control-allow-methods: GET,POST
timing-allow-origin: *
content-length: 49116
expires: Thu, 10 Sep 2020 13:49:57 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 88 KB
35 KB 56ms
30ms Script
application/javascript 2a00:1450:4001:824::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=UA-144229328-1

Requested by

Host: ajax.cloudflare.com
URL: https://ajax.cloudflare.com/cdn-cgi/scripts/7089c43e/cloudflare-static/rocket-loader.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:824::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

fcd5322abc25e1edeb70b1dc8c173a58fed868fab9be77518424ff62387893d3

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Referer: https://afly.pro/6oS4
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 10 Sep 2020 09:49:57 GMT
content-encoding: br
vary: Accept-Encoding
status: 200
alt-svc: h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35646
x-xss-protection: 0
last-modified: Thu, 10 Sep 2020 09:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Thu, 10 Sep 2020 09:49:57 GMT

GET
H/1.1 200
OK script.js Show response
powerad.ai/ 110 KB
22 KB 503ms
242ms Script
application/javascript 18.211.226.152
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://powerad.ai/script.js
Requested by: Host: ajax.cloudflare.com
URL: https://ajax.cloudflare.com/cdn-cgi/scripts/7089c43e/cloudflare-static/rocket-loader.min.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 18.211.226.152 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-18-211-226-152.compute-1.amazonaws.com
Software: nginx/1.10.3 (Ubuntu) / Express
Resource Hash: f643ad5a4b502422772ca90a72c3500ed760600fb2ae8a17e611c92ec85a6f9a

Request headers

Referer: https://afly.pro/6oS4
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Thu, 10 Sep 2020 09:49:58 GMT
Content-Encoding: gzip
Last-Modified: Wed, 09 Sep 2020 21:28:58 GMT
Server: nginx/1.10.3 (Ubuntu)
Transfer-Encoding: chunked
X-Powered-By: Express
ETag: W/"1b687-17474c58fd7"
Vary: Accept-Encoding
Content-Type: application/javascript; charset=UTF-8
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=3600
Access-Control-Allow-Credentials: true
Connection: close
Access-Control-Allow-Headers: *

GET
H2 200 recaptcha__en.js Show response
www.gstatic.com/recaptcha/releases/iSHzt4kCrNgSxGUYDFqaZAL9/ 336 KB
132 KB 28ms
6ms Script
text/javascript 2a00:1450:4001:815::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/iSHzt4kCrNgSxGUYDFqaZAL9/recaptcha__en.js

Requested by

Host: www.recaptcha.net
URL: https://www.recaptcha.net/recaptcha/api.js?onload=onloadRecaptchaCallback&render=explicit

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:815::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

854f7a7915f240546d3950dd2b067466da13c013d04a3f8c790880c58ec61151

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://afly.pro/6oS4
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 08 Sep 2020 15:45:21 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Mon, 07 Sep 2020 04:06:55 GMT
server: sffe
age: 151477
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: public, max-age=31536000
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 134800
x-xss-protection: 0
expires: Wed, 08 Sep 2021 15:45:21 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 45 KB
18 KB 28ms
6ms Script
text/javascript 2a00:1450:4001:825::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-144229328-1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:825::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

1fbd06d98ff87713eb030669571c929ab75539f05252f04ae1df807c28b20e95

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://afly.pro/6oS4
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Wed, 19 Aug 2020 20:46:40 GMT
server: Golfe2
age: 2058
date: Thu, 10 Sep 2020 09:15:40 GMT
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: public, max-age=7200
alt-svc: h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 18323
expires: Thu, 10 Sep 2020 11:15:40 GMT

GET
H2 200 pubads_impl_2020090201.js Show response
securepubads.g.doubleclick.net/gpt/ 262 KB
92 KB 78ms
77ms Script
text/javascript 216.58.206.2
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020090201.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

216.58.206.2 Mountain View, United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s20-in-f2.1e100.net

Software

sffe /

Resource Hash

b4e8f2d73294065f2c0e54cb17bcba8bf7440408b804f9052ac03c0ff9adb398

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://afly.pro/6oS4
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 10 Sep 2020 09:49:58 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Wed, 02 Sep 2020 08:39:38 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: private, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 94147
x-xss-protection: 0
expires: Thu, 10 Sep 2020 09:49:58 GMT

GET
H2 200 put.html
widgets.outbrain.com/nanoWidget/externals/cookie/ Frame B6B5 0
0 54ms
50ms Document
text/html 23.210.250.44
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://widgets.outbrain.com/nanoWidget/externals/cookie/put.html
Requested by: Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/outbrain.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.210.250.44 , Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-210-250-44.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash

Request headers

:method: GET
:authority: widgets.outbrain.com
:scheme: https
:path: /nanoWidget/externals/cookie/put.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://afly.pro/6oS4
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://afly.pro/6oS4

Response headers

status: 200
accept-ranges: bytes
content-type: text/html
etag: "c0311cf15c21ddda054005e92fad3f9e:1599654083.685639"
last-modified: Wed, 09 Sep 2020 10:48:57 GMT
server: AkamaiNetStorage
content-length: 416
cache-control: max-age=345600
date: Thu, 10 Sep 2020 09:49:58 GMT
timing-allow-origin: *
access-control-allow-credentials: false
access-control-allow-methods: GET,POST
access-control-allow-origin: *
set-cookie: akacd_widgets_routing=1599731398~rv=67~id=1b897bdbd4bc3d15120bf678e9d76a8f; path=/; Expires=Thu, 10 Sep 2020 09:49:58 GMT; Secure; SameSite=None

GET
H/1.1 200
OK YWZseS5wcm8= Show response
tcheck.outbrainimg.com/tcheck/check/ 16 B
419 B 124ms
40ms XHR
application/json 104.108.145.205
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://tcheck.outbrainimg.com/tcheck/check/YWZseS5wcm8=
Requested by: Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/outbrain.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 104.108.145.205 , United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-108-145-205.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 929701ed632814943e3df803ddd9e3f179ccf889c0ad7b7f3392bd8d109b174f

Request headers

Referer: https://afly.pro/6oS4
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Thu, 10 Sep 2020 09:49:58 GMT
ETag: W/"10-us8lSJutAxKqLzf8c1+n5XstcwY"
Access-Control-Max-Age: 43200
Access-Control-Allow-Methods: GET,POST
Content-Type: application/json; charset=utf-8
Access-Control-Allow-Origin: *
Cache-Control: max-age=39063
Access-Control-Allow-Credentials: false
Connection: keep-alive
Content-Length: 16
Expires: Thu, 10 Sep 2020 20:41:01 GMT

POST
H3-Q050 200 collect Show response
www.google-analytics.com/j/ 1 B
390 B 50ms
13ms XHR
text/plain 2a00:1450:4001:825::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j85&a=1023673425&t=pageview&_s=1&dl=https%3A%2F%2Fafly.pro%2F6oS4&ul=en-us&de=UTF-8&dt=AFLY%20INDIA%E2%84%A2&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=IEBAAUABAAAAAC~&jid=454515535&gjid=1529379066&cid=409534654.1599731398&tid=UA-144229328-1&_gid=227175448.1599731398&_r=1&gtm=2ou920&z=2069400807

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:825::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://afly.pro/6oS4
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Thu, 10 Sep 2020 09:49:58 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
status: 200
content-type: text/plain
access-control-allow-origin: https://afly.pro
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
alt-svc: h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 anchor
www.google.com/recaptcha/api2/ Frame EEEB 0
0 50ms
28ms Document
text/html 2a00:1450:4001:814::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/anchor?ar=1&k=6Lf2oGkUAAAAAPnWjjWViiU1xARFdo28x_ugoDrc&co=aHR0cHM6Ly9hZmx5LnBybzo0NDM.&hl=en&v=iSHzt4kCrNgSxGUYDFqaZAL9&size=normal&cb=bsojt84de7ag

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/iSHzt4kCrNgSxGUYDFqaZAL9/recaptcha__en.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:814::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-s/qHT5D6e5x+fR/qXn1X4A' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

:method: GET
:authority: www.google.com
:scheme: https
:path: /recaptcha/api2/anchor?ar=1&k=6Lf2oGkUAAAAAPnWjjWViiU1xARFdo28x_ugoDrc&co=aHR0cHM6Ly9hZmx5LnBybzo0NDM.&hl=en&v=iSHzt4kCrNgSxGUYDFqaZAL9&size=normal&cb=bsojt84de7ag
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://afly.pro/6oS4
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://afly.pro/6oS4

Response headers

status: 200
content-type: text/html; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Thu, 10 Sep 2020 09:49:58 GMT
content-security-policy: script-src 'report-sample' 'nonce-s/qHT5D6e5x+fR/qXn1X4A' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-length: 11034
server: GSE
alt-svc: h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H/1.1 200
OK / Show response
powerad.ai/pubPls/ 1 KB
1 KB 394ms
133ms XHR
text/html 18.211.226.152
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://powerad.ai/pubPls/?width=1600&url=https%3A%2F%2Fafly.pro%2F6oS4
Requested by: Host: powerad.ai
URL: https://powerad.ai/script.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 18.211.226.152 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-18-211-226-152.compute-1.amazonaws.com
Software: nginx/1.10.3 (Ubuntu) / Express
Resource Hash: 46cdfa6413f7a235683d717705cace3b106cbc8ad8c0922a393710d32aa94106

Request headers

Referer: https://afly.pro/6oS4
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Thu, 10 Sep 2020 09:49:58 GMT
Content-Encoding: gzip
Server: nginx/1.10.3 (Ubuntu)
Transfer-Encoding: chunked
X-Powered-By: Express
ETag: W/"536-gMZht0KF8+pIABPRGxra///p3+A"
Vary: Accept-Encoding
Content-Type: text/html; charset=utf-8
Access-Control-Allow-Origin: https://afly.pro
Access-Control-Allow-Credentials: true
Connection: close
Access-Control-Allow-Headers: *

GET
H/1.1 200
OK gid.js Show response
my.rtmark.net/ 65 B
766 B 185ms
45ms XHR
application/json 139.45.197.193
RETN-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://my.rtmark.net/gid.js

Requested by

Host: inpagepush.com
URL: https://inpagepush.com/400/3416274

Protocol

HTTP/1.1

Security

TLS 1.2, RSA, AES_128_CBC

Server

139.45.197.193 , Ascension Island, ASN9002 (RETN-AS, EU),

Reverse DNS

Software

nginx /

Resource Hash

704002a37ec56c094dd705e081af862bf8c4a0d14fc1e7fa442e6d0a11cda4eb

Security Headers

Name	Value
Strict-Transport-Security	max-age=1
X-Content-Type-Options	nosniff

Request headers

Referer: https://afly.pro/6oS4
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Thu, 10 Sep 2020 09:49:58 GMT
X-Content-Type-Options: nosniff
Server: nginx
Strict-Transport-Security: max-age=1
Access-Control-Allow-Methods: POST, GET, OPTIONS, PUT, DELETE
Content-Type: application/json; charset=utf-8
Access-Control-Allow-Origin: https://afly.pro
Access-Control-Expose-Headers: Authorization
Access-Control-Allow-Credentials: true
Connection: keep-alive
Timing-Allow-Origin: *, *
Access-Control-Allow-Headers: Accept, Content-Type, Content-Length, Accept-Encoding, Authorization,X-CSRF-Token
Content-Length: 65

GET
H/1.1 200
OK dwce_cheq_events Show response
log.outbrainimg.com/loggerServices/ 4 B
325 B 658ms
259ms XHR
application/json 70.42.32.191
AS-OUTBRAIN

General

Check archive.org

Show headers Download Go to

Full URL: https://log.outbrainimg.com/loggerServices/dwce_cheq_events?timestamp=1599731398381&sessionId=4bf27033-b811-8f42-6373-f1a9a56c9ed2&url=afly.pro&cheqSource=1&cheqEvent=0&exitReason=2
Requested by: Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/outbrain.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 70.42.32.191 , United States, ASN22075 (AS-OUTBRAIN, US),
Reverse DNS: ny.outbrain.com
Software: /
Resource Hash: b5bea41b6c623f7c09f1bf24dcae58ebab3c0cdd90ad966bc43a45b44867e12b

Request headers

Referer: https://afly.pro/6oS4
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 10 Sep 2020 09:49:58 GMT
Access-Control-Allow-Methods: GET,POST
Content-Type: application/json; charset=UTF-8
Access-Control-Allow-Origin: *
Cache-Control: no-cache, no-store, must-revalidate
X-TraceId: 8e5a4471150122387cd69d0b31f24a51
Content-Length: 4
Expires: 0

GET
H2 200 integrator.js Show response
adservice.google.cz/adsid/ 109 B
890 B 63ms
36ms Script
application/javascript 2a00:1450:4001:818::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.cz/adsid/integrator.js?domain=afly.pro

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020090201.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:818::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://afly.pro/6oS4
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Thu, 10 Sep 2020 09:49:58 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
status: 200
cache-control: private, no-cache, no-store
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 104
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 109 B
890 B 36ms
15ms Script
application/javascript 2a00:1450:4001:81e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=afly.pro

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020090201.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://afly.pro/6oS4
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Thu, 10 Sep 2020 09:49:58 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
status: 200
cache-control: private, no-cache, no-store
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 104
x-xss-protection: 0

GET
H3-Q050 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 425 B
939 B 102ms
101ms XHR
text/plain 216.58.206.2
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=2239644000172357&correlator=484484066140447&output=ldjh&impl=fif&eid=21066928%2C21067200%2C21066705%2C21066806&vrg=2020090201&guci=1.2.0.0.2.2.0.0&sc=1&sfv=1-0-37&ecs=20200910&iu_parts=112081842%2Cafly.pro_320x100&enc_prev_ius=%2F0%2F1&prev_iu_szs=320x100&eri=4&cookie_enabled=1&cdm=afly.pro&bc=31&abxe=1&dt=1599731398421&dlt=1599731397634&idt=756&frm=20&biw=1600&bih=1200&oid=3&adxs=640&adys=331&adks=1337347729&ucis=1&ifi=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fafly.pro%2F&loc=https%3A%2F%2Fafly.pro%2F6oS4&dssz=25&icsg=176687804&std=0&vis=1&dmc=8&scr_x=0&scr_y=0&psz=1170x5350&msz=1170x100&ga_vid=409534654.1599731398&ga_sid=1599731398&ga_hid=1023673425&fws=0&ohw=0&btvi=0

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020090201.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

216.58.206.2 Mountain View, United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s20-in-f2.1e100.net

Software

cafe /

Resource Hash

5413705f837ca36f9820d29515214c677c3f531370eefdd576d114971a921d22

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://afly.pro/6oS4
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 10 Sep 2020 09:49:58 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
status: 200
alt-svc: h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 229
x-xss-protection: 0
google-lineitem-id: -2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://afly.pro
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 container.html
181f5d08ee63f2a1d34615851e2cc18c.safeframe.googlesyndication.com/safeframe/1-0-37/html/ 0
0 106ms
38ms Other
text/html 2a00:1450:4001:809::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://181f5d08ee63f2a1d34615851e2cc18c.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020090201.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash

Request headers

Referer: https://afly.pro/6oS4
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

GET
H2 200 container.html
tpc.googlesyndication.com/safeframe/1-0-37/html/ 0
0 63ms
6ms Other
text/html 2a00:1450:4001:820::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://tpc.googlesyndication.com/safeframe/1-0-37/html/container.html
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020090201.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:820::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash

Request headers

Referer: https://afly.pro/6oS4
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

GET
H3-Q050 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 425 B
264 B 129ms
128ms XHR
text/plain 216.58.206.2
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=2239644000172357&correlator=484484066140447&output=ldjh&impl=fif&eid=21066928%2C21067200%2C21066705%2C21066806&vrg=2020090201&guci=1.2.0.0.2.2.0.0&sc=1&sfv=1-0-37&ecs=20200910&iu_parts=112081842%2Cafly.pro_300x600&enc_prev_ius=%2F0%2F1&prev_iu_szs=300x600&eri=4&cookie_enabled=1&cdm=afly.pro&bc=31&abxe=1&dt=1599731398436&dlt=1599731397634&idt=756&frm=20&biw=1600&bih=1200&oid=3&adxs=650&adys=3928&adks=2023233574&ucis=2&ifi=2&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fafly.pro%2F&loc=https%3A%2F%2Fafly.pro%2F6oS4&dssz=25&icsg=176687804&std=0&vis=1&dmc=8&scr_x=0&scr_y=0&psz=1170x5350&msz=1170x600&ga_vid=409534654.1599731398&ga_sid=1599731398&ga_hid=1023673425&fws=0&ohw=0&btvi=1

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020090201.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

216.58.206.2 Mountain View, United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s20-in-f2.1e100.net

Software

cafe /

Resource Hash

f896e57f0ba54c2aaffcbf3aad453d688d363dcc4fd5db0b12371b10bf39a9b5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://afly.pro/6oS4
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 10 Sep 2020 09:49:58 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
status: 200
alt-svc: h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 231
x-xss-protection: 0
google-lineitem-id: -2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://afly.pro
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-Q050 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 425 B
267 B 185ms
185ms XHR
text/plain 216.58.206.2
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=2239644000172357&correlator=484484066140447&output=ldjh&impl=fif&eid=21066928%2C21067200%2C21066705%2C21066806&vrg=2020090201&guci=1.2.0.0.2.2.0.0&sc=1&sfv=1-0-37&ecs=20200910&iu_parts=112081842%2Cafly.pro_300x250&enc_prev_ius=%2F0%2F1&prev_iu_szs=300x250&eri=4&cookie_enabled=1&cdm=afly.pro&bc=31&abxe=1&dt=1599731398472&dlt=1599731397634&idt=756&frm=20&biw=1600&bih=1200&oid=3&adxs=650&adys=5284&adks=755120544&ucis=3&ifi=3&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fafly.pro%2F&loc=https%3A%2F%2Fafly.pro%2F6oS4&dssz=25&icsg=176687804&std=0&vis=1&dmc=8&scr_x=0&scr_y=0&psz=1200x1038&msz=1200x250&ga_vid=409534654.1599731398&ga_sid=1599731398&ga_hid=1023673425&fws=0&ohw=0&btvi=2

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020090201.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

216.58.206.2 Mountain View, United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s20-in-f2.1e100.net

Software

cafe /

Resource Hash

2eda6aab7c8564177b963a2e5da933d9595a98bcf013c35c7025a19edef261ad

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://afly.pro/6oS4
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 10 Sep 2020 09:49:58 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
status: 200
alt-svc: h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 233
x-xss-protection: 0
google-lineitem-id: -2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://afly.pro
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-Q050 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 432 B
271 B 203ms
202ms XHR
text/plain 216.58.206.2
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=2239644000172357&correlator=484484066140447&output=ldjh&impl=fif&eid=21066928%2C21067200%2C21066705%2C21066806&vrg=2020090201&guci=1.2.0.0.2.2.0.0&sc=1&sfv=1-0-37&ecs=20200910&iu_parts=112081842%2Cafly.pro_336x280&enc_prev_ius=%2F0%2F1&prev_iu_szs=336x280&eri=4&cookie_enabled=1&cdm=afly.pro&bc=31&abxe=1&dt=1599731398476&dlt=1599731397634&idt=756&frm=20&biw=1600&bih=1200&oid=3&adxs=632&adys=5606&adks=4030344761&ucis=4&ifi=4&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fafly.pro%2F&loc=https%3A%2F%2Fafly.pro%2F6oS4&dssz=25&icsg=176687804&std=0&vis=1&dmc=8&scr_x=0&scr_y=0&psz=1200x6059&msz=1170x280&ga_vid=409534654.1599731398&ga_sid=1599731398&ga_hid=1023673425&fws=0&ohw=0&btvi=3

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020090201.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

216.58.206.2 Mountain View, United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s20-in-f2.1e100.net

Software

cafe /

Resource Hash

3df3edd88674c495ddf955a33a9b34810b0f854540fa828df9ef746966098854

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://afly.pro/6oS4
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 10 Sep 2020 09:49:58 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
status: 200
alt-svc: h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 237
x-xss-protection: 0
google-lineitem-id: -2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://afly.pro
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 8 KB
7 KB 61ms
41ms XHR
application/json 2a00:1450:4001:81e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2020090201&st=env

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020090201.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

c623ef28b70438587e9f754163adaf951abd679b87e2307c9326a53556acf382

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://afly.pro/6oS4
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Thu, 10 Sep 2020 09:49:58 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
status: 200
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: private
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 6416
x-xss-protection: 0

GET
H/1.1 200
OK 3416274 Show response
inpagepush.com/500/ 2 KB
2 KB 163ms
163ms XHR
application/javascript 139.45.197.194
RETN-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://inpagepush.com/500/3416274?excludes=&oaid=781e488a5ec34f7ab22b8632c9d9c700&fs=0&cf=0&sw=1600&sh=1200&sah=1200&wx=0&wy=0&ww=1600&wh=1200&cw=1600&wiw=1600&wih=1200&wfc=3&pl=https%3A%2F%2Fafly.pro%2F6oS4&drf=&np=0&pt=0&nb=1&ng=1&ix=0&nw=1&tb=false

Requested by

Host: inpagepush.com
URL: https://inpagepush.com/400/3416274

Protocol

HTTP/1.1

Security

TLS 1.2, RSA, AES_128_CBC

Server

139.45.197.194 , Ascension Island, ASN9002 (RETN-AS, EU),

Reverse DNS

Software

nginx /

Resource Hash

b9d3cf6b240a536c0515eeacbbaa7b6cca9e09a32ba5a299e1e79d9bbd949135

Security Headers

Name	Value
Strict-Transport-Security	max-age=1
X-Content-Type-Options	nosniff

Request headers

Referer: https://afly.pro/6oS4
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: application/json

Response headers

Date: Thu, 10 Sep 2020 09:49:58 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Transfer-Encoding: chunked
Connection: keep-alive
X-Trace-Id: cc2b443a37ce9bd7f72ec345b19b775f
Pragma: no-cache
Server: nginx
Vary: Origin
Strict-Transport-Security: max-age=1
Content-Type: application/javascript
Access-Control-Allow-Origin: https://afly.pro
Access-Control-Expose-Headers: Link
Cache-Control: no-cache, no-store, no-transform, must-revalidate, private, max-age=0
Access-Control-Allow-Credentials: true
Timing-Allow-Origin: *
Expires: Wed, 31 Dec 1969 19:00:00 EST

OPTIONS
H/1.1 200
OK 3416274
inpagepush.com/500/ Frame 0
0 171ms
43ms Other 139.45.197.194
RETN-AS

General

Check archive.org

Show headers Download Go to

Full URL

Protocol

HTTP/1.1

Server

139.45.197.194 , Ascension Island, ASN9002 (RETN-AS, EU),

Reverse DNS

Software

nginx /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=1
X-Content-Type-Options	nosniff

Request headers

Accept: */*
Access-Control-Request-Method: GET
Access-Control-Request-Headers: content-type
Origin: https://afly.pro
Sec-Fetch-Mode: cors

Response headers

Server: nginx
Date: Thu, 10 Sep 2020 09:49:58 GMT
Content-Length: 0
Connection: keep-alive
Access-Control-Allow-Credentials: true
Access-Control-Allow-Headers: Content-Type
Access-Control-Allow-Methods: GET
Access-Control-Allow-Origin: https://afly.pro
Access-Control-Max-Age: 300
Vary: Origin Access-Control-Request-Method Access-Control-Request-Headers
Strict-Transport-Security: max-age=1
X-Content-Type-Options: nosniff
Timing-Allow-Origin: *

GET
H2 200 get Show response
odb.outbrain.com/utils/ 37 KB
14 KB 360ms
287ms Script
text/javascript 151.101.114.2
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://odb.outbrain.com/utils/get?url=undefined&idx=0&rand=85370&key=NANOWDGT01&widgetJSId=GS_1&va=true&et=true&format=html&pdobuid=-1&adblck=false&px=215&py=877&vpd=0&settings=true&recs=true&version=200078&sig=SZ21moZK&apv=false&osLang=en-US&winW=1600&winH=1200&scrW=1600&scrH=1200&dpr=1&secured=true&cmpStat=0&ccpaStat=0
Requested by: Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/outbrain.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.114.2 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 601c7277f95d152823308cb46804f10b73dde86697107563945a53d5b98669e7

Request headers

Referer: https://afly.pro/6oS4
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 10 Sep 2020 09:49:58 GMT
content-encoding: gzip
traffic-path: NYDC1, LGA, HHN, Europe1
x-cache: MISS, MISS
p3p: policyref="http://www.outbrain.com/w3c/p3p.xml",CP="NOI NID CURa DEVa TAIa PSAa PSDa OUR IND UNI"
status: 200
x-cache-hits: 0, 0
x-traceid: 2b83d0c89cff613f167ea17f4112b4dd
content-length: 13471
x-served-by: cache-lga21926-LGA, cache-hhn4080-HHN
pragma: no-cache
x-timer: S1599731399.695039,VS0,VE252
vary: Accept-Encoding, User-Agent
content-type: text/javascript; charset=UTF-8
via: 1.1 varnish, 1.1 varnish
cache-control: no-cache
backend-ip: 157.52.117.26
accept-ranges: bytes, bytes
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H3-Q050 200 bframe
www.google.com/recaptcha/api2/ Frame 8B68 0
0 20ms
19ms Document
text/html 2a00:1450:4001:814::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/bframe?hl=en&v=iSHzt4kCrNgSxGUYDFqaZAL9&k=6Lf2oGkUAAAAAPnWjjWViiU1xARFdo28x_ugoDrc&cb=xpuunebq184x

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/iSHzt4kCrNgSxGUYDFqaZAL9/recaptcha__en.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:814::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-Gv6rUv2WQTW+ohmDrsbfzg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

:method: GET
:authority: www.google.com
:scheme: https
:path: /recaptcha/api2/bframe?hl=en&v=iSHzt4kCrNgSxGUYDFqaZAL9&k=6Lf2oGkUAAAAAPnWjjWViiU1xARFdo28x_ugoDrc&cb=xpuunebq184x
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://afly.pro/6oS4
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://afly.pro/6oS4

Response headers

status: 200
content-type: text/html; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Thu, 10 Sep 2020 09:49:58 GMT
content-security-policy: script-src 'report-sample' 'nonce-Gv6rUv2WQTW+ohmDrsbfzg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-length: 1174
server: GSE
alt-svc: h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-Q050 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 14 KB
6 KB 35ms
21ms Script
text/javascript 2a00:1450:4001:820::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020090201.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:820::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

08f50e9e70388c99977ca13b6af3a49f8f48c83e79230d51ea72a56c0735bd0c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://afly.pro/6oS4
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 10 Sep 2020 09:49:58 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1591403518460474"
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5540
x-xss-protection: 0
expires: Thu, 10 Sep 2020 09:49:58 GMT

GET
H3-Q050 200 runner.html
tpc.googlesyndication.com/sodar/sodar2/210/ Frame 8DA3 0
0 7ms
6ms Document
text/html 2a00:1450:4001:820::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/210/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:820::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: tpc.googlesyndication.com
:scheme: https
:path: /sodar/sodar2/210/runner.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://afly.pro/6oS4
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://afly.pro/6oS4

Response headers

status: 200
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
content-length: 4590
date: Thu, 10 Sep 2020 09:28:16 GMT
expires: Fri, 10 Sep 2021 09:28:16 GMT
last-modified: Wed, 26 Feb 2020 19:47:50 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 1302
alt-svc: h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-Q050 204 gen_204
pagead2.googlesyndication.com/pagead/ 0
223 B 42ms
41ms Image
image/gif 2a00:1450:4001:81e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=210&t=2&li=gpt_2020090201&jk=2239644000172357&bg=!0NOl08tY4haeJ15jmywCAAAAXlIAAAAPCgH0M20tTM3uhgkRYm31A20ZziOeGKn88cKNjqIjs-9oo-db34kM19W_hYyUdcGc8bY4Ac1z5SaMlyaVPWOA2enrXfnuEen4gqe3r8hi4IKbBcQeR9sfjflHG1XROgMdoPXyP1GMFV5y4wjbhedKXNifU1nxg3v1QGEw-E3a3MXF7B2ppInmL1OpEbkj1oS3IVAujiqG_ootCP5gNhsdbv6oE5awuVMsFC2Roo_87R80PjK470XUy5XDhG8F0YH43jqOi7Bl3hseuYLeIrGSp3LywPbvVsrezjFB7PLAdC95hTMFnGhsybAN7EPAZNd4sY-x7OogALoxgXY7s5NSbS0GRVolOtA16UC-4PeaWTtQzdtwdgQNwtrgyEiYhxQlZi4g0ClgjHyEUfA7yK8ImGnY_BlaCrbhsNmm6AEcsytr5D_nyrL8PPMu5w-Y8GkV_uXJtEXyFeBdV0tPMDaBECswLfCwXeGyEdEIlxTh9FeDMdN9K_BMwwbyTZwDDHE_ecrpJLDtb4V0QcgmbZVShzJLF_pB0g4f8KrOmNY6VAfRTArRZ9Fw2twjL5WZbTXTlZ3dpZti5YlTiJSaFWZrC3LKifR38D6kfJ0isCQve5JH0nbIbgs-dIecXfBNzQz172stT9XzHuI78-7WOK_5zEUbtg1DlbqZAaEZa_G8MPcSysqH9XLjTtjp_MGq2-OKyuUNAb_6M_bSapsP1pK2FFdS2Gwkac1eGUF7-OX5X6vmyZIRU-So4agEg5aF6Df52bqysH5zH8zuq8ISt7xKl1jujbJDaInDuWQs9IMWsKmt1aQGRgK-D37FsrJn563K4KRjzHjBJstl23GB2eW098ZvqV_rAgJpVM4lUVplbHwpH0eD9jjBFLGAFJytw8H2j4FQIIme18XEFaJ2sQAgjM9GYzWeeRVoA2WjtpQcgC14sK42U0pA7eVLzca-pUgXWiUD4XUYEXc7xAjHOj7olUq4gHYREhDU14n2OQU9WZSqQA9WnCxxqw_pi2Kw2_y2C733oXY0b3-M_qsvE-oDD8dpO2Gy2dDQhtKAPxv2J3VkJ39KJSkE3SI5QOBiikrXoxiSbIhm07q6jiXHpqGXyQ1V2DtxBORupyzY5LTChHXQLubKTanxAFOSbhBoMDaQrbuMeZfuWv7CPg3OI6PEl9e19qXrkUHEzXxppWDjNII1eswAAFwh5ZpD6EODTKR232Itlb_p5-woh1Y

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://afly.pro/6oS4
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 10 Sep 2020 09:49:58 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 204
cache-control: no-cache, must-revalidate
content-type: image/gif
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

aHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMTktMDcvMTAxOTI0L2Q1NjkxMWVhNjliYzRhOGVkZDRkODg1ZWQ2ZTY5YThmLnBuZw%2A%2A.webp
s-img.steepto.com/g/3839417/328x328/142x89x688x458/
Redirect Chain

https://c.mgid.com/c?pv=2&v=0|0|0|rTQQf7XoBUiMsHnBUdx8FBcO95-bwuPikvZ-eW677rMmYXIBuwc9zeH8ev6TOdGi&cid=949756&f=1&h2=ogT0kCMhR4zwVQBbI6KA91lBrYxyUp2E5JVj1l4HvK8*&rid=z3416274zb6445621bcCZcp2ph20200...
https://s-img.steepto.com/g/3839417/328x328/142x89x688x458/aHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMTktMDcvMTAxOTI0L2Q1NjkxMWVhNjliYzRhOGVkZDRkODg1ZWQ2ZTY5YThmLnBuZw%2A%2A.webp

7 KB
7 KB

149ms
53ms

Image
image/webp

104.19.139.80
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s-img.steepto.com/g/3839417/328x328/142x89x688x458/aHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMTktMDcvMTAxOTI0L2Q1NjkxMWVhNjliYzRhOGVkZDRkODg1ZWQ2ZTY5YThmLnBuZw%2A%2A.webp
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.19.139.80 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 462e3f8bc63a6a05b89233b7a6c0683d18fdfa09bb1bfb6837510ee81af9f6f4

Request headers

Referer: https://afly.pro/6oS4
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 10 Sep 2020 09:49:59 GMT
cf-cache-status: HIT
x-mg-request-uuid: 0c6c6d5d-761f-41b3-97b4-723ebb4ccf27
age: 5228518
status: 200
content-length: 6932
cf-request-id: 051905127a00001ecec60a9200000001
last-modified: Sat, 11 Jul 2020 16:13:37 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 5d083dfd99891ece-AMS
expires: Fri, 10 Sep 2021 09:49:59 GMT

Redirect headers

pragma: no-cache
date: Thu, 10 Sep 2020 09:49:59 GMT
cf-cache-status: DYNAMIC
x-mg-request-uuid: 4eca0fa6-465d-4467-8e17-46f8b615fb14
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
status: 301
p3p: CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
location: https://s-img.steepto.com/g/3839417/328x328/142x89x688x458/aHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMTktMDcvMTAxOTI0L2Q1NjkxMWVhNjliYzRhOGVkZDRkODg1ZWQ2ZTY5YThmLnBuZw%2A%2A.webp
cache-control: max-age=0, no-store, no-cache, must-revalidate
access-control-allow-credentials: true
cf-ray: 5d083dfc1d48fa88-AMS
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id: 05190511920000fa882b987200000001
server: cloudflare

GET
H2 200 achoice.svg
widgets.outbrain.com/images/widgetIcons/ 3 KB
3 KB 58ms
57ms Image
image/svg+xml 23.210.250.44
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://widgets.outbrain.com/images/widgetIcons/achoice.svg
Requested by: Host: afly.pro
URL: https://afly.pro/6oS4
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.210.250.44 , Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-210-250-44.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: 2c87952cc1c23627496c7874271042bdb6af21efdf7cbf36ec4d98e6cec34d04

Request headers

Referer: https://afly.pro/6oS4
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 10 Sep 2020 09:49:59 GMT
last-modified: Wed, 09 Sep 2020 10:48:57 GMT
server: AkamaiNetStorage
etag: "9d26fa4e7238ed94f1d0d92afb453b3e:1599653940.63007"
status: 200
access-control-allow-methods: GET,POST
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=2592000
access-control-allow-credentials: false
accept-ranges: bytes
timing-allow-origin: *
content-length: 2735
expires: Sat, 10 Oct 2020 09:49:59 GMT

GET
H/1.1 200
OK l Show response
mcdp-nydc1.outbrain.com/ 2 B
270 B 499ms
124ms XHR
text/plain 70.42.32.191
AS-OUTBRAIN

General

Check archive.org

Show headers Download Go to

Full URL: https://mcdp-nydc1.outbrain.com/l?token=d0084f54a4ab695b6c2c902f04226f36_45020_1599731398898&tm=735&eT=0&widgetWidth=1170&widgetHeight=826&widgetX=215&widgetY=877&tpcs=0&wRV=200078&pVis=1&lsd=0b29142e-2d42-420b-a911-173f1b2fe607&eIdx=&cheq=0&ab=0&wl=0
Requested by: Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/outbrain.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 70.42.32.191 , United States, ASN22075 (AS-OUTBRAIN, US),
Reverse DNS: ny.outbrain.com
Software: /
Resource Hash: 2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df

Request headers

Referer: https://afly.pro/6oS4
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

access-control-allow-origin: *
Date: Thu, 10 Sep 2020 09:49:59 GMT
content-encoding: gzip
Connection: close
X-TraceId: a9503d82de02197fe7b88f9cb1c092fc
Content-Length: 28
access-control-expose-headers: content-range

GET
H2 200 streamFeed.js Show response
widgets.outbrain.com/nanoWidget/200078/module/ 45 KB
15 KB 48ms
48ms Script
application/x-javascript 23.210.250.44
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://widgets.outbrain.com/nanoWidget/200078/module/streamFeed.js
Requested by: Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/outbrain.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.210.250.44 , Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-210-250-44.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: e35cd7d32f0545004e0839f0af571d3daf37041c711a4c1c20a6fe58e99b5a97

Request headers

Referer: https://afly.pro/6oS4
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 10 Sep 2020 09:49:59 GMT
content-encoding: gzip
last-modified: Wed, 09 Sep 2020 10:48:57 GMT
server: AkamaiNetStorage
status: 200
etag: "f4ad5d20751b2cf99fe90b5d025178d7:1599653998.761169"
vary: Accept-Encoding
access-control-allow-methods: GET,POST
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: max-age=345600
access-control-allow-credentials: false
accept-ranges: bytes
timing-allow-origin: *
content-length: 14800

GET
H2 200 brand-covid.svg
widgets.outbrain.com/images/widgetIcons/ 13 KB
13 KB 52ms
49ms Image
image/svg+xml 23.210.250.44
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://widgets.outbrain.com/images/widgetIcons/brand-covid.svg
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.210.250.44 , Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-210-250-44.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: 8c56e3bc05df39bb6c53246ed5541ecb0f7f5b80231729b7d00ef81cf504f192

Request headers

Referer: https://afly.pro/6oS4
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 10 Sep 2020 09:49:59 GMT
last-modified: Mon, 07 Sep 2020 11:33:51 GMT
server: AkamaiNetStorage
etag: "dd9a1f18a51c9d4593a27e69f000f57f:1599478893.83103"
status: 200
access-control-allow-methods: GET,POST
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=2592000
access-control-allow-credentials: false
accept-ranges: bytes
timing-allow-origin: *
content-length: 12868
expires: Sat, 10 Oct 2020 09:49:59 GMT

GET
H2 200 eyJpdSI6ImJmZGNmNDZhMThiMjJjNjcyMTFiY2FkNTNhMmMyOTQxNTdlZmJkNDI0ZTAxMTJhM2ZkNmM3ZWRlMWUzZDAxOGMiLCJ3Ijo0ODAsImgiOjMyMCwiZCI6MS41LCJjcyI6MCwiZiI6NH0.webp
images.outbrainimg.com/transform/v3/ 38 KB
38 KB 121ms
39ms Image
image/webp 104.108.145.205
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.outbrainimg.com/transform/v3/eyJpdSI6ImJmZGNmNDZhMThiMjJjNjcyMTFiY2FkNTNhMmMyOTQxNTdlZmJkNDI0ZTAxMTJhM2ZkNmM3ZWRlMWUzZDAxOGMiLCJ3Ijo0ODAsImgiOjMyMCwiZCI6MS41LCJjcyI6MCwiZiI6NH0.webp
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.108.145.205 , United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-108-145-205.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: ded4ffec8639ed854cb54bc442ee652361a42af6cc93a95dc6712825ca4dca19

Request headers

Referer: https://afly.pro/6oS4
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 10 Sep 2020 09:49:59 GMT
last-modified: Mon, 31 Aug 2020 14:56:54 GMT
content-type: image/webp
status: 200
cache-control: max-age=1619399
x-traceid: 5dab7454f4fa7b07481cfd8a03682359
timing-allow-origin: *
content-length: 38686

GET
H2 200 eyJpdSI6IjY2OGMzYmQ0ZGU5YzJiZmFmNWNlMTU1MGViZTUxY2U5MTU5OWJkMDY1ZGIzZGQxOTYwMWVkZTk2MDhiZTMxMGQiLCJ3Ijo0ODAsImgiOjMyMCwiZCI6MS41LCJjcyI6MCwiZiI6NH0.webp
images.outbrainimg.com/transform/v3/ 55 KB
55 KB 151ms
68ms Image
image/webp 104.108.145.205
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://images.outbrainimg.com/transform/v3/eyJpdSI6IjY2OGMzYmQ0ZGU5YzJiZmFmNWNlMTU1MGViZTUxY2U5MTU5OWJkMDY1ZGIzZGQxOTYwMWVkZTk2MDhiZTMxMGQiLCJ3Ijo0ODAsImgiOjMyMCwiZCI6MS41LCJjcyI6MCwiZiI6NH0.webp

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

104.108.145.205 , United States, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-108-145-205.deploy.static.akamaitechnologies.com

Software

Resource Hash

1ac520cbdae3263911b3ea19dfa75b14252778b5bc16053ee44fb3533658d7c6

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; includeSubDomains;

Request headers

Referer: https://afly.pro/6oS4
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=0; includeSubDomains;
content-encoding: gzip
last-modified: Tue, 23 Jun 2020 10:38:55 GMT
date: Thu, 10 Sep 2020 09:49:59 GMT
vary: Accept-Encoding
content-type: image/webp
status: 200
cache-control: max-age=311672
x-traceid: 2f4c0d8b8b065a9eb4569ee2018fb517
timing-allow-origin: *
content-length: 56383

GET
H2 200 eyJpdSI6IjZkNzM4Njg4NDNkMzczZTA4ZmVlNzMwN2IxYmExNTJlN2E0ZTAyZDdjYWVjNGY2ZGEwMzg1YmQ4ZjQ0YWJiMmUiLCJ3Ijo0ODAsImgiOjMyMCwiZCI6MS41LCJjcyI6MCwiZiI6NH0.webp
images.outbrainimg.com/transform/v3/ 57 KB
58 KB 173ms
91ms Image
image/webp 104.108.145.205
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.outbrainimg.com/transform/v3/eyJpdSI6IjZkNzM4Njg4NDNkMzczZTA4ZmVlNzMwN2IxYmExNTJlN2E0ZTAyZDdjYWVjNGY2ZGEwMzg1YmQ4ZjQ0YWJiMmUiLCJ3Ijo0ODAsImgiOjMyMCwiZCI6MS41LCJjcyI6MCwiZiI6NH0.webp
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.108.145.205 , United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-108-145-205.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 8cff4187c77b74f709172ab908382a6da1699153770068a5bdf8c55ba6723923

Request headers

Referer: https://afly.pro/6oS4
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 10 Sep 2020 09:49:59 GMT
content-encoding: gzip
last-modified: Tue, 16 Jun 2020 12:44:20 GMT
vary: Accept-Encoding
content-type: image/webp
status: 200
cache-control: max-age=978466
x-traceid: 5305d804fa5ef2e2a9472564a2da3be4
timing-allow-origin: *
content-length: 58595

GET
H2 200 eyJpdSI6ImVlMDQ2ODYyZGVkZGM5ZmE0MzQ3M2RlOWE2Y2I3ZDk5OGJhZDBlMGM3MjBhMzkwM2QxZTljMWFlM2YwNzk0MzgiLCJ3Ijo0ODAsImgiOjMyMCwiZCI6MS41LCJjcyI6MCwiZiI6NH0.webp
images.outbrainimg.com/transform/v3/ 34 KB
34 KB 185ms
103ms Image
image/webp 104.108.145.205
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://images.outbrainimg.com/transform/v3/eyJpdSI6ImVlMDQ2ODYyZGVkZGM5ZmE0MzQ3M2RlOWE2Y2I3ZDk5OGJhZDBlMGM3MjBhMzkwM2QxZTljMWFlM2YwNzk0MzgiLCJ3Ijo0ODAsImgiOjMyMCwiZCI6MS41LCJjcyI6MCwiZiI6NH0.webp

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

104.108.145.205 , United States, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-108-145-205.deploy.static.akamaitechnologies.com

Software

Resource Hash

855b366a87a582dfbf26930cf023df4e860b565f4bd96100f2d83e4c5ac8204b

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; includeSubDomains;

Request headers

Referer: https://afly.pro/6oS4
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=0; includeSubDomains;
content-encoding: gzip
last-modified: Mon, 15 Jun 2020 10:51:17 GMT
date: Thu, 10 Sep 2020 09:49:59 GMT
vary: Accept-Encoding
content-type: image/webp
status: 200
cache-control: max-age=444571
x-traceid: a1f65d4f98d0d2d72552cda880ea9c3c
timing-allow-origin: *
content-length: 34412

GET
H2 200 eyJpdSI6IjM4YjBkZjZhZjRmOWRkNGRmOTA3OGZiODMzNGNmMWE4ZTYyMTFiMjhkYzY4MzMwZmRmZTNjY2I3YTRmYWU0OGMiLCJ3Ijo0ODAsImgiOjMyMCwiZCI6MS41LCJjcyI6MCwiZiI6NH0.webp
images.outbrainimg.com/transform/v3/ 14 KB
14 KB 190ms
108ms Image
image/webp 104.108.145.205
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.outbrainimg.com/transform/v3/eyJpdSI6IjM4YjBkZjZhZjRmOWRkNGRmOTA3OGZiODMzNGNmMWE4ZTYyMTFiMjhkYzY4MzMwZmRmZTNjY2I3YTRmYWU0OGMiLCJ3Ijo0ODAsImgiOjMyMCwiZCI6MS41LCJjcyI6MCwiZiI6NH0.webp
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.108.145.205 , United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-108-145-205.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 630a193f210946c1a7601889a3851b0493fb8a5d11672c537560242aad7a15a3

Request headers

Referer: https://afly.pro/6oS4
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 10 Sep 2020 09:49:59 GMT
last-modified: Wed, 09 Sep 2020 21:16:53 GMT
content-type: image/webp
status: 200
cache-control: max-age=2443140
x-traceid: c0f2a3eb05d1f09c3a4b8aa32b6a4a5c
timing-allow-origin: *
content-length: 14200

GET
H2 200 eyJpdSI6IjRmYzI2NDk5ZjhlZGQzNjVhYmU2MzIwOGVmYzVkMGZkY2E1YTI0NjYxMTc2Y2JlZjcyZjQ1ZmM3ZmM3MjZkOTEiLCJ3Ijo0ODAsImgiOjMyMCwiZCI6MS41LCJjcyI6MCwiZiI6NH0.webp
images.outbrainimg.com/transform/v3/ 19 KB
19 KB 192ms
110ms Image
image/webp 104.108.145.205
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.outbrainimg.com/transform/v3/eyJpdSI6IjRmYzI2NDk5ZjhlZGQzNjVhYmU2MzIwOGVmYzVkMGZkY2E1YTI0NjYxMTc2Y2JlZjcyZjQ1ZmM3ZmM3MjZkOTEiLCJ3Ijo0ODAsImgiOjMyMCwiZCI6MS41LCJjcyI6MCwiZiI6NH0.webp
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.108.145.205 , United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-108-145-205.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: af7e7fed51326cfc6930aa11d339dfacb8e4a35f729fd58fecfaaa58c01c04be

Request headers

Referer: https://afly.pro/6oS4
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 10 Sep 2020 09:49:59 GMT
last-modified: Tue, 01 Sep 2020 13:26:52 GMT
content-type: image/webp
status: 200
cache-control: max-age=1792676
x-traceid: ba4f757466c2de2a9ff6c11a8eb55cae
timing-allow-origin: *
content-length: 19292

GET
H2 200 obUserSync.html
widgets.outbrain.com/widgetOBUserSync/ Frame 2D85 0
0 53ms
52ms Document
text/html 23.210.250.44
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://widgets.outbrain.com/widgetOBUserSync/obUserSync.html
Requested by: Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/outbrain.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.210.250.44 , Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-210-250-44.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash

Request headers

:method: GET
:authority: widgets.outbrain.com
:scheme: https
:path: /widgetOBUserSync/obUserSync.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://afly.pro/6oS4
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: obuid=0b29142e-2d42-420b-a911-173f1b2fe607; recs_b64b549e341ae2f7db12f5e25050ba0f=0B2114896441A2683137603A2713511014A2275839614A3004440329A3026187161ACD1
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://afly.pro/6oS4

Response headers

status: 200
accept-ranges: bytes
content-type: text/html
etag: "89fdecd74225ad6613f814657a128f54:1597838503.118353"
last-modified: Wed, 19 Aug 2020 12:00:31 GMT
server: AkamaiNetStorage
vary: Accept-Encoding
content-encoding: gzip
cache-control: max-age=86400
expires: Fri, 11 Sep 2020 09:49:59 GMT
date: Thu, 10 Sep 2020 09:49:59 GMT
content-length: 4407
timing-allow-origin: *
access-control-allow-credentials: false
access-control-allow-methods: GET,POST
access-control-allow-origin: *
set-cookie: akacd_widgets_routing=1599731399~rv=77~id=d99cb0a0804f3d9e72eebd9d1a173c4d; path=/; Expires=Thu, 10 Sep 2020 09:49:59 GMT; Secure; SameSite=None

GET
H/1.1 200
OK widgetGlobalEvent Show response
log.outbrainimg.com/loggerServices/ 4 B
325 B 139ms
121ms XHR
application/json 70.42.32.191
AS-OUTBRAIN

General

Check archive.org

Show headers Download Go to

Full URL: https://log.outbrainimg.com/loggerServices/widgetGlobalEvent?rId=d0084f54a4ab695b6c2c902f04226f36&pvId=d0084f54a4ab695b6c2c902f04226f36&sid=7498411&pid=45020&idx=0&wId=1154&pad=6&org=0&tm=772&eT=3&wRV=200078&pVis=1&lsd=0b29142e-2d42-420b-a911-173f1b2fe607&eIdx=0&ab=0&wl=0
Requested by: Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/outbrain.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 70.42.32.191 , United States, ASN22075 (AS-OUTBRAIN, US),
Reverse DNS: ny.outbrain.com
Software: /
Resource Hash: b5bea41b6c623f7c09f1bf24dcae58ebab3c0cdd90ad966bc43a45b44867e12b

Request headers

Referer: https://afly.pro/6oS4
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 10 Sep 2020 09:49:59 GMT
Access-Control-Allow-Methods: GET,POST
Content-Type: application/json; charset=UTF-8
Access-Control-Allow-Origin: *
Cache-Control: no-cache, no-store, must-revalidate
X-TraceId: c56eaac618c93c675e91163eba67d6fa
Content-Length: 4
Expires: 0

GET
H2 200 get Show response
mv.outbrain.com/Multivac/api/ 39 KB
11 KB 324ms
322ms Script
application/json 151.101.114.2
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://mv.outbrain.com/Multivac/api/get?url=undefined&settings=true&recs=true&widgetJSId=GS_1&key=NANOWDGT01&version=200078&apv=true&sig=SZ21moZK&format=html&rand=13315&lsd=0b29142e-2d42-420b-a911-173f1b2fe607&lsdt=1599731398980&pdobuid=0&osLang=en-US&va=true&et=true&cmpStat=0&ccpaStat=0&scrW=1600&scrH=1200&t=ZDAwODRmNTRhNGFiNjk1YjZjMmM5MDJmMDQyMjZmMzY=&winW=1600&winH=1200&adblck=false&secured=true&feedIdx=0&lastIdx=0&lastCardIdx=0&fAB=no_abtest&pcer=p%3DK3Z9NJ8V5BDmG4iBUTHJEuIGqWpXPR6nmJnTTAXh6t8%26c%3D2c9ec8ab%26v%3D3&dpr=1
Requested by: Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/nanoWidget/200078/module/streamFeed.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.114.2 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 60cd751d33fbe6f2f12cb5e9e5331e9ca787f04e0db7551d17b01863330a0c41

Request headers

Referer: https://afly.pro/6oS4
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 10 Sep 2020 09:49:59 GMT
content-encoding: gzip
traffic-path: NYDC1, LGA, HHN, Europe1
x-cache: MISS, MISS
p3p: policyref="http://www.outbrain.com/w3c/p3p.xml",CP="NOI NID CURa DEVa TAIa PSAa PSDa OUR IND UNI"
status: 200
x-cache-hits: 0, 0
x-traceid: 5afcb5cc80c4ffa18ab1283e44a63a63
content-length: 10612
x-served-by: cache-lga21962-LGA, cache-hhn4080-HHN
pragma: no-cache
x-timer: S1599731399.089757,VS0,VE288
vary: Accept-Encoding, User-Agent
content-type: application/json; charset=UTF-8
via: 1.1 varnish, 1.1 varnish
cache-control: no-cache
backend-ip: 157.52.117.62
accept-ranges: bytes, bytes
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H/1.1 200
OK l Show response
mcdp-nydc1.outbrain.com/ 2 B
270 B 1571ms
184ms XHR
text/plain 70.42.32.191
AS-OUTBRAIN

General

Check archive.org

Show headers Download Go to

Full URL: https://mcdp-nydc1.outbrain.com/l?token=c9934e328c5e4ed82f319483c73e7be4_45020_1599731399183&tm=1160&eT=0&widgetWidth=1170&widgetHeight=469&widgetX=215&widgetY=1718&wRV=200078&pVis=0&lsd=0b29142e-2d42-420b-a911-173f1b2fe607&eIdx=&ab=0&wl=0
Requested by: Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/outbrain.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 70.42.32.191 , United States, ASN22075 (AS-OUTBRAIN, US),
Reverse DNS: ny.outbrain.com
Software: /
Resource Hash: 2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df

Request headers

Referer: https://afly.pro/6oS4
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

access-control-allow-origin: *
Date: Thu, 10 Sep 2020 09:50:00 GMT
content-encoding: gzip
Connection: close
X-TraceId: e5e14243bbefdc2f353992a29917bde9
Content-Length: 28
access-control-expose-headers: content-range

GET
H/1.1 200
OK l Show response
mcdp-nydc1.outbrain.com/ 2 B
270 B 1505ms
121ms XHR
text/plain 70.42.32.191
AS-OUTBRAIN

General

Check archive.org

Show headers Download Go to

Full URL: https://mcdp-nydc1.outbrain.com/l?token=3c4970dfa98d5e9e861f9063b89f4fc4_45020_1599731399290&tm=1167&eT=0&widgetWidth=1170&widgetHeight=484&widgetX=215&widgetY=2202&wRV=200078&pVis=1&lsd=0b29142e-2d42-420b-a911-173f1b2fe607&eIdx=&ab=0&wl=0
Requested by: Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/outbrain.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 70.42.32.191 , United States, ASN22075 (AS-OUTBRAIN, US),
Reverse DNS: ny.outbrain.com
Software: /
Resource Hash: 2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df

Request headers

Referer: https://afly.pro/6oS4
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

access-control-allow-origin: *
Date: Thu, 10 Sep 2020 09:50:00 GMT
content-encoding: gzip
Connection: close
X-TraceId: a068495ee04f96ef74a78bf10e6a996a
Content-Length: 28
access-control-expose-headers: content-range

GET
H/1.1 200
OK l Show response
mcdp-nydc1.outbrain.com/ 2 B
270 B 1504ms
122ms XHR
text/plain 70.42.32.191
AS-OUTBRAIN

General

Check archive.org

Show headers Download Go to

Full URL: https://mcdp-nydc1.outbrain.com/l?token=5bda0e34f8e7692aaa0586312eb31e41_45020_1599731399324&tm=1169&eT=0&widgetWidth=1170&widgetHeight=469&widgetX=215&widgetY=2701&wRV=200078&pVis=0&lsd=0b29142e-2d42-420b-a911-173f1b2fe607&eIdx=&ab=0&wl=0
Requested by: Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/outbrain.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 70.42.32.191 , United States, ASN22075 (AS-OUTBRAIN, US),
Reverse DNS: ny.outbrain.com
Software: /
Resource Hash: 2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df

Request headers

Referer: https://afly.pro/6oS4
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

access-control-allow-origin: *
Date: Thu, 10 Sep 2020 09:50:00 GMT
content-encoding: gzip
Connection: close
X-TraceId: 72e32d55318fbdaf229795cff36e64be
Content-Length: 28
access-control-expose-headers: content-range

GET
H2 200 eyJpdSI6ImU0MjVmNTJkZGJjMGU0NzI2ZmRkYjRmMjY4ZjJjODhhNjViNGJjNGFmZDE1Mzc0YTE4MThmODk0MGNlMGM0MmMiLCJ3IjoyMTAsImgiOjE0MCwiZCI6MS41LCJjcyI6MCwiZiI6NH0.webp
images.outbrainimg.com/transform/v3/ 18 KB
18 KB 69ms
57ms Image
image/webp 104.108.145.205
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.outbrainimg.com/transform/v3/eyJpdSI6ImU0MjVmNTJkZGJjMGU0NzI2ZmRkYjRmMjY4ZjJjODhhNjViNGJjNGFmZDE1Mzc0YTE4MThmODk0MGNlMGM0MmMiLCJ3IjoyMTAsImgiOjE0MCwiZCI6MS41LCJjcyI6MCwiZiI6NH0.webp
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.108.145.205 , United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-108-145-205.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 3c9b50ebaae689a9f573910592e284346ece3bf3fd6a1cca1995789c7cca0d40

Request headers

Referer: https://afly.pro/6oS4
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 10 Sep 2020 09:49:59 GMT
last-modified: Thu, 10 Sep 2020 09:17:10 GMT
content-type: image/webp
status: 200
cache-control: max-age=2460775
x-traceid: dcff3a514386b156057745a4abcc130c
timing-allow-origin: *
content-length: 17932

GET
H2 200 eyJpdSI6IjI1M2NkNzZjNzkxNDdkNzkxMWI5MWJhZWMxN2NiZTk1YTRlM2NiM2Y5NzQ2NGEzOTc2N2VmNTJjMzA4YjkzZjIiLCJ3IjoyMTAsImgiOjE0MCwiZCI6MS41LCJjcyI6MCwiZiI6NH0.webp
images.outbrainimg.com/transform/v3/ 3 KB
3 KB 60ms
50ms Image
image/webp 104.108.145.205
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.outbrainimg.com/transform/v3/eyJpdSI6IjI1M2NkNzZjNzkxNDdkNzkxMWI5MWJhZWMxN2NiZTk1YTRlM2NiM2Y5NzQ2NGEzOTc2N2VmNTJjMzA4YjkzZjIiLCJ3IjoyMTAsImgiOjE0MCwiZCI6MS41LCJjcyI6MCwiZiI6NH0.webp
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.108.145.205 , United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-108-145-205.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 59322203ad30675d8ad15b79f139690424bf1c60e2a14a4e7a90ca19a5f54b7a

Request headers

Referer: https://afly.pro/6oS4
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 10 Sep 2020 09:49:59 GMT
last-modified: Thu, 10 Sep 2020 08:19:39 GMT
content-type: image/webp
status: 200
cache-control: max-age=2457646
x-traceid: f7ba385489e9ea3f4a7322d7530525ec
timing-allow-origin: *
content-length: 2726

GET
H2 200 eyJpdSI6ImUzZjZlN2E1YTg4Yzc4ZGMwYzVkMDFiMzIxMjU4NzU2NjMwM2NlYTQ1YzY3NzFlNDEwZWZmZjAwNDlmMGZmMDQiLCJ3IjoyMTAsImgiOjE0MCwiZCI6MS41LCJjcyI6MCwiZiI6NH0.webp
images.outbrainimg.com/transform/v3/ 29 KB
30 KB 50ms
40ms Image
image/webp 104.108.145.205
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.outbrainimg.com/transform/v3/eyJpdSI6ImUzZjZlN2E1YTg4Yzc4ZGMwYzVkMDFiMzIxMjU4NzU2NjMwM2NlYTQ1YzY3NzFlNDEwZWZmZjAwNDlmMGZmMDQiLCJ3IjoyMTAsImgiOjE0MCwiZCI6MS41LCJjcyI6MCwiZiI6NH0.webp
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.108.145.205 , United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-108-145-205.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 126c36d5122756d9fea18333b5211bf855e15473d5e884bd47898ea336fa5feb

Request headers

Referer: https://afly.pro/6oS4
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 10 Sep 2020 09:49:59 GMT
last-modified: Thu, 27 Aug 2020 11:02:48 GMT
content-type: image/webp
status: 200
cache-control: max-age=1591638
x-traceid: adc4cc0a6adfcbd3759b1c53bf7c47a1
timing-allow-origin: *
content-length: 30038

GET
H2 200 eyJpdSI6Ijc3NzE5MzE0NTE5MGMyN2RlNjc1MDE4OTQxMzgwYjJkMDZlMzJiM2VmMmZhMTlkN2YzOTUxMDQ0YWZiNTNlMjkiLCJ3IjoyMTAsImgiOjE0MCwiZCI6MS41LCJjcyI6MCwiZiI6NH0.webp
images.outbrainimg.com/transform/v3/ 10 KB
10 KB 52ms
42ms Image
image/webp 104.108.145.205
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.outbrainimg.com/transform/v3/eyJpdSI6Ijc3NzE5MzE0NTE5MGMyN2RlNjc1MDE4OTQxMzgwYjJkMDZlMzJiM2VmMmZhMTlkN2YzOTUxMDQ0YWZiNTNlMjkiLCJ3IjoyMTAsImgiOjE0MCwiZCI6MS41LCJjcyI6MCwiZiI6NH0.webp
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.108.145.205 , United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-108-145-205.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: f2710a3c88c35d469f3c0e1f9b8cfb899d9d46bf5ea3e4de223c5f91475dc7d3

Request headers

Referer: https://afly.pro/6oS4
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 10 Sep 2020 09:49:59 GMT
last-modified: Tue, 25 Aug 2020 09:33:28 GMT
content-type: image/webp
status: 200
cache-control: max-age=1439082
x-traceid: b4a569bd7a2fcf1e5213145ca503a095
timing-allow-origin: *
content-length: 10350

GET
H2 200 eyJpdSI6IjZiNDQxNjYxNDk2YjUzZWY5MjU1MDBkNjgwMGM4N2M0ODM1ZWI0YTIxZjQyZDFiYjk4ZWM0MzEyMDVkMDM2NGEiLCJ3IjoyMTAsImgiOjE0MCwiZCI6MS41LCJjcyI6MCwiZiI6NH0.webp
images.outbrainimg.com/transform/v3/ 13 KB
14 KB 73ms
64ms Image
image/webp 104.108.145.205
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.outbrainimg.com/transform/v3/eyJpdSI6IjZiNDQxNjYxNDk2YjUzZWY5MjU1MDBkNjgwMGM4N2M0ODM1ZWI0YTIxZjQyZDFiYjk4ZWM0MzEyMDVkMDM2NGEiLCJ3IjoyMTAsImgiOjE0MCwiZCI6MS41LCJjcyI6MCwiZiI6NH0.webp
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.108.145.205 , United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-108-145-205.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: a5a61a49689cd7f42f7a0b7ec022a5f85cc09cac5b59e9ad3a1235c06164aa69

Request headers

Referer: https://afly.pro/6oS4
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 10 Sep 2020 09:49:59 GMT
last-modified: Thu, 10 Sep 2020 09:15:27 GMT
content-type: image/webp
status: 200
cache-control: max-age=2460761
x-traceid: 2db306f46a79b348a0d40cbcc492c525
timing-allow-origin: *
content-length: 13804

GET
H2 200 eyJpdSI6ImYyMmQxMTYwMmJhMWQ1YjczMmNjYThkOWJiNjNmMWZlMjQ4MWM0MjFjOGM1YTIyYWZlNzFkMDFjYjNiY2E2MGUiLCJ3IjoyMTAsImgiOjE0MCwiZCI6MS41LCJjcyI6MCwiZiI6NH0.webp
images.outbrainimg.com/transform/v3/ 13 KB
13 KB 149ms
139ms Image
image/webp 104.108.145.205
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.outbrainimg.com/transform/v3/eyJpdSI6ImYyMmQxMTYwMmJhMWQ1YjczMmNjYThkOWJiNjNmMWZlMjQ4MWM0MjFjOGM1YTIyYWZlNzFkMDFjYjNiY2E2MGUiLCJ3IjoyMTAsImgiOjE0MCwiZCI6MS41LCJjcyI6MCwiZiI6NH0.webp
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.108.145.205 , United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-108-145-205.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 874d1a7b54b49cd8402b27824eada0def5f22dbe0211034860c6fd5c30bb912b

Request headers

Referer: https://afly.pro/6oS4
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 10 Sep 2020 09:49:59 GMT
last-modified: Thu, 10 Sep 2020 09:12:46 GMT
content-type: image/webp
status: 200
cache-control: max-age=2460728
x-traceid: 9e8b0b27bb4fffde5481441b34aaa0d4
timing-allow-origin: *
content-length: 13376

POST
H/1.1 200
OK log-viewability
log.outbrainimg.com/api/loggerBatch/ 4 B
325 B 486ms
120ms Other
application/json 70.42.32.191
AS-OUTBRAIN

General

Check archive.org

Show headers Download Go to

Full URL: https://log.outbrainimg.com/api/loggerBatch/log-viewability
Requested by: Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/outbrain.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 70.42.32.191 , United States, ASN22075 (AS-OUTBRAIN, US),
Reverse DNS: ny.outbrain.com
Software: /
Resource Hash: b5bea41b6c623f7c09f1bf24dcae58ebab3c0cdd90ad966bc43a45b44867e12b

Request headers

Referer: https://afly.pro/6oS4
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

Pragma: no-cache
Date: Thu, 10 Sep 2020 09:50:01 GMT
Access-Control-Allow-Methods: GET,POST
Content-Type: application/json; charset=UTF-8
Access-Control-Allow-Origin: *
Cache-Control: no-cache, no-store, must-revalidate
X-TraceId: df05d29b3477d27707f0f5f558e2506c
Content-Length: 4
Expires: 0

GET
H/1.1 200
OK llHNkmh51rw28ZLY1iTfjQgSDOLbfumqKnB7RxiQfcwDmLu-_DI0jEcgjc30PzHfPoZDgeFvEnJAAYVPFj23cvzSHVNCW34i8IFhRzuYYGOM3ovi5-uWqfmJuvj3h0t3NRz-Aite2uU56XJr4unh8csuKJhZaoeEQEk6jAPqSyaE3pqut3r4P8CTevadFwABYAb-E...
onstunkyr.com/impression/ 43 B
482 B 160ms
40ms Image
image/gif 139.45.196.102
RETN-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://onstunkyr.com/impression/llHNkmh51rw28ZLY1iTfjQgSDOLbfumqKnB7RxiQfcwDmLu-_DI0jEcgjc30PzHfPoZDgeFvEnJAAYVPFj23cvzSHVNCW34i8IFhRzuYYGOM3ovi5-uWqfmJuvj3h0t3NRz-Aite2uU56XJr4unh8csuKJhZaoeEQEk6jAPqSyaE3pqut3r4P8CTevadFwABYAb-EFVeYtM6ouyOTkN4vRGGD2Ax-nFOaY1XdUiMBEtSTlOMQQBObv5Qc__DLz9fXXRmr1AU5xVgxAJA?z=3416274&fs=0&cf=0&sw=1600&sh=1200&sah=1200&wx=0&wy=0&ww=1600&wh=1200&cw=1600&wiw=1600&wih=1200&wfc=5&pl=https%3A%2F%2Fafly.pro%2F6oS4&drf=&np=0&pt=0&nb=1&ng=1&ix=0&nw=1&tb=false

Protocol

HTTP/1.1

Security

TLS 1.2, RSA, AES_128_CBC

Server

139.45.196.102 , Ascension Island, ASN9002 (RETN-AS, EU),

Reverse DNS

Software

nginx /

Resource Hash

4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Security Headers

Name	Value
Strict-Transport-Security	max-age=1
X-Content-Type-Options	nosniff

Request headers

Referer: https://afly.pro/6oS4
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

X-Trace-Id: cf01b26fd92e757bc6cbe1d886faa083
Pragma: no-cache
Date: Thu, 10 Sep 2020 09:50:08 GMT
X-Content-Type-Options: nosniff
Server: nginx
Strict-Transport-Security: max-age=1
Content-Type: image/gif
Cache-Control: no-cache, no-store, no-transform, must-revalidate, private, max-age=0
Connection: keep-alive
Timing-Allow-Origin: *
Vary: Origin
Content-Length: 43
Expires: Wed, 31 Dec 1969 19:00:00 EST

GET
H2

200

aHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMTktMDcvMTAxOTI0L2Q1NjkxMWVhNjliYzRhOGVkZDRkODg1ZWQ2ZTY5YThmLnBuZw%2A%2A.webp
s-img.steepto.com/g/3839417/328x328/142x89x688x458/ Frame DE75
Redirect Chain

https://c.mgid.com/c?pv=2&v=0|0|0|rTQQf7XoBUiMsHnBUdx8FBcO95-bwuPikvZ-eW677rMmYXIBuwc9zeH8ev6TOdGi&cid=949756&f=1&h2=ogT0kCMhR4zwVQBbI6KA91lBrYxyUp2E5JVj1l4HvK8*&rid=z3416274zb6445621bcCZcp2ph20200...
https://s-img.steepto.com/g/3839417/328x328/142x89x688x458/aHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMTktMDcvMTAxOTI0L2Q1NjkxMWVhNjliYzRhOGVkZDRkODg1ZWQ2ZTY5YThmLnBuZw%2A%2A.webp

7 KB
7 KB

58ms
58ms

Image
image/webp

104.19.139.80
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s-img.steepto.com/g/3839417/328x328/142x89x688x458/aHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMTktMDcvMTAxOTI0L2Q1NjkxMWVhNjliYzRhOGVkZDRkODg1ZWQ2ZTY5YThmLnBuZw%2A%2A.webp
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.19.139.80 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 462e3f8bc63a6a05b89233b7a6c0683d18fdfa09bb1bfb6837510ee81af9f6f4

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 10 Sep 2020 09:50:08 GMT
cf-cache-status: HIT
x-mg-request-uuid: 0c6c6d5d-761f-41b3-97b4-723ebb4ccf27
age: 5228527
status: 200
content-length: 6932
cf-request-id: 05190535e300001ecec6218200000001
last-modified: Sat, 11 Jul 2020 16:13:37 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 5d083e3638bc1ece-AMS
expires: Fri, 10 Sep 2021 09:50:08 GMT

Redirect headers

pragma: no-cache
date: Thu, 10 Sep 2020 09:50:08 GMT
cf-cache-status: DYNAMIC
x-mg-request-uuid: c2a302e2-00a9-4e5e-96c3-88f7380562e4
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
status: 301
p3p: CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
location: https://s-img.steepto.com/g/3839417/328x328/142x89x688x458/aHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMTktMDcvMTAxOTI0L2Q1NjkxMWVhNjliYzRhOGVkZDRkODg1ZWQ2ZTY5YThmLnBuZw%2A%2A.webp
cache-control: max-age=0, no-store, no-cache, must-revalidate
access-control-allow-credentials: true
cf-ray: 5d083e355a92fa88-AMS
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id: 05190535590000fa882bb93200000001
server: cloudflare

GET
H/1.1 200
OK 3416274 Show response
inpagepush.com/500/ 2 KB
2 KB 226ms
141ms XHR
application/javascript 139.45.197.194
RETN-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://inpagepush.com/500/3416274?excludes=6445621&oaid=781e488a5ec34f7ab22b8632c9d9c700&fs=0&cf=0&sw=1600&sh=1200&sah=1200&wx=0&wy=0&ww=1600&wh=1200&cw=1600&wiw=1600&wih=1200&wfc=6&pl=https%3A%2F%2Fafly.pro%2F6oS4&drf=&np=0&pt=0&nb=1&ng=1&ix=0&nw=1&tb=false

Requested by

Host: inpagepush.com
URL: https://inpagepush.com/400/3416274

Protocol

HTTP/1.1

Security

TLS 1.2, RSA, AES_128_CBC

Server

139.45.197.194 , Ascension Island, ASN9002 (RETN-AS, EU),

Reverse DNS

Software

nginx /

Resource Hash

44b8fd8cba85700c9ebd9987df5ce1bcee49167f5c1d1cfb17c32d9392c91ed7

Security Headers

Name	Value
Strict-Transport-Security	max-age=1
X-Content-Type-Options	nosniff

Request headers

Referer: https://afly.pro/6oS4
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: application/json

Response headers

Date: Thu, 10 Sep 2020 09:50:08 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Transfer-Encoding: chunked
Connection: keep-alive
X-Trace-Id: 3ad1a45e62ead034c2562f73f4e3339f
Pragma: no-cache
Server: nginx
Vary: Origin
Strict-Transport-Security: max-age=1
Content-Type: application/javascript
Access-Control-Allow-Origin: https://afly.pro
Access-Control-Expose-Headers: Link
Cache-Control: no-cache, no-store, no-transform, must-revalidate, private, max-age=0
Access-Control-Allow-Credentials: true
Timing-Allow-Origin: *
Expires: Wed, 31 Dec 1969 19:00:00 EST

OPTIONS
H/1.1 200
OK 3416274
inpagepush.com/500/ Frame 0
0 127ms
43ms Other 139.45.197.194
RETN-AS

General

Check archive.org

Show headers Download Go to

Full URL

Protocol

HTTP/1.1

Server

139.45.197.194 , Ascension Island, ASN9002 (RETN-AS, EU),

Reverse DNS

Software

nginx /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=1
X-Content-Type-Options	nosniff

Request headers

Accept: */*
Access-Control-Request-Method: GET
Access-Control-Request-Headers: content-type
Origin: https://afly.pro
Sec-Fetch-Mode: cors

Response headers

Server: nginx
Date: Thu, 10 Sep 2020 09:50:08 GMT
Content-Length: 0
Connection: keep-alive
Access-Control-Allow-Credentials: true
Access-Control-Allow-Headers: Content-Type
Access-Control-Allow-Methods: GET
Access-Control-Allow-Origin: https://afly.pro
Access-Control-Max-Age: 300
Vary: Origin Access-Control-Request-Method Access-Control-Request-Headers
Strict-Transport-Security: max-age=1
X-Content-Type-Options: nosniff
Timing-Allow-Origin: *

GET
H2

200

aHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMTktMDcvMTAxOTI0LzE5YjFiMjlkZjY5ZTBkNTgyZTQ4ODAyOTM1MjY3ZDVkLmpwZWc%2A.webp
s-img.mgid.com/g/3901238/328x328/0x518x713x475/
Redirect Chain

https://c.mgid.com/c?pv=2&v=0|0|0|NRT7mgar_z29Jg9LcQip-W9F18GHtJAJ7GTwO3P2VdX7QoEdfO4VYHOQVY5y0OuN&cid=218581&f=1&h2=ogT0kCMhR4zwVQBbI6KA91lBrYxyUp2E5JVj1l4HvK8*&rid=z3416274zb5295256bcCZcp2ph20200...
https://s-img.mgid.com/g/3901238/328x328/0x518x713x475/aHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMTktMDcvMTAxOTI0LzE5YjFiMjlkZjY5ZTBkNTgyZTQ4ODAyOTM1MjY3ZDVkLmpwZWc%2A.webp

9 KB
9 KB

54ms
52ms

Image
image/webp

104.19.133.78
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s-img.mgid.com/g/3901238/328x328/0x518x713x475/aHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMTktMDcvMTAxOTI0LzE5YjFiMjlkZjY5ZTBkNTgyZTQ4ODAyOTM1MjY3ZDVkLmpwZWc%2A.webp
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.19.133.78 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 64986ec422fd3062fb4221c39e9d958292aa87f3609ad9eaf95de52c1f3c3010

Request headers

Referer: https://afly.pro/6oS4
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 10 Sep 2020 09:50:08 GMT
cf-cache-status: HIT
age: 12033020
status: 200
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 9436
cf-request-id: 05190537f20000fa882bbb7200000001
last-modified: Sat, 08 Feb 2020 14:47:02 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/webp
access-control-allow-origin: *
cache-control: immutable, max-age=31536000
accept-ranges: bytes
cf-ray: 5d083e398961fa88-AMS
cf-bgj: h2pri

Redirect headers

pragma: no-cache
date: Thu, 10 Sep 2020 09:50:08 GMT
cf-cache-status: DYNAMIC
x-mg-request-uuid: 22d087f7-7ad9-4a69-99fa-c887c9c8eaf5
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
status: 301
p3p: CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
location: https://s-img.mgid.com/g/3901238/328x328/0x518x713x475/aHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMTktMDcvMTAxOTI0LzE5YjFiMjlkZjY5ZTBkNTgyZTQ4ODAyOTM1MjY3ZDVkLmpwZWc%2A.webp
cache-control: max-age=0, no-store, no-cache, must-revalidate
access-control-allow-credentials: true
cf-ray: 5d083e38a810fa88-AMS
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id: 051905376b0000fa882bbb0200000001
server: cloudflare

Verdicts & Comments Add Verdict or Comment

78 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

3 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
afly.pro/	1969-12-31 23:59:59	Name: csrfToken Value: a7cddde5b1582a1800ae68690d68f08e86c9c723078b02787d23946e5892d2854e0df571c083741c80143a3767b85b533db2287c232ec35ec0553d5934eb10b3
afly.pro/	1969-12-31 23:59:59	Name: AppSession Value: 839a35699f4d97178201323c132a5fb2
.afly.pro/	1970-01-19 13:05:23	Name: __cfduid Value: d5bae5140bbb6436dee5b04504790bf9b1599731397

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN, SAMEORIGIN
X-Xss-Protection	1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

181f5d08ee63f2a1d34615851e2cc18c.safeframe.googlesyndication.com
adservice.google.com
adservice.google.cz
afly.pro
ajax.cloudflare.com
c.mgid.com
eyefuneve.com
fonts.googleapis.com
images.outbrainimg.com
inpagepush.com
log.outbrainimg.com
mcdp-nydc1.outbrain.com
mv.outbrain.com
my.rtmark.net
odb.outbrain.com
onstunkyr.com
pagead2.googlesyndication.com
powerad.ai
s-img.mgid.com
s-img.steepto.com
securepubads.g.doubleclick.net
tcheck.outbrainimg.com
thetarhaw.com
tpc.googlesyndication.com
widgets.outbrain.com
www.google-analytics.com
www.google.com
www.googletagmanager.com
www.gstatic.com
www.recaptcha.net
104.108.145.205
104.19.133.78
104.19.139.80
139.45.196.102
139.45.197.193
139.45.197.194
151.101.114.2
18.211.226.152
216.58.206.2
217.182.11.204
23.210.250.44
2606:4700:3036::6818:70c3
2606:4700::6810:a723
2a00:1450:4001:809::2001
2a00:1450:4001:809::200a
2a00:1450:4001:814::2004
2a00:1450:4001:815::2003
2a00:1450:4001:818::2002
2a00:1450:4001:819::2003
2a00:1450:4001:81e::2002
2a00:1450:4001:820::2001
2a00:1450:4001:824::2008
2a00:1450:4001:825::200e
51.68.161.27
70.42.32.191
0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073
08f50e9e70388c99977ca13b6af3a49f8f48c83e79230d51ea72a56c0735bd0c
126c36d5122756d9fea18333b5211bf855e15473d5e884bd47898ea336fa5feb
13b674bf58b545f8d166d7ed7b12de71ff9a176b230341429b14653c56ae3f39
1ac520cbdae3263911b3ea19dfa75b14252778b5bc16053ee44fb3533658d7c6
1fbd06d98ff87713eb030669571c929ab75539f05252f04ae1df807c28b20e95
2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df
2c87952cc1c23627496c7874271042bdb6af21efdf7cbf36ec4d98e6cec34d04
2eda6aab7c8564177b963a2e5da933d9595a98bcf013c35c7025a19edef261ad
3ba110c59f4fdd97a91d83fb41f2acfa25928f830382f45c3e0b8bb1082fc06a
3c9b50ebaae689a9f573910592e284346ece3bf3fd6a1cca1995789c7cca0d40
3df3edd88674c495ddf955a33a9b34810b0f854540fa828df9ef746966098854
44b8fd8cba85700c9ebd9987df5ce1bcee49167f5c1d1cfb17c32d9392c91ed7
462e3f8bc63a6a05b89233b7a6c0683d18fdfa09bb1bfb6837510ee81af9f6f4
46cdfa6413f7a235683d717705cace3b106cbc8ad8c0922a393710d32aa94106
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
5413705f837ca36f9820d29515214c677c3f531370eefdd576d114971a921d22
544e5c366fc01594b232f194eca2b32a400d7489c194abe786b0a4494c26f7e5
59322203ad30675d8ad15b79f139690424bf1c60e2a14a4e7a90ca19a5f54b7a
601c7277f95d152823308cb46804f10b73dde86697107563945a53d5b98669e7
60cd751d33fbe6f2f12cb5e9e5331e9ca787f04e0db7551d17b01863330a0c41
630a193f210946c1a7601889a3851b0493fb8a5d11672c537560242aad7a15a3
64986ec422fd3062fb4221c39e9d958292aa87f3609ad9eaf95de52c1f3c3010
6b19f5d0269b6e12da9298bafdfca6f0badaa53c27f45f637c28cb81a91c5fbd
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
704002a37ec56c094dd705e081af862bf8c4a0d14fc1e7fa442e6d0a11cda4eb
852593ea1830ce3d6821822385a17af199442f4938b588ed7c84942c351d9f16
854f7a7915f240546d3950dd2b067466da13c013d04a3f8c790880c58ec61151
855b366a87a582dfbf26930cf023df4e860b565f4bd96100f2d83e4c5ac8204b
874d1a7b54b49cd8402b27824eada0def5f22dbe0211034860c6fd5c30bb912b
8c56e3bc05df39bb6c53246ed5541ecb0f7f5b80231729b7d00ef81cf504f192
8cff4187c77b74f709172ab908382a6da1699153770068a5bdf8c55ba6723923
929701ed632814943e3df803ddd9e3f179ccf889c0ad7b7f3392bd8d109b174f
9d807c16e2160c2660ffd43bf8b8bc54eb39ecd044e823209c0ade70db965d5a
a5a61a49689cd7f42f7a0b7ec022a5f85cc09cac5b59e9ad3a1235c06164aa69
af7e7fed51326cfc6930aa11d339dfacb8e4a35f729fd58fecfaaa58c01c04be
b08cdbc2d30e656a86b20f8342428d5863f70f4b30135b4f4061f754ce932f5e
b4e8f2d73294065f2c0e54cb17bcba8bf7440408b804f9052ac03c0ff9adb398
b5bea41b6c623f7c09f1bf24dcae58ebab3c0cdd90ad966bc43a45b44867e12b
b9d3cf6b240a536c0515eeacbbaa7b6cca9e09a32ba5a299e1e79d9bbd949135
c623ef28b70438587e9f754163adaf951abd679b87e2307c9326a53556acf382
ceed67f36f66645ad65172727e84d75989a73a99992c2b51294c5932869d9e6e
ded4ffec8639ed854cb54bc442ee652361a42af6cc93a95dc6712825ca4dca19
e35cd7d32f0545004e0839f0af571d3daf37041c711a4c1c20a6fe58e99b5a97
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e70f1d93069ac8fd30510c03030bbfc63107eada04f5d3cec9c30ea4c10ed76a
f2710a3c88c35d469f3c0e1f9b8cfb899d9d46bf5ea3e4de223c5f91475dc7d3
f643ad5a4b502422772ca90a72c3500ed760600fb2ae8a17e611c92ec85a6f9a
f793c5ef218436bab06ea936132f7e566c8a3b535e8a91cd8ebbe94194eae42d
f896e57f0ba54c2aaffcbf3aad453d688d363dcc4fd5db0b12371b10bf39a9b5
fcd5322abc25e1edeb70b1dc8c173a58fed868fab9be77518424ff62387893d3

afly.pro Open in urlscan Pro 2606:4700:3036::6818:70c3 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Detected technologies

Page Statistics

69 Requests

100 %HTTPS

48 %IPv6

21 Domains

30 Subdomains

25 IPs

5 Countries

903 kBTransfer

2013 kBSize

3 Cookies

15 Outgoing links

Redirected requests

69 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

afly.pro Open in urlscan Pro
2606:4700:3036::6818:70c3 Public Scan

Screenshot
Live screenshot

Full Image

69
Requests

100 %
HTTPS

48 %
IPv6

21
Domains

30
Subdomains

25
IPs

5
Countries

903 kB
Transfer

2013 kB
Size

3
Cookies

69 HTTP transactions
0 data transactions