www.m.langlaybank.com Open in urlscan Pro
51.91.178.106  Public Scan

3 Outgoing links

These are links going to different origins than the main page.

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 36

• https://u-on.eu/c.php?u=95541&rjs=%3F**1600x1200&ljs=https%3A%2F%2Fwww.m.langlaybank.com%2F HTTP 302
• https://u-on.eu/c.php?u=95541&182be0c5cdcd5072bb1864cdee4d3d6e=1&r=&l=&rjs=?**1600x1200&l=https://www.m.langlaybank.com/

Request Chain 40

• https://ad.jetx.info/red2.php?rand=qR6957e738972a20c0addc6f37a36cd1e7&id=27 HTTP 302
• https://funnyfoto.xyz/submit.php?evadav=true

Request Chain 41

• https://ad.jetx.info/red2.php?rand=qR6957e738972a20c0addc6f37a36cd1e7&id=2 HTTP 302
• https://1337x1.site/submit.php

Request Chain 74

• https://ad.jetx.info/red2.php?id=17 HTTP 302
• https://1337x1.site/submit.php

Request Chain 81

• https://wideliv.com/b2/l/i/icon?eid=10592&n=ddfcc06d0daa881e89775e5f&nid=1&sid=UzdOOmEBgmMvHYL6TRhBLo9XVHgHPHgzBfDDv85XM55IurcCPSdT%2BoF2kqEqYvheH5sHuf7J%2B9UKvSKdl5jcSsFExU97wszb9nOONuVMPgbMw9uDOMdt5KHbJMDPy4iGFcOR16uINc6c%2BA%2BNTBbiOgidaLU%2FuAFYIW5bL4c6QExokoG3FzTNDSrcLPHCqTriBTUWfWkGMxCeY4pqbgq5qfrIb%2FDzq%2BN%2Bp1lTjvK7CtG0KAKCPhbIPF1tQUevgX5iYRp5rSYeYvQN8ZrWXXxvNZfJXeAa3%2BCTneVqgMoE1g7KgM6S46LGguuSOL8LN3DIheAU1N6ajxkO5NorJADbKpMAp4zLw1aLbNS2LpvygRkDh%2FLiQqOVYMhyBEdennpLOFea3Bt2pnGCmD9XjmkXDQHc%2B4fq7i%2BJpcxEIH53daDw%2FK0mmDmsg9e2T8YhODge9znga3DkXJmd4etDT8rDFv07UYIsa%2F0%2BmwGoZCjO%2FFoRcrwBn%2BNIjL9byDpn58gGR0DAt2bDiboQFclT65BaEjiyGEuHxxnYIITVKO6rUzQUVyBTyVE97Gs8FrKwVi%2BhO2ce%2FsGVcRTXoKyolKfbsTsWz41RgR3WnchfcQLRLe9l3RZrRirWkr5ZeKES7Qmx4Tm2CliX9hDFekBFA8K5dDY0W8FYXjz4CgHrvIiddzBYlmIqWZ9WYG64Vf56yGRsTPbVQhm4gGwUBHtKBGZ79iU0frYhQLsguevVtXADBbDrf2H1phK2QfcvAxpABeEgmmZ%2BsEE76pkP%2F46yD81jdxXMkCYwsboEFr9%2FQ9BrjvA1UdWs3QOMRtiohiLMnL5V0L%2BP%2BVzHEBngXuNzSf0p1MJcESsPhPDfXhU8lrXnSPtjaJwOiuOKfCjBoT%2Fqe%2Bp2KzuGKCtFtULI6HJ8sdpFHb5aq8B6hhZjGsSwVHw6R%2B2pNEvbthqiTMXPECJ9oAbrHBsdkrjzfHyfSuIt6wLF2pDtLoQ%2B4lIBuXZjbwz2lV%2BiEt%2BTjPRbLEaXHI5oz8BcLvzW4SJUG7MoWg74bp9NFy1mUSXJ4X%2BnJgbQZD4mg4WaCe9gED4mVf9dUPXS4ttoN1QrmhPptNw8aLy6M4kT%2FMb1MH2G40cxelJYGuFn2Op3GB6fa%2BKInjl6xeo23qddiUqkatVr8AL8deI1pI%2BIDOENYcnRfsUezIQiZCkgwnYLpWzmNeL30e0ial82qJeF7S6PYpaSPe9q%2BBKXVIXU8eK5FCgNZFeldkYRPcLbEzz3G%2FiCf39QwXgLxvChqEMQEovCC5XrIKJ1slA0%2B%2BP%2FiCX%2BqKH6QS%2FC1RezlmqSDF058GubsHs%2F9aW01X9cznhxmltnSZARYymBf7tyJRn71D4lYpwgsQDfv3Y7iOV3GV9T57oNpYLFYmnlAh0XkDWiXdxToCbKAEq3VFPkSHmVi5S05RM8GZCgk6mpl4wHggeRVIu91EKS6cprjXrcld990EM7hiRYD3PajQP4epvcO5vVW3%2FQq7kr3xqPvgiURz7cNGB915NWvcDM6287CY%2FGskNCP5G2MyrEU14zBz77gFmOS1050qPIEX9%2FrYuG2KPhjnB%2FLzdb%2F%2FyeA00LD%2FZi1iNLKtbV7xbuHGMOK7QRI0ai176%2B2ES7AgvEKJ%2BFBEn4wQ8VWO8SAbAo8v0Pn5S5YqSvTBhMMk5M9%2BKeutAWTEsRTT5O9c576nXlvWosXJKKelDesq9bTOi6XBxX05FAKIg5gBZe4RFRI4ELmKa4LfKQUC1xvU4djUIVmJHBQcDmQj9EsuO0iaFA9X6C5ue5LVG4Wb%2FmbZGubeG6a%2BDWmHGuwawBGMO6v6h2GTprH9VftL7sw7A7a308ZtnEOcrQZhzj0rSjl0FUvpvMUnaX3BGYXzc&ts=1624955611&ttl=1800&v=v4.1.10.1 HTTP 302
• https://cdnspace.net/cqEh9WM3aZhR7EdfynM8xbNWjLs1Ddpih2xFQwtp.png

Request Chain 82

• https://wideliv.com/b2/l/i/icon?eid=10592&n=411bda0357b37530c970026e&nid=1&sid=sjlUSamXp2gQ0AH2gk5jZpxhWWaFqsX4h6hDvoqbo8aE2LNh6KDkNf0nxN9Y18Ox8Ab0kTd5N%2BOX3Mw17q%2Bzd9IAq5BVEEbpt6icN6iAHz7Amk1mE8Tav2KfpUGuS5Aa4gyQT66YexRiPjYDTexNEUlXHgPOUHVlgIk1yttc11%2Fvj%2BJLQ6XBdtYDNU1wjbPOOqTZwl9su4fF0I9cu9Nw1n7DECpV%2FI0p6fpzw4%2BZnhxM2GLfGwx6zIXlnD%2BUo00QLQm1Uop86%2BmS30%2Bm6w0HiDm2FMA5GE3mWcZXI4gLNgUts3%2FV4w86kOxDd8tgup8BKupZdoLIfPsVjX0gKk8K8JZHUJtzOpmsTtQNvqL7Z%2Be0%2B8bYUoIamchaCBNu6Up%2BE0WUc0B4uoFQFuSriOhyHF%2BnMyRC6hlOOeplpcEOMTA%2FdEWvuY60DUUvp95GWTuUSbXdF4FJYixTYcDkNsrG0yUSLc5JGbv1wk08qCAWjepS9eD%2FoiQ%2F%2FjAbdvgH4GwaNsoYP7fzXlLe%2Fr86j8Lma70iuwXhDpKwwWzCjqGv6IFic2u6KkRJJ6fZCVDnD9h7z2%2FklR0%2Bsvtdb15X2lZZTAnMphc6GUXPKJzwQJfu2UXSLgTekAJX0dO490gHTyhI2Hem2PLxnClwcBeHh5qv%2FiPRPZAUzOIvm84nMOeZ6UA0khvxcSPYCfCea9Kk%2B0AwzQE1RW23C2aRQAt2FVjcPggGx8%2F3PhVAq3t7za9x95sH4hUuwEgk18sWn6km2AEWp1i1d7nFGi7PXwjOTeWDYZYnLajmEeCiy9UFqNOe1HJtwW%2FA6%2FAMlYSrV1qZ0HNBLR%2FWhgpEFlrZeQOQrhUJdQ90QhjqqvmiUdN2Ft7UWlC%2BgHdJAOJrFcrkh%2FawNv5epp0y%2Bjgo4lfXA0VHkJbi0dkEywxJNuslszTo7bFe5VWJ1tu%2BycVyo%2FOyaCYSzO3XGFRk2fPwGO8zi6Yb5SjqjmlYel181Snz1FPqJiB4UV2KghACpmrKHNAdrvqU%2FstKKOCGHOEiI5s67bDd7gauMhS1d1dkRD%2FogtzdBoSdZmYIWfPbNZZX1UishOZJLxop1oVeTAYKr6eMdTUYL0QfGUDWLTUFpTBixDu8Nhtyi65Alu8CCT%2B3psistgxFNo9NDTvopkIuOJADpaUdhjZCo56QpB7P625Qno9VPCIoIQvwnHeXgC559HneoJ%2Fy%2BT17DPTDiz2V0YvBVglCoouia%2Bgn%2F7SyngZzvDro4pFXoZC38EPntvPEvDcyo3hQ1mNaKYbJ4p2oMnALtYx1D1GAEt%2FXj5MdnqkQGm4WjjdaXpXWjDgzaoK7nb2Wtd9rufYkJuraoj7x6b9fW4KlzNfGrJW9c056RqzVXzo5okQa2%2FfOvV2xHJF0r75jyF6%2FEPHqD9KkY9hSl1kx6xmzAI%2Bz08c7kD%2FLgtLO%2BoKcWATCoNczzX1MtcoEt2S1jHnVQFUUjzgBrzkG5b%2BSFIDqv%2BYBE4%2FL4M7qlwdGWQFcHeUOg0Ij1YBKVTZ52vFGPEcXqB1IIJK3JZ2LzF2z783BWKI3gA%2FcP0cUm6k7HmzC3Z0ZYEeVLNanX4rMDCJVcKv8hSo0gAeWyDmCMDzJYbb3n0Fwr8hbsR39VDvAkb5tAbH3LKaYHTYBla%2FSbtkjRG7%2FmUDNFYz8vvqD5tLVORaICToKsVWoSNN6qGxq6Loh%2Bsvi0D5Xjs86Q1ERVuLcjv7vwFz37W2dmwPvSRqUIx8u%2BbgvzaRLFn2v%2BNQELlZa7N8X5sJ0nElz%2Bdt03XtbKkcVTF8yPXX6DorGTlc0z13fKbx4h5e%2Bo%2F7pgtm87nKZQ2meHMs6ArLR3ttqGL%2FeeiOMEpOfHRfP8sqGERCkhuv5NwZF5AZ0JS8&ts=1624955611&ttl=1800&v=v4.1.10.1 HTTP 302
• https://cdnspace.net/jX738fBE7PeO2UpmSiyngEtNRchCIaqY7mDemHIJ.png

Request Chain 83

• https://wideliv.com/b2/l/i/icon?eid=10592&n=ca5719522a913bd9471bea03&nid=1&sid=oZ3lV%2FaDWy%2FvHpDmHnLK8jb4JVRlsrijncxkpz2lJ8kOGNrDaVEKSHFIW1e3kSffosDb76KxObDhFpbdsxxkyYhG6dMjo1ZRJj06gYmyzsBAdJ7gSK1%2BsYQro0qifOEXdUokWSW0kg6VJLtL7Fo8ms4NCcIFWMHpHwCRg%2FmjERxrb3IEkvD9vtqOQZwVyHVk6qU5AzLXCyU3CmUB5AkwBVIno9to%2Bym%2BG7RGk8AyBy2JcFGldv038BENEXrkrwKEku%2BwjiMK51FdrDvQRzP6GmS95FK%2B3VhbUMQHKNS09k5SyEN9X%2BaqX%2FEcUF%2F4%2FwTFtjjPxZDEv9MAGhIaEA33RvM2cPf%2BxJ2ZH77maeAf2tOwp1cuN6%2FYFWRsinNW2ZhxIclumFQDrup%2FIlHbR5zU6SfAPA5Otsdr3iYdDQS9K6HBuV90RjyC%2Fa5B1RlIfuqWBlebZ8%2BCG7dOGgoPsqrjldeKDyfZ0ZeX1fdiyg4zw8lmcXtRDh6yDGR5dNBYgx0yQBn0n8Hvc9OvkvSv2Qg61R026X1UycHmZQAu1nQiQTvYZTdePKuE4i%2BayIwV7HtdxtptupKL1JXf98glW4Mo1taNLIUBuZAL%2FugdCBjEncry%2BIz1h4Y%2B38PdYQI2pFcXXVoa%2BMczucM0tjvOCjtkEatNGF7b2ZbqmFmEVcK92jn5w7QTfgF4avAf%2BUMlWDna1YnCBq1r9KyBau%2FC%2B8g6dLhC577kHRiyrcPnycEY5UzN2TnURSG%2FFHkGRb4Wp%2F8OXGYwk%2BFyMjoA3Ts3pKodjeZ9%2FiUv5HmUzocWdStplQYYFYtxnry8%2BF1gdnZu31ewUf2V5taibwV3aYXtFP1hLd3E9yNCag8U7jkv8x4HMR6%2FFCgCs9Y1o2SwnOJ%2FVyo%2BzJ3ANg5it%2FHRT%2Bwq%2BVx7uj3FFvJSysak1uk60dwLBDSugyHlzxxjB29zgWp3KipG%2FLpcylvMLPZVCSlwU68JYZ%2Bg09LBb972ag7noUEGApGTXsLhq9BSJnm3reuiIrc9V9AvcoX6R9oRIg0aZR0Vg8uyauY9vmr8J7cmxIeybf%2FIjleEwq7lxeJ4e3TseyGZkgSsqVBzEQ0f9TX8xOaOFNZHuKX2BWVhy1kRlfWgjH8PZ%2Bvjz3ahGVZyZHSMIztCls6oiBqcn%2B%2B%2FmKZw%2FpoZGxyXZjD0piClJtJRIdnMlDwf9koeQjUKHBVNLsw3wysuM3B%2FQwKjoZ%2FgrKpz33QNFAx3p84a1HkgX9WWUKS95p9y%2FHLgAVm0AQejIuTvrJJXOj%2FROQxpQLtCGxzcJ6ZzGIRz8nxWKLeN5qypAggZoNzJeZkKOwXx5SWeR%2FEeO0dcmuOD28%2Bus%2FXjceOVrL924WMfOQOrWLatkPoGT34TJZft7LWfhXKJS1LpRu4l9t1K1xCYKPJzUwTBLOlD4wDlUpFpb6ZC0GLN7IIG4xX70vat%2F7EfO3eAdrqbnYpHB3nu8gEieis02RsSwLd1xe89h4DIk3VkLsRNmMrVbXyQr8UiPNeHB%2BbCkG5oLJvcFCPEqR8fpbuSm3CsU0crBn0JVkH588%2FPJ4b6ODOP3a2Y2Z0BeD3leVS6rHAiH3wR0fcnytg7zxcBMVuFHsqWkopecKOw0YDFsEsDC2MEz231hWcorQm9rphPICGaRQz9LmxQNpWizNqGoj40nOsG6DxrqKnj2r%2FPiEMfRqNJHHq4SLCR6rVd3c4m8qoiSBmHpgV%2F1i2lhRycelszAN6AbPYUNR3%2FUF30X9kWPpbR64K%2FeWZuR9lofbAfZ4S9uio6wHd9Cp2sqwnAbDObWVlgzHnYfJK%2BXqZa4DniLAR0nHyLBTO7arCb%2B0UrPNAy7WavihNiW1Ei7ioYuui1LAebMD35AHd1jzk&ts=1624955611&ttl=1800&v=v4.1.10.1 HTTP 302
• https://cdnspace.net/JG747VJcGT4lrTOCg7UXdLDzwE6MIln78SU0jEk1.png

Request Chain 84

• https://wideliv.com/b2/l/i/icon?eid=10592&n=41565d0e7212b9bf72e283cd&nid=1&sid=%2Fz9ervzhTiXhY3V2vw8xRzT9%2F96KSd46qvUMIQqPEIZHgGZkacGw9HY6x7o8QRoMnkohoLBniQe0yVe2uqSqcwzFiTgeoO4IYqiD4JSoj7MQxgEJz3U7v%2BDfWYUX1ijMsBNpzTmlSzjTrLHwyQ9d3rdlvmJ3dYQoDTZa0yB0hDuRoJi3WRcmTDL2%2Bqw6BGLWZOMyEbbUyCufRj9Y8BBG%2F51Hc6J6kWR4gZ1iw0Zv%2FHBAcjgxb8hxokuerTswWDe25ofmL52sh%2F7bNLVBuWcjtcorIcy1yX9uQZtBDL2%2B5J9rGTcWmFN6hjhau1a0oKiC1HGUpl0cmr2SV8fGZ5%2F0YcrIilNk%2FHC9s1LA7SSWm%2BPxPxBS19tLBwRX%2B6dQ4mIf6bxRAIZ90Ihq5336g3e87SJrWaWCyNuqCcGPm4QpMIaesYiovEcoWd3gzIzz61bR3WSOTnCSBfpkkKCoe0%2BbHrfaOd%2FvtfIkS47w3pj3K3Gb7uoGertcrZ%2FKEKZPGByHXeGPv1h0i9HMd1glPzZwo%2BNbTJ%2BQoXfXWR%2BUZUTeEAg8robTTnnzvX%2BVjwj7LJ%2F4tTOCpk5KVtl1U1ufV%2FCTFH2iTGNZCCMFZ5pp88fJD75pDPwDc3hDc76ATfqQncjps%2FiEm4QgMq5oB1tBBc0znf7%2BiEHQM1D%2Fn%2FuAxLCdzFcG0%2BMVLbTowdGomnAPNLW9YHkgTGHmf5GXGLx3vfFJHpNlSOFlOhDxD%2FKWQ8THDHhogLGh2oRgCv2ol8akb1aVIkiZNIUmqsQ3L9Q7ezwXGkFl4zY31R1LQKsnvNojomw6zrHAsMJTifDtMu3Qcey1FPhrAdSoiHhm7hoMRVpweOGFT3OXjzKcWxwGcBiBmxTfdqmdw7KrQm8eWcyeWQXb6PP%2FNy5eAPzOly%2F8rDRQAHWtOl3zqWC0axdnEDY0%2FIPhrhVDS8vvq%2F9NMXmeknB78JAFb700jpZBqnziN0dwBz59QyYVaBwBknOq1fqBGtmndrka3kEKKXOnHBHz2WGiHO1xmafK4vuhXaO4WepYMg4buNzu1Sj%2BHDrbC7D1ZnZCsgWV7KHbLI9q4hCzsqvI9rSzyHe6MMxuc35SI7g1tIwoOYcOEkVElnMJCNVGkBee5i4aASEOLTy3vw6rkcrJmEmOM0rRADiwY9kYdE3%2FgR6cQUCfYlDxewSU0GZ0hdkuzWl%2F%2BMdDVK8arh7vr9mKGrfPV3%2FeGYmrQ%2FyUh0EKT2RrW1mKVoysGfv9W4rg8nmSFNry95avLK5UqmZrHJZWHmUng2KRnKGAm4SHi5uoypbxGCv9dG62K8JGsHwOPxt4d35PvIQ5ohPQq9ytKMV71i3XS2YjebDITQaBStAVKRdpUSNKwkcHKnCFMIlZRFStJr19q24MABX9FnpSEYe%2FzUpLN5ehBIYjz3sV%2FJ102FKDP8lOEsyeU9tk8KgDPGDSL3g%2Bo8mSj16e6E7M%2FNRhxf6YVe9YWaUplElJaVVHUpNJeMqcz8YX36hWNiSDT6%2FG2SjB9WkKURCM%2F%2B4UIcEnuGNrAGFcVCgZzFnJo7dg0lhk4plnvfrHtk%2BPq4bzXKwuAYWXjvswJpMQHk%2B%2Fmic77etQbdolt8srsLZiY6Qq7tlNYZ8a8oY6c91XvRSmxDUqKcJEkZaky42aWWWIxv%2BCeMzOp%2BC%2BVontLxMbuRgXj9obr42x2kTDXZ9PsBRaa2bBvlfS9bQwrqbutBQCL%2B8TkjyPEHJpFjVZDc9v%2FhM%2FN1BMEtLN7zLeOCg7oijUf6Mn%2FS8h%2BwNKE%2BcJIWCxEQ8w%2FpX5l72J3oOqOhoRy0iHCuZCSp5FNH7%2FpPzQ8%2FmP6dc1Un5KpMGN0bC6Jk0MzsN35QczIqPc%2FlT2HqBU%2BIMfHs0MaLc&ts=1624955611&ttl=1800&v=v4.1.10.1 HTTP 302
• https://cdnspace.net/XML8zou80R17SOGE81z0h5Ahl8DiPoM5oshCv09i.png

96 HTTP transactions Everything HTML Script AJAX CSS Image Expand all
0 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H/1.1	200 OK	Primary Request Cookie set / Show response www.m.langlaybank.com/	29 KB 29 KB	141ms 78ms	Document text/html	51.91.178.106 OVH
General Check archive.org Show headers Download Go to Full URL https://www.m.langlaybank.com/ Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 51.91.178.106 , France, ASN16276 (OVH, FR), Reverse DNS server1.wapkiz.com Software Apache/2.4.6 (CentOS) OpenSSL/1.0.1e-fips mod_fcgid/2.3.9 PHP/7.4.16 / Resource Hash 1ed8e88e3fd4390b103e78bd5110ba18455aaf3f57ac0057d45aefb06f8349ea Security Headers Name Value X-Xss-Protection 1; mode=block Request headers Host www.m.langlaybank.com Connection keep-alive Pragma no-cache Cache-Control no-cache Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Accept text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9 Sec-Fetch-Site none Sec-Fetch-Mode navigate Sec-Fetch-User ?1 Sec-Fetch-Dest document Accept-Encoding gzip, deflate, br Accept-Language en-US Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers Date Tue, 29 Jun 2021 08:33:29 GMT Server Apache/2.4.6 (CentOS) OpenSSL/1.0.1e-fips mod_fcgid/2.3.9 PHP/7.4.16 Set-Cookie m_langlaybank_com=a627b424dbdc71e16a7d62359787ee59; path=/; domain=m.langlaybank.com Expires Tue, 29 Jun 2021 08:42:44 GMT Cache-Control public Pragma no-cache Last-Modified Tue, 29 Jun 2021 08:32:44 GMT Etag 1b02313d61f03bebf1b3afc1783e82f5 Access-Control-Allow-Origin * X-XSS-Protection 1; mode=block Transfer-Encoding chunked Content-Type text/html; charset=UTF-8
GET H2	200	jquery.min.js Show response ajax.googleapis.com/ajax/libs/jquery/3.5.1/	87 KB 30 KB	7ms 6ms	Script text/javascript	2a00:1450:4001:80f::200a GOOGLE
General Check archive.org Show headers Download Go to Full URL https://ajax.googleapis.com/ajax/libs/jquery/3.5.1/jquery.min.js Requested by Host: www.m.langlaybank.com URL: https://www.m.langlaybank.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:80f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash f7f6a5894f1d19ddad6fa392b2ece2c5e578cbf7da4ea805b6885eb6985b6e3d Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://www.m.langlaybank.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Tue, 29 Jun 2021 08:12:46 GMT content-encoding gzip x-content-type-options nosniff age 1243 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 31021 x-xss-protection 0 last-modified Fri, 08 May 2020 07:05:03 GMT server sffe vary Accept-Encoding content-type text/javascript; charset=UTF-8 access-control-allow-origin * cache-control public, max-age=31536000, stale-while-revalidate=2592000 accept-ranges bytes timing-allow-origin * expires Wed, 29 Jun 2022 08:12:46 GMT
GET H2	200	bootstrap.min.js Show response maxcdn.bootstrapcdn.com/bootstrap/4.5.2/js/	59 KB 15 KB	33ms 17ms	Script application/javascript	2606:4700::6812:bcf CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://maxcdn.bootstrapcdn.com/bootstrap/4.5.2/js/bootstrap.min.js Requested by Host: www.m.langlaybank.com URL: https://www.m.langlaybank.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6812:bcf , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 79c599dd760cec0c1621a1af49d9a2a49da5d45e1b37d4575bace0a5e0226582 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Content-Type-Options nosniff Request headers Referer https://www.m.langlaybank.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Tue, 29 Jun 2021 08:33:29 GMT content-encoding br x-content-type-options nosniff cf-cache-status HIT cdn-edgestorageid 601, 617 age 8488232 cdn-cachedat 2021-03-11 11:57:52 cdn-pullzone 252412 cross-origin-resource-policy cross-origin alt-svc h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400 cf-request-id 0af87ff8f800002c0d66846000000001 timing-allow-origin * access-control-allow-origin * last-modified Mon, 25 Jan 2021 22:04:11 GMT server cloudflare cdn-requestpullcode 200 expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" strict-transport-security max-age=31536000; includeSubDomains; preload content-type application/javascript; charset=utf-8 cdn-cache HIT vary Accept-Encoding cache-control public, max-age=31919000 cdn-uid b1941f61-b576-4f40-80de-5677acb38f74 cdn-requestid e455163fbf55c3689672495c4e904ae3 cf-ray 666dcf6e5fd82c0d-FRA cdn-requestcountrycode DE cdn-requestpullsuccess True
GET H2	200	font-awesome.min.css cdnjs.cloudflare.com/ajax/libs/font-awesome/4.7.0/css/	30 KB 6 KB	44ms 28ms	Stylesheet text/css	2606:4700::6810:135e CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://cdnjs.cloudflare.com/ajax/libs/font-awesome/4.7.0/css/font-awesome.min.css Requested by Host: www.m.langlaybank.com URL: https://www.m.langlaybank.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6810:135e , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 799aeb25cc0373fdee0e1b1db7ad6c2f6a0e058dfadaa3379689f583213190bd Security Headers Name Value Strict-Transport-Security max-age=15780000 X-Content-Type-Options nosniff Request headers Referer https://www.m.langlaybank.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Tue, 29 Jun 2021 08:33:29 GMT content-encoding br x-content-type-options nosniff cf-cache-status HIT nel {"report_to":"cf-nel","max_age":604800} age 1677552 cross-origin-resource-policy cross-origin alt-svc h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400 content-length 5631 cf-request-id 0af87ff90200002b22dfaab000000001 timing-allow-origin * last-modified Mon, 04 May 2020 16:10:07 GMT server cloudflare cf-cdnjs-via cfworker/kv etag "5eb03e5f-7918" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" strict-transport-security max-age=15780000 report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=nd7Sj9LRXTrlYuim1ik0RVea2XnEgzXS81K7kj4Al6ZsXPsmaPM0xn8rncGbb79Ro%2FbQCydWBjhmOE6MroDfKI1L5%2BwRs5nLWVfymu1eC94FiE1vUoOE9OGHaXWG8vzn594vNWuGLJO1c%2BLp0Q%3D%3D"}],"group":"cf-nel","max_age":604800} content-type text/css; charset=utf-8 access-control-allow-origin * vary Accept-Encoding cache-control public, max-age=30672000 accept-ranges bytes cf-ray 666dcf6e6c282b22-FRA expires Sun, 19 Jun 2022 08:33:29 GMT
GET H2	200	css fonts.googleapis.com/	684 B 457 B	17ms 15ms	Stylesheet text/css	2a00:1450:4001:828::200a GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.googleapis.com/css?family=Akronim Requested by Host: www.m.langlaybank.com URL: https://www.m.langlaybank.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:828::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software ESF / Resource Hash 40bc43ca7ecd29c32911aea870d0299083ee8bbf29126f46f30b583b2688f6e4 Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 0 Request headers Referer https://www.m.langlaybank.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers strict-transport-security max-age=31536000 content-encoding gzip x-content-type-options nosniff cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" x-xss-protection 0 last-modified Tue, 29 Jun 2021 08:33:29 GMT server ESF date Tue, 29 Jun 2021 08:33:29 GMT x-frame-options SAMEORIGIN content-type text/css; charset=utf-8 access-control-allow-origin * cache-control private, max-age=86400, stale-while-revalidate=604800 timing-allow-origin * link <https://fonts.gstatic.com>; rel=preconnect; crossorigin expires Tue, 29 Jun 2021 08:33:29 GMT
GET H2	200	font.css fonts.maateen.me/mukti/	298 B 543 B	133ms 95ms	Stylesheet text/css	185.199.111.153 FASTLY
General Check archive.org Show headers Download Go to Full URL https://fonts.maateen.me/mukti/font.css Requested by Host: www.m.langlaybank.com URL: https://www.m.langlaybank.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 185.199.111.153 , United States, ASN54113 (FASTLY, US), Reverse DNS cdn-185-199-111-153.github.com Software GitHub.com / Resource Hash 23a9756aba8e233daabb2c0167c3c95483e6e16e2603f88a8731b1ad8dbf9455 Request headers Referer https://www.m.langlaybank.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers x-fastly-request-id 51f730695d790bad7983a1fe0fc19588d2bfe325 date Tue, 29 Jun 2021 08:33:29 GMT content-encoding gzip age 0 x-cache MISS content-length 166 x-served-by cache-fra19146-FRA access-control-allow-origin * last-modified Fri, 20 Mar 2020 13:11:57 GMT server GitHub.com x-github-request-id 1ECC:E9B2:1930862:19FCDA5:60DADAD9 x-timer S1624955609.408901,VS0,VE89 etag W/"5e74c11d-12a" vary Accept-Encoding content-type text/css; charset=utf-8 via 1.1 varnish expires Tue, 29 Jun 2021 08:43:29 GMT cache-control max-age=600 accept-ranges bytes x-proxy-cache MISS x-cache-hits 0
GET H2	200	style.css fast.wapkizcdn.xyz/css/112233.wapkiz.com/	10 KB 3 KB	49ms 22ms	Stylesheet text/css	2606:4700:3032::6815:415d CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://fast.wapkizcdn.xyz/css/112233.wapkiz.com/style.css Requested by Host: www.m.langlaybank.com URL: https://www.m.langlaybank.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3032::6815:415d , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / PHP/7.4.0RC6 Resource Hash 083e1a9c2e3694e9316987af5f5a7fbbc23567d7efc7c2d7d2c6e31261914492 Request headers Referer https://www.m.langlaybank.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Tue, 29 Jun 2021 08:33:29 GMT content-encoding br cf-cache-status HIT nel {"report_to":"cf-nel","max_age":604800} age 3718 x-powered-by PHP/7.4.0RC6 alt-svc h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400 cf-request-id 0af87ff90400001f516f3d8000000001 cf-bgj minify server cloudflare expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=nRXJdC5s95B6l6rCJGfOHE2xb5jz9O7afgVAwmRZGCbt7YicjcUnKkhjOpDKOnOMVSE1jI%2Fp%2BjFkl0vCrVmUh2yEkGHT3UNLhWbVEv8ZuUrQZQcDg1bU8w3im0QdZvtFbaXu7KQuk577qb1F"}],"group":"cf-nel","max_age":604800} content-type text/css;charset=UTF-8 cache-control max-age=14400 cf-polished origSize=10705 cf-ray 666dcf6e6f171f51-FRA
GET H2	200	element.js Show response translate.google.com/translate_a/	10 KB 4 KB	36ms 15ms	Script text/javascript	2a00:1450:4001:812::200e GOOGLE
General Check archive.org Show headers Download Go to Full URL https://translate.google.com/translate_a/element.js?cb=googleTranslateElementInit Requested by Host: www.m.langlaybank.com URL: https://www.m.langlaybank.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:812::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software HTTP server (unknown) / Resource Hash 1fcd74d69daa591bca7c9854b98e9caa10fcd3a1888f473291afcb3c5d23246f Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://www.m.langlaybank.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers pragma no-cache date Tue, 29 Jun 2021 08:33:29 GMT content-encoding gzip x-content-type-options nosniff server HTTP server (unknown) content-language en p3p CP="This is not a P3P policy! See g.co/p3phelp for more info." cache-control no-cache, must-revalidate content-disposition attachment; filename="f.txt" content-type text/javascript; charset=UTF-8 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 3850 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	200	adsbygoogle.js Show response pagead2.googlesyndication.com/pagead/js/	136 KB 48 KB	24ms 24ms	Script text/javascript	2a00:1450:4001:803::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js Requested by Host: www.m.langlaybank.com URL: https://www.m.langlaybank.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash 2f8064965f15b802f5e8585daa147c7cdd71467a270ef3fe5afe3037e7558dc8 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://www.m.langlaybank.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Tue, 29 Jun 2021 08:33:29 GMT content-encoding gzip x-content-type-options nosniff p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 49123 x-xss-protection 0 server cafe etag 9912502780553662519 vary Accept-Encoding, Origin content-type text/javascript; charset=UTF-8 cache-control private, max-age=3600 timing-allow-origin * expires Tue, 29 Jun 2021 08:33:29 GMT
GET H2	200	ckeditor.js Show response cdn.ckeditor.com/4.12.1/standard-all/	630 KB 188 KB	25ms 7ms	Script application/javascript	205.234.175.175 CACHENETWORKS
General Check archive.org Show headers Download Go to Full URL https://cdn.ckeditor.com/4.12.1/standard-all/ckeditor.js Requested by Host: www.m.langlaybank.com URL: https://www.m.langlaybank.com/ Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 205.234.175.175 , United States, ASN30081 (CACHENETWORKS, US), Reverse DNS vip1.G-anycast1.cachefly.net Software CFS 0215 / Resource Hash 20a7c5e3668a3109bfedf04de4c5c1af6d1afd40cbd17bed1d6a4f1db109a87f Security Headers Name Value X-Content-Type-Options nosniff X-Frame-Options sameorigin X-Xss-Protection 1; mode=block Request headers Referer https://www.m.langlaybank.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Tue, 29 Jun 2021 08:33:29 GMT content-encoding gzip x-content-type-options nosniff x-cf3 H cf4ttl 604800.000 x-cf1 28810:fB.fra2:co:1621510209:cacheN.fra2-01:H content-length 192402 x-xss-protection 1; mode=block x-cf-tsc 1624927338 x-cf2 H x-frame-options sameorigin last-modified Fri, 28 Jun 2019 07:23:05 GMT server CFS 0215 x-cff B vary Accept-Encoding content-type application/javascript; charset=utf-8 access-control-allow-origin * cache-control max-age=604800, public cf4age 1466 accept-ranges bytes x-cf-rand 4.264 expires Tue, 06 Jul 2021 00:17:51 GMT
GET H2	200	style.css fast.wapkizcdn.xyz/css/mdtr.wapkiz.com/	30 KB 7 KB	47ms 21ms	Stylesheet text/css	2606:4700:3032::6815:415d CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://fast.wapkizcdn.xyz/css/mdtr.wapkiz.com/style.css Requested by Host: www.m.langlaybank.com URL: https://www.m.langlaybank.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3032::6815:415d , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / PHP/7.4.0RC6 Resource Hash acd74247105d40647abb5bde0595b6ea96e4c6f6f0b80f95dd4cd04bf07aac8e Request headers Referer https://www.m.langlaybank.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Tue, 29 Jun 2021 08:33:29 GMT content-encoding br cf-cache-status HIT nel {"report_to":"cf-nel","max_age":604800} age 3718 x-powered-by PHP/7.4.0RC6 alt-svc h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400 cf-request-id 0af87ff90700001f51c380c000000001 cf-bgj minify server cloudflare expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=LO9O5O%2BeGYX9Hi9Vx7tWfSoidWpeRZ8VWlWwi1jjiKyvsMIN5I%2Bj%2Bu2Mqq518Ybyvkon7mWjh62IuUorDZmH85%2FjTveeItLN7XebZWzc5ESSrRH1ulrORaFZDYiHwLfaPPEe9niF2DFfOv7f"}],"group":"cf-nel","max_age":604800} content-type text/css;charset=UTF-8 cache-control max-age=14400 cf-polished origSize=30458 cf-ray 666dcf6e6f1b1f51-FRA
GET H3-29	200	18.js Show response fast.wapkizcdn.xyz/js/write2pay.wapkiz.com/	465 B 886 B	29ms 19ms	Script application/javascript	2606:4700:3032::6815:415d CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://fast.wapkizcdn.xyz/js/write2pay.wapkiz.com/18.js Requested by Host: www.m.langlaybank.com URL: https://www.m.langlaybank.com/ Protocol H3-29 Security QUIC, , AES_128_GCM Server 2606:4700:3032::6815:415d , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / PHP/7.4.0RC6 Resource Hash b561d83a3fdd9d3b6888dcf5e7a2d094bc142038f4ab96b0ebb3c25c215ee103 Request headers Referer https://www.m.langlaybank.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Tue, 29 Jun 2021 08:33:29 GMT content-encoding br cf-cache-status HIT nel {"report_to":"cf-nel","max_age":604800} age 6622 x-powered-by PHP/7.4.0RC6 alt-svc h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400 cf-request-id 0af87ff949000005bb64026000000001 cf-bgj minify server cloudflare expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=u%2FUYKHSaaTyjx0hlgJ2QE%2B3WgeMQ%2BF2X2YW7KY%2BaRHsU%2FA9%2BbnBLjXZtLyCAkHmo3LJI8dX6s9R3hcDFHsDWg5uQTqNl32hxSJCEs2I9xmTh6%2Fe2jFC3s9P2b7eJ7NtXqcyacnhCYjQAncMc"}],"group":"cf-nel","max_age":604800} content-type application/javascript cache-control max-age=14400 cf-polished origSize=824 cf-ray 666dcf6ed82005bb-FRA
GET H3-29	200	3.js Show response fast.wapkizcdn.xyz/js/write2pay.wapkiz.com/	139 B 686 B	16ms 16ms	Script application/javascript	2606:4700:3032::6815:415d CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://fast.wapkizcdn.xyz/js/write2pay.wapkiz.com/3.js Requested by Host: www.m.langlaybank.com URL: https://www.m.langlaybank.com/ Protocol H3-29 Security QUIC, , AES_128_GCM Server 2606:4700:3032::6815:415d , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / PHP/7.4.0RC6 Resource Hash 5c915c016e4367ca1d6b01b3a50efb5b54a0027040ac6413083ff17abca754c0 Request headers Referer https://www.m.langlaybank.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Tue, 29 Jun 2021 08:33:29 GMT content-encoding br cf-cache-status HIT nel {"report_to":"cf-nel","max_age":604800} age 6622 x-powered-by PHP/7.4.0RC6 alt-svc h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400 cf-request-id 0af87ff95c000005bb50940000000001 cf-bgj minify server cloudflare expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=qYKx%2Bd6pkINLiTGahKYPCME3tDrnVGJ75YdmLzveNvZzSd8CJ6DyosXrqOVVOgSUWpCmfQuwFWq0fMgeWDaat7bIMtLw6tgcrHJeEcTZr%2FK0iMbKsYZ6wltMTLCQEIxOqxA%2BKF%2FWxpX7CWOr"}],"group":"cf-nel","max_age":604800} content-type application/javascript cache-control max-age=14400 cf-polished origSize=182 cf-ray 666dcf6ef85e05bb-FRA
GET H3-29	200	1.js Show response fast.wapkizcdn.xyz/js/write2pay.wapkiz.com/	148 B 702 B	13ms 13ms	Script application/javascript	2606:4700:3032::6815:415d CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://fast.wapkizcdn.xyz/js/write2pay.wapkiz.com/1.js Requested by Host: www.m.langlaybank.com URL: https://www.m.langlaybank.com/ Protocol H3-29 Security QUIC, , AES_128_GCM Server 2606:4700:3032::6815:415d , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / PHP/7.4.0RC6 Resource Hash 62d9b57f5a7b9aaf280f7629769bf5a44a13882345a17fe38a2cfa8a20f130b6 Request headers Referer https://www.m.langlaybank.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Tue, 29 Jun 2021 08:33:29 GMT content-encoding br cf-cache-status HIT nel {"report_to":"cf-nel","max_age":604800} age 6622 x-powered-by PHP/7.4.0RC6 alt-svc h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400 cf-request-id 0af87ff96f000005bb58015000000001 cf-bgj minify server cloudflare expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=qe3DCrDBEaNMag%2FqrmfucJSzIHQnVDrwr2DbaxZmfRX0gJqt%2BxkAQ1ss0Os%2BElFgCAYNb1wKxiJgQ%2FY7%2BsBeLuRdTnpApWrHoil3yzyNZfNDKAlnGPH1XJSmSL8NOe%2FRnuinSooVmWKRpUxK"}],"group":"cf-nel","max_age":604800} content-type application/javascript cache-control max-age=14400 cf-polished origSize=308 cf-ray 666dcf6f18a005bb-FRA
GET H3-29	200	16.js Show response fast.wapkizcdn.xyz/js/write2pay.wapkiz.com/	87 B 663 B	21ms 21ms	Script application/javascript	2606:4700:3032::6815:415d CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://fast.wapkizcdn.xyz/js/write2pay.wapkiz.com/16.js Requested by Host: www.m.langlaybank.com URL: https://www.m.langlaybank.com/ Protocol H3-29 Security QUIC, , AES_128_GCM Server 2606:4700:3032::6815:415d , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / PHP/7.4.0RC6 Resource Hash 7ad8b48298e64d56bb45b5ebd17110632502cdf88b16379f0e73ab34b135bcad Request headers Referer https://www.m.langlaybank.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Tue, 29 Jun 2021 08:33:29 GMT content-encoding br cf-cache-status HIT nel {"report_to":"cf-nel","max_age":604800} age 6622 x-powered-by PHP/7.4.0RC6 alt-svc h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400 cf-request-id 0af87ff96f000005bb5b066000000001 cf-bgj minify server cloudflare expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=0wslvjyvIoQhIvpvn4qyS3dqzXa5SMt6ZXY%2FJUwUIdCKrtAEI8RhOQUyTSEP6XUOW7lcMfdwFwUWsyxKhg1kph2SRGMPuuRixLNCs7cCFg3KOhu6w8EY5pO3ZAN6JsiBQl%2FKAiU%2BuRn7YqRt"}],"group":"cf-nel","max_age":604800} content-type application/javascript cache-control max-age=14400 cf-polished origSize=227 cf-ray 666dcf6f18a205bb-FRA
GET		popper.min.js l//cdnjs.cloudflare.com/ajax/libs/popper.js/1.16.0/umd/	0 0
GET H2	200	translateelement.css translate.googleapis.com/translate_static/css/	18 KB 4 KB	27ms 6ms	Stylesheet text/css	2a00:1450:4001:812::200a GOOGLE
General Check archive.org Show headers Download Go to Full URL https://translate.googleapis.com/translate_static/css/translateelement.css Requested by Host: translate.google.com URL: https://translate.google.com/translate_a/element.js?cb=googleTranslateElementInit Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:812::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 5d0a6e3bc914db376bf187c380750b197c317e1bf40fab9ad959ad5facd8f9ed Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://www.m.langlaybank.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Tue, 29 Jun 2021 08:07:03 GMT content-encoding br x-content-type-options nosniff age 1586 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/rosetta cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 3130 x-xss-protection 0 last-modified Wed, 24 Feb 2021 19:45:00 GMT server sffe vary Accept-Encoding content-type text/css access-control-allow-origin * cache-control public, max-age=3600 accept-ranges bytes expires Tue, 29 Jun 2021 09:07:03 GMT
GET H3-29	200	main.js Show response translate.googleapis.com/translate_static/js/element/	6 KB 6 KB	20ms 6ms	Script text/javascript	2a00:1450:4001:812::200a GOOGLE
General Check archive.org Show headers Download Go to Full URL https://translate.googleapis.com/translate_static/js/element/main.js Requested by Host: translate.google.com URL: https://translate.google.com/translate_a/element.js?cb=googleTranslateElementInit Protocol H3-29 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:812::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 251c607557e1302862934faeb35d7c9c20cbb64b4abb6a4faed721b71db501f2 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://www.m.langlaybank.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Tue, 29 Jun 2021 07:42:29 GMT x-content-type-options nosniff age 3060 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/rosetta cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 6299 x-xss-protection 0 last-modified Mon, 24 May 2021 18:08:00 GMT server sffe vary Accept-Encoding content-type text/javascript access-control-allow-origin * cache-control public, max-age=3600 accept-ranges bytes expires Tue, 29 Jun 2021 08:42:29 GMT
GET H2	200	6983d13883aa9b52ebc7c96725595f67.jpg i2.extraimage.info/pix/2021/06/17/	12 KB 13 KB	45ms 16ms	Image image/jpeg	2606:4700:3031::6815:604d CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://i2.extraimage.info/pix/2021/06/17/6983d13883aa9b52ebc7c96725595f67.jpg Requested by Host: fast.wapkizcdn.xyz URL: https://fast.wapkizcdn.xyz/css/112233.wapkiz.com/style.css Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3031::6815:604d , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 9356811d872328a630fb250068e6e17eca280583578bb38f1fe9617c96a5358c Request headers Referer https://fast.wapkizcdn.xyz/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Tue, 29 Jun 2021 08:33:29 GMT cf-cache-status HIT nel {"report_to":"cf-nel","max_age":604800} age 3718 alt-svc h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400 content-length 12765 cf-request-id 0af87ff9b10000d70d22967000000001 last-modified Thu, 17 Jun 2021 06:49:27 GMT server cloudflare etag "31dd-5c4f09bb77ec0" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=wcRNpTWQ6rXFUTgpEfbYqTkMCBVR3%2BJsQAXsefq7zOP67SKgIK6g7fiZDfYelsBPUvpRI6I3Wdhcwo0GbZ%2FK9a95WPlu%2Bni7p52BpmKkrMh2WK7SQrRabssWgzXc134wVYS1mhcUXiL%2FY9AX"}],"group":"cf-nel","max_age":604800} content-type image/jpeg cache-control max-age=31536000 accept-ranges bytes cf-ray 666dcf6f8de2d70d-FRA
GET H3-29	200	fontawesome-webfont.woff2 cdnjs.cloudflare.com/ajax/libs/font-awesome/4.7.0/fonts/	75 KB 76 KB	27ms 16ms	Font application/octet-stream	2606:4700::6810:135e CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://cdnjs.cloudflare.com/ajax/libs/font-awesome/4.7.0/fonts/fontawesome-webfont.woff2?v=4.7.0 Requested by Host: cdnjs.cloudflare.com URL: https://cdnjs.cloudflare.com/ajax/libs/font-awesome/4.7.0/css/font-awesome.min.css Protocol H3-29 Security QUIC, , AES_128_GCM Server 2606:4700::6810:135e , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash d792afdac7f7ae5de7c6964950c6c61dc6e3f3813180a59e141c7cb4ac4364dc Security Headers Name Value Strict-Transport-Security max-age=15780000 X-Content-Type-Options nosniff Request headers Origin https://www.m.langlaybank.com Referer https://cdnjs.cloudflare.com/ajax/libs/font-awesome/4.7.0/css/font-awesome.min.css User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Tue, 29 Jun 2021 08:33:29 GMT x-content-type-options nosniff cf-cache-status HIT nel {"report_to":"cf-nel","max_age":604800} age 2207083 cross-origin-resource-policy cross-origin alt-svc h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400 content-length 77160 cf-request-id 0af87ff99e0000dfcf650ac000000001 timing-allow-origin * last-modified Mon, 04 May 2020 16:10:07 GMT server cloudflare cf-cdnjs-via cfworker/kv etag "5eb03e5f-12d68" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" strict-transport-security max-age=15780000 report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=cgfPC6hYE%2FK5vvTteZJ1M0KDTNbxFZV0Z0tGnL%2Fq4lb2tMEKH0bXn4HbSHtFiHrILekZOnZUkjMACDIusZIwFvolDwtegpRcAJVIUwDcKDONMSJkILUlXJtA1H6JHlC6LAKIGYsYQa7wwmrPRA%3D%3D"}],"group":"cf-nel","max_age":604800} content-type application/octet-stream; charset=utf-8 access-control-allow-origin * vary Accept-Encoding cache-control public, max-age=30672000 accept-ranges bytes cf-ray 666dcf6f6e06dfcf-FRA expires Sun, 19 Jun 2022 08:33:29 GMT
GET H2	200	Mukti.woff fonts.maateen.me/mukti/	67 KB 67 KB	107ms 93ms	Font font/woff	185.199.111.153 FASTLY
General Check archive.org Show headers Download Go to Full URL https://fonts.maateen.me/mukti/Mukti.woff Requested by Host: fonts.maateen.me URL: https://fonts.maateen.me/mukti/font.css Protocol H2 Security TLS 1.3, , AES_128_GCM Server 185.199.111.153 , United States, ASN54113 (FASTLY, US), Reverse DNS cdn-185-199-111-153.github.com Software GitHub.com / Resource Hash 53a585bdc3e52e992ff2d4f6485e06e5fafc58b7668f1a0dc2d03419ad601370 Request headers Origin https://www.m.langlaybank.com Referer https://fonts.maateen.me/mukti/font.css User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers x-fastly-request-id 92029d76c873e7f3a175a9bc0208914c3ef8192f date Tue, 29 Jun 2021 08:33:29 GMT via 1.1 varnish age 0 x-cache MISS x-cache-hits 0 content-length 68668 x-served-by cache-hhn4071-HHN last-modified Fri, 20 Mar 2020 13:11:57 GMT server GitHub.com x-github-request-id 4836:68D8:341612:3B1922:60DAC720 x-timer S1624955610.505430,VS0,VE87 etag "5e74c11d-10c3c" vary Accept-Encoding content-type font/woff access-control-allow-origin * cache-control max-age=600 accept-ranges bytes x-proxy-cache MISS expires Tue, 29 Jun 2021 07:19:20 GMT
GET H3-29	200	show_ads_impl_with_ama_fy2019.js Show response pagead2.googlesyndication.com/pagead/js/r20210624/r20190131/	240 KB 89 KB	31ms 30ms	Script text/javascript	2a00:1450:4001:803::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://pagead2.googlesyndication.com/pagead/js/r20210624/r20190131/show_ads_impl_with_ama_fy2019.js?client=ca-pub-1462624813835532&plah=www.m.langlaybank.com&amaexp=1 Requested by Host: pagead2.googlesyndication.com URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js Protocol H3-29 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash 77dc4e5bc1c42cd2a6f390b77286de6df5f0ead908357a4c0df4c2de59f60716 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://www.m.langlaybank.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Tue, 29 Jun 2021 08:33:29 GMT content-encoding gzip x-content-type-options nosniff p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 91041 x-xss-protection 0 server cafe etag 14008214618944263571 vary Accept-Encoding content-type text/javascript; charset=UTF-8 cache-control private, max-age=3600, stale-while-revalidate=3600 timing-allow-origin * expires Tue, 29 Jun 2021 08:33:29 GMT
GET H2	200	zrt_lookup.html Show response googleads.g.doubleclick.net/pagead/html/r20210624/r20190131/ Frame 2D55	10 KB 5 KB	6ms 6ms	Document text/html	2a00:1450:4001:809::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://googleads.g.doubleclick.net/pagead/html/r20210624/r20190131/zrt_lookup.html Requested by Host: pagead2.googlesyndication.com URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash 20b3bad1427e2212dd847357841f993f025b5061c4af1d382dcc727e102cc1e4 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers :method GET :authority googleads.g.doubleclick.net :scheme https :path /pagead/html/r20210624/r20190131/zrt_lookup.html pragma no-cache cache-control no-cache upgrade-insecure-requests 1 user-agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 accept text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9 sec-fetch-site cross-site sec-fetch-mode navigate sec-fetch-dest iframe referer https://www.m.langlaybank.com/ accept-encoding gzip, deflate, br accept-language en-US Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Referer https://www.m.langlaybank.com/ Response headers p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" timing-allow-origin * cross-origin-resource-policy cross-origin vary Accept-Encoding date Mon, 28 Jun 2021 17:39:07 GMT expires Mon, 12 Jul 2021 17:39:07 GMT content-type text/html; charset=UTF-8 etag 15579341980913220427 x-content-type-options nosniff content-encoding gzip server cafe content-length 4579 x-xss-protection 0 age 53662 cache-control public, max-age=1209600 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
GET H3-29	200	11.js Show response fast.wapkizcdn.xyz/js/facebookn.wapkiz.com/	2 KB 1 KB	24ms 23ms	Script application/javascript	2606:4700:3032::6815:415d CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://fast.wapkizcdn.xyz/js/facebookn.wapkiz.com/11.js Requested by Host: www.m.langlaybank.com URL: https://www.m.langlaybank.com/ Protocol H3-29 Security QUIC, , AES_128_GCM Server 2606:4700:3032::6815:415d , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / PHP/7.4.0RC6 Resource Hash 0e94cddc8dbc4d6363cc2ed0aac29b3123ba4ad235b73b357f592f875c294345 Request headers Referer https://www.m.langlaybank.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Tue, 29 Jun 2021 08:33:29 GMT content-encoding br cf-cache-status HIT nel {"report_to":"cf-nel","max_age":604800} age 6622 x-powered-by PHP/7.4.0RC6 alt-svc h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400 cf-request-id 0af87ff9d5000005bb5402f000000001 cf-bgj minify server cloudflare expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=wEw4szfhwRPpXUsM%2BKczPudVbhKqTjfkTmmb9eiYz1ave%2Bi0z0gROx5cJcQYJEt%2FM2f6w6NKqSdY2CqQ9VlCs5ESvU8Ky7Q9kRQefEmm1U67CW6ByHkRHGDpmhjXb6%2FM%2F6WSw0gTGLuVTXNx"}],"group":"cf-nel","max_age":604800} content-type application/javascript cache-control max-age=14400 cf-polished origSize=4152 cf-ray 666dcf6fba2c05bb-FRA
GET H3-29	200	1.js Show response fast.wapkizcdn.xyz/js/112233.wapkiz.com/	4 KB 2 KB	21ms 20ms	Script application/javascript	2606:4700:3032::6815:415d CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://fast.wapkizcdn.xyz/js/112233.wapkiz.com/1.js Requested by Host: www.m.langlaybank.com URL: https://www.m.langlaybank.com/ Protocol H3-29 Security QUIC, , AES_128_GCM Server 2606:4700:3032::6815:415d , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / PHP/7.4.0RC6 Resource Hash 1ffb4e012f05d59293e24745901088230da5c21abd0410cbe7a282dc603df464 Request headers Referer https://www.m.langlaybank.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Tue, 29 Jun 2021 08:33:29 GMT content-encoding br cf-cache-status HIT nel {"report_to":"cf-nel","max_age":604800} age 6622 x-powered-by PHP/7.4.0RC6 alt-svc h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400 cf-request-id 0af87ff9d5000005bb12aec000000001 cf-bgj minify server cloudflare expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=c0lPlzv202i637CK5wnGzoxo%2Fuvk8FsrSjbNxfGCHeYBMpOXGHs3%2F2DKf2y6%2FS%2FsCy7pBt66zWnBmW9YA%2FZrmHNgnCDUZrH99V4hqQHKonIs3z9%2FYSgQd4XUTuYfV4fXfzjZ6W%2FYqkgKp8vF"}],"group":"cf-nel","max_age":604800} content-type application/javascript cache-control max-age=14400 cf-polished origSize=5144 cf-ray 666dcf6fba3005bb-FRA
GET H3-29	200	24.js Show response fast.wapkizcdn.xyz/js/write2pay.wapkiz.com/	9 KB 4 KB	15ms 14ms	Script application/javascript	2606:4700:3032::6815:415d CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://fast.wapkizcdn.xyz/js/write2pay.wapkiz.com/24.js Requested by Host: www.m.langlaybank.com URL: https://www.m.langlaybank.com/ Protocol H3-29 Security QUIC, , AES_128_GCM Server 2606:4700:3032::6815:415d , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / PHP/7.4.0RC6 Resource Hash a0aab9a3957ca0b35a611bc28965a3ec1e8fb49faff7abdd3f9b8549524b13fb Request headers Referer https://www.m.langlaybank.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Tue, 29 Jun 2021 08:33:29 GMT content-encoding br cf-cache-status HIT nel {"report_to":"cf-nel","max_age":604800} age 6622 x-powered-by PHP/7.4.0RC6 alt-svc h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400 cf-request-id 0af87ff9d5000005bb58b4d000000001 cf-bgj minify server cloudflare expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=nF83JnRlir6vr8%2BwVbFe75R9lFrHCVGUbvh1qdxU9yRp4gK06vR8PawoNq9cuIbo3S7ufwxSCbJXPpwKPTG5BipAYUrng%2BfV98n9pVriIYctbde6D2H5xcrzr3aAHUSTIog07okVIb00XzhY"}],"group":"cf-nel","max_age":604800} content-type application/javascript cache-control max-age=14400 cf-ray 666dcf6fba3105bb-FRA
GET H/1.1	200 OK	js.php Show response u-on.eu/	298 B 509 B	100ms 18ms	Script application/x-javascript	163.172.215.201 Online SAS
General Check archive.org Show headers Download Go to Full URL https://u-on.eu/js.php?u=95541 Requested by Host: www.m.langlaybank.com URL: https://www.m.langlaybank.com/ Protocol HTTP/1.1 Security TLS 1.3, , AES_256_GCM Server 163.172.215.201 Amsterdam, Netherlands, ASN12876 (Online SAS, FR), Reverse DNS 163-172-215-201.rev.poneytelecom.eu Software Apache/2.4.29 (Ubuntu) / Resource Hash 145930cec9013d000924721adc6f9b69a72039f02d0e4ff280e181e034834c11 Request headers Referer https://www.m.langlaybank.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers Date Tue, 29 Jun 2021 08:33:29 GMT Content-Encoding gzip Server Apache/2.4.29 (Ubuntu) Vary Accept-Encoding Content-Type application/x-javascript Cache-Control no-store, no-cache, must-revalidate Connection Keep-Alive Keep-Alive timeout=5, max=100 Content-Length 205
GET H2	200	online.js Show response counter.jdi5.com/	4 KB 2 KB	38ms 13ms	Script application/javascript	2606:4700:3036::ac43:9c4b CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://counter.jdi5.com/online.js Requested by Host: www.m.langlaybank.com URL: https://www.m.langlaybank.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3036::ac43:9c4b , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash b6639665be6806f5d74c86e4064327ebc30df7de33c53f9aea3f51d409c1a15e Request headers Referer https://www.m.langlaybank.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Tue, 29 Jun 2021 08:33:29 GMT content-encoding br cf-cache-status HIT nel {"report_to":"cf-nel","max_age":604800} age 6484369 alt-svc h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400 cf-request-id 0af87ff9ef00004d8910375000000001 last-modified Fri, 19 Mar 2021 16:57:56 GMT server cloudflare etag W/"6054d814-116f" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=c9WnZfEZyoBOvwWGgl57DvAPs3qNexmtdbgHwOgSJOCU25cmDK06DL5JupQGqxkkg8FOCgf7zRCrodBTcE4zG4gBGt6sWX%2FfPHXSRxlkDS54TD6mn1s9g1kgV%2F55xG44t%2B9lqc8rG5R6%2BQ%3D%3D"}],"group":"cf-nel","max_age":604800} content-type application/javascript cache-control max-age=315360000 cf-ray 666dcf6fec474d89-FRA expires Thu, 31 Dec 2037 23:55:55 GMT
GET H2	200	js Show response www.googletagmanager.com/gtag/	90 KB 36 KB	21ms 21ms	Script application/javascript	2a00:1450:4001:82f::2008 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.googletagmanager.com/gtag/js?id=UA-46789381-15 Requested by Host: www.m.langlaybank.com URL: https://www.m.langlaybank.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:82f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software Google Tag Manager / Resource Hash ec963ffa98d4022606777f4f5d23af2616b75047c3bbf0e5b8b3e6970b1bed51 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains X-Xss-Protection 0 Request headers Referer https://www.m.langlaybank.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Tue, 29 Jun 2021 08:33:29 GMT content-encoding br vary Accept-Encoding cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 36380 x-xss-protection 0 last-modified Tue, 29 Jun 2021 06:00:00 GMT server Google Tag Manager strict-transport-security max-age=31536000; includeSubDomains content-type application/javascript; charset=UTF-8 access-control-allow-origin * cache-control private, max-age=900 access-control-allow-credentials true access-control-allow-headers Cache-Control expires Tue, 29 Jun 2021 08:33:29 GMT
GET H3-29	200	element_main.js Show response translate.googleapis.com/element/TE_20210503_00/e/js/element/	252 KB 90 KB	8ms 8ms	Script text/javascript	2a00:1450:4001:812::200a GOOGLE
General Check archive.org Show headers Download Go to Full URL https://translate.googleapis.com/element/TE_20210503_00/e/js/element/element_main.js Requested by Host: translate.googleapis.com URL: https://translate.googleapis.com/translate_static/js/element/main.js Protocol H3-29 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:812::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 09363cc7c668ce12683214a9877ae9c068a82dfb8f64111355933c24e7193a98 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://www.m.langlaybank.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Fri, 25 Jun 2021 15:42:29 GMT content-encoding gzip x-content-type-options nosniff age 319860 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/rosetta cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 91906 x-xss-protection 0 last-modified Mon, 03 May 2021 09:56:24 GMT server sffe vary Accept-Encoding content-type text/javascript access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes expires Sat, 25 Jun 2022 15:42:29 GMT
GET H2	200	cookie.js Show response partner.googleadservices.com/gampad/	205 B 412 B	19ms 14ms	Script text/javascript	142.250.185.98 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://partner.googleadservices.com/gampad/cookie.js?domain=www.m.langlaybank.com&callback=_gfp_s_&client=ca-pub-1462624813835532 Requested by Host: pagead2.googlesyndication.com URL: https://pagead2.googlesyndication.com/pagead/js/r20210624/r20190131/show_ads_impl_with_ama_fy2019.js?client=ca-pub-1462624813835532&plah=www.m.langlaybank.com&amaexp=1 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 142.250.185.98 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra16s49-in-f2.1e100.net Software cafe / Resource Hash c08d2320afeff586b7eff1d41a80cd93a528b802f8f59e53b6df6c4c197aa8e9 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://www.m.langlaybank.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Tue, 29 Jun 2021 08:33:29 GMT content-encoding gzip x-content-type-options nosniff server cafe p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" content-type text/javascript; charset=UTF-8 cache-control private cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 196 x-xss-protection 0
GET H3-29	204	gen_204 pagead2.googlesyndication.com/pagead/	0 20 B	17ms 17ms	Image image/gif	2a00:1450:4001:803::2002 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://pagead2.googlesyndication.com/pagead/gen_204?id=ach_evt&url=https%3A%2F%2Fwww.m.langlaybank.com%2F&tn=DIV&cls=ic-bar&ign=false&pw=1600&ph=1200&x=0&y=1130.4 Requested by Host: www.m.langlaybank.com URL: https://www.m.langlaybank.com/ Protocol H3-29 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://www.m.langlaybank.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers pragma no-cache date Tue, 29 Jun 2021 08:33:29 GMT x-content-type-options nosniff server cafe timing-allow-origin * p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin content-type image/gif alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 0 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	200	integrator.js Show response adservice.google.de/adsid/	107 B 165 B	15ms 15ms	Script application/javascript	2a00:1450:4001:830::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://adservice.google.de/adsid/integrator.js?domain=www.m.langlaybank.com Requested by Host: pagead2.googlesyndication.com URL: https://pagead2.googlesyndication.com/pagead/js/r20210624/r20190131/show_ads_impl_with_ama_fy2019.js?client=ca-pub-1462624813835532&plah=www.m.langlaybank.com&amaexp=1 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://www.m.langlaybank.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers timing-allow-origin * date Tue, 29 Jun 2021 08:33:29 GMT content-encoding gzip x-content-type-options nosniff server cafe p3p CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info." cache-control private, no-cache, no-store cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" content-type application/javascript; charset=UTF-8 alt-svc h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43" content-length 100 x-xss-protection 0
GET H2	200	integrator.js Show response adservice.google.com/adsid/	107 B 165 B	16ms 15ms	Script application/javascript	2a00:1450:4001:829::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://adservice.google.com/adsid/integrator.js?domain=www.m.langlaybank.com Requested by Host: pagead2.googlesyndication.com URL: https://pagead2.googlesyndication.com/pagead/js/r20210624/r20190131/show_ads_impl_with_ama_fy2019.js?client=ca-pub-1462624813835532&plah=www.m.langlaybank.com&amaexp=1 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://www.m.langlaybank.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers timing-allow-origin * date Tue, 29 Jun 2021 08:33:29 GMT content-encoding gzip x-content-type-options nosniff server cafe p3p CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info." cache-control private, no-cache, no-store cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" content-type application/javascript; charset=UTF-8 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 100 x-xss-protection 0
GET H3-29	200	ads Show response googleads.g.doubleclick.net/pagead/ Frame E7F6	603 B 68 B	45ms 31ms	Document text/html	2a00:1450:4001:809::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1462624813835532&output=html&adk=1812271804&adf=3025194257&lmt=1624955564&plat=1%3A16809992%2C2%3A32776%2C8%3A134217728%2C9%3A134250504%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1048576%2C32%3A32&format=0x0&url=https%3A%2F%2Fwww.m.langlaybank.com%2F&ea=0&flash=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1624955609530&bpp=4&bdt=225&idt=63&shv=r20210624&cbv=%2Fr20190131&ptt=9&saldr=aa&abxe=1&nras=1&correlator=2310727945581&frm=20&pv=2&ga_vid=339629333.1624955610&ga_sid=1624955610&ga_hid=1968920742&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31061218&oid=3&pvsid=2647813122345146&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=93 Requested by Host: pagead2.googlesyndication.com URL: https://pagead2.googlesyndication.com/pagead/js/r20210624/r20190131/show_ads_impl_with_ama_fy2019.js?client=ca-pub-1462624813835532&plah=www.m.langlaybank.com&amaexp=1 Protocol H3-29 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash 00daef3b4a945d15f73efa05e0ce2ca51f2f8252e1da8fae5c2efb0f6dddacce Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers :method GET :authority googleads.g.doubleclick.net :scheme https :path /pagead/ads?client=ca-pub-1462624813835532&output=html&adk=1812271804&adf=3025194257&lmt=1624955564&plat=1%3A16809992%2C2%3A32776%2C8%3A134217728%2C9%3A134250504%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1048576%2C32%3A32&format=0x0&url=https%3A%2F%2Fwww.m.langlaybank.com%2F&ea=0&flash=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1624955609530&bpp=4&bdt=225&idt=63&shv=r20210624&cbv=%2Fr20190131&ptt=9&saldr=aa&abxe=1&nras=1&correlator=2310727945581&frm=20&pv=2&ga_vid=339629333.1624955610&ga_sid=1624955610&ga_hid=1968920742&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31061218&oid=3&pvsid=2647813122345146&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=93 pragma no-cache cache-control no-cache upgrade-insecure-requests 1 user-agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 accept text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9 sec-fetch-site cross-site sec-fetch-mode navigate sec-fetch-dest iframe referer https://www.m.langlaybank.com/ accept-encoding gzip, deflate, br accept-language en-US Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Referer https://www.m.langlaybank.com/ Response headers p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" timing-allow-origin * cross-origin-resource-policy cross-origin content-type text/html; charset=UTF-8 x-content-type-options nosniff content-encoding br date Tue, 29 Jun 2021 08:33:29 GMT server cafe content-length 46 x-xss-protection 0 set-cookie test_cookie=CheckForPermission; expires=Tue, 29-Jun-2021 08:48:29 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" expires Tue, 29 Jun 2021 08:33:29 GMT cache-control private
GET H2	200	osd.js Show response www.googletagservices.com/activeview/js/current/	72 KB 27 KB	20ms 15ms	Script text/javascript	2a00:1450:4001:80f::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.googletagservices.com/activeview/js/current/osd.js Requested by Host: pagead2.googlesyndication.com URL: https://pagead2.googlesyndication.com/pagead/js/r20210624/r20190131/show_ads_impl_with_ama_fy2019.js?client=ca-pub-1462624813835532&plah=www.m.langlaybank.com&amaexp=1 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 29d592e34e3d2c8ca0c55ceafd75940de79cdb6381d8ceb372d226e7820e7220 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://www.m.langlaybank.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Tue, 29 Jun 2021 08:33:29 GMT content-encoding gzip content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl server sffe etag "1624879999447392" vary Accept-Encoding content-type text/javascript cache-control private, max-age=3000 x-content-type-options nosniff accept-ranges bytes alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 27719 x-xss-protection 0 expires Tue, 29 Jun 2021 08:33:29 GMT
GET H3-29	204	gen_204 pagead2.googlesyndication.com/pagead/	0 20 B	18ms 13ms	Image image/gif	2a00:1450:4001:803::2002 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://pagead2.googlesyndication.com/pagead/gen_204?id=adfil-imp&wp=ca-pub-1462624813835532&c=8&e=2570847921467975139&n=0&t=0&w=37&x=0 Requested by Host: www.m.langlaybank.com URL: https://www.m.langlaybank.com/ Protocol H3-29 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://www.m.langlaybank.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers pragma no-cache date Tue, 29 Jun 2021 08:33:29 GMT x-content-type-options nosniff server cafe timing-allow-origin * p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin content-type image/gif alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 0 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H/1.1	200 OK	c.php u-on.eu/ Redirect Chain https://u-on.eu/c.php?u=95541&rjs=%3F**1600x1200&ljs=https%3A%2F%2Fwww.m.langlaybank.com%2F https://u-on.eu/c.php?u=95541&182be0c5cdcd5072bb1864cdee4d3d6e=1&r=&l=&rjs=?**1600x1200&l=https://www.m.langlaybank.com/	1 KB 2 KB	21ms 20ms	Image image/png	163.172.215.201 Online SAS
General Check archive.org Show headers Download Go to Show image Full URL https://u-on.eu/c.php?u=95541&182be0c5cdcd5072bb1864cdee4d3d6e=1&r=&l=&rjs=?**1600x1200&l=https://www.m.langlaybank.com/ Requested by Host: www.m.langlaybank.com URL: https://www.m.langlaybank.com/ Protocol HTTP/1.1 Security TLS 1.3, , AES_256_GCM Server 163.172.215.201 Amsterdam, Netherlands, ASN12876 (Online SAS, FR), Reverse DNS 163-172-215-201.rev.poneytelecom.eu Software Apache/2.4.29 (Ubuntu) / Resource Hash 295b880d044993c78310cc42705b5ca847688346953bc45248a9e3f98029348c Request headers Referer https://www.m.langlaybank.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers Date Tue, 29 Jun 2021 08:33:29 GMT Cache-Control no-cache, no-store, must-revalidate Server Apache/2.4.29 (Ubuntu) Connection Keep-Alive Keep-Alive timeout=5, max=98 Content-Length 1491 Content-Type image/png Redirect headers Date Tue, 29 Jun 2021 08:33:29 GMT Server Apache/2.4.29 (Ubuntu) Content-Type text/html; charset=UTF-8 Location c.php?u=95541&182be0c5cdcd5072bb1864cdee4d3d6e=1&r=&l=&rjs=?**1600x1200&l=https://www.m.langlaybank.com/ Cache-Control no-store, no-cache, must-revalidate Connection Keep-Alive Keep-Alive timeout=5, max=99 Content-Length 0
GET H2	200	analytics.js Show response www.google-analytics.com/	48 KB 19 KB	7ms 6ms	Script text/javascript	2a00:1450:4001:830::200e GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.google-analytics.com/analytics.js Requested by Host: counter.jdi5.com URL: https://counter.jdi5.com/online.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:830::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software Golfe2 / Resource Hash 73d6a5ea11fb7bf6e6a6ccd44b1635d52c79b0a00623d0387c9dddd4b7c68e89 Security Headers Name Value Strict-Transport-Security max-age=10886400; includeSubDomains; preload X-Content-Type-Options nosniff Request headers Referer https://www.m.langlaybank.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers strict-transport-security max-age=10886400; includeSubDomains; preload content-encoding gzip x-content-type-options nosniff last-modified Wed, 09 Jun 2021 17:36:57 GMT server Golfe2 age 3201 date Tue, 29 Jun 2021 07:40:08 GMT vary Accept-Encoding content-type text/javascript cache-control public, max-age=7200 cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 19661 expires Tue, 29 Jun 2021 09:40:08 GMT
GET H3-29	200	fc.php Show response counter.jdi5.com/	49 B 644 B	63ms 50ms	Script application/x-javascript	2606:4700:3036::ac43:9c4b CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://counter.jdi5.com/fc.php?id=f4517c5c8a20166fa2bf1b08bcf30e7d&ua=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F89.0.4389.72%20Safari%2F537.36&ref=&pn=https%3A%2F%2Fwww.m.langlaybank.com%2F&wh=1600x1200&rand=90 Requested by Host: counter.jdi5.com URL: https://counter.jdi5.com/online.js Protocol H3-29 Security QUIC, , AES_128_GCM Server 2606:4700:3036::ac43:9c4b , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / PHP/7.0.33 Resource Hash f4b588c56c412f5e58c66635bcda16c962c93ca71780286e34fe473deca92b1f Security Headers Name Value X-Xss-Protection 1; mode=block Request headers Referer https://www.m.langlaybank.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Tue, 29 Jun 2021 08:33:29 GMT content-encoding gzip cf-cache-status DYNAMIC nel {"report_to":"cf-nel","max_age":604800} server cloudflare x-powered-by PHP/7.0.33 expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=p4Xv%2BkNMXh5tHBWE7VVc3S%2FhOsplBuuh4L8lYEZt75je3McfcTQyPxIY3CF0dzgzzM2hlQmOmPVsWdL%2FIPANC2SGuoVzikDmcNgkDx0tqcD6kd6H2yZd9CD3IIjBJMrxPvw153hgZ03rwg%3D%3D"}],"group":"cf-nel","max_age":604800} content-type application/x-javascript cf-request-id 0af87ffa5100001f29bea2f000000001 cf-ray 666dcf7089751f29-FRA alt-svc h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400 x-xss-protection 1; mode=block
GET H3-29	200	fc.php Show response counter.jdi5.com/	49 B 687 B	52ms 39ms	Script application/x-javascript	2606:4700:3036::ac43:9c4b CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://counter.jdi5.com/fc.php?id=fa665e70b6324147d18f903f0f623457&ua=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F89.0.4389.72%20Safari%2F537.36&ref=&pn=https%3A%2F%2Fwww.m.langlaybank.com%2F&wh=1600x1200&rand=52 Requested by Host: counter.jdi5.com URL: https://counter.jdi5.com/online.js Protocol H3-29 Security QUIC, , AES_128_GCM Server 2606:4700:3036::ac43:9c4b , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / PHP/7.0.33 Resource Hash 43bcaf05d2cbe2a73bfd7a0cbd08b1aa3ce0c96a27803db060a5a5b8579ba117 Security Headers Name Value X-Xss-Protection 1; mode=block Request headers Referer https://www.m.langlaybank.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Tue, 29 Jun 2021 08:33:29 GMT content-encoding gzip cf-cache-status DYNAMIC nel {"report_to":"cf-nel","max_age":604800} server cloudflare x-powered-by PHP/7.0.33 expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=knYCmmYayGXZPqnVMuxRI5WNtKLpyuemwRmRftfVm%2FoV0PtwxKrvo%2BNvIPVNhDyDFq4VSbReX0b%2BwFvq81UXZsiKlI%2B2e5yIBNB4eahbpDH6K90YDhXaAyzYR7l4Xfh65pf%2Bt%2Bb7LLLn0A%3D%3D"}],"group":"cf-nel","max_age":604800} content-type application/x-javascript cf-request-id 0af87ffa5100001f2972bbd000000001 cf-ray 666dcf7089731f29-FRA alt-svc h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400 x-xss-protection 1; mode=block
GET H2	200	submit.php Show response funnyfoto.xyz/ Frame 6CEE Redirect Chain https://ad.jetx.info/red2.php?rand=qR6957e738972a20c0addc6f37a36cd1e7&id=27 https://funnyfoto.xyz/submit.php?evadav=true	1 KB 1014 B	58ms 39ms	Document text/html	2606:4700:3032::6815:2223 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://funnyfoto.xyz/submit.php?evadav=true Requested by Host: www.m.langlaybank.com URL: https://www.m.langlaybank.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3032::6815:2223 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / PHP/7.4.10 Resource Hash 87662b47d1be0d7d744bf1217a1a7d7195fc21299ed6977d53af9b444e24f9ff Request headers :method GET :authority funnyfoto.xyz :scheme https :path /submit.php?evadav=true pragma no-cache cache-control no-cache upgrade-insecure-requests 1 user-agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 accept text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9 sec-fetch-site cross-site sec-fetch-mode navigate sec-fetch-dest iframe referer https://www.m.langlaybank.com/ accept-encoding gzip, deflate, br accept-language en-US Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Referer https://www.m.langlaybank.com/ Response headers date Tue, 29 Jun 2021 08:33:29 GMT content-type text/html; charset=UTF-8 vary Accept-Encoding x-powered-by PHP/7.4.10 cf-cache-status DYNAMIC cf-request-id 0af87ffab30000bf0a0e2eb000000001 expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=CdojnUM9N6BxJc1uy3pgp5SK52hOhoE3Y%2FI9CyeMmeJ62SEzobKcLm8KJehXHMX1937Y%2FoDTtzdKVZ24LNYveATRhxD8%2F2muA8PdzRjQmf6blVp5kquN%2BxHfj%2FOSEQ7AQn%2FfPoN4zg%3D%3D"}],"group":"cf-nel","max_age":604800} nel {"report_to":"cf-nel","max_age":604800} server cloudflare cf-ray 666dcf711f3ebf0a-FRA content-encoding br alt-svc h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400 Redirect headers date Tue, 29 Jun 2021 08:33:29 GMT content-type text/html; charset=UTF-8 x-powered-by PHP/7.4.10 set-cookie PHPSESSID=j4200h9ck0qsvgmodm4cn3k33t; path=/ expires Thu, 19 Nov 1981 08:52:00 GMT cache-control no-store, no-cache, must-revalidate pragma no-cache location https://funnyfoto.xyz/submit.php?evadav=true cf-cache-status DYNAMIC cf-request-id 0af87ffa5a00002c19d8320000000001 expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=aoi7tCNeDrsthWIkC1BWFRnGdE4Bk9%2BuRzH3jlvn2NgrXcZO0R%2BAbfdsMOTzXJgnWyupykiIXpRW%2BPM3fTlZGYO4uLsCXdaIvpxDqFMnggoBq%2B%2BsCZ%2FRgH6EQCQX3jq5PoomTVOK"}],"group":"cf-nel","max_age":604800} nel {"report_to":"cf-nel","max_age":604800} server cloudflare cf-ray 666dcf709e392c19-FRA alt-svc h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
GET H2	200	submit.php Show response 1337x1.site/ Frame C863 Redirect Chain https://ad.jetx.info/red2.php?rand=qR6957e738972a20c0addc6f37a36cd1e7&id=2 https://1337x1.site/submit.php	345 B 749 B	61ms 37ms	Document text/html	2606:4700:3037::6815:3c4a CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://1337x1.site/submit.php Requested by Host: www.m.langlaybank.com URL: https://www.m.langlaybank.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3037::6815:3c4a , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash e9b281d1d3a53a42aaa13f8b0e5b332da80515dd3f010481193953038d8fa7ef Request headers :method GET :authority 1337x1.site :scheme https :path /submit.php pragma no-cache cache-control no-cache upgrade-insecure-requests 1 user-agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 accept text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9 sec-fetch-site cross-site sec-fetch-mode navigate sec-fetch-dest iframe referer https://www.m.langlaybank.com/ accept-encoding gzip, deflate, br accept-language en-US Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Referer https://www.m.langlaybank.com/ Response headers date Tue, 29 Jun 2021 08:33:29 GMT content-type text/html; charset=UTF-8 vary Accept-Encoding x-turbo-charged-by LiteSpeed cf-cache-status DYNAMIC cf-request-id 0af87ffad100000605a182b000000001 expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=vEpQ66G5RFmV1xp61yz%2Bhlac9dBEOvz3dBmYgM63N%2FwMvKypm9vVWNqKscarfO94839pN5DWXT7GoIgSAGEifJajS71tI9jTD79V5yl2GwypM7UUreDSJlziYsvvy%2FKL%2Btx9tVI%3D"}],"group":"cf-nel","max_age":604800} nel {"report_to":"cf-nel","max_age":604800} server cloudflare cf-ray 666dcf714e5b0605-FRA content-encoding br alt-svc h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400 Redirect headers date Tue, 29 Jun 2021 08:33:29 GMT content-type text/html; charset=UTF-8 x-powered-by PHP/7.4.10 set-cookie PHPSESSID=pub4uvfc2488a50hhroe48l8ss; path=/ expires Thu, 19 Nov 1981 08:52:00 GMT cache-control no-store, no-cache, must-revalidate pragma no-cache location https://1337x1.site/submit.php cf-cache-status DYNAMIC cf-request-id 0af87ffa5b00002c19d33cf000000001 expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=i7WHa6ohtvqt4cKLayTcOZ%2BmlXmeIM005R%2BQMLi%2BEC8WrfJ9IPk2%2FJnNWi7esEyTvRCsGbKw%2B4oxuVzNj211YJg%2B90ZELU40xcQXcoG7IbZDgoCUuWD8qNx3wWShsEmU9jnbqmKF"}],"group":"cf-nel","max_age":604800} nel {"report_to":"cf-nel","max_age":604800} server cloudflare cf-ray 666dcf709e3b2c19-FRA alt-svc h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
POST H3-29	200	collect Show response www.google-analytics.com/j/	4 B 24 B	14ms 13ms	XHR text/plain	2a00:1450:4001:830::200e GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.google-analytics.com/j/collect?v=1&_v=j91&a=1968920742&t=pageview&_s=1&dl=https%3A%2F%2Fwww.m.langlaybank.com%2F&ul=en-us&de=UTF-8&dt=Know%20for%20sharing%20and%20earning%7C%20Bangladeshi%20first%20mobile%20based%20tech%20forum%20and%20earning%20site&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=IAhAAEABAAAAAC~&jid=277185577&gjid=1729674289&cid=339629333.1624955610&tid=UA-46789381-10&_gid=1661477048.1624955610&_r=1&_slc=1&z=860235928 Requested by Host: www.google-analytics.com URL: https://www.google-analytics.com/analytics.js Protocol H3-29 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:830::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software Golfe2 / Resource Hash aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8 Security Headers Name Value X-Content-Type-Options nosniff Request headers Referer https://www.m.langlaybank.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Content-Type text/plain Response headers pragma no-cache date Tue, 29 Jun 2021 08:33:29 GMT x-content-type-options nosniff last-modified Sun, 17 May 1998 03:00:00 GMT server Golfe2 content-type text/plain access-control-allow-origin https://www.m.langlaybank.com cache-control no-cache, no-store, must-revalidate access-control-allow-credentials true cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 4 expires Fri, 01 Jan 1990 00:00:00 GMT
POST H3-29	200	collect Show response www.google-analytics.com/j/	2 B 22 B	13ms 13ms	XHR text/plain	2a00:1450:4001:830::200e GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.google-analytics.com/j/collect?v=1&_v=j91&a=1968920742&t=pageview&_s=1&dl=https%3A%2F%2Fwww.m.langlaybank.com%2F&ul=en-us&de=UTF-8&dt=Know%20for%20sharing%20and%20earning%7C%20Bangladeshi%20first%20mobile%20based%20tech%20forum%20and%20earning%20site&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YAjAAUABAAAAAC~&jid=1529122783&gjid=1432541742&cid=339629333.1624955610&tid=UA-46789381-15&_gid=1661477048.1624955610&_r=1&gtm=2ou6n0&z=695192428 Requested by Host: www.google-analytics.com URL: https://www.google-analytics.com/analytics.js Protocol H3-29 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:830::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software Golfe2 / Resource Hash de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af Security Headers Name Value X-Content-Type-Options nosniff Request headers Referer https://www.m.langlaybank.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Content-Type text/plain Response headers pragma no-cache date Tue, 29 Jun 2021 08:33:29 GMT x-content-type-options nosniff last-modified Sun, 17 May 1998 03:00:00 GMT server Golfe2 content-type text/plain access-control-allow-origin https://www.m.langlaybank.com cache-control no-cache, no-store, must-revalidate access-control-allow-credentials true cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 2 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H3-29	200	collect www.google-analytics.com/	35 B 55 B	6ms 6ms	Image image/gif	2a00:1450:4001:830::200e GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://www.google-analytics.com/collect?v=1&_v=j91&a=1968920742&t=pageview&_s=2&dl=https%3A%2F%2Fwww.m.langlaybank.com%2F&ul=en-us&de=UTF-8&dt=Know%20for%20sharing%20and%20earning%7C%20Bangladeshi%20first%20mobile%20based%20tech%20forum%20and%20earning%20site&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YAhAAEABAAAAAC~&jid=&gjid=&cid=339629333.1624955610&tid=UA-46789381-10&_gid=1661477048.1624955610&z=918111089 Requested by Host: www.m.langlaybank.com URL: https://www.m.langlaybank.com/ Protocol H3-29 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:830::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software Golfe2 / Resource Hash 8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015 Security Headers Name Value X-Content-Type-Options nosniff Request headers Referer https://www.m.langlaybank.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers pragma no-cache date Tue, 29 Jun 2021 06:35:41 GMT x-content-type-options nosniff last-modified Sun, 17 May 1998 03:00:00 GMT server Golfe2 age 7068 content-type image/gif access-control-allow-origin * cache-control no-cache, no-store, must-revalidate cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 35 expires Mon, 01 Jan 1990 00:00:00 GMT
GET H3-29	200	collect www.google-analytics.com/	35 B 55 B	6ms 6ms	Image image/gif	2a00:1450:4001:830::200e GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://www.google-analytics.com/collect?v=1&_v=j91&a=1968920742&t=event&_s=2&dl=https%3A%2F%2Fwww.m.langlaybank.com%2F&ul=en-us&de=UTF-8&dt=Know%20for%20sharing%20and%20earning%7C%20Bangladeshi%20first%20mobile%20based%20tech%20forum%20and%20earning%20site&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=m.langlaybank.com&ea=m.langlaybank.com&el=m.langlaybank.com&_u=YAjAAUABAAAAAC~&jid=&gjid=&cid=339629333.1624955610&tid=UA-46789381-15&_gid=1661477048.1624955610&gtm=2ou6n0&cg1=m.langlaybank.com&z=542119407 Requested by Host: www.m.langlaybank.com URL: https://www.m.langlaybank.com/ Protocol H3-29 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:830::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software Golfe2 / Resource Hash 8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015 Security Headers Name Value X-Content-Type-Options nosniff Request headers Referer https://www.m.langlaybank.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers pragma no-cache date Tue, 29 Jun 2021 06:35:41 GMT x-content-type-options nosniff last-modified Sun, 17 May 1998 03:00:00 GMT server Golfe2 age 7068 content-type image/gif access-control-allow-origin * cache-control no-cache, no-store, must-revalidate cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 35 expires Mon, 01 Jan 1990 00:00:00 GMT
POST H2	200	collect Show response stats.g.doubleclick.net/j/	4 B 93 B	15ms 15ms	XHR text/plain	2a00:1450:400c:c0c::9b GOOGLE
General Check archive.org Show headers Download Go to Full URL https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j91&tid=UA-46789381-10&cid=339629333.1624955610&jid=277185577&gjid=1729674289&_gid=1661477048.1624955610&_u=IAhAAEAAAAAAAC~&z=763840948 Requested by Host: www.google-analytics.com URL: https://www.google-analytics.com/analytics.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:400c:c0c::9b Brussels, Belgium, ASN15169 (GOOGLE, US), Reverse DNS Software Golfe2 / Resource Hash 84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80 Security Headers Name Value Strict-Transport-Security max-age=10886400; includeSubDomains; preload X-Content-Type-Options nosniff Request headers Referer https://www.m.langlaybank.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Content-Type text/plain Response headers pragma no-cache strict-transport-security max-age=10886400; includeSubDomains; preload x-content-type-options nosniff last-modified Sun, 17 May 1998 03:00:00 GMT server Golfe2 date Tue, 29 Jun 2021 08:33:29 GMT content-type text/plain access-control-allow-origin https://www.m.langlaybank.com cache-control no-cache, no-store, must-revalidate access-control-allow-credentials true cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 4 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	200	FF0000.png imgcdn1.jdi5.com/img/	128 B 509 B	32ms 21ms	Image image/png	2606:4700:3036::ac43:9c4b CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://imgcdn1.jdi5.com/img/FF0000.png Requested by Host: www.m.langlaybank.com URL: https://www.m.langlaybank.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3036::ac43:9c4b , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / PHP/5.6.40 Resource Hash f55305c1eb95d27c0b58235590a184a11b5093f7481b48862645b2dc45d458cf Request headers Referer https://www.m.langlaybank.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Tue, 29 Jun 2021 08:33:29 GMT cf-cache-status HIT nel {"report_to":"cf-nel","max_age":604800} age 7235377 x-powered-by PHP/5.6.40 alt-svc h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400 content-length 128 cf-request-id 0af87ffaa700004d8932811000000001 server cloudflare expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=ctvMsjGh69z0HiRjkmEYz7Us9qFINXJYSSl7qOz1q2VCudZz85hPIKEHFyoJCvNLtlGahHAlTFMiNTJd55uxbObLpidRiiluKfSGH6k9a3uMb4VudDVy21qSTuI5WVNclgLDWbijA4Y7tA%3D%3D"}],"group":"cf-nel","max_age":604800} content-type image/png cache-control max-age=31536000 accept-ranges bytes cf-ray 666dcf710faf4d89-FRA expires Wed, 06 Apr 2022 14:43:52 GMT
GET H2	200	020202.png imgcdn1.jdi5.com/img/	129 B 469 B	32ms 22ms	Image image/png	2606:4700:3036::ac43:9c4b CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://imgcdn1.jdi5.com/img/020202.png Requested by Host: www.m.langlaybank.com URL: https://www.m.langlaybank.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3036::ac43:9c4b , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / PHP/5.6.40 Resource Hash 0a3a44dacd0d77a886d42e1e3e5b21a33d46ffc43c8d911ca0b9d2ae52fb14fa Request headers Referer https://www.m.langlaybank.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Tue, 29 Jun 2021 08:33:29 GMT cf-cache-status HIT nel {"report_to":"cf-nel","max_age":604800} age 5027635 x-powered-by PHP/5.6.40 alt-svc h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400 content-length 129 cf-request-id 0af87ffaa700004d89150be000000001 server cloudflare expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=Vl9rb%2B0Arr8XGlcd0aR0LyFIwSqiuztn3poZA%2FoG4BJkdKwvDmngtruPQfeFvQr2xjf7OAwdG43Jv1mAUVVakl2YY7i5tO1ejo%2F2M7wCMnknVZG2ncgvrv0Za0vOuRxsgB0%2FK%2B0JseOxaw%3D%3D"}],"group":"cf-nel","max_age":604800} content-type image/png cache-control max-age=31536000 accept-ranges bytes cf-ray 666dcf710fb14d89-FRA expires Mon, 02 May 2022 03:59:34 GMT
POST H2	200	collect Show response stats.g.doubleclick.net/j/	4 B 70 B	14ms 14ms	XHR text/plain	2a00:1450:400c:c0c::9b GOOGLE
General Check archive.org Show headers Download Go to Full URL https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j91&tid=UA-46789381-15&cid=339629333.1624955610&jid=1529122783&gjid=1432541742&_gid=1661477048.1624955610&_u=YAjAAUABAAAAAC~&z=1437028535 Requested by Host: www.google-analytics.com URL: https://www.google-analytics.com/analytics.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:400c:c0c::9b Brussels, Belgium, ASN15169 (GOOGLE, US), Reverse DNS Software Golfe2 / Resource Hash 84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80 Security Headers Name Value Strict-Transport-Security max-age=10886400; includeSubDomains; preload X-Content-Type-Options nosniff Request headers Referer https://www.m.langlaybank.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Content-Type text/plain Response headers pragma no-cache strict-transport-security max-age=10886400; includeSubDomains; preload x-content-type-options nosniff last-modified Sun, 17 May 1998 03:00:00 GMT server Golfe2 date Tue, 29 Jun 2021 08:33:29 GMT content-type text/plain access-control-allow-origin https://www.m.langlaybank.com cache-control no-cache, no-store, must-revalidate access-control-allow-credentials true cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 4 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	200	ga-audiences www.google.com/ads/	42 B 107 B	42ms 41ms	Image image/gif	2a00:1450:4001:80e::2004 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j91&tid=UA-46789381-10&cid=339629333.1624955610&jid=277185577&_u=IAhAAEAAAAAAAC~&z=425982632 Requested by Host: www.m.langlaybank.com URL: https://www.m.langlaybank.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:80e::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://www.m.langlaybank.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers pragma no-cache date Tue, 29 Jun 2021 08:33:29 GMT x-content-type-options nosniff server cafe timing-allow-origin * p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cache-control no-cache, no-store, must-revalidate cross-origin-resource-policy cross-origin content-type image/gif alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 42 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	200	ga-audiences www.google.de/ads/	42 B 107 B	42ms 42ms	Image image/gif	2a00:1450:4001:831::2003 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j91&tid=UA-46789381-10&cid=339629333.1624955610&jid=277185577&_u=IAhAAEAAAAAAAC~&z=425982632 Requested by Host: www.m.langlaybank.com URL: https://www.m.langlaybank.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://www.m.langlaybank.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers pragma no-cache date Tue, 29 Jun 2021 08:33:29 GMT x-content-type-options nosniff server cafe timing-allow-origin * p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cache-control no-cache, no-store, must-revalidate cross-origin-resource-policy cross-origin content-type image/gif alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 42 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	200	ga-audiences www.google.com/ads/	42 B 107 B	199ms 199ms	Image image/gif	2a00:1450:4001:80e::2004 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j91&tid=UA-46789381-15&cid=339629333.1624955610&jid=1529122783&_u=YAjAAUABAAAAAC~&z=831018850 Requested by Host: www.m.langlaybank.com URL: https://www.m.langlaybank.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:80e::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://www.m.langlaybank.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers pragma no-cache date Tue, 29 Jun 2021 08:33:29 GMT x-content-type-options nosniff server cafe timing-allow-origin * p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cache-control no-cache, no-store, must-revalidate cross-origin-resource-policy cross-origin content-type image/gif alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 42 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	200	ga-audiences www.google.de/ads/	42 B 107 B	198ms 198ms	Image image/gif	2a00:1450:4001:831::2003 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j91&tid=UA-46789381-15&cid=339629333.1624955610&jid=1529122783&_u=YAjAAUABAAAAAC~&z=831018850 Requested by Host: www.m.langlaybank.com URL: https://www.m.langlaybank.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://www.m.langlaybank.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers pragma no-cache date Tue, 29 Jun 2021 08:33:29 GMT x-content-type-options nosniff server cafe timing-allow-origin * p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cache-control no-cache, no-store, must-revalidate cross-origin-resource-policy cross-origin content-type image/gif alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 42 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
POST H3-29	200	search.php Show response funnyfoto.xyz/ Frame 6CEE	1 KB 1 KB	97ms 84ms	Document text/html	2606:4700:3032::6815:2223 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://funnyfoto.xyz/search.php Requested by Host: www.m.langlaybank.com URL: https://www.m.langlaybank.com/ Protocol H3-29 Security QUIC, , AES_128_GCM Server 2606:4700:3032::6815:2223 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / PHP/7.4.10 Resource Hash 7c5080448921135a0b93c1297469db614c60c35cf6e1458a57e6b39ec4c0a04f Request headers :method POST :authority funnyfoto.xyz :scheme https :path /search.php content-length 24 pragma no-cache cache-control no-cache upgrade-insecure-requests 1 origin https://funnyfoto.xyz content-type application/x-www-form-urlencoded user-agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 accept text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9 sec-fetch-site same-origin sec-fetch-mode navigate sec-fetch-dest iframe referer https://funnyfoto.xyz/submit.php?evadav=true accept-encoding gzip, deflate, br accept-language en-US Upgrade-Insecure-Requests 1 Origin https://funnyfoto.xyz Content-Type application/x-www-form-urlencoded User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Referer https://funnyfoto.xyz/submit.php?evadav=true Response headers date Tue, 29 Jun 2021 08:33:29 GMT content-type text/html; charset=UTF-8 vary Accept-Encoding x-powered-by PHP/7.4.10 set-cookie sam=sam; expires=Thu, 29-Jul-2021 08:33:29 GMT; Max-Age=2592000; path=/; domain=funnyfoto.xyz cf-cache-status DYNAMIC cf-request-id 0af87ffaed00009ab66caa4000000001 expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=pTo4CUsH0JUA9If%2FsYbsY7fxOKAdBvZ7FCwiOYgKONc7pGlqI0KEuj9DLaJn4NK7vwgld3bUEqb57zP%2BOHJ6NrnSmt3nE4VkqFErKS1fMQCVSU3HKk%2Bz2VWvi33N8oxABl304r7wKQ%3D%3D"}],"group":"cf-nel","max_age":604800} nel {"report_to":"cf-nel","max_age":604800} server cloudflare cf-ray 666dcf717b609ab6-FRA content-encoding br alt-svc h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
POST H3-29	200	/ Show response 1337x1.site/ Frame C863	345 B 822 B	62ms 46ms	Document text/html	2606:4700:3037::6815:3c4a CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://1337x1.site/ Requested by Host: www.m.langlaybank.com URL: https://www.m.langlaybank.com/ Protocol H3-29 Security QUIC, , AES_128_GCM Server 2606:4700:3037::6815:3c4a , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash ff46336094e47ad19b8409479d23cda45ddce49d05d879b04d29dec385fb777c Request headers :method POST :authority 1337x1.site :scheme https :path / content-length 24 pragma no-cache cache-control no-cache upgrade-insecure-requests 1 origin https://1337x1.site content-type application/x-www-form-urlencoded user-agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 accept text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9 sec-fetch-site same-origin sec-fetch-mode navigate sec-fetch-dest iframe referer https://1337x1.site/submit.php accept-encoding gzip, deflate, br accept-language en-US Upgrade-Insecure-Requests 1 Origin https://1337x1.site Content-Type application/x-www-form-urlencoded User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Referer https://1337x1.site/submit.php Response headers date Tue, 29 Jun 2021 08:33:29 GMT content-type text/html; charset=UTF-8 set-cookie sam=sam; expires=Thu, 29-Jul-2021 08:33:29 GMT; Max-Age=2592000; path=/; domain=1337x1.xyz vary Accept-Encoding x-turbo-charged-by LiteSpeed cf-cache-status DYNAMIC cf-request-id 0af87ffb1300005369a63f4000000001 expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=z0AEGKi5IQ9w0tSSqEUO1tMbhwBSOJ8PmBYu7GXzSNLVsn8AM%2FC230xLkk56FLjHlNK0jeKdFCTc5SlRJpWuyQbWUln%2BPvhPv3SDlRV%2BC043cs2r16xqdFOpp99AusmCUuF9IbU%3D"}],"group":"cf-nel","max_age":604800} nel {"report_to":"cf-nel","max_age":604800} server cloudflare cf-ray 666dcf71b90c5369-FRA content-encoding br alt-svc h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
POST H3-29	200	/ Show response 1337x1.site/ Frame C863	3 KB 2 KB	23316ms 23316ms	Document text/html	2606:4700:3037::6815:3c4a CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://1337x1.site/ Requested by Host: www.m.langlaybank.com URL: https://www.m.langlaybank.com/ Protocol H3-29 Security QUIC, , AES_128_GCM Server 2606:4700:3037::6815:3c4a , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash fd5cb122c89c45f524e283776923e502eea63ab224a3ff05335047364920905f Request headers :method POST :authority 1337x1.site :scheme https :path / content-length 30 pragma no-cache cache-control no-cache upgrade-insecure-requests 1 origin https://1337x1.site content-type application/x-www-form-urlencoded user-agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 accept text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9 sec-fetch-site same-origin sec-fetch-mode navigate sec-fetch-dest iframe referer https://1337x1.site/ accept-encoding gzip, deflate, br accept-language en-US Upgrade-Insecure-Requests 1 Origin https://1337x1.site Content-Type application/x-www-form-urlencoded User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Referer https://1337x1.site/ Response headers date Tue, 29 Jun 2021 08:33:53 GMT content-type text/html; charset=UTF-8 set-cookie sam=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; Max-Age=0; path=/; domain=1337x1.xyz vary Accept-Encoding x-turbo-charged-by LiteSpeed cf-cache-status DYNAMIC cf-request-id 0af87ffb4e00005369c5392000000001 expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=Tf%2B4GE97o4edHsmFtmbOiYSqGBQiaGma28rG7GF6nIvtNF13tDrs456sl41GZ4XmhDKStn%2Fk%2Fispi5SrPg%2FOK48%2F6RXLAN%2BRayFTCQP65SEcKfU6jbwDoC%2FITLXoRkAXqW99CLM%3D"}],"group":"cf-nel","max_age":604800} nel {"report_to":"cf-nel","max_age":604800} server cloudflare cf-ray 666dcf7209eb5369-FRA content-encoding br alt-svc h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
POST H3-29	200	930.html Show response funnyfoto.xyz/ Frame 6CEE	2 KB 2 KB	45ms 45ms	Document text/html	2606:4700:3032::6815:2223 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://funnyfoto.xyz/930.html Requested by Host: www.m.langlaybank.com URL: https://www.m.langlaybank.com/ Protocol H3-29 Security QUIC, , AES_128_GCM Server 2606:4700:3032::6815:2223 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / PHP/7.4.10 Resource Hash 42d8998d29d1e0c7d03d4091672a8180d831a8314b847c720860a490402f93ce Request headers :method POST :authority funnyfoto.xyz :scheme https :path /930.html content-length 30 pragma no-cache cache-control no-cache upgrade-insecure-requests 1 origin https://funnyfoto.xyz content-type application/x-www-form-urlencoded user-agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 accept text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9 sec-fetch-site same-origin sec-fetch-mode navigate sec-fetch-dest iframe referer https://funnyfoto.xyz/search.php accept-encoding gzip, deflate, br accept-language en-US Upgrade-Insecure-Requests 1 Origin https://funnyfoto.xyz Content-Type application/x-www-form-urlencoded User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Referer https://funnyfoto.xyz/search.php Response headers date Tue, 29 Jun 2021 08:33:29 GMT content-type text/html; charset=UTF-8 vary Accept-Encoding x-powered-by PHP/7.4.10 set-cookie sam=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; Max-Age=0; path=/; domain=funnyfoto.xyz cf-cache-status DYNAMIC cf-request-id 0af87ffb4800009ab695954000000001 expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=fWHohF7%2BRL6hMU7PXOL8ZHAkYlQ4UuA%2F%2BNXZs4ULrtC8E%2B0naVh%2BWYommwHbrCAcfwhdMdZXCTMa18N8Jb%2BfGDI1xFGR5dwNskEVKy0TBlJrBztmU1ODIu2f2KbeXKDhwQMATorDgg%3D%3D"}],"group":"cf-nel","max_age":604800} nel {"report_to":"cf-nel","max_age":604800} server cloudflare cf-ray 666dcf720bbd9ab6-FRA content-encoding br alt-svc h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
GET H3-29	200	js Show response www.googletagmanager.com/gtag/ Frame 6CEE	90 KB 36 KB	32ms 18ms	Script application/javascript	2a00:1450:4001:82f::2008 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.googletagmanager.com/gtag/js?id=UA-46789381-52 Requested by Host: funnyfoto.xyz URL: https://funnyfoto.xyz/930.html Protocol H3-29 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:82f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software Google Tag Manager / Resource Hash d17d94c6aedb26a37d01f5ab793ab49326520e97d4f5ce5bfd4bab5b31259c39 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains X-Xss-Protection 0 Request headers Referer https://funnyfoto.xyz/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Tue, 29 Jun 2021 08:33:30 GMT content-encoding br vary Accept-Encoding cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 36382 x-xss-protection 0 last-modified Tue, 29 Jun 2021 06:00:00 GMT server Google Tag Manager strict-transport-security max-age=31536000; includeSubDomains content-type application/javascript; charset=UTF-8 access-control-allow-origin * cache-control private, max-age=900 access-control-allow-credentials true access-control-allow-headers Cache-Control expires Tue, 29 Jun 2021 08:33:30 GMT
GET H2	200	waWQiOjEwNTEyMDUsInNpZCI6MTA2NDIxNiwid2lkIjoxNzcyMDYsInNyYyI6Mn0=eyJ.js Show response ndroip.com/na/ Frame 6CEE	97 KB 34 KB	106ms 85ms	Script application/javascript	2606:4700:3036::ac43:8136 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://ndroip.com/na/waWQiOjEwNTEyMDUsInNpZCI6MTA2NDIxNiwid2lkIjoxNzcyMDYsInNyYyI6Mn0=eyJ.js Requested by Host: funnyfoto.xyz URL: https://funnyfoto.xyz/930.html Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3036::ac43:8136 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 78edb782e278a4e8206e4847c7d2b4a63b731f608d165ed51d74ecb81283ac67 Request headers Referer https://funnyfoto.xyz/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Tue, 29 Jun 2021 08:33:30 GMT content-encoding br cf-cache-status HIT nel {"report_to":"cf-nel","max_age":604800} e-tag ea2c3eda287309b55d2a09cc1ca845cd age 2255 alt-svc h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400 cf-request-id 0af87ffb950000969e5a9a0000000001 server cloudflare expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=DY2eBAVXtADngO6V6%2Fp4W5NnHkZh%2F0DH9xkzHTw64EO0IeTb7pL8x4RfaH6EUzNYtfi6sSOQKYPZoLdARctjbtaCbpL7iG%2BYDcudIB7RWnfzk2DBF4aP1QeDvZKLReFDXKuINw%3D%3D"}],"group":"cf-nel","max_age":604800} content-type application/javascript; charset=UTF-8 access-control-allow-origin https://funnyfoto.xyz cache-control public, max-age=14400, proxy-revalidate cf-ray 666dcf728c54969e-FRA
GET H2	200	waWQiOjEwNTEyMDUsInNpZCI6MTA2NDIxNiwid2lkIjoxNzczODEsInNyYyI6Mn0=eyJ.js Show response msgose.com/pw/ Frame 6CEE	144 KB 51 KB	41ms 21ms	Script application/javascript	2606:4700:3034::ac43:ab50 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://msgose.com/pw/waWQiOjEwNTEyMDUsInNpZCI6MTA2NDIxNiwid2lkIjoxNzczODEsInNyYyI6Mn0=eyJ.js Requested by Host: funnyfoto.xyz URL: https://funnyfoto.xyz/930.html Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3034::ac43:ab50 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 41b8e308bf588f70811d2c8ae6e3f766e9ca0cfe1199b4094438cfab1a9c7b72 Request headers Referer https://funnyfoto.xyz/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Tue, 29 Jun 2021 08:33:30 GMT content-encoding br cf-cache-status HIT nel {"report_to":"cf-nel","max_age":604800} e-tag db8d6154b535cd6a418517e7e354c053 age 6105 alt-svc h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400 cf-request-id 0af87ffb9200002c361392a000000001 server cloudflare expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=rFffmZdotyGlKH82oEvoM%2BrhoUqYhjVsCihpaQWZWrRLJVM7mcPGlCqOxTjMc3Od1huuUwIhQrxsPnRu8D5kRYu9mI1TjXrNFHymr%2FLukYb4i17JtPeQDFLRkCrtIoeEdJwnLQ%3D%3D"}],"group":"cf-nel","max_age":604800} content-type application/javascript; charset=UTF-8 access-control-allow-origin https://funnyfoto.xyz cache-control max-age=14400 cf-ray 666dcf728b022c36-FRA
GET H2	200	native.js Show response pigtre.com/code/ Frame 6CEE	6 KB 2 KB	46ms 16ms	Script application/javascript	88.208.60.53 ADVANCEDHOSTERS-AS
General Check archive.org Show headers Download Go to Full URL https://pigtre.com/code/native.js?h=waWQiOjEwNTEyMDUsInNpZCI6MTA2NDIxNiwid2lkIjoxNzczODAsInNyYyI6Mn0=eyJ Requested by Host: funnyfoto.xyz URL: https://funnyfoto.xyz/930.html Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 88.208.60.53 , Netherlands, ASN39572 (ADVANCEDHOSTERS-AS, NL), Reverse DNS Software nginx/1.17.3 / Resource Hash 911935e91a6dc21aaa7c296898c18b07e24cb9a0a0114fd9b5d2094df6d4bf64 Request headers Referer https://funnyfoto.xyz/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers access-control-allow-origin https://funnyfoto.xyz date Tue, 29 Jun 2021 08:33:30 GMT content-encoding gzip server nginx/1.17.3 x-zone eu3 vary Accept-Encoding content-type application/javascript; charset=UTF-8
GET H3-29	200	js Show response www.googletagmanager.com/gtag/ Frame 6CEE	90 KB 36 KB	19ms 19ms	Script application/javascript	2a00:1450:4001:82f::2008 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.googletagmanager.com/gtag/js?id=UA-46789381-51&l=dataLayer&cx=c Requested by Host: www.googletagmanager.com URL: https://www.googletagmanager.com/gtag/js?id=UA-46789381-52 Protocol H3-29 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:82f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software Google Tag Manager / Resource Hash 7de54670e718437476e3062de14a92054279335056d496b14d2655d1f2726e93 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains X-Xss-Protection 0 Request headers Referer https://funnyfoto.xyz/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Tue, 29 Jun 2021 08:33:30 GMT content-encoding br vary Accept-Encoding cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 36410 x-xss-protection 0 last-modified Tue, 29 Jun 2021 06:00:00 GMT server Google Tag Manager strict-transport-security max-age=31536000; includeSubDomains content-type application/javascript; charset=UTF-8 access-control-allow-origin * cache-control private, max-age=900 access-control-allow-credentials true access-control-allow-headers Cache-Control expires Tue, 29 Jun 2021 08:33:30 GMT
GET H2	200	sdk.js Show response stuiop.com/v1/ Frame 6CEE	11 KB 4 KB	73ms 54ms	Script application/javascript	2606:4700:3033::ac43:8493 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://stuiop.com/v1/sdk.js?h=waWQiOjEwNTEyMDUsInNpZCI6MTA2NDIxNiwid2lkIjoxNzczODAsInNyYyI6Mn0=eyJ&d=funnyfoto.xyz&sw=evasw.js Requested by Host: pigtre.com URL: https://pigtre.com/code/native.js?h=waWQiOjEwNTEyMDUsInNpZCI6MTA2NDIxNiwid2lkIjoxNzczODAsInNyYyI6Mn0=eyJ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3033::ac43:8493 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 9d34d2249412b9638dc4e0474620e67ffc15aa5a8fbb1db42071c3c502b558fc Request headers Referer https://funnyfoto.xyz/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Tue, 29 Jun 2021 08:33:30 GMT content-encoding br cf-cache-status HIT nel {"report_to":"cf-nel","max_age":604800} age 331 x-zone eu alt-svc h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400 cf-request-id 0af87ffbc500004e8c95a51000000001 server cloudflare etag W/"0Svy6eFarwbSekvr8dvjztz1jPs" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=AGYKqJzRa2zRF6eApvkVq6yl1GWKU0AZ1bOwXVt3K%2B1LDhbuReQ%2FDSkn7hy%2ByvJrs6Pwzkd3C2ObrnSgi5Da3EV1CHPGrlwNFlvNguVMBlbSrUUNJm7J%2BHsj0gdM8MV6pF6zxw%3D%3D"}],"group":"cf-nel","max_age":604800} content-type application/javascript; charset=UTF-8 access-control-allow-origin https://funnyfoto.xyz cache-control public, max-age=14400 cf-ray 666dcf72dea54e8c-FRA
GET H2	200	wnload Show response yfetyg.com/ Frame 6CEE	0 128 B	45ms 15ms	Fetch application/javascript	2a02:b4a:1:7::9273:1 ADVANCEDHOSTERS-AS
General Check archive.org Show headers Download Go to Full URL https://yfetyg.com/wnload?a=1&e=aeyJwaWQiOjEwNTEyMDUsInNpZCI6MTA2NDIxNiwid2lkIjoxNzczODEsImQiOiJmdW5ueWZvdG8ueHl6IiwibGkiOjF9&tz=2&if=1 Requested by Host: msgose.com URL: https://msgose.com/pw/waWQiOjEwNTEyMDUsInNpZCI6MTA2NDIxNiwid2lkIjoxNzczODEsInNyYyI6Mn0=eyJ.js Protocol H2 Security TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305 Server 2a02:b4a:1:7::9273:1 , Netherlands, ASN39572 (ADVANCEDHOSTERS-AS, NL), Reverse DNS Software nginx/1.18.0 / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Referer https://funnyfoto.xyz/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers access-control-allow-origin * date Tue, 29 Jun 2021 08:33:30 GMT access-control-allow-credentials true server nginx/1.18.0 content-length 0 content-type application/javascript; charset=utf-8
GET H2	204	oZjAwMDZZUlVDUwINCQIBUwgA Show response d1esebcdm6wx7j.cloudfront.net/ Frame 6CEE	0 294 B	251ms 221ms	Script text/plain	2600:9000:2104:ba00:15:c747:87c0:21 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://d1esebcdm6wx7j.cloudfront.net/oZjAwMDZZUlVDUwINCQIBUwgA Requested by Host: msgose.com URL: https://msgose.com/pw/waWQiOjEwNTEyMDUsInNpZCI6MTA2NDIxNiwid2lkIjoxNzczODEsInNyYyI6Mn0=eyJ.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:2104:ba00:15:c747:87c0:21 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Referer https://funnyfoto.xyz/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers pragma no-cache date Tue, 29 Jun 2021 08:33:30 GMT via 1.1 e13e8f228afcbd0862f27c6ebd714879.cloudfront.net (CloudFront) x-amz-cf-pop AMS1-C1 x-cache Miss from cloudfront access-control-allow-origin * cache-control no-store, no-cache, proxy-revalidate, must-revalidate, private, no-transform x-amz-cf-id fvp3FhvyHTN8psfylgOlUVDg-13pjVumrYOYNNLzkMhkI6WrDwn-iw==
GET BLOB	200 OK	cd7c34e3-fc75-4153-ae92-c8b9a6d8c624 https://funnyfoto.xyz/ Frame 6CEE	91 B 0		Other application/json
General Check archive.org Show headers Download Go to Full URL blob:https://funnyfoto.xyz/cd7c34e3-fc75-4153-ae92-c8b9a6d8c624 Requested by Host: funnyfoto.xyz URL: https://funnyfoto.xyz/930.html Protocol BLOB Server -, , ASN (), Reverse DNS Software / Resource Hash 2d054b502d829accd15ff9cb78d1431df1c3ec2c67ca18d4008d2cbc973c6384 Request headers Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers Content-Length 91 Content-Type application/json
GET H2	200	translate_24dp.png www.gstatic.com/images/branding/product/1x/	825 B 1 KB	27ms 5ms	Image image/png	2a00:1450:4001:801::2003 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://www.gstatic.com/images/branding/product/1x/translate_24dp.png Requested by Host: www.m.langlaybank.com URL: https://www.m.langlaybank.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:801::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 1bb2279aed6bc1438d2b17a5ffcbac9d37864582aedeeec8d301eab162b2c213 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://www.m.langlaybank.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Tue, 29 Jun 2021 08:18:50 GMT x-content-type-options nosniff last-modified Tue, 22 Oct 2019 18:15:00 GMT server sffe age 880 vary Origin content-type image/png cache-control public, max-age=31536000 cross-origin-resource-policy cross-origin accept-ranges bytes alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 825 x-xss-protection 0 expires Wed, 29 Jun 2022 08:18:50 GMT
GET H2	200	googlelogo_color_42x16dp.png www.gstatic.com/images/branding/googlelogo/1x/	910 B 998 B	28ms 7ms	Image image/png	2a00:1450:4001:801::2003 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://www.gstatic.com/images/branding/googlelogo/1x/googlelogo_color_42x16dp.png Requested by Host: www.m.langlaybank.com URL: https://www.m.langlaybank.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:801::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 6318394f737c66f0e2ccfcd88e3935c6667633a1b95fa29fba2b75431d55eef2 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://www.m.langlaybank.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Tue, 29 Jun 2021 04:01:56 GMT x-content-type-options nosniff last-modified Tue, 22 Oct 2019 18:15:00 GMT server sffe age 16294 vary Origin content-type image/png cache-control public, max-age=31536000 cross-origin-resource-policy cross-origin accept-ranges bytes alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 910 x-xss-protection 0 expires Wed, 29 Jun 2022 04:01:56 GMT
GET H2	200	translate_24dp.png www.gstatic.com/images/branding/product/2x/	2 KB 2 KB	28ms 6ms	Image image/png	2a00:1450:4001:801::2003 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://www.gstatic.com/images/branding/product/2x/translate_24dp.png Requested by Host: translate.googleapis.com URL: https://translate.googleapis.com/translate_static/css/translateelement.css Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:801::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 5fe03bfd95a2d4e640ed7d04dcb08ef991c327a5ab6f6fdb9eb06e1efc76af30 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://translate.googleapis.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Tue, 29 Jun 2021 08:26:35 GMT x-content-type-options nosniff last-modified Tue, 22 Oct 2019 18:15:00 GMT server sffe age 415 vary Origin content-type image/png cache-control public, max-age=31536000 cross-origin-resource-policy cross-origin accept-ranges bytes alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 1847 x-xss-protection 0 expires Wed, 29 Jun 2022 08:26:35 GMT
GET		ntload tgpsew.com/ Frame 6CEE	0 0
GET H3-29	200	analytics.js Show response www.google-analytics.com/ Frame 6CEE	48 KB 19 KB	6ms 6ms	Script text/javascript	2a00:1450:4001:830::200e GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.google-analytics.com/analytics.js Requested by Host: www.googletagmanager.com URL: https://www.googletagmanager.com/gtag/js?id=UA-46789381-51&l=dataLayer&cx=c Protocol H3-29 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:830::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software Golfe2 / Resource Hash 73d6a5ea11fb7bf6e6a6ccd44b1635d52c79b0a00623d0387c9dddd4b7c68e89 Security Headers Name Value Strict-Transport-Security max-age=10886400; includeSubDomains; preload X-Content-Type-Options nosniff Request headers Referer https://funnyfoto.xyz/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers strict-transport-security max-age=10886400; includeSubDomains; preload content-encoding gzip x-content-type-options nosniff last-modified Wed, 09 Jun 2021 17:36:57 GMT server Golfe2 age 3202 date Tue, 29 Jun 2021 07:40:08 GMT vary Accept-Encoding content-type text/javascript cache-control public, max-age=7200 cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 19661 expires Tue, 29 Jun 2021 09:40:08 GMT
GET H3-29	200	l Show response translate.googleapis.com/translate_a/ Frame CC60	3 KB 962 B	21ms 20ms	Script application/javascript	2a00:1450:4001:812::200a GOOGLE
General Check archive.org Show headers Download Go to Full URL https://translate.googleapis.com/translate_a/l?client=te&alpha=true&hl=en&cb=callback Requested by Host: srcdoc URL: about:srcdoc Protocol H3-29 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:812::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software ESF / Resource Hash 13b5eece5a7359f9c0de2b4b3c24eeed42fa547e5811238bc9434dcc975bb101 Security Headers Name Value Content-Security-Policy require-trusted-types-for 'script';report-uri /_/TranslateApiHttp/cspreport, script-src 'report-sample' 'nonce-tGQCthPFNhyBrVTaZFgUwg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/TranslateApiHttp/cspreport;worker-src 'self' X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 0 Request headers Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers pragma no-cache content-security-policy require-trusted-types-for 'script';report-uri /_/TranslateApiHttp/cspreport, script-src 'report-sample' 'nonce-tGQCthPFNhyBrVTaZFgUwg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/TranslateApiHttp/cspreport;worker-src 'self' content-encoding gzip x-content-type-options nosniff server ESF cross-origin-opener-policy same-origin date Tue, 29 Jun 2021 08:33:30 GMT x-frame-options SAMEORIGIN content-type application/javascript; charset=utf-8 access-control-allow-origin * cache-control no-cache, no-store, max-age=0, must-revalidate alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" x-xss-protection 0 expires Mon, 01 Jan 1990 00:00:00 GMT
GET H3-29	200	index.js Show response funnyfoto.xyz/ Frame 6CEE	202 B 744 B	25ms 24ms	Script application/javascript	2606:4700:3032::6815:2223 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://funnyfoto.xyz/index.js Requested by Host: ndroip.com URL: https://ndroip.com/na/waWQiOjEwNTEyMDUsInNpZCI6MTA2NDIxNiwid2lkIjoxNzcyMDYsInNyYyI6Mn0=eyJ.js Protocol H3-29 Security QUIC, , AES_128_GCM Server 2606:4700:3032::6815:2223 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash c64f488dbf01665e06cee583abfc38dc822d685e4f701006600a0574286f71f3 Request headers Referer https://funnyfoto.xyz/930.html User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Tue, 29 Jun 2021 08:33:30 GMT content-encoding br cf-cache-status HIT nel {"report_to":"cf-nel","max_age":604800} age 1722448 alt-svc h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400 cf-request-id 0af87ffd0000009ab6a6849000000001 last-modified Wed, 09 Jun 2021 10:04:42 GMT server cloudflare etag W/"60c0923a-ca" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=krDs1Re856loU7CqP5emAw6Ha3My8bFSqcpISdrzrae7IMraVKLl6%2FtUBfzSwCUSGh12%2BXY6VOR2SPtpk8Q8XFEHqBs%2FLWS%2BcoxD7BKuctYaW3Gcc4sfMuYjzwjng%2F6lIyFBSGXPDA%3D%3D"}],"group":"cf-nel","max_age":604800} content-type application/javascript cache-control max-age=315360000 cf-ray 666dcf74cd429ab6-FRA expires Thu, 31 Dec 2037 23:55:55 GMT
GET H3-29	200	submit.php Show response 1337x1.site/ Frame 2BD0 Redirect Chain https://ad.jetx.info/red2.php?id=17 https://1337x1.site/submit.php	345 B 721 B	42ms 42ms	Document text/html	2606:4700:3037::6815:3c4a CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://1337x1.site/submit.php Requested by Host: funnyfoto.xyz URL: https://funnyfoto.xyz/index.js Protocol H3-29 Security QUIC, , AES_128_GCM Server 2606:4700:3037::6815:3c4a , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash e9b281d1d3a53a42aaa13f8b0e5b332da80515dd3f010481193953038d8fa7ef Request headers :method GET :authority 1337x1.site :scheme https :path /submit.php pragma no-cache cache-control no-cache upgrade-insecure-requests 1 user-agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 accept text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9 sec-fetch-site cross-site sec-fetch-mode navigate sec-fetch-dest iframe referer https://funnyfoto.xyz/ accept-encoding gzip, deflate, br accept-language en-US Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Referer https://funnyfoto.xyz/ Response headers date Tue, 29 Jun 2021 08:33:30 GMT content-type text/html; charset=UTF-8 vary Accept-Encoding x-turbo-charged-by LiteSpeed cf-cache-status DYNAMIC cf-request-id 0af87ffd5a00005369d49b9000000001 expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=WDVkM%2FCTnkUQgGdFZH%2F5ymyUe%2Fl4jVe%2B45qt9TIKb6WbpPLputVvbTRwU4RZElMdA2vnpCo%2B51brapNdZiwos6P3ZaP3epH59IZ3CbkJkzGZkKML%2BE5q9PPdJbiZ5eqBZ0yJsUc%3D"}],"group":"cf-nel","max_age":604800} nel {"report_to":"cf-nel","max_age":604800} server cloudflare cf-ray 666dcf755a4b5369-FRA content-encoding br alt-svc h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400 Redirect headers date Tue, 29 Jun 2021 08:33:30 GMT content-type text/html; charset=UTF-8 x-powered-by PHP/7.4.10 set-cookie PHPSESSID=3a4hdtm6hn170dkrda0d00ri0o; path=/ expires Thu, 19 Nov 1981 08:52:00 GMT cache-control no-store, no-cache, must-revalidate pragma no-cache location https://1337x1.site/submit.php cf-cache-status DYNAMIC cf-request-id 0af87ffd29000064372d97a000000001 expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=7mHqE29oNzbZFeu6OspZtCtu0zfX1jXggC4UwcsmuZqqTgDyNmMMzkns%2BxxCUEH%2Begpy9KnfDDzPd3J5FkYSeEhb5THv2SNZUAF0u%2BjW61NfrQryMkA9Ycbf%2FI93wDAXYeMZkGPU"}],"group":"cf-nel","max_age":604800} nel {"report_to":"cf-nel","max_age":604800} server cloudflare cf-ray 666dcf750aa86437-FRA alt-svc h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
POST H3-29	200	/ Show response 1337x1.site/ Frame 2BD0	345 B 794 B	33ms 33ms	Document text/html	2606:4700:3037::6815:3c4a CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://1337x1.site/ Requested by Host: funnyfoto.xyz URL: https://funnyfoto.xyz/930.html Protocol H3-29 Security QUIC, , AES_128_GCM Server 2606:4700:3037::6815:3c4a , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash ff46336094e47ad19b8409479d23cda45ddce49d05d879b04d29dec385fb777c Request headers :method POST :authority 1337x1.site :scheme https :path / content-length 24 pragma no-cache cache-control no-cache upgrade-insecure-requests 1 origin https://1337x1.site content-type application/x-www-form-urlencoded user-agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 accept text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9 sec-fetch-site same-origin sec-fetch-mode navigate sec-fetch-dest iframe referer https://1337x1.site/submit.php accept-encoding gzip, deflate, br accept-language en-US Upgrade-Insecure-Requests 1 Origin https://1337x1.site Content-Type application/x-www-form-urlencoded User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Referer https://1337x1.site/submit.php Response headers date Tue, 29 Jun 2021 08:33:30 GMT content-type text/html; charset=UTF-8 set-cookie sam=sam; expires=Thu, 29-Jul-2021 08:33:30 GMT; Max-Age=2592000; path=/; domain=1337x1.xyz vary Accept-Encoding x-turbo-charged-by LiteSpeed cf-cache-status DYNAMIC cf-request-id 0af87ffd9000005369669c9000000001 expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=wH3MxaJn0Wqd0jXY4dBwnkRav6L2UgxO4i0bB7zpCXGtYQ8Pj%2BR5bfpdYADjAEQWKw%2BcPy%2BCMQWTGDPj6VE5xCCTTtYxsSj1ZPMeTjNC%2FNfX3%2Fk3yQmyiSI%2FfFyHd%2Fw3fbZQ7fg%3D"}],"group":"cf-nel","max_age":604800} nel {"report_to":"cf-nel","max_age":604800} server cloudflare cf-ray 666dcf75ab475369-FRA content-encoding br alt-svc h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
POST H3-29	200	/ Show response 1337x1.site/ Frame 2BD0	3 KB 2 KB	28ms 28ms	Document text/html	2606:4700:3037::6815:3c4a CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://1337x1.site/ Requested by Host: funnyfoto.xyz URL: https://funnyfoto.xyz/930.html Protocol H3-29 Security QUIC, , AES_128_GCM Server 2606:4700:3037::6815:3c4a , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash fd5cb122c89c45f524e283776923e502eea63ab224a3ff05335047364920905f Request headers :method POST :authority 1337x1.site :scheme https :path / content-length 30 pragma no-cache cache-control no-cache upgrade-insecure-requests 1 origin https://1337x1.site content-type application/x-www-form-urlencoded user-agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 accept text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9 sec-fetch-site same-origin sec-fetch-mode navigate sec-fetch-dest iframe referer https://1337x1.site/ accept-encoding gzip, deflate, br accept-language en-US Upgrade-Insecure-Requests 1 Origin https://1337x1.site Content-Type application/x-www-form-urlencoded User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Referer https://1337x1.site/ Response headers date Tue, 29 Jun 2021 08:33:30 GMT content-type text/html; charset=UTF-8 set-cookie sam=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; Max-Age=0; path=/; domain=1337x1.xyz vary Accept-Encoding x-turbo-charged-by LiteSpeed cf-cache-status DYNAMIC cf-request-id 0af87ffdb500005369b4079000000001 expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=aVWjYxxZVrunxUAlEu9qBvIH3azID6hkYdqEMPVPXsdglDUgtZmNPihvgbb9V2xG04zPR7U5Thskoh%2F5%2FXMLnZeQdqhPb6Sqh%2BpMi092uOFuW6cXvVhTPk5gYLBtkFfm4J8CoS4%3D"}],"group":"cf-nel","max_age":604800} nel {"report_to":"cf-nel","max_age":604800} server cloudflare cf-ray 666dcf75ebda5369-FRA content-encoding br alt-svc h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
GET H3-29	200	js Show response www.googletagmanager.com/gtag/ Frame 2BD0	90 KB 36 KB	15ms 14ms	Script application/javascript	2a00:1450:4001:82f::2008 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.googletagmanager.com/gtag/js?id=UA-46789381-49 Requested by Host: 1337x1.site URL: https://1337x1.site/ Protocol H3-29 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:82f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software Google Tag Manager / Resource Hash 0146d8eb5b8cc84c2f385325b247cb99397e063ac9ac4f19a63634d3c1584b7d Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains X-Xss-Protection 0 Request headers Referer https://1337x1.site/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Tue, 29 Jun 2021 08:33:30 GMT content-encoding br vary Accept-Encoding cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 36383 x-xss-protection 0 last-modified Tue, 29 Jun 2021 06:00:00 GMT server Google Tag Manager strict-transport-security max-age=31536000; includeSubDomains content-type application/javascript; charset=UTF-8 access-control-allow-origin * cache-control private, max-age=900 access-control-allow-credentials true access-control-allow-headers Cache-Control expires Tue, 29 Jun 2021 08:33:30 GMT
GET H/1.1	200 OK	script.js Show response js.cdnspace.io/1/ Frame 2BD0	40 KB 12 KB	40ms 14ms	Script application/javascript	109.206.162.211 SERVEREL-AS
General Check archive.org Show headers Download Go to Full URL https://js.cdnspace.io/1/script.js?t=20215298 Requested by Host: 1337x1.site URL: https://1337x1.site/ Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 109.206.162.211 , Netherlands, ASN50245 (SERVEREL-AS, NL), Reverse DNS 211.162.serverel.net Software nginx / Resource Hash dd8f9cc6ecbd355849742f6936adc932c0ac40b7e8fca921c55d6101a2189ac2 Request headers Referer https://1337x1.site/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers Date Tue, 29 Jun 2021 08:33:30 GMT Content-Encoding gzip Last-Modified Tue, 15 Jun 2021 08:54:46 GMT Server nginx ETag W/"60c86ad6-a10f" Vary Accept-Encoding Content-Type application/javascript Cache-Control max-age=1800, public Transfer-Encoding chunked Connection keep-alive Expires Tue, 29 Jun 2021 09:03:30 GMT
GET H3-29	200	analytics.js Show response www.google-analytics.com/ Frame 2BD0	48 KB 19 KB	6ms 6ms	Script text/javascript	2a00:1450:4001:830::200e GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.google-analytics.com/analytics.js Requested by Host: www.googletagmanager.com URL: https://www.googletagmanager.com/gtag/js?id=UA-46789381-49 Protocol H3-29 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:830::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software Golfe2 / Resource Hash 73d6a5ea11fb7bf6e6a6ccd44b1635d52c79b0a00623d0387c9dddd4b7c68e89 Security Headers Name Value Strict-Transport-Security max-age=10886400; includeSubDomains; preload X-Content-Type-Options nosniff Request headers Referer https://1337x1.site/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers strict-transport-security max-age=10886400; includeSubDomains; preload content-encoding gzip x-content-type-options nosniff last-modified Wed, 09 Jun 2021 17:36:57 GMT server Golfe2 age 3202 date Tue, 29 Jun 2021 07:40:08 GMT vary Accept-Encoding content-type text/javascript cache-control public, max-age=7200 cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 19661 expires Tue, 29 Jun 2021 09:40:08 GMT
GET H2	200	w.js Show response jscdn.cloud/ Frame 2BD0	27 KB 27 KB	143ms 113ms	Script text/javascript	109.206.168.5 SERVEREL-AS
General Check archive.org Show headers Download Go to Full URL https://jscdn.cloud/w.js?isr=1&wtoken=18bdbc31-55ab-4f10-b621-9b377aa4165b&u=94766&userid=null&t=2063&sid=1337x1.site&r=0.633099475208815 Requested by Host: js.cdnspace.io URL: https://js.cdnspace.io/1/script.js?t=20215298 Protocol H2 Security TLS 1.3, , AES_256_GCM Server 109.206.168.5 , Netherlands, ASN50245 (SERVEREL-AS, NL), Reverse DNS 109.206.168.5.serverel.net Software binder-v4.1.10.1 / Resource Hash 4e85760789a59d7963df0422d6ec07228d20d01041d25b6c41a5c6e69470dad6 Request headers Referer https://1337x1.site/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers access-control-allow-origin * date Tue, 29 Jun 2021 08:33:31 GMT server binder-v4.1.10.1 x-response-code 20200 content-length 27191 access-control-allow-methods GET, POST content-type text/javascript
GET H2	200	cqEh9WM3aZhR7EdfynM8xbNWjLs1Ddpih2xFQwtp.png cdnspace.net/ Frame 4481 Redirect Chain https://wideliv.com/b2/l/i/icon?eid=10592&n=ddfcc06d0daa881e89775e5f&nid=1&sid=UzdOOmEBgmMvHYL6TRhBLo9XVHgHPHgzBfDDv85XM55IurcCPSdT%2BoF2kqEqYvheH5sHuf7J%2B9UKvSKdl5jcSsFExU97wszb9nOONuVMPgbMw9uDOM... https://cdnspace.net/cqEh9WM3aZhR7EdfynM8xbNWjLs1Ddpih2xFQwtp.png	267 KB 268 KB	45ms 27ms	Image image/png	2606:4700:3038::6815:e9a0 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://cdnspace.net/cqEh9WM3aZhR7EdfynM8xbNWjLs1Ddpih2xFQwtp.png Requested by Host: 1337x1.site URL: https://1337x1.site/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3038::6815:e9a0 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash bd78bf1127de32a18532ac00a8dc4d1303bf8a91d279c3c9d3963fef5f2e3e1b Request headers Referer https://1337x1.site/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Tue, 29 Jun 2021 08:33:32 GMT cf-cache-status HIT nel {"report_to":"cf-nel","max_age":604800} age 65867 x-cache-status REVALIDATED cf-ray 666dcf837809c277-FRA alt-svc h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400 content-length 273766 cf-request-id 0af880062e0000c2778aa31000000001 last-modified Mon, 22 Mar 2021 16:02:01 GMT server cloudflare cache-control max-age=14400 etag "9987ad2b57b721e4f9a41636c79c1a19" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Access-Control-Request-Headers,Access-Control-Request-Method,Origin, Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=p67N%2FHzF8z4tvUYmeWD9QItOOaCXOLKb0I9xZtP0stwmfd6%2FN0wLH5bCz8l1J4DMPKCwZPNQaE6BB%2F7lvJw2hf9pcw2WpwBf1XMhWmLYXXKXxnelon32WFpF3fFnPkjVVgzOARZm"}],"group":"cf-nel","max_age":604800} x-amz-request-id tx000000000000010cd0086-0060ce111c-d994179-sfo2a x-rgw-object-type Normal x-do-space cdnspace.net-sfo2 accept-ranges bytes content-type image/png x-hw 1624203247.dop010.ml1.shc,1624203247.dop010.ml1.t,1624203247.cds009.ml1.c expires Tue, 29 Jun 2021 14:15:32 GMT Redirect headers location https://cdnspace.net/cqEh9WM3aZhR7EdfynM8xbNWjLs1Ddpih2xFQwtp.png date Tue, 29 Jun 2021 08:33:32 GMT server dspclick-v3.4.6 content-length 0
GET H2	200	jX738fBE7PeO2UpmSiyngEtNRchCIaqY7mDemHIJ.png cdnspace.net/ Frame 4481 Redirect Chain https://wideliv.com/b2/l/i/icon?eid=10592&n=411bda0357b37530c970026e&nid=1&sid=sjlUSamXp2gQ0AH2gk5jZpxhWWaFqsX4h6hDvoqbo8aE2LNh6KDkNf0nxN9Y18Ox8Ab0kTd5N%2BOX3Mw17q%2Bzd9IAq5BVEEbpt6icN6iAHz7Amk1mE8... https://cdnspace.net/jX738fBE7PeO2UpmSiyngEtNRchCIaqY7mDemHIJ.png	214 KB 215 KB	46ms 26ms	Image image/png	2606:4700:3038::6815:e9a0 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://cdnspace.net/jX738fBE7PeO2UpmSiyngEtNRchCIaqY7mDemHIJ.png Requested by Host: 1337x1.site URL: https://1337x1.site/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3038::6815:e9a0 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash a6458ea02cb1fe4d8841bd4ea44fa353ac87c7f749da19260d99bd77ddbc7953 Request headers Referer https://1337x1.site/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Tue, 29 Jun 2021 08:33:32 GMT cf-cache-status HIT nel {"report_to":"cf-nel","max_age":604800} age 55217 x-cache-status REVALIDATED cf-ray 666dcf837805c277-FRA alt-svc h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400 content-length 219229 cf-request-id 0af880062e0000c277d0997000000001 last-modified Wed, 16 Jun 2021 17:18:17 GMT server cloudflare cache-control max-age=14400 etag "f25d77e3b7dc5d8284f1fe12691f920d" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Access-Control-Request-Headers,Access-Control-Request-Method,Origin, Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=IG2Jkt0t5wcFYC2CwfgCtSSKLlrqIMqlpz14L3kRvDCcPZg8bwjPTyCOr2N4YC1d9NobcpBk90SC8XY0BTNop%2Be%2Bpjyskoqh483jaSv7pLcox9CxzLi%2BMpttBm052%2BPZCwVmHsnH"}],"group":"cf-nel","max_age":604800} x-amz-request-id tx000000000000007e46eb0-0060d74a33-e4ce2a7-sfo2a x-rgw-object-type Normal x-do-space cdnspace.net-sfo2 accept-ranges bytes content-type image/png x-hw 1624805687.dop010.ml1.shc,1624805687.dop010.ml1.t,1624805687.cds026.ml1.c expires Tue, 29 Jun 2021 17:13:15 GMT Redirect headers location https://cdnspace.net/jX738fBE7PeO2UpmSiyngEtNRchCIaqY7mDemHIJ.png date Tue, 29 Jun 2021 08:33:32 GMT server dspclick-v3.4.6 content-length 0
GET H2	200	JG747VJcGT4lrTOCg7UXdLDzwE6MIln78SU0jEk1.png cdnspace.net/ Frame 4481 Redirect Chain https://wideliv.com/b2/l/i/icon?eid=10592&n=ca5719522a913bd9471bea03&nid=1&sid=oZ3lV%2FaDWy%2FvHpDmHnLK8jb4JVRlsrijncxkpz2lJ8kOGNrDaVEKSHFIW1e3kSffosDb76KxObDhFpbdsxxkyYhG6dMjo1ZRJj06gYmyzsBAdJ7gSK... https://cdnspace.net/JG747VJcGT4lrTOCg7UXdLDzwE6MIln78SU0jEk1.png	206 KB 207 KB	45ms 26ms	Image image/png	2606:4700:3038::6815:e9a0 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://cdnspace.net/JG747VJcGT4lrTOCg7UXdLDzwE6MIln78SU0jEk1.png Requested by Host: 1337x1.site URL: https://1337x1.site/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3038::6815:e9a0 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash efdf3fc739b9aac3212aaa242f8c46c06880372fac6c070cb670b9d411f1d65f Request headers Referer https://1337x1.site/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Tue, 29 Jun 2021 08:33:32 GMT cf-cache-status HIT nel {"report_to":"cf-nel","max_age":604800} age 70034 x-cache-status REVALIDATED cf-ray 666dcf837807c277-FRA alt-svc h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400 content-length 210792 cf-request-id 0af880062e0000c277db87f000000001 last-modified Sun, 06 Dec 2020 21:10:25 GMT server cloudflare cache-control max-age=14400 etag "bc3488ad9230acfdbad3f8fbb2dcfcea" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Access-Control-Request-Headers,Access-Control-Request-Method,Origin, Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=%2FTBIGcvzbGJU0ZlRQlBlVhl8ncTPkTvdD1neKibRHXmsfDbdqb5b0AfrbTGQ1swLB0aJVh3h%2FTcgiF5cTiD6FoEAfVsDNkPlrNPDIWxJi5VSh%2Fln2%2Bqo7nSqS3G7T1h1P3qMqJlA"}],"group":"cf-nel","max_age":604800} x-amz-request-id tx0000000000000763628fa-0060c0d873-ba515c1-sfo2a x-rgw-object-type Normal x-do-space cdnspace.net-sfo2 accept-ranges bytes content-type image/png x-hw 1623336062.dop010.ml1.shc,1623336062.dop010.ml1.t,1623336062.cds215.ml1.c expires Tue, 29 Jun 2021 13:04:04 GMT Redirect headers location https://cdnspace.net/JG747VJcGT4lrTOCg7UXdLDzwE6MIln78SU0jEk1.png date Tue, 29 Jun 2021 08:33:32 GMT server dspclick-v3.4.6 content-length 0
GET H2	200	XML8zou80R17SOGE81z0h5Ahl8DiPoM5oshCv09i.png cdnspace.net/ Frame 4481 Redirect Chain https://wideliv.com/b2/l/i/icon?eid=10592&n=41565d0e7212b9bf72e283cd&nid=1&sid=%2Fz9ervzhTiXhY3V2vw8xRzT9%2F96KSd46qvUMIQqPEIZHgGZkacGw9HY6x7o8QRoMnkohoLBniQe0yVe2uqSqcwzFiTgeoO4IYqiD4JSoj7MQxgEJz3... https://cdnspace.net/XML8zou80R17SOGE81z0h5Ahl8DiPoM5oshCv09i.png	197 KB 198 KB	34ms 16ms	Image image/png	2606:4700:3038::6815:e9a0 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://cdnspace.net/XML8zou80R17SOGE81z0h5Ahl8DiPoM5oshCv09i.png Requested by Host: 1337x1.site URL: https://1337x1.site/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3038::6815:e9a0 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash c2f963c4fdfa33c45926f023b8b53aff87ef4fa1fa1a9dcafb5491a57c45f526 Request headers Referer https://1337x1.site/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Tue, 29 Jun 2021 08:33:32 GMT cf-cache-status HIT nel {"report_to":"cf-nel","max_age":604800} age 46021 x-cache-status REVALIDATED cf-ray 666dcf83780ac277-FRA alt-svc h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400 content-length 201265 cf-request-id 0af880062f0000c277b9b6c000000001 last-modified Thu, 18 Jun 2020 17:05:53 GMT server cloudflare cache-control max-age=14400 etag "52348f8377090b1897cf3bd10db2a121" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Access-Control-Request-Headers,Access-Control-Request-Method,Origin, Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=ffo06EzGNjf50WKBFwuCpDYNYt%2Fwgo3TEsxQw5VigjCHVo5DvxpkeHqZKRtYbKPs3lMvmxOwLoQZIe1HiGzr1FeynptebpPTKUQKO4okR%2BRfcSE%2BNOpsx%2FGBrIwHyi9tNN4qEYbj"}],"group":"cf-nel","max_age":604800} x-amz-request-id tx0000000000000023a4e54-0060cf60f9-de69df4-sfo2a x-rgw-object-type Normal x-do-space cdnspace.net-sfo2 accept-ranges bytes content-type image/png x-hw 1624286672.dop029.ml1.shc,1624286672.dop029.ml1.t,1624286672.cds223.ml1.c expires Tue, 29 Jun 2021 19:04:03 GMT Redirect headers location https://cdnspace.net/XML8zou80R17SOGE81z0h5Ahl8DiPoM5oshCv09i.png date Tue, 29 Jun 2021 08:33:32 GMT server dspclick-v3.4.6 content-length 0
GET H2	200	js Show response www.googletagmanager.com/gtag/ Frame C863	90 KB 36 KB	19ms 19ms	Script application/javascript	2a00:1450:4001:82f::2008 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.googletagmanager.com/gtag/js?id=UA-46789381-49 Requested by Host: 1337x1.site URL: https://1337x1.site/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:82f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software Google Tag Manager / Resource Hash 0ffcdd22626107ef30db77fc796388c4e8e80ab6dbe04a54496eefb58eafd973 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains X-Xss-Protection 0 Request headers Referer https://1337x1.site/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Tue, 29 Jun 2021 08:33:53 GMT content-encoding br vary Accept-Encoding cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 36381 x-xss-protection 0 last-modified Tue, 29 Jun 2021 06:00:00 GMT server Google Tag Manager strict-transport-security max-age=31536000; includeSubDomains content-type application/javascript; charset=UTF-8 access-control-allow-origin * cache-control private, max-age=900 access-control-allow-credentials true access-control-allow-headers Cache-Control expires Tue, 29 Jun 2021 08:33:53 GMT
GET H/1.1	200 OK	script.js Show response js.cdnspace.io/1/ Frame C863	40 KB 12 KB	14ms 14ms	Script application/javascript	109.206.162.211 SERVEREL-AS
General Check archive.org Show headers Download Go to Full URL https://js.cdnspace.io/1/script.js?t=20215298 Requested by Host: 1337x1.site URL: https://1337x1.site/ Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 109.206.162.211 , Netherlands, ASN50245 (SERVEREL-AS, NL), Reverse DNS 211.162.serverel.net Software nginx / Resource Hash dd8f9cc6ecbd355849742f6936adc932c0ac40b7e8fca921c55d6101a2189ac2 Request headers Referer https://1337x1.site/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers Date Tue, 29 Jun 2021 08:33:53 GMT Content-Encoding gzip Last-Modified Tue, 15 Jun 2021 08:54:46 GMT Server nginx ETag W/"60c86ad6-a10f" Vary Accept-Encoding Content-Type application/javascript Cache-Control max-age=1800, public Transfer-Encoding chunked Connection keep-alive Expires Tue, 29 Jun 2021 09:03:53 GMT
GET H2	200	sodar Show response pagead2.googlesyndication.com/getconfig/	11 KB 8 KB	18ms 18ms	XHR application/json	2a00:1450:4001:803::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20210624&st=env Requested by Host: pagead2.googlesyndication.com URL: https://pagead2.googlesyndication.com/pagead/js/r20210624/r20190131/show_ads_impl_with_ama_fy2019.js?client=ca-pub-1462624813835532&plah=www.m.langlaybank.com&amaexp=1 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash 7f03dad2b36d49f9176296bd9e28d3d5bbffa32fb1a8a0284fbbc279f65998ce Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://www.m.langlaybank.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers timing-allow-origin * date Tue, 29 Jun 2021 08:33:53 GMT content-encoding gzip x-content-type-options nosniff server cafe p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" access-control-allow-origin * cache-control private cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" content-type application/json; charset=UTF-8 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 8556 x-xss-protection 0
GET H2	200	analytics.js Show response www.google-analytics.com/ Frame C863	48 KB 19 KB	6ms 6ms	Script text/javascript	2a00:1450:4001:830::200e GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.google-analytics.com/analytics.js Requested by Host: www.googletagmanager.com URL: https://www.googletagmanager.com/gtag/js?id=UA-46789381-49 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:830::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software Golfe2 / Resource Hash 73d6a5ea11fb7bf6e6a6ccd44b1635d52c79b0a00623d0387c9dddd4b7c68e89 Security Headers Name Value Strict-Transport-Security max-age=10886400; includeSubDomains; preload X-Content-Type-Options nosniff Request headers Referer https://1337x1.site/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers strict-transport-security max-age=10886400; includeSubDomains; preload content-encoding gzip x-content-type-options nosniff last-modified Wed, 09 Jun 2021 17:36:57 GMT server Golfe2 age 3225 date Tue, 29 Jun 2021 07:40:08 GMT vary Accept-Encoding content-type text/javascript cache-control public, max-age=7200 cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 19661 expires Tue, 29 Jun 2021 09:40:08 GMT
GET H2	200	sodar2.js Show response tpc.googlesyndication.com/sodar/	17 KB 6 KB	14ms 13ms	Script text/javascript	2a00:1450:4001:827::2001 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://tpc.googlesyndication.com/sodar/sodar2.js Requested by Host: pagead2.googlesyndication.com URL: https://pagead2.googlesyndication.com/pagead/js/r20210624/r20190131/show_ads_impl_with_ama_fy2019.js?client=ca-pub-1462624813835532&plah=www.m.langlaybank.com&amaexp=1 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash a5ead9037af4a0e749e217f63b25a25493a7705e17d98f04b336ab1370a353db Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://www.m.langlaybank.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Tue, 29 Jun 2021 08:33:53 GMT content-encoding gzip x-content-type-options nosniff server sffe etag "1624308425655142" vary Accept-Encoding content-type text/javascript cache-control private, max-age=3000 accept-ranges bytes alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 6467 x-xss-protection 0 expires Tue, 29 Jun 2021 08:33:53 GMT
GET H3-29	200	runner.html Show response tpc.googlesyndication.com/sodar/sodar2/224/ Frame 71D6	12 KB 5 KB	14ms 14ms	Document text/html	2a00:1450:4001:827::2001 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://tpc.googlesyndication.com/sodar/sodar2/224/runner.html Requested by Host: tpc.googlesyndication.com URL: https://tpc.googlesyndication.com/sodar/sodar2.js Protocol H3-29 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 4fa0156d693856f79289525c8e4db988a188d55ce0283351c96d811c7ce3e2c3 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers :method GET :authority tpc.googlesyndication.com :scheme https :path /sodar/sodar2/224/runner.html pragma no-cache cache-control no-cache upgrade-insecure-requests 1 user-agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 accept text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9 sec-fetch-site cross-site sec-fetch-mode navigate sec-fetch-dest iframe referer https://www.m.langlaybank.com/ accept-encoding gzip, deflate, br accept-language en-US Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Referer https://www.m.langlaybank.com/ Response headers accept-ranges bytes vary Accept-Encoding content-encoding gzip content-type text/html cross-origin-resource-policy cross-origin content-length 5029 date Tue, 29 Jun 2021 08:10:18 GMT expires Wed, 29 Jun 2022 08:10:18 GMT last-modified Wed, 02 Jun 2021 17:09:45 GMT x-content-type-options nosniff server sffe x-xss-protection 0 cache-control public, max-age=31536000 age 1415 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
GET H2	200	aframe Show response www.google.com/recaptcha/api2/ Frame 92ED	783 B 760 B	31ms 31ms	Document text/html	2a00:1450:4001:80e::2004 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.google.com/recaptcha/api2/aframe Requested by Host: tpc.googlesyndication.com URL: https://tpc.googlesyndication.com/sodar/sodar2.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:80e::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software GSE / Resource Hash 65a9cc42b2b5d6fe83aa63d2b8354e1b3bbe806823a96169f54de89e71f50ee9 Security Headers Name Value Content-Security-Policy script-src 'report-sample' 'nonce-c2Rrj1rQSPQMtNfjKMW/VA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1 X-Content-Type-Options nosniff X-Xss-Protection 1; mode=block Request headers :method GET :authority www.google.com :scheme https :path /recaptcha/api2/aframe pragma no-cache cache-control no-cache upgrade-insecure-requests 1 user-agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 accept text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9 sec-fetch-site cross-site sec-fetch-mode navigate sec-fetch-dest iframe referer https://www.m.langlaybank.com/ accept-encoding gzip, deflate, br accept-language en-US Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Referer https://www.m.langlaybank.com/ Response headers expires Tue, 29 Jun 2021 08:33:53 GMT date Tue, 29 Jun 2021 08:33:53 GMT cache-control private, max-age=300 content-type text/html; charset=utf-8 content-security-policy script-src 'report-sample' 'nonce-c2Rrj1rQSPQMtNfjKMW/VA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1 content-encoding gzip x-content-type-options nosniff x-xss-protection 1; mode=block content-length 512 server GSE alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
GET H3-29	200	DbygjneaO4DVyaaVGwd-ToFDSMFkJodatxAyqShhIKw.js Show response pagead2.googlesyndication.com/bg/ Frame 71D6	14 KB 6 KB	6ms 6ms	Script text/javascript	2a00:1450:4001:803::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://pagead2.googlesyndication.com/bg/DbygjneaO4DVyaaVGwd-ToFDSMFkJodatxAyqShhIKw.js Requested by Host: tpc.googlesyndication.com URL: https://tpc.googlesyndication.com/sodar/sodar2/224/runner.html Protocol H3-29 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 0dbca08e779a3b80d5c9a6951b077e4e814348c16426875ab71032a9286120ac Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://tpc.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Tue, 29 Jun 2021 07:00:16 GMT content-encoding br x-content-type-options nosniff age 5617 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 5767 x-xss-protection 0 last-modified Tue, 22 Jun 2021 16:28:00 GMT server sffe vary Accept-Encoding content-type text/javascript cache-control public, max-age=31536000 accept-ranges bytes expires Wed, 29 Jun 2022 07:00:16 GMT
GET H3-29	204	gen_204 pagead2.googlesyndication.com/pagead/	0 20 B	16ms 15ms	Image image/gif	2a00:1450:4001:803::2002 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=224&t=2&li=gda_r20210624&jk=2647813122345146&bg=!5-Sl5KDNAAYo4NJEKOA7ACkAdvg8WtsysopmNf7StvIHur4LQRVXfTysBulHyxaoeYBCHjD2nrtUEAIAAABvUgAAAAloAQeZAnfH6ULU2WHep8YGk67GT8f_KQ5AO9Pv-penjy5eDgjt3mhH9uUF6UUCBWdb6-iGJsm1lywqmYKxO0AtO5KBlQhPTrYFlEcJSrtsB11fWOlQ2rIiFpAH0_p8J8vAIXPDznRau0p_MNuV1tUKMDroydjd4s7WVmtqcStsUo3BdhLK8lrM4DzzbOREMYLxQe3cpq--uXHdZx73MRYUd3tlIwFJHTetVBFGVAPxEvdQNAf_fOSC1ajDq9C4SPOOtOyRoWkGIi3RdIw8ZQVIO5jg9l2qjrBYCojcj0VXlWtceN5teU29bv1i-IXImLVCwwdfUfp9fD827cT9wEb6NRBgk6NT8x1IAvQvEHYeig5VXNmGFhwiXMF_YUS6d4J_WHWT0oPc4pNGJwef3kb_nlwO4V_47Cq2IeBM06Lxg2tngkjHOF2qyGVt8jzDc-cWZSen6o5ZIYi4Z1QhfB9UFw4XytIOkDPEGv2AIkmJx85li6Wnsolq8hyhNC5GCAKqSVYPFlwHrKObyrO8f8cKc0tpOXtF_8P0fZzrKoL6v8DFGQNNTxD1LZ5aHq0z_5kquhvvvn-cnP7GhP25MFQBE3q01yUkL5sMH5d_iaWPqoLkSZxhUzXY3bBmO4YfWHSeBd7GDOkGsEQe2dm7dQl6820EC4sCWQE3pbwR5Td9eyAZXwWmkHvrEDphKwGO-clENE6BvMp4jPy6iuuodwL8IZPw2aQD7rifTYL3QE_dnWHJYq_Hqst07-2tgHnR21pkzDgnajuufbEMK5v7Uu5pChJcMOqE1EVGEoAmSQfkh1xIMnaSPv5HegcvjPUrZaWwq4X-LtfCb7LnzBzj Protocol H3-29 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://www.m.langlaybank.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers pragma no-cache date Tue, 29 Jun 2021 08:33:53 GMT x-content-type-options nosniff server cafe timing-allow-origin * p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin content-type image/gif alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 0 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	200	w.js Show response jscdn.cloud/ Frame C863	27 KB 27 KB	133ms 133ms	Script text/javascript	109.206.168.5 SERVEREL-AS
General Check archive.org Show headers Download Go to Full URL https://jscdn.cloud/w.js?isr=1&wtoken=18bdbc31-55ab-4f10-b621-9b377aa4165b&u=824613&userid=null&t=2063&sid=1337x1.site&r=0.6059086862100016 Requested by Host: js.cdnspace.io URL: https://js.cdnspace.io/1/script.js?t=20215298 Protocol H2 Security TLS 1.3, , AES_256_GCM Server 109.206.168.5 , Netherlands, ASN50245 (SERVEREL-AS, NL), Reverse DNS 109.206.168.5.serverel.net Software binder-v4.1.10.1 / Resource Hash 72fe6e2ea0876d37447f6228f97ec84255261766d4744507f2384aa6efb54efa Request headers Referer https://1337x1.site/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers access-control-allow-origin * date Tue, 29 Jun 2021 08:33:54 GMT server binder-v4.1.10.1 x-response-code 20200 content-length 27224 access-control-allow-methods GET, POST content-type text/javascript

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain

l

URL

http://l//cdnjs.cloudflare.com/ajax/libs/popper.js/1.16.0/umd/popper.min.js

Domain

tgpsew.com

URL

https://tgpsew.com/ntload?a=1&e=aeyJwaWQiOjEwNTEyMDUsInNpZCI6MTA2NDIxNiwid2lkIjoxNzcyMDYsImQiOiJmdW5ueWZvdG8ueHl6IiwibGkiOjV9&tz=2&if=1