www.do04.work Open in urlscan Pro
142.250.65.243 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://www.do04.work/
Submission: On January 12 via api (January 12th 2024, 9:41:54 pm UTC) from US — Scanned from US

Summary HTTP 40 Redirects Links 24 Behaviour Indicators

Summary

This website contacted 17 IPs in 3 countries across 19 domains to perform 40 HTTP transactions. The main IP is 142.250.65.243, located in United States and belongs to GOOGLE, US. The main domain is www.do04.work.
TLS certificate: Issued by GTS CA 1D4 on December 13th 2023. Valid for: 3 months.

This is the only time www.do04.work was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
3	142.250.65.243 142.250.65.243	15169 (GOOGLE) (GOOGLE)
7	142.250.72.105 142.250.72.105	15169 (GOOGLE) (GOOGLE)
1	142.250.80.40 142.250.80.40	15169 (GOOGLE) (GOOGLE)
4	170.249.194.154 170.249.194.154	63410 (PRIVATESY...) (PRIVATESYSTEMS)
1	104.26.6.214 104.26.6.214	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	142.250.64.65 142.250.64.65	15169 (GOOGLE) (GOOGLE)
2	144.76.38.164 144.76.38.164	24940 (HETZNER-AS) (HETZNER-AS)
2	162.0.208.108 162.0.208.108	22612 (NAMECHEAP...) (NAMECHEAP-NET)
2	199.232.36.84 199.232.36.84	54113 (FASTLY) (FASTLY)
1 7	104.26.11.47 104.26.11.47	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	142.251.40.206 142.251.40.206	15169 (GOOGLE) (GOOGLE)
3	23.56.163.9 23.56.163.9	16625 (AKAMAI-AS) (AKAMAI-AS)
1	142.250.176.202 142.250.176.202	15169 (GOOGLE) (GOOGLE)
1	142.250.65.195 142.250.65.195	15169 (GOOGLE) (GOOGLE)
2	104.243.38.177 104.243.38.177	23470 (RELIABLESITE) (RELIABLESITE)
1	104.21.234.186 104.21.234.186	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	104.16.57.101 104.16.57.101	13335 (CLOUDFLAR...) (CLOUDFLARENET)
40	17

3 142.250.65.243 (United States)

ASN15169 (GOOGLE, US)
PTR: lga25s73-in-f19.1e100.net

www.do04.work	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 142.250.72.105 (United States)

ASN15169 (GOOGLE, US)
PTR: lga34s32-in-f9.1e100.net

www.blogger.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
resources.blogblog.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.80.40 (United States)

ASN15169 (GOOGLE, US)
PTR: lga34s34-in-f8.1e100.net

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 170.249.194.154 (United States)

ASN63410 (PRIVATESYSTEMS, US)
PTR: host.1245inc.com

sharemyads.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
heapsgoodtraffic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.26.6.214 (None, )

ASN13335 (CLOUDFLARENET, US)

www.publish0x.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.64.65 (United States)

ASN15169 (GOOGLE, US)
PTR: lga34s30-in-f1.1e100.net

blogger.googleusercontent.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 144.76.38.164 (Bad Bellingen, Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.164.38.76.144.clients.your-server.de

acceptable.a-ads.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
static.a-ads.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 162.0.208.108 (United States)

ASN22612 (NAMECHEAP-NET, US)
PTR: nc-ph-2974.zerads.com

zerads.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 199.232.36.84 (New York, United States)

ASN54113 (FASTLY, US)

s.pinimg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 104.26.11.47 (None, ) 1 redirects

ASN13335 (CLOUDFLARENET, US)

www.netvisiteurs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.251.40.206 (United States)

ASN15169 (GOOGLE, US)
PTR: lga34s38-in-f14.1e100.net

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 23.56.163.9 (Secaucus, United States)

ASN16625 (AKAMAI-AS, US)
PTR: a23-56-163-9.deploy.static.akamaitechnologies.com

ct.pinterest.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.176.202 (United States)

ASN15169 (GOOGLE, US)
PTR: lga34s37-in-f10.1e100.net

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.65.195 (United States)

ASN15169 (GOOGLE, US)
PTR: lga25s72-in-f3.1e100.net

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 104.243.38.177 (Piscataway, United States)

ASN23470 (RELIABLESITE, US)
PTR: disuanqi.dadongeng.cn

i.ibb.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.21.234.186 (None, )

ASN13335 (CLOUDFLARENET, US)

images.weserv.nl	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.16.57.101 (None, )

ASN13335 (CLOUDFLARENET, US)

static.cloudflareinsights.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
7	netvisiteurs.com 1 redirects www.netvisiteurs.com	12 KB
5	blogger.com www.blogger.com — Cisco Umbrella Rank: 10715	72 KB
3	pinterest.com ct.pinterest.com — Cisco Umbrella Rank: 1083	2 KB
3	sharemyads.com sharemyads.com	2 KB
3	do04.work www.do04.work	53 KB
2	ibb.co i.ibb.co — Cisco Umbrella Rank: 9464	619 KB
2	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 101	307 B
2	pinimg.com s.pinimg.com — Cisco Umbrella Rank: 1174	21 KB
2	zerads.com zerads.com — Cisco Umbrella Rank: 672521	1 KB
2	a-ads.com acceptable.a-ads.com — Cisco Umbrella Rank: 164698 static.a-ads.com — Cisco Umbrella Rank: 36309	193 KB
2	blogblog.com resources.blogblog.com — Cisco Umbrella Rank: 21709	460 B
1	cloudflareinsights.com static.cloudflareinsights.com — Cisco Umbrella Rank: 1429	7 KB
1	weserv.nl images.weserv.nl — Cisco Umbrella Rank: 108024	15 KB
1	gstatic.com fonts.gstatic.com	46 KB
1	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 115	1 KB
1	heapsgoodtraffic.com heapsgoodtraffic.com	80 KB
1	googleusercontent.com blogger.googleusercontent.com — Cisco Umbrella Rank: 10066	17 KB
1	publish0x.com www.publish0x.com	51 KB
1	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 114	92 KB
40	19

	Domain	Requested by
7	www.netvisiteurs.com	1 redirects www.do04.work www.netvisiteurs.com static.cloudflareinsights.com
5	www.blogger.com	www.do04.work www.blogger.com
3	ct.pinterest.com	s.pinimg.com www.do04.work
3	sharemyads.com	www.do04.work sharemyads.com
3	www.do04.work	www.do04.work
2	i.ibb.co	zerads.com
2	www.google-analytics.com	www.googletagmanager.com
2	s.pinimg.com	www.do04.work s.pinimg.com
2	zerads.com	www.do04.work
2	resources.blogblog.com	www.do04.work
1	static.cloudflareinsights.com	www.netvisiteurs.com
1	images.weserv.nl	www.netvisiteurs.com
1	fonts.gstatic.com	fonts.googleapis.com
1	static.a-ads.com	acceptable.a-ads.com
1	fonts.googleapis.com	acceptable.a-ads.com
1	heapsgoodtraffic.com	sharemyads.com
1	acceptable.a-ads.com	www.do04.work
1	blogger.googleusercontent.com	www.do04.work
1	www.publish0x.com	www.do04.work
1	www.googletagmanager.com	www.do04.work
40	20

This site contains links to these domains. Also see Links.

Domain
www.blogger.com
do04work.blogspot.com
zerads.com

Subject Issuer	Validity	Valid
www.do04.work GTS CA 1D4	`2023-12-13` - `2024-03-12`	3 months	crt.sh
*.blogger.com GTS CA 1C3	`2023-12-11` - `2024-03-04`	3 months	crt.sh
*.google-analytics.com GTS CA 1C3	`2023-12-11` - `2024-03-04`	3 months	crt.sh
mail.sharemyads.com R3	`2023-12-05` - `2024-03-04`	3 months	crt.sh
publish0x.com GTS CA 1P5	`2023-11-17` - `2024-02-15`	3 months	crt.sh
*.googleusercontent.com GTS CA 1C3	`2023-12-11` - `2024-03-04`	3 months	crt.sh
*.a-ads.com Sectigo ECC Domain Validation Secure Server CA	`2023-12-27` - `2025-01-26`	a year	crt.sh
*.zerads.com R3	`2023-11-18` - `2024-02-16`	3 months	crt.sh
*.pinterest.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-07-31` - `2024-08-07`	a year	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2023-04-11` - `2024-04-10`	a year	crt.sh
heapsgoodtraffic.com R3	`2023-12-07` - `2024-03-06`	3 months	crt.sh
upload.video.google.com GTS CA 1C3	`2023-12-11` - `2024-03-04`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2023-12-11` - `2024-03-04`	3 months	crt.sh
ibb.co R3	`2023-12-09` - `2024-03-08`	3 months	crt.sh
weserv.nl GTS CA 1P5	`2023-12-13` - `2024-03-12`	3 months	crt.sh

This page contains 8 frames:

Primary Page: https://www.do04.work/
Frame ID: 946EEF9C65344091484CA199954334AE
Requests: 20 HTTP requests in this frame

Frame: https://acceptable.a-ads.com/2287310?size=Adaptive&background_color=transparent&text_color=ffffff&title_color=ffffff&link_color=ffffff
Frame ID: 21FDF82EAFDF682869D65C9416D22671
Requests: 4 HTTP requests in this frame

Frame: https://zerads.com/ad/ad.php?width=300&ref=3714
Frame ID: 97029B40D1B8C6F627B9A8BCC6E56947
Requests: 3 HTTP requests in this frame

Frame: https://zerads.com/ad/pop.php?ref=3714
Frame ID: 7319927D0E3B5D703A6A4A5C681BAAE9
Requests: 1 HTTP requests in this frame

Frame: https://www.netvisiteurs.com/promotion-88485.php
Frame ID: 1AEEC6F75AD201A8742A48D267AC3BA7
Requests: 5 HTTP requests in this frame

Frame: https://sharemyads.com/view/300/fv.php?size=4&ison=1&user=732&vt=0&dref=https://www.do04.work/&scrw=1600&scrh=1200&timestamp=1705095708687
Frame ID: 3EE04FCCF60465E8F3CDB565ED15671B
Requests: 3 HTTP requests in this frame

Frame: https://www.netvisiteurs.com/cdn-cgi/challenge-platform/h/b/scripts/jsd/c8377512/main.js
Frame ID: 5C6934A34C0B06801EF213E1E2F1B075
Requests: 3 HTTP requests in this frame

Frame: https://ct.pinterest.com/ct.html
Frame ID: 9ACB503B0C93BFB33DF70EFDFDFAA66F
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Do Zero For Work

Detected technologies

Cloudflare Browser Insights (Analytics) Expand

Overall confidence: 100%
Detected patterns

static\.cloudflareinsights\.com/beacon(?:\.min)?\.js

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtag/js

Page Statistics

40
Requests

98 %
HTTPS

0 %
IPv6

19
Domains

20
Subdomains

17
IPs

3
Countries

1283 kB
Transfer

1815 kB
Size

21
Cookies

24 Outgoing links

These are links going to different origins than the main page.

URL: https://www.blogger.com/comment.g?blogID=5699412899298250280&postID=8313556091845643168&isPopup=true
Title: No comments:

Search URL Search Domain Scan URL

URL: https://www.blogger.com/email-post.g?blogID=5699412899298250280&postID=8313556091845643168

Search URL Search Domain Scan URL

URL: https://www.blogger.com/share-post.g?blogID=5699412899298250280&postID=8313556091845643168&target=email
Title: Email This

Search URL Search Domain Scan URL

URL: https://www.blogger.com/share-post.g?blogID=5699412899298250280&postID=8313556091845643168&target=blog
Title: BlogThis!

Search URL Search Domain Scan URL

URL: https://www.blogger.com/share-post.g?blogID=5699412899298250280&postID=8313556091845643168&target=twitter
Title: Share to Twitter

Search URL Search Domain Scan URL

URL: https://www.blogger.com/share-post.g?blogID=5699412899298250280&postID=8313556091845643168&target=facebook
Title: Share to Facebook

Search URL Search Domain Scan URL

URL: https://www.blogger.com/share-post.g?blogID=5699412899298250280&postID=8313556091845643168&target=pinterest
Title: Share to Pinterest

Search URL Search Domain Scan URL

URL: https://www.blogger.com/comment.g?blogID=5699412899298250280&postID=2099049333270319966&isPopup=true
Title: No comments:

Search URL Search Domain Scan URL

URL: https://www.blogger.com/email-post.g?blogID=5699412899298250280&postID=2099049333270319966

Search URL Search Domain Scan URL

URL: https://www.blogger.com/share-post.g?blogID=5699412899298250280&postID=2099049333270319966&target=email
Title: Email This

Search URL Search Domain Scan URL

URL: https://www.blogger.com/share-post.g?blogID=5699412899298250280&postID=2099049333270319966&target=blog
Title: BlogThis!

Search URL Search Domain Scan URL

URL: https://www.blogger.com/share-post.g?blogID=5699412899298250280&postID=2099049333270319966&target=twitter
Title: Share to Twitter

Search URL Search Domain Scan URL

URL: https://www.blogger.com/share-post.g?blogID=5699412899298250280&postID=2099049333270319966&target=facebook
Title: Share to Facebook

Search URL Search Domain Scan URL

URL: https://www.blogger.com/share-post.g?blogID=5699412899298250280&postID=2099049333270319966&target=pinterest
Title: Share to Pinterest

Search URL Search Domain Scan URL

URL: https://www.blogger.com/comment.g?blogID=5699412899298250280&postID=8205484254539276112&isPopup=true
Title: No comments:

Search URL Search Domain Scan URL

URL: https://www.blogger.com/email-post.g?blogID=5699412899298250280&postID=8205484254539276112

Search URL Search Domain Scan URL

URL: https://www.blogger.com/share-post.g?blogID=5699412899298250280&postID=8205484254539276112&target=email
Title: Email This

Search URL Search Domain Scan URL

URL: https://www.blogger.com/share-post.g?blogID=5699412899298250280&postID=8205484254539276112&target=blog
Title: BlogThis!

Search URL Search Domain Scan URL

URL: https://www.blogger.com/share-post.g?blogID=5699412899298250280&postID=8205484254539276112&target=twitter
Title: Share to Twitter

Search URL Search Domain Scan URL

URL: https://www.blogger.com/share-post.g?blogID=5699412899298250280&postID=8205484254539276112&target=facebook
Title: Share to Facebook

Search URL Search Domain Scan URL

URL: https://www.blogger.com/share-post.g?blogID=5699412899298250280&postID=8205484254539276112&target=pinterest
Title: Share to Pinterest

Search URL Search Domain Scan URL

URL: http://do04work.blogspot.com/
Title: RESET PAGE

Search URL Search Domain Scan URL

URL: https://zerads.com/index.php?view=site&id=3714
Title: ⇑ Your Ad Here ⇑

Search URL Search Domain Scan URL

URL: https://www.blogger.com/
Title: Blogger

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 33

https://www.netvisiteurs.com/cdn-cgi/challenge-platform/scripts/jsd/main.js HTTP 302
https://www.netvisiteurs.com/cdn-cgi/challenge-platform/h/b/scripts/jsd/c8377512/main.js

40 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request / Show response
www.do04.work/ 52 KB
12 KB 177ms
84ms Document
text/html 142.250.65.243
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.do04.work/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.65.243 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga25s73-in-f19.1e100.net

Software

GSE /

Resource Hash

2bca183212b967c80fb883600b52af9433ac7f037695d259acf75565dbdce370

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

cache-control: private, max-age=0
content-encoding: gzip
content-length: 12233
content-type: text/html; charset=UTF-8
date: Fri, 12 Jan 2024 21:41:48 GMT
etag: W/"760d3744c975c5be3c2e12b26aac565924f91fa29ac63991dffa25dda9021689"
expires: Fri, 12 Jan 2024 21:41:48 GMT
last-modified: Tue, 09 Jan 2024 00:10:33 GMT
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H2 200 3566091532-css_bundle_v2.css
www.blogger.com/static/v1/widgets/ 35 KB
8 KB 78ms
18ms Stylesheet
text/css 142.250.72.105
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.blogger.com/static/v1/widgets/3566091532-css_bundle_v2.css

Requested by

Host: www.do04.work
URL: https://www.do04.work/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.72.105 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga34s32-in-f9.1e100.net

Software

sffe /

Resource Hash

a9ca837900b6ae007386d400f659c233120b8af7d93407fd6475c9180d9e83d2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.do04.work/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Wed, 10 Jan 2024 02:52:39 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 240549
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 7756
x-xss-protection: 0
last-modified: Wed, 03 Jan 2024 20:06:15 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"blogger-tech","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/blogger-tech"}]}
content-type: text/css
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="blogger-tech"
expires: Thu, 09 Jan 2025 02:52:39 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 276 KB
92 KB 100ms
41ms Script
application/javascript 142.250.80.40
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-N79FZ7TNJB

Requested by

Host: www.do04.work
URL: https://www.do04.work/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.80.40 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga34s34-in-f8.1e100.net

Software

Google Tag Manager /

Resource Hash

a69fcf79579b99ba70fdb40770714d90a85402d80eb414f1a3923c6a1dec9f77

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.do04.work/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Fri, 12 Jan 2024 21:41:48 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 93550
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Fri, 12 Jan 2024 21:41:48 GMT

GET
H2 404 script.js
www.do04.work/ 0
0 76ms
69ms Script
text/html 142.250.65.243
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.do04.work/script.js

Requested by

Host: www.do04.work
URL: https://www.do04.work/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.65.243 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga25s73-in-f19.1e100.net

Software

GSE /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.do04.work/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 12 Jan 2024 21:41:48 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: GSE
content-type: text/html; charset=UTF-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-length: 10912
x-xss-protection: 1; mode=block
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 icon18_email.gif
resources.blogblog.com/img/ 164 B
279 B 29ms
25ms Image
image/gif 142.250.72.105
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://resources.blogblog.com/img/icon18_email.gif

Requested by

Host: www.do04.work
URL: https://www.do04.work/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.72.105 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga34s32-in-f9.1e100.net

Software

sffe /

Resource Hash

1258cbe1e2900ec3df11a83a6bb6008d7a833f783a6df80b0d5d45a052ac1466

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.do04.work/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Wed, 10 Jan 2024 09:04:08 GMT
x-content-type-options: nosniff
last-modified: Wed, 03 Jan 2024 20:06:15 GMT
server: sffe
age: 218260
report-to: {"group":"blogger-tech","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/blogger-tech"}]}
content-type: image/gif
cache-control: public, max-age=604800
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 164
x-xss-protection: 0
cross-origin-opener-policy-report-only: same-origin; report-to="blogger-tech"
expires: Wed, 17 Jan 2024 09:04:08 GMT

GET
H2 200 / Show response
sharemyads.com/view/300/ 1 KB
775 B 182ms
43ms Script
text/javascript 170.249.194.154
PRIVATESYSTEMS

General

Check archive.org

Show headers Download Go to

Full URL

https://sharemyads.com/view/300/?uid=732

Requested by

Host: www.do04.work
URL: https://www.do04.work/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

170.249.194.154 , United States, ASN63410 (PRIVATESYSTEMS, US),

Reverse DNS

host.1245inc.com

Software

Apache/2 /

Resource Hash

646e570fa9104f5bb26f9ce1f144f170340a931818a0fe7721408a64f834b53b

Security Headers

Name	Value
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.do04.work/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Fri, 12 Jan 2024 21:41:48 GMT
content-encoding: gzip
server: Apache/2
vary: Accept-Encoding,User-Agent
content-type: text/javascript;charset=UTF-8
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, private, must-revalidate
content-length: 568
x-xss-protection: 1; mode=block
expires: Sat, 26 Jul 1997 05:00:00 GMT

GET
H2 200 code Show response
www.publish0x.com/widget/ 137 KB
51 KB 159ms
79ms Script
application/javascript 104.26.6.214
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.publish0x.com/widget/code

Requested by

Host: www.do04.work
URL: https://www.do04.work/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.26.6.214 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

69d4a225a47b8255158a2472f3a2668b19d8e75abd4e425125f6991fa8b00bed

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.do04.work/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Fri, 12 Jan 2024 21:41:48 GMT
strict-transport-security: max-age=15552000
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding: br
x-xss-protection: 1; mode=block
server: cloudflare
etag: W/"72d5d587fc9374cd2f753fb87d4f96d94dc81bd6"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=OZKIJHETu%2FSnWP%2BXMyHBse8NuC55iCHpUUup7nVfJMTP2P84JWbnbylY%2BZFOz99w4%2B7rPaTixJc0jAkBk3el%2Ffih9zv2VBU90p%2BgvxJI8lFMz9r6VnnSDy5wG3PDHUnUVVBd"}],"group":"cf-nel","max_age":604800}
cache-control: must-revalidate, no-cache, private
x-frame-options: SAMEORIGIN
x-robots-tag: all
access-control-allow-headers: X-Requested-With, Content-Type, X-Token-Auth, Authorization
cf-ray: 844890d178ea19ef-EWR

GET
H2 200 577263412-widgets.js Show response
www.blogger.com/static/v1/widgets/ 161 KB
58 KB 80ms
22ms Script
text/javascript 142.250.72.105
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.blogger.com/static/v1/widgets/577263412-widgets.js

Requested by

Host: www.do04.work
URL: https://www.do04.work/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.72.105 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga34s32-in-f9.1e100.net

Software

sffe /

Resource Hash

9fba97eb8920d6a89bf0576db418a9369a56a94b5d55e8add37d92ad5c9f6c3e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.do04.work/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Wed, 10 Jan 2024 09:09:20 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 217948
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 59320
x-xss-protection: 0
last-modified: Wed, 03 Jan 2024 20:06:15 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"blogger-tech","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/blogger-tech"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="blogger-tech"
expires: Thu, 09 Jan 2025 09:09:20 GMT

GET
H2 200 authorization.css
www.blogger.com/dyn-css/ 1 B
684 B 39ms
38ms Stylesheet
text/css 142.250.72.105
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.blogger.com/dyn-css/authorization.css?targetBlogID=5699412899298250280&zx=51109fca-0d56-4b1e-832a-e46432b3f1e9

Requested by

Host: www.do04.work
URL: https://www.do04.work/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.72.105 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga34s32-in-f9.1e100.net

Software

GSE /

Resource Hash

01ba4719c80b6fe911b091a7c05124b64eeece964e09c058ef8f9805daca546b

Security Headers

Name	Value
Content-Security-Policy	script-src 'self' .google.com .google-analytics.com 'unsafe-inline' 'unsafe-eval' .gstatic.com .googlesyndication.com .blogger.com .googleapis.com uds.googleusercontent.com https://s.ytimg.com https://i18n-cloud.appspot.com https://www.youtube.com www-onepick-opensocial.googleusercontent.com www-bloggervideo-opensocial.googleusercontent.com www-blogger-opensocial.googleusercontent.com https://www.blogblog.com; report-uri /cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.do04.work/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

pragma: no-cache
content-security-policy: script-src 'self' *.google.com *.google-analytics.com 'unsafe-inline' 'unsafe-eval' *.gstatic.com *.googlesyndication.com *.blogger.com *.googleapis.com uds.googleusercontent.com https://s.ytimg.com https://i18n-cloud.appspot.com https://www.youtube.com www-onepick-opensocial.googleusercontent.com www-bloggervideo-opensocial.googleusercontent.com www-blogger-opensocial.googleusercontent.com https://www.blogblog.com; report-uri /cspreport
date: Fri, 12 Jan 2024 21:41:48 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Fri, 12 Jan 2024 21:41:48 GMT
server: GSE
x-frame-options: SAMEORIGIN
p3p: CP="This is not a P3P policy! See https://www.google.com/support/accounts/bin/answer.py?hl=en&answer=151657 for more info."
content-type: text/css; charset=UTF-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 21
x-xss-protection: 1; mode=block
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 AVvXsEiSm371YVsAO8zF-_c91zPjt5ZA8bYlC2vILduX5vHqLGJBFx6lanPXJhCNpWER-b3-qYkAPztL1c4wOJ9vfuGnTxvvsCoAmZyvipvonvTR2VRd6u7KGP0Jgv7hIc1Ju6pEgFoE2ExJqYe616k_s5gy3mKOjnmOyYSZmZnreWzW-AW6BkyD8Ru4xLKN_lxZ=...
blogger.googleusercontent.com/img/a/ 16 KB
17 KB 244ms
176ms Image
image/gif 142.250.64.65
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://blogger.googleusercontent.com/img/a/AVvXsEiSm371YVsAO8zF-_c91zPjt5ZA8bYlC2vILduX5vHqLGJBFx6lanPXJhCNpWER-b3-qYkAPztL1c4wOJ9vfuGnTxvvsCoAmZyvipvonvTR2VRd6u7KGP0Jgv7hIc1Ju6pEgFoE2ExJqYe616k_s5gy3mKOjnmOyYSZmZnreWzW-AW6BkyD8Ru4xLKN_lxZ=s300

Requested by

Host: www.do04.work
URL: https://www.do04.work/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.64.65 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga34s30-in-f1.1e100.net

Software

fife /

Resource Hash

56d2b2d8cbe5ff5040adaf0bb708aa7e617c931b644e53d28de08b9121f8a560

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.do04.work/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Fri, 12 Jan 2024 21:41:48 GMT
x-content-type-options: nosniff
server: fife
etag: "v10"
vary: Origin
content-type: image/gif
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="online.gif"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 16818
x-xss-protection: 0
expires: Sat, 13 Jan 2024 21:41:48 GMT

GET
H2 200 2287310 Show response
acceptable.a-ads.com/ Frame 21FD 25 KB
6 KB 356ms
110ms Document
text/html 144.76.38.164
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://acceptable.a-ads.com/2287310?size=Adaptive&background_color=transparent&text_color=ffffff&title_color=ffffff&link_color=ffffff

Requested by

Host: www.do04.work
URL: https://www.do04.work/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

144.76.38.164 Bad Bellingen, Germany, ASN24940 (HETZNER-AS, DE),

Reverse DNS

static.164.38.76.144.clients.your-server.de

Software

nginx / Phusion Passenger(R)

Resource Hash

90d264e56c08b36849f80f2df5faa908fdecb8a1e862136fccc1874f1e8f6244

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.do04.work/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

content-encoding: gzip
content-type: text/html;charset=utf-8
date: Fri, 12 Jan 2024 21:41:48 GMT
server: nginx
status: 200 OK
vary: Accept-Encoding Accept-Encoding
x-content-type-options: nosniff
x-original-referer: https://www.do04.work/
x-powered-by: Phusion Passenger(R)
x-robots-tag: noindex, nofollow, nosnippet, noarchive
x-xss-protection: 1; mode=block

GET
H/1.1 200
OK ad.php Show response
zerads.com/ad/ Frame 9702 770 B
707 B 427ms
130ms Document
text/html 162.0.208.108
NAMECHEAP-NET

General

Check archive.org

Show headers Download Go to

Full URL: https://zerads.com/ad/ad.php?width=300&ref=3714
Requested by: Host: www.do04.work
URL: https://www.do04.work/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 162.0.208.108 , United States, ASN22612 (NAMECHEAP-NET, US),
Reverse DNS: nc-ph-2974.zerads.com
Software: Apache /
Resource Hash: 83d941f34d9260466e09c843ed9673af4f9d21d494dd8a2e8288f990152788e2

Request headers

Referer: https://www.do04.work/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

Connection: Keep-Alive
Content-Encoding: gzip
Content-Length: 461
Content-Type: text/html; charset=UTF-8
Date: Fri, 12 Jan 2024 21:41:48 GMT
Keep-Alive: timeout=5, max=50
Server: Apache
Vary: Accept-Encoding,User-Agent

GET
H/1.1 200
OK pop.php Show response
zerads.com/ad/ Frame 7319 122 B
380 B 426ms
130ms Document
text/html 162.0.208.108
NAMECHEAP-NET

General

Check archive.org

Show headers Download Go to

Full URL: https://zerads.com/ad/pop.php?ref=3714
Requested by: Host: www.do04.work
URL: https://www.do04.work/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 162.0.208.108 , United States, ASN22612 (NAMECHEAP-NET, US),
Reverse DNS: nc-ph-2974.zerads.com
Software: Apache /
Resource Hash: 6bac0fa84726cb25e7658ae07c85529fc68bba9bd48f90157fde3131b3834adc

Request headers

Referer: https://www.do04.work/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

Connection: Keep-Alive
Content-Encoding: gzip
Content-Length: 134
Content-Type: text/html; charset=UTF-8
Date: Fri, 12 Jan 2024 21:41:48 GMT
Keep-Alive: timeout=5, max=50
Server: Apache
Vary: Accept-Encoding,User-Agent

GET
H2 404 none
www.do04.work/ 41 KB
41 KB 68ms
66ms Image
text/html 142.250.65.243
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.do04.work/none

Requested by

Host: www.do04.work
URL: https://www.do04.work/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.65.243 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga25s73-in-f19.1e100.net

Software

GSE /

Resource Hash

28c9f51362fde1804076a04d1a13be3d3f62e0212d3ee04c562d47317f282cad

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.do04.work/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 12 Jan 2024 21:41:48 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: GSE
content-type: text/html; charset=UTF-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-length: 10910
x-xss-protection: 1; mode=block
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 bg_black_70.png
resources.blogblog.com/blogblog/data/1kt/travel/ 84 B
181 B 20ms
20ms Image
image/png 142.250.72.105
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://resources.blogblog.com/blogblog/data/1kt/travel/bg_black_70.png

Requested by

Host: www.do04.work
URL: https://www.do04.work/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.72.105 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga34s32-in-f9.1e100.net

Software

sffe /

Resource Hash

4f01951293a11116b89b6e19f70cb9b72b2e3a68b2005c75d1d9b8e7b85eb35a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.do04.work/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Wed, 10 Jan 2024 12:06:48 GMT
x-content-type-options: nosniff
last-modified: Wed, 03 Jan 2024 20:06:15 GMT
server: sffe
age: 207300
report-to: {"group":"blogger-tech","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/blogger-tech"}]}
content-type: image/png
cache-control: public, max-age=604800
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 84
x-xss-protection: 0
cross-origin-opener-policy-report-only: same-origin; report-to="blogger-tech"
expires: Wed, 17 Jan 2024 12:06:48 GMT

GET
H2 200 share_buttons_20_3.png
www.blogger.com/img/ 5 KB
5 KB 23ms
23ms Image
image/png 142.250.72.105
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.blogger.com/img/share_buttons_20_3.png

Requested by

Host: www.blogger.com
URL: https://www.blogger.com/static/v1/widgets/3566091532-css_bundle_v2.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.72.105 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga34s32-in-f9.1e100.net

Software

sffe /

Resource Hash

3829a5b2ade7cfc416c80b8f3df71e49e68672875f025d525223978f5cee3fd3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.blogger.com/static/v1/widgets/3566091532-css_bundle_v2.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Tue, 09 Jan 2024 21:49:30 GMT
x-content-type-options: nosniff
last-modified: Wed, 03 Jan 2024 20:06:15 GMT
server: sffe
age: 258738
report-to: {"group":"blogger-tech","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/blogger-tech"}]}
content-type: image/png
cache-control: public, max-age=604800
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 5080
x-xss-protection: 0
cross-origin-opener-policy-report-only: same-origin; report-to="blogger-tech"
expires: Tue, 16 Jan 2024 21:49:30 GMT

GET
H3 200 authorization.css
www.blogger.com/dyn-css/ 1 B
43 B 98ms
97ms Stylesheet
text/css 142.250.72.105
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.blogger.com/dyn-css/authorization.css?targetBlogID=5699412899298250280&zx=51109fca-0d56-4b1e-832a-e46432b3f1e9

Requested by

Host: www.do04.work
URL: https://www.do04.work/

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.72.105 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga34s32-in-f9.1e100.net

Software

GSE /

Resource Hash

01ba4719c80b6fe911b091a7c05124b64eeece964e09c058ef8f9805daca546b

Security Headers

Name	Value
Content-Security-Policy	script-src 'self' .google.com .google-analytics.com 'unsafe-inline' 'unsafe-eval' .gstatic.com .googlesyndication.com .blogger.com .googleapis.com uds.googleusercontent.com https://s.ytimg.com https://i18n-cloud.appspot.com https://www.youtube.com www-onepick-opensocial.googleusercontent.com www-bloggervideo-opensocial.googleusercontent.com www-blogger-opensocial.googleusercontent.com https://www.blogblog.com; report-uri /cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.do04.work/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

pragma: no-cache
content-security-policy: script-src 'self' *.google.com *.google-analytics.com 'unsafe-inline' 'unsafe-eval' *.gstatic.com *.googlesyndication.com *.blogger.com *.googleapis.com uds.googleusercontent.com https://s.ytimg.com https://i18n-cloud.appspot.com https://www.youtube.com www-onepick-opensocial.googleusercontent.com www-bloggervideo-opensocial.googleusercontent.com www-blogger-opensocial.googleusercontent.com https://www.blogblog.com; report-uri /cspreport
date: Fri, 12 Jan 2024 21:41:48 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Fri, 12 Jan 2024 21:41:48 GMT
server: GSE
x-frame-options: SAMEORIGIN
p3p: CP="This is not a P3P policy! See https://www.google.com/support/accounts/bin/answer.py?hl=en&answer=151657 for more info."
content-type: text/css; charset=UTF-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 21
x-xss-protection: 1; mode=block
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 core.js Show response
s.pinimg.com/ct/ 5 KB
2 KB 46ms
8ms Script
application/javascript 199.232.36.84
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://s.pinimg.com/ct/core.js
Requested by: Host: www.do04.work
URL: https://www.do04.work/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 199.232.36.84 New York, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: c6bba8ad5ad5ec6a4fef018600b107f518172053fdf5cb10200cac55ee23f2d1

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.do04.work/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Fri, 12 Jan 2024 21:41:48 GMT
content-encoding: br
x-cdn: fastly
etag: "261eea34e740f104987183dec4bb78b6"
x-amz-server-side-encryption: AES256
access-control-max-age: 86400
access-control-allow-methods: GET
content-type: application/javascript
access-control-allow-origin: *
access-control-expose-headers: X-CDN
vary: Accept-Encoding, Origin
cache-control: max-age=7200
alt-svc: h3=":443";ma=600
content-length: 1836

GET
H2 200 promotion-88485.php Show response
www.netvisiteurs.com/ Frame 1AEE 4 KB
2 KB 376ms
334ms Document
text/html 104.26.11.47
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.netvisiteurs.com/promotion-88485.php

Requested by

Host: www.do04.work
URL: https://www.do04.work/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.26.11.47 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

fb3d580feb8309c93e3f3abc3ce1c8d1bf69b726cda291c85f7bce7016bc7d5b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.do04.work/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 844890d308551869-EWR
content-encoding: br
content-type: text/html; charset=UTF-8
date: Fri, 12 Jan 2024 21:41:48 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
referrer-policy: unsafe-url
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=4kSOXU58g6SLqFTA58mR97Ov9M%2Fc%2Fo1NlGGr%2FyW687Jz0BqXQ7gASDh8JD0H2pz5Y3Z0ZO%2F8VxfEBWiEUJ9edLidrnrWB3EUbYDI9JofoDBb49rWmyAOUVLc8agxJqafjnZqx597"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

POST
H2 204 collect
www.google-analytics.com/g/ 0
253 B 50ms
18ms Ping
text/plain 142.251.40.206
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://www.google-analytics.com/g/collect?v=2&tid=G-N79FZ7TNJB&gtm=45je41a0v9174478216&_p=1705095708383&gcd=11l1l1l1l1&dma=0&cid=2072873798.1705095709&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=1&sid=1705095708&sct=1&seg=0&dl=https%3A%2F%2Fwww.do04.work%2F&dt=Do%20Zero%20For%20Work&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1&tfd=574
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-N79FZ7TNJB
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 142.251.40.206 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: lga34s38-in-f14.1e100.net
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.do04.work/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 12 Jan 2024 21:41:48 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.do04.work
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 fv.php Show response
sharemyads.com/view/300/ Frame 3EE0 2 KB
955 B 52ms
52ms Document
text/html 170.249.194.154
PRIVATESYSTEMS

General

Check archive.org

Show headers Download Go to

Full URL

https://sharemyads.com/view/300/fv.php?size=4&ison=1&user=732&vt=0&dref=https://www.do04.work/&scrw=1600&scrh=1200&timestamp=1705095708687

Requested by

Host: sharemyads.com
URL: https://sharemyads.com/view/300/?uid=732

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

170.249.194.154 , United States, ASN63410 (PRIVATESYSTEMS, US),

Reverse DNS

host.1245inc.com

Software

Apache/2 /

Resource Hash

d4ecca7777aef60bf2ab540e42ca9e77d89568572fc9bb7b1e08ba9dd885724c

Security Headers

Name	Value
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.do04.work/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

cache-control: private, must-revalidate
content-encoding: gzip
content-length: 880
content-type: text/html; charset=UTF-8
date: Fri, 12 Jan 2024 21:41:48 GMT
expires: Sun, 11 Feb 2024 21:41:48 GMT
server: Apache/2
vary: Accept-Encoding,User-Agent
x-xss-protection: 1; mode=block

GET
H2 200 main.43c0095c.js Show response
s.pinimg.com/ct/lib/ 66 KB
19 KB 6ms
5ms Script
application/javascript 199.232.36.84
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://s.pinimg.com/ct/lib/main.43c0095c.js
Requested by: Host: s.pinimg.com
URL: https://s.pinimg.com/ct/core.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 199.232.36.84 New York, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 2eed3688f56478253ff9082b0c34cc0e7fc12371988309e5c80edf3789bde5ae

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.do04.work/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Fri, 12 Jan 2024 21:41:48 GMT
content-encoding: br
x-cdn: fastly
etag: "1f52f76b492e69ca67bc930049f713de"
x-amz-server-side-encryption: AES256
access-control-max-age: 86400
access-control-allow-methods: GET
content-type: application/javascript
access-control-allow-origin: *
access-control-expose-headers: X-CDN
vary: Accept-Encoding, Origin
cache-control: max-age=1209600
alt-svc: h3=":443";ma=600
content-length: 19076

GET
H2 200 / Show response
ct.pinterest.com/user/ 298 B
710 B 191ms
33ms XHR
application/json 23.56.163.9
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://ct.pinterest.com/user/?tid=2614476195358&pd=%7B%22em%22%3A%2224aba99b2defbb47ee981b4200313f61f3ae31541d8717bdac1e463c838939b0%22%7D&cb=1705095708738&dep=2%2CPAGE_LOAD

Requested by

Host: s.pinimg.com
URL: https://s.pinimg.com/ct/lib/main.43c0095c.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.56.163.9 Secaucus, United States, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-56-163-9.deploy.static.akamaitechnologies.com

Software

Resource Hash

8e33955f54ef8025b647a6e685fa689a9256fc5c987f7dc98590310ac3c358e5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000 ; includeSubDomains ; preload

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.do04.work/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Fri, 12 Jan 2024 21:41:48 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000 ; includeSubDomains ; preload
x-cdn: akamai
akamai-grn: 0.6e24c317.1705095708.3100e7be
x-envoy-upstream-service-time: 2
alt-svc: h3=":443"; ma=600
content-length: 173
x-pinterest-rid: 8272958409300124
pin-unauth: dWlkPU0ySmpNRGt4WmpVdE16QmlNaTAwTjJNNUxXSmpOalF0WWpZek5UZ3pNakV6TkdOaw
pragma: no-cache
referrer-policy: origin
vary: Accept-Encoding
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.do04.work
access-control-expose-headers: Epik,Pin-Unauth
cache-control: no-cache,no-store,must-revalidate,max-age=0
access-control-allow-credentials: true
pinterest-version: 9386892386b62585d2cc0c45f8ac8977ddee7bec
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 /
ct.pinterest.com/v3/ 35 B
456 B 193ms
37ms Image
image/gif 23.56.163.9
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ct.pinterest.com/v3/?tid=2614476195358&pd=%7B%22em%22%3A%2224aba99b2defbb47ee981b4200313f61f3ae31541d8717bdac1e463c838939b0%22%7D&event=init&ad=%7B%22loc%22%3A%22https%3A%2F%2Fwww.do04.work%2F%22%2C%22ref%22%3A%22%22%2C%22if%22%3Afalse%2C%22sh%22%3A1200%2C%22sw%22%3A1600%2C%22mh%22%3A%2243c0095c%22%2C%22is_eu%22%3Atrue%2C%22architecture%22%3A%22%22%2C%22bitness%22%3A%22%22%2C%22brands%22%3A%5B%5D%2C%22mobile%22%3Afalse%2C%22model%22%3A%22%22%2C%22platform%22%3A%22%22%2C%22platformVersion%22%3A%22%22%2C%22uaFullVersion%22%3A%22%22%2C%22ecm_enabled%22%3Afalse%7D&cb=1705095708741

Requested by

Host: www.do04.work
URL: https://www.do04.work/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.56.163.9 Secaucus, United States, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-56-163-9.deploy.static.akamaitechnologies.com

Software

Resource Hash

37b17c5135a176a9474521af147d96dfa1fb4ca0f43f00d1400bd1885be3ab9b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000 ; includeSubDomains ; preload

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.do04.work/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 12 Jan 2024 21:41:48 GMT
strict-transport-security: max-age=31536000 ; includeSubDomains ; preload
referrer-policy: origin
x-cdn: akamai
akamai-grn: 0.6e24c317.1705095708.3100e7bf
content-type: image/gif
access-control-allow-origin: *
pinterest-version: 9386892386b62585d2cc0c45f8ac8977ddee7bec
cache-control: no-cache,no-store,must-revalidate,max-age=0
x-envoy-upstream-service-time: 3
content-length: 35
x-pinterest-rid: 1462819963685328
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 heaps-good-traffic-hgt-300x250n.gif
heapsgoodtraffic.com/img/banners/ Frame 3EE0 79 KB
80 KB 311ms
36ms Image
image/gif 170.249.194.154
PRIVATESYSTEMS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://heapsgoodtraffic.com/img/banners/heaps-good-traffic-hgt-300x250n.gif

Requested by

Host: sharemyads.com
URL: https://sharemyads.com/view/300/fv.php?size=4&ison=1&user=732&vt=0&dref=https://www.do04.work/&scrw=1600&scrh=1200&timestamp=1705095708687

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

170.249.194.154 , United States, ASN63410 (PRIVATESYSTEMS, US),

Reverse DNS

host.1245inc.com

Software

Apache/2 /

Resource Hash

69ea0c339ef3b3bdadeef86e91cb8dded557f3b4e0d8b1e6d79639b221077503

Security Headers

Name	Value
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-US,en;q=0.9
Referer: https://sharemyads.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Fri, 12 Jan 2024 21:41:49 GMT
last-modified: Fri, 27 Nov 2020 02:07:46 GMT
server: Apache/2
content-type: image/gif
cache-control: max-age=2592000, public
accept-ranges: bytes
content-length: 80964
x-xss-protection: 1; mode=block
expires: Fri, 19 Jan 2024 21:41:49 GMT

GET
H2 200 icon.ico
sharemyads.com/img/ Frame 3EE0 1 KB
541 B 47ms
46ms Image
image/x-icon 170.249.194.154
PRIVATESYSTEMS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://sharemyads.com/img/icon.ico

Requested by

Host: sharemyads.com
URL: https://sharemyads.com/view/300/fv.php?size=4&ison=1&user=732&vt=0&dref=https://www.do04.work/&scrw=1600&scrh=1200&timestamp=1705095708687

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

170.249.194.154 , United States, ASN63410 (PRIVATESYSTEMS, US),

Reverse DNS

host.1245inc.com

Software

Apache/2 /

Resource Hash

ee991847f3b45fa022ba135496088d51010f35c47fc49da7abdee95679326682

Security Headers

Name	Value
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-US,en;q=0.9
Referer: https://sharemyads.com/view/300/fv.php?size=4&ison=1&user=732&vt=0&dref=https://www.do04.work/&scrw=1600&scrh=1200&timestamp=1705095708687
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Fri, 12 Jan 2024 21:41:48 GMT
content-encoding: gzip
last-modified: Thu, 05 May 2022 12:33:19 GMT
server: Apache/2
vary: Accept-Encoding,User-Agent
content-type: image/x-icon
cache-control: public
accept-ranges: bytes
content-length: 439
x-xss-protection: 1; mode=block
expires: Sat, 11 Jan 2025 21:41:48 GMT

GET
H2 200 css2
fonts.googleapis.com/ Frame 21FD 5 KB
1 KB 70ms
19ms Stylesheet
text/css 142.250.176.202
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Inter:wght@400;600&display=swap

Requested by

Host: acceptable.a-ads.com
URL: https://acceptable.a-ads.com/2287310?size=Adaptive&background_color=transparent&text_color=ffffff&title_color=ffffff&link_color=ffffff

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.176.202 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga34s37-in-f10.1e100.net

Software

ESF /

Resource Hash

df1557b4778eaa3469791fd84066eff1ec3ee82aa8769a58938a8c6ea34a9772

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://acceptable.a-ads.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Fri, 12 Jan 2024 21:41:48 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Fri, 12 Jan 2024 21:26:16 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Fri, 12 Jan 2024 21:41:48 GMT

GET
H2 200 120x60
static.a-ads.com/a-ads-banners/406673/ Frame 21FD 187 KB
187 KB 110ms
98ms Image
image/gif 144.76.38.164
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.a-ads.com/a-ads-banners/406673/120x60?region=eu-central-1
Requested by: Host: acceptable.a-ads.com
URL: https://acceptable.a-ads.com/2287310?size=Adaptive&background_color=transparent&text_color=ffffff&title_color=ffffff&link_color=ffffff
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 144.76.38.164 Bad Bellingen, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.164.38.76.144.clients.your-server.de
Software: nginx /
Resource Hash: e444ff56622801e19d42182557e2e01bb91d342065976e80cab058a3e08d7eea

Request headers

accept-language: en-US,en;q=0.9
Referer: https://acceptable.a-ads.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Fri, 12 Jan 2024 21:41:48 GMT
x-amz-version-id: P7c7DxiHUy0EuwFirXI.pSbSxChu1RlT
last-modified: Thu, 04 Aug 2022 08:12:38 GMT
server: nginx
x-amz-request-id: DF6G7QDKBZHF1N9C
etag: "47a7d5d2cde9de218ab1befc09b4070c"
content-type: image/gif
cache-control: max-age=315360000
x-amz-replication-status: COMPLETED
accept-ranges: bytes
content-length: 191265
x-amz-id-2: 3Wv0mnLTQWY+EMtK/z4z6xp9PcdPO20jPkNhlRtUyDqTIZPMWRsAkzNs4cYHDBce2pdxtSgusDo=
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 UcC73FwrK3iLTeHuS_fvQtMwCp50KnMa1ZL7.woff2
fonts.gstatic.com/s/inter/v13/ Frame 21FD 46 KB
46 KB 34ms
10ms Font
font/woff2 142.250.65.195
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/inter/v13/UcC73FwrK3iLTeHuS_fvQtMwCp50KnMa1ZL7.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Inter:wght@400;600&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.65.195 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga25s72-in-f3.1e100.net

Software

sffe /

Resource Hash

88df0b5a7bc397dbc13a26bb8b3742cc62cd1c9b0dded57da7832416d6f52f42

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://acceptable.a-ads.com
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Wed, 10 Jan 2024 02:41:54 GMT
x-content-type-options: nosniff
age: 241194
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 46704
x-xss-protection: 0
last-modified: Wed, 13 Sep 2023 23:49:07 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 09 Jan 2025 02:41:54 GMT

GET
H2 200 fav.png
i.ibb.co/zbtMxW5/ Frame 9702 657 B
900 B 30ms
4ms Image
image/png 104.243.38.177
RELIABLESITE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.ibb.co/zbtMxW5/fav.png
Requested by: Host: zerads.com
URL: https://zerads.com/ad/ad.php?width=300&ref=3714
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.243.38.177 Piscataway, United States, ASN23470 (RELIABLESITE, US),
Reverse DNS: disuanqi.dadongeng.cn
Software: nginx /
Resource Hash: a4b840e80840dc925b011e8e5dc85ad29af0b3c5d852103b1e578e9c82fa9d31

Request headers

accept-language: en-US,en;q=0.9
Referer: https://zerads.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Fri, 12 Jan 2024 21:41:48 GMT
last-modified: Sat, 08 Jan 2022 17:29:49 GMT
server: nginx
access-control-allow-methods: GET, OPTIONS
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=315360000, public
accept-ranges: bytes
content-length: 657
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 bcgame-1-2.gif
i.ibb.co/q0jqcK3/ Frame 9702 617 KB
618 KB 30ms
5ms Image
image/gif 104.243.38.177
RELIABLESITE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.ibb.co/q0jqcK3/bcgame-1-2.gif
Requested by: Host: zerads.com
URL: https://zerads.com/ad/ad.php?width=300&ref=3714
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.243.38.177 Piscataway, United States, ASN23470 (RELIABLESITE, US),
Reverse DNS: disuanqi.dadongeng.cn
Software: nginx /
Resource Hash: e71177549e3b87df4ad4ec2012156e4837f7bfe4d1c2607480136702a0b02086

Request headers

accept-language: en-US,en;q=0.9
Referer: https://zerads.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Fri, 12 Jan 2024 21:41:48 GMT
last-modified: Tue, 17 Oct 2023 14:03:59 GMT
server: nginx
access-control-allow-methods: GET, OPTIONS
content-type: image/gif
access-control-allow-origin: *
cache-control: max-age=315360000, public
accept-ranges: bytes
content-length: 631678
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 /
images.weserv.nl/ Frame 1AEE 15 KB
15 KB 46ms
13ms Image
image/png 104.21.234.186
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://images.weserv.nl/?url=zupimages.net/up/23/35/2fm7.png

Requested by

Host: www.netvisiteurs.com
URL: https://www.netvisiteurs.com/promotion-88485.php

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.21.234.186 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

7973b83ee7354104b42886f6f6a9191f07acdd209bffd87d72e8b9a783c02e31

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.netvisiteurs.com/promotion-88485.php
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

x-images-api: 5
date: Fri, 12 Jan 2024 21:41:49 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 22058
x-cache-status: MISS
x-upstream-response-length: 19503
cross-origin-resource-policy: cross-origin
content-disposition: inline; filename=image.png
alt-svc: h3=":443"; ma=86400
content-length: 15026
last-modified: Mon, 01 Jan 2024 04:51:55 GMT
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=8e0k13plnUPZMFchlkcklXYkprfx8EsHuRfToT2idc2PcnUZUJF%2B6r4%2F4LhDxgpjDJsG8GVZlJTZhW2Xh%2B9OUy51zkoSivDrdi1RZcxIu4qjdRVdv0XiDptuBd3Plv6q2HR0"}],"group":"cf-nel","max_age":604800}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
link: <https://www.zupimages.net/up/23/35/2fm7.png>; rel="canonical"
cf-ray: 844890d55d004223-EWR
expires: Tue, 31 Dec 2024 04:51:55 GMT

GET
H2 200 rocket-loader.min.js Show response
www.netvisiteurs.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/ Frame 1AEE 12 KB
4 KB 8ms
6ms Script
application/javascript 104.26.11.47
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.netvisiteurs.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js

Requested by

Host: www.netvisiteurs.com
URL: https://www.netvisiteurs.com/promotion-88485.php

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.26.11.47 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ccf00d1923b0131a10e0c6d26f95e5dee6ebf8621a27e83c5a2f68a2e0093142

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.netvisiteurs.com/promotion-88485.php
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Fri, 12 Jan 2024 21:41:48 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Wed, 27 Dec 2023 10:36:07 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"658bfe17-302c"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=itDlqmcBqUzltekHGpWodPpxT9qgpiRcmo2w5VCPLa5BnXaWM9aKf7AAgvJsBTBqxySRQZkqGcBLbjOcEON7cZq7bcJt2C5%2FlQBS3wVINj0cyJD5VzNjBO2ZvQIbQXhQ76Y%2B1iXl"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
x-frame-options: DENY
cache-control: max-age=172800, public
cf-ray: 844890d53b5f1869-EWR
expires: Sun, 14 Jan 2024 21:41:48 GMT

GET
H2 200 v84a3a4012de94ce1a686ba8c167c359c1696973893317 Show response
static.cloudflareinsights.com/beacon.min.js/ Frame 1AEE 20 KB
7 KB 58ms
43ms Script
text/javascript 104.16.57.101
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://static.cloudflareinsights.com/beacon.min.js/v84a3a4012de94ce1a686ba8c167c359c1696973893317
Requested by: Host: www.netvisiteurs.com
URL: https://www.netvisiteurs.com/promotion-88485.php
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.16.57.101 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6153d13804862b0fc1c016cf1129f34cb7c6185f2cf4bf1a3a862eecdab50101

Request headers

Referer: https://www.netvisiteurs.com/promotion-88485.php
Origin: https://www.netvisiteurs.com
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Fri, 12 Jan 2024 21:41:49 GMT
content-encoding: gzip
last-modified: Tue, 10 Oct 2023 21:38:13 GMT
server: cloudflare
etag: W/"2023.10.0"
vary: Accept-Encoding
content-type: text/javascript;charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
cf-ray: 844890d54cab0ca4-EWR

GET
H3

200

main.js Show response
www.netvisiteurs.com/cdn-cgi/challenge-platform/h/b/scripts/jsd/c8377512/ Frame 5C69
Redirect Chain

https://www.netvisiteurs.com/cdn-cgi/challenge-platform/scripts/jsd/main.js
https://www.netvisiteurs.com/cdn-cgi/challenge-platform/h/b/scripts/jsd/c8377512/main.js

7 KB
4 KB

11ms
11ms

Script
application/javascript

104.26.11.47
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.netvisiteurs.com/cdn-cgi/challenge-platform/h/b/scripts/jsd/c8377512/main.js

Requested by

Host: www.do04.work
URL: https://www.do04.work/

Protocol

Server

104.26.11.47 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e70643a722842e572ee20875a08232abb9054fccbe4dac82fe4c3437e3db24f6

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Fri, 12 Jan 2024 21:41:49 GMT
content-encoding: br
x-content-type-options: nosniff
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: accept-encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=S%2FxELhVV86eCPwT8QKAuJfHVFGrdNMngKM7oFsVv2p%2FNVocgw1vPVsPDm0LzdbnzQWpkzRIgSQU05Axh1SnQnDla%2Bz%2FA3PMLEDLwx4WghjTTvoZsSzBtAokNR8S7ODaFtccsKplK"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=UTF-8
cache-control: max-age=14400, public
cf-ray: 844890d5ca6f6a53-EWR
alt-svc: h3=":443"; ma=86400

Redirect headers

date: Fri, 12 Jan 2024 21:41:49 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: accept-encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=NV72qIpmBGLzSTnQhdMYvgirz25E8dm6Fca89TDktGQYsS1Kt%2BA7gcHKby57eiKo5csYfpuJKa8kSUb%2BRVn%2FvTqJ053IeVQLD9t2%2BLT6hjKCPtztUq4TIwxkX88v0aZUaVMUG6Iq"}],"group":"cf-nel","max_age":604800}
location: /cdn-cgi/challenge-platform/h/b/scripts/jsd/c8377512/main.js
access-control-allow-origin: *
cache-control: max-age=300, public
cf-ray: 844890d5aa236a53-EWR
alt-svc: h3=":443"; ma=86400

POST
H3 204 rum Show response
www.netvisiteurs.com/cdn-cgi/ Frame 1AEE 0
144 B 9ms
8ms XHR
text/plain 104.26.11.47
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.netvisiteurs.com/cdn-cgi/rum?

Requested by

Host: static.cloudflareinsights.com
URL: https://static.cloudflareinsights.com/beacon.min.js/v84a3a4012de94ce1a686ba8c167c359c1696973893317

Protocol

Security

QUIC, , AES_128_GCM

Server

104.26.11.47 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Referer: https://www.netvisiteurs.com/promotion-88485.php
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
content-type: application/json

Response headers

date: Fri, 12 Jan 2024 21:41:49 GMT
x-content-type-options: nosniff
server: cloudflare
vary: Origin
access-control-max-age: 86400
access-control-allow-methods: POST,OPTIONS
access-control-allow-origin: https://www.netvisiteurs.com
x-frame-options: DENY
access-control-allow-credentials: true
cf-ray: 844890d5ca6c6a53-EWR

POST
H3 200 844890d308551869 Show response
www.netvisiteurs.com/cdn-cgi/challenge-platform/h/b/jsd/r/ Frame 5C69 0
550 B 31ms
30ms XHR
text/plain 104.26.11.47
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.netvisiteurs.com/cdn-cgi/challenge-platform/h/b/jsd/r/844890d308551869
Requested by: Host: www.netvisiteurs.com
URL: https://www.netvisiteurs.com/cdn-cgi/challenge-platform/scripts/jsd/main.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.26.11.47 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
Content-Type: application/json

Response headers

date: Fri, 12 Jan 2024 21:41:49 GMT
content-encoding: br
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=wbLkHPstMX6KWeCFWRAn106IPzV8X5LKhhFboiG%2FVMnZeRgwqepJmcOSV1fPANxQZyfr3F0iY3TCaKWe%2BE8DNDEe1ZuG6fx1XJLmWRZ1Rccz3hLSqqzzxqFuPus9C%2FB3RCFBwj1%2B"}],"group":"cf-nel","max_age":604800}
content-type: text/plain; charset=UTF-8
cf-ray: 844890d72bb76a53-EWR
alt-svc: h3=":443"; ma=86400

POST
H3 200 844890d308551869 Show response
www.netvisiteurs.com/cdn-cgi/challenge-platform/h/b/jsd/r/ Frame 5C69 0
548 B 19ms
18ms XHR
text/plain 104.26.11.47
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.netvisiteurs.com/cdn-cgi/challenge-platform/h/b/jsd/r/844890d308551869
Requested by: Host: www.netvisiteurs.com
URL: https://www.netvisiteurs.com/cdn-cgi/challenge-platform/scripts/jsd/main.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.26.11.47 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
Content-Type: application/json

Response headers

date: Fri, 12 Jan 2024 21:41:49 GMT
content-encoding: br
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=EVGEaHxTCnb65Y9ujwHAMJV711Ye9QMDF2cRk5%2F5FuzLrLWMup%2F5J5rza9OctRYzWOoj8uYuacEaSpAfTu2y49PbvC9AqME8Kd5FxXdFCOJP130EMw%2ByzALfLeByP5H85pVErXlU"}],"group":"cf-nel","max_age":604800}
content-type: text/plain; charset=UTF-8
cf-ray: 844890d82cab6a53-EWR
alt-svc: h3=":443"; ma=86400

GET
H2 200 ct.html Show response
ct.pinterest.com/ Frame 9ACB 565 B
625 B 64ms
56ms Document
text/html 23.56.163.9
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://ct.pinterest.com/ct.html

Requested by

Host: s.pinimg.com
URL: https://s.pinimg.com/ct/lib/main.43c0095c.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.56.163.9 Secaucus, United States, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-56-163-9.deploy.static.akamaitechnologies.com

Software

Resource Hash

f83b1a3ea61ad62e47fad82de5495a2547e2f12e591ad8108050538c566ae1e3

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000 ; includeSubDomains ; preload

Request headers

Referer: https://www.do04.work/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

akamai-grn: 0.6e24c317.1705095709.3100fc05
cache-control: max-age=86400
content-encoding: gzip
content-length: 323
content-type: text/html; charset=utf-8
date: Fri, 12 Jan 2024 21:41:49 GMT
pinterest-version: 9386892386b62585d2cc0c45f8ac8977ddee7bec
referrer-policy: origin
strict-transport-security: max-age=31536000 ; includeSubDomains ; preload
vary: Accept-Encoding
x-cdn: akamai
x-envoy-upstream-service-time: 1
x-pinterest-rid: 8195412595149607

POST
H2 204 collect
www.google-analytics.com/g/ 0
54 B 26ms
14ms Ping
text/plain 142.251.40.206
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://www.google-analytics.com/g/collect?v=2&tid=G-N79FZ7TNJB&gtm=45je41a0v9174478216&_p=1705095708383&gcd=11l1l1l1l1&dma=0&cid=2072873798.1705095709&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_eu=AEA&_s=2&sid=1705095708&sct=1&seg=0&dl=https%3A%2F%2Fwww.do04.work%2F&dt=Do%20Zero%20For%20Work&en=scroll&epn.percent_scrolled=90&_et=13&tfd=5656
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-N79FZ7TNJB
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 142.251.40.206 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: lga34s38-in-f14.1e100.net
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.do04.work/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 12 Jan 2024 21:41:53 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.do04.work
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Verdicts & Comments Add Verdict or Comment

69 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

21 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.do04.work/	1970-01-21 03:14:15	Name: _ga Value: GA1.1.2072873798.1705095709
.do04.work/	1970-01-21 03:14:15	Name: _ga_N79FZ7TNJB Value: GS1.1.1705095708.1.0.1705095708.0.0.0
.pinterest.com/	1970-01-21 02:23:51	Name: ar_debug Value: 1
.do04.work/	1970-01-21 02:23:51	Name: _pin_unauth Value: dWlkPU0ySmpNRGt4WmpVdE16QmlNaTAwTjJNNUxXSmpOalF0WWpZek5UZ3pNakV6TkdOaw
.netvisiteurs.com/	1970-01-21 02:23:51	Name: cf_clearance Value: .GON73qgp2aS6P6X3BxAuPxGAwvPiFj_y2ewkc0ZNO4-1705095709-0-2-b72cd840.6d65a243.4c52ab49-0.2.1705095709
soocaips.com/	1970-01-21 02:23:51	Name: OAID Value: c5e581e7265f45ab9ec38b050cf9e647
soocaips.com/	1970-01-21 02:23:51	Name: oaidts Value: 1705095710
ak.deephicy.net/	1970-01-21 02:23:51	Name: OAID Value: a066c9f1967346888351e695ac9785ff
ak.deephicy.net/	1970-01-21 02:23:51	Name: oaidts Value: 1705095710
.aliexpress.com/	1969-12-31 23:59:59	Name: acs_usuc_t Value: x_csrf=qos1p5iaydis&acs_rt=feebb0ddc37f453ab900cc0cd34db7cd
.aliexpress.com/	1970-01-21 03:14:15	Name: aeu_cid Value: 1ecbe98a77ac45fe8771e0c7285db7e3-1705095710786-07219-_DmK3J1f
.aliexpress.com/	1970-01-20 19:47:51	Name: xman_t Value: cNMckJob8kVmTi7HtsHvx1vZKjszdHk6hisJsKVsmKZLx2aR7/Dj6P5fnaQ8Pe+f
.aliexpress.com/	1970-01-21 03:14:15	Name: xman_f Value: jlpwTuEYT2OF3VTCDSAiO+9KXy5ycG5LsinsAlt6vjZrVBcbSwp1DbCRV3j3fmLsQng/C2QAg9U1vNYbR+qs8Z9l51pXwPvqmuE9SwPYga3w7tHtef5zHA==
.aliexpress.com/	1970-01-21 03:14:15	Name: af_ss_a Value: 1
my.rtmark.net/	1970-01-21 02:23:51	Name: ID Value: a066c9f1967346888351e695ac9785ff
.aliexpress.com/	1970-01-21 03:14:15	Name: xman_us_f Value: x_locale=de_DE&x_l=0&x_c_chg=1&x_as_i=%7B%22aeuCID%22%3A%221ecbe98a77ac45fe8771e0c7285db7e3-1705095710786-07219-_DmK3J1f%22%2C%22af%22%3A%227174760%22%2C%22affiliateKey%22%3A%22_DmK3J1f%22%2C%22channel%22%3A%22AFFILIATE%22%2C%22cv%22%3A%221%22%2C%22isCookieCache%22%3A%22N%22%2C%22ms%22%3A%221%22%2C%22pid%22%3A%224592921662%22%2C%22tagtime%22%3A1705095710786%7D&acs_rt=feebb0ddc37f453ab900cc0cd34db7cd
.aliexpress.com/	1970-01-21 03:14:15	Name: aep_usuc_f Value: site=deu&c_tp=EUR&region=DE&b_locale=de_DE
.doubleclick.net/	1970-01-20 17:38:16	Name: test_cookie Value: CheckForPermission
.yandex.ru/	1970-01-21 03:14:15	Name: i Value: RpzFaK+RUYSQxJqnNxUdWeBeM5OoVEBSUfCMSZPAetDk2qt+eU0r5CAIhbMceRMwrqGYr9sh5ZL5loaIsB0F/d/jgcA=
.yandex.ru/	1970-01-21 03:14:15	Name: yandexuid Value: 3288747821705095712
.yandex.ru/	1970-01-21 02:23:51	Name: yashr Value: 1328199931705095712

5 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://www.do04.work/script.js Message: Failed to load resource: the server responded with a status of 404 ()
security	error	URL: https://www.do04.work/ Message: Refused to execute script from 'https://www.do04.work/script.js' because its MIME type ('text/html') is not executable, and strict MIME type checking is enabled.
network	error	URL: https://www.do04.work/none Message: Failed to load resource: the server responded with a status of 404 ()
security	warning	URL: https://sharemyads.com/view/300/fv.php?size=4&ison=1&user=732&vt=0&dref=https://www.do04.work/&scrw=1600&scrh=1200&timestamp=1705095708687 Message: Mixed Content: The page at 'https://sharemyads.com/view/300/fv.php?size=4&ison=1&user=732&vt=0&dref=https://www.do04.work/&scrw=1600&scrh=1200&timestamp=1705095708687' was loaded over HTTPS, but requested an insecure element 'http://heapsgoodtraffic.com/img/banners/heaps-good-traffic-hgt-300x250n.gif'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
security	warning	URL: https://sharemyads.com/view/300/fv.php?size=4&ison=1&user=732&vt=0&dref=https://www.do04.work/&scrw=1600&scrh=1200&timestamp=1705095708687(Line 1) Message: Mixed Content: The page at 'https://sharemyads.com/view/300/fv.php?size=4&ison=1&user=732&vt=0&dref=https://www.do04.work/&scrw=1600&scrh=1200&timestamp=1705095708687' was loaded over HTTPS, but requested an insecure element 'http://heapsgoodtraffic.com/img/banners/heaps-good-traffic-hgt-300x250n.gif'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

acceptable.a-ads.com
blogger.googleusercontent.com
ct.pinterest.com
fonts.googleapis.com
fonts.gstatic.com
heapsgoodtraffic.com
i.ibb.co
images.weserv.nl
resources.blogblog.com
s.pinimg.com
sharemyads.com
static.a-ads.com
static.cloudflareinsights.com
www.blogger.com
www.do04.work
www.google-analytics.com
www.googletagmanager.com
www.netvisiteurs.com
www.publish0x.com
zerads.com
104.16.57.101
104.21.234.186
104.243.38.177
104.26.11.47
104.26.6.214
142.250.176.202
142.250.64.65
142.250.65.195
142.250.65.243
142.250.72.105
142.250.80.40
142.251.40.206
144.76.38.164
162.0.208.108
170.249.194.154
199.232.36.84
23.56.163.9
01ba4719c80b6fe911b091a7c05124b64eeece964e09c058ef8f9805daca546b
1258cbe1e2900ec3df11a83a6bb6008d7a833f783a6df80b0d5d45a052ac1466
28c9f51362fde1804076a04d1a13be3d3f62e0212d3ee04c562d47317f282cad
2bca183212b967c80fb883600b52af9433ac7f037695d259acf75565dbdce370
2eed3688f56478253ff9082b0c34cc0e7fc12371988309e5c80edf3789bde5ae
37b17c5135a176a9474521af147d96dfa1fb4ca0f43f00d1400bd1885be3ab9b
3829a5b2ade7cfc416c80b8f3df71e49e68672875f025d525223978f5cee3fd3
4f01951293a11116b89b6e19f70cb9b72b2e3a68b2005c75d1d9b8e7b85eb35a
56d2b2d8cbe5ff5040adaf0bb708aa7e617c931b644e53d28de08b9121f8a560
6153d13804862b0fc1c016cf1129f34cb7c6185f2cf4bf1a3a862eecdab50101
646e570fa9104f5bb26f9ce1f144f170340a931818a0fe7721408a64f834b53b
69d4a225a47b8255158a2472f3a2668b19d8e75abd4e425125f6991fa8b00bed
69ea0c339ef3b3bdadeef86e91cb8dded557f3b4e0d8b1e6d79639b221077503
6bac0fa84726cb25e7658ae07c85529fc68bba9bd48f90157fde3131b3834adc
7973b83ee7354104b42886f6f6a9191f07acdd209bffd87d72e8b9a783c02e31
83d941f34d9260466e09c843ed9673af4f9d21d494dd8a2e8288f990152788e2
88df0b5a7bc397dbc13a26bb8b3742cc62cd1c9b0dded57da7832416d6f52f42
8e33955f54ef8025b647a6e685fa689a9256fc5c987f7dc98590310ac3c358e5
90d264e56c08b36849f80f2df5faa908fdecb8a1e862136fccc1874f1e8f6244
9fba97eb8920d6a89bf0576db418a9369a56a94b5d55e8add37d92ad5c9f6c3e
a4b840e80840dc925b011e8e5dc85ad29af0b3c5d852103b1e578e9c82fa9d31
a69fcf79579b99ba70fdb40770714d90a85402d80eb414f1a3923c6a1dec9f77
a9ca837900b6ae007386d400f659c233120b8af7d93407fd6475c9180d9e83d2
c6bba8ad5ad5ec6a4fef018600b107f518172053fdf5cb10200cac55ee23f2d1
ccf00d1923b0131a10e0c6d26f95e5dee6ebf8621a27e83c5a2f68a2e0093142
d4ecca7777aef60bf2ab540e42ca9e77d89568572fc9bb7b1e08ba9dd885724c
df1557b4778eaa3469791fd84066eff1ec3ee82aa8769a58938a8c6ea34a9772
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e444ff56622801e19d42182557e2e01bb91d342065976e80cab058a3e08d7eea
e70643a722842e572ee20875a08232abb9054fccbe4dac82fe4c3437e3db24f6
e71177549e3b87df4ad4ec2012156e4837f7bfe4d1c2607480136702a0b02086
ee991847f3b45fa022ba135496088d51010f35c47fc49da7abdee95679326682
f83b1a3ea61ad62e47fad82de5495a2547e2f12e591ad8108050538c566ae1e3
fb3d580feb8309c93e3f3abc3ce1c8d1bf69b726cda291c85f7bce7016bc7d5b

www.do04.work Open in urlscan Pro 142.250.65.243 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

40 Requests

98 %HTTPS

0 %IPv6

19 Domains

20 Subdomains

17 IPs

3 Countries

1283 kBTransfer

1815 kBSize

21 Cookies

24 Outgoing links

Redirected requests

40 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

www.do04.work Open in urlscan Pro
142.250.65.243 Public Scan

Screenshot
Live screenshot

Full Image

40
Requests

98 %
HTTPS

0 %
IPv6

19
Domains

20
Subdomains

17
IPs

3
Countries

1283 kB
Transfer

1815 kB
Size

21
Cookies

40 HTTP transactions
0 data transactions