foreverquote.xyz Open in urlscan Pro
172.67.131.148  Public Scan

1 Outgoing links

These are links going to different origins than the main page.

Search URL Search Domain Scan URL

---

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 39

• https://pixel.onaudience.com/?partner=137085098&mapped=10401734604833676B54DE45DBF9C2B4 HTTP 302
• https://pixel.onaudience.com/?partner=109&icm&cver&gdpr=0&smartmap=1&redirect=tags.bluekai.com%2Fsite%2F33141%3F%26id%3D%25m HTTP 302
• https://tags.bluekai.com/site/33141?&id=f182ea8b2fd78724

Request Chain 41

• https://pixel.onaudience.com/?partner=137085098&mapped=1040173460483396DA0F031CB372D2F1 HTTP 302
• https://loada.exelator.com/load/?p=1164&g=1&j=r&gdpr=0&ru=https%3A%2F%2Fpixel.onaudience.com%2F%3Fpartner%3D161%26icm%26cver%26mapped%3D%25%25UID%25%25%26gdpr%3D0

Request Chain 48

• https://ps.eyeota.net/pixel?pid=c9gd671&t=gif&uid=E0jMu2dj%2BCLUsQkRQAM8tQ%3D%3D&us_privacy=&33random=1734604834906.1&cat=33across HTTP 302
• https://ps.eyeota.net/pixel/bounce/?pid=c9gd671&t=gif&uid=E0jMu2dj%2BCLUsQkRQAM8tQ%3D%3D&us_privacy=&33random=1734604834906.1&cat=33across HTTP 302
• https://cm.g.doubleclick.net/pixel?google_nid=eye&google_cm&google_sc&google_hm=MlVFRFZrTkxBcmJJVlViVEhkTWtCaG1JaVVWSUtnWmFIdVFfcTRQWDhJdWM&gdpr=0&gdpr_consent=&uid=1&bid=gdo9o51&newuser=1&dc_rc=1&dc_mr=1&dc_orig=c9gd671&&referrer_pid=c9gd671 HTTP 302
• https://cm.g.doubleclick.net/pixel?google_nid=eye&google_cm=&google_sc=&google_hm=MlVFRFZrTkxBcmJJVlViVEhkTWtCaG1JaVVWSUtnWmFIdVFfcTRQWDhJdWM&gdpr=0&gdpr_consent=&uid=1&bid=gdo9o51&newuser=1&dc_rc=1&dc_mr=1&dc_orig=c9gd671&referrer_pid=c9gd671&google_tc= HTTP 302
• https://ps.eyeota.net/match?gdpr=0&gdpr_consent=&uid=1&bid=gdo9o51&newuser=1&dc_rc=1&dc_mr=1&dc_orig=c9gd671&referrer_pid=c9gd671&google_gid=CAESEARHR41vAjv4tDx2-QmDFv0&google_cver=1

Request Chain 49

• https://ps.eyeota.net/pixel?pid=c9gd671&t=gif&uid=E0jMu2dj%2BCLUsQkRQAM8tQ%3D%3D&us_privacy=&33random=1734604834906.2&cat=33across HTTP 302
• https://ps.eyeota.net/pixel/bounce/?pid=c9gd671&t=gif&uid=E0jMu2dj%2BCLUsQkRQAM8tQ%3D%3D&us_privacy=&33random=1734604834906.2&cat=33across HTTP 302
• https://cm.g.doubleclick.net/pixel?google_nid=eye&google_cm&google_sc&google_hm=MlVJUks0MnEzbDBRWEFqakRvNURHZ2JocU50emVyQ3VRNnVRbVFOVGN2MDQ&gdpr=0&gdpr_consent=&uid=1&bid=gdo9o51&newuser=1&dc_rc=1&dc_mr=1&dc_orig=c9gd671&&referrer_pid=c9gd671 HTTP 302
• https://cm.g.doubleclick.net/pixel?google_nid=eye&google_cm=&google_sc=&google_hm=MlVJUks0MnEzbDBRWEFqakRvNURHZ2JocU50emVyQ3VRNnVRbVFOVGN2MDQ&gdpr=0&gdpr_consent=&uid=1&bid=gdo9o51&newuser=1&dc_rc=1&dc_mr=1&dc_orig=c9gd671&referrer_pid=c9gd671&google_tc= HTTP 302
• https://ps.eyeota.net/match?gdpr=0&gdpr_consent=&uid=1&bid=gdo9o51&newuser=1&dc_rc=1&dc_mr=1&dc_orig=c9gd671&referrer_pid=c9gd671&google_gid=CAESEMH59KVo54wwDo-r295JxcM&google_cver=1

57 HTTP transactions Everything HTML Script AJAX CSS Image Expand all
0 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H3	200	Primary Request dec38.php Show response foreverquote.xyz/dec/	34 KB 15 KB	1259ms 1145ms	Document text/html	172.67.131.148 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://foreverquote.xyz/dec/dec38.php Protocol H3 Security QUIC, , AES_128_GCM Server 172.67.131.148 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash bdc88058f6c5e6ecbe118b69073e879f0d8c5dae49c30e80c0222889f2bfe92e Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36 Response headers alt-svc h3=":443"; ma=86400 cf-cache-status DYNAMIC cf-ray 8f46c65debb68643-PER content-encoding zstd content-type text/html; charset=UTF-8 date Thu, 19 Dec 2024 10:40:31 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} priority u=0,i report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=KqO1BfR07VsFZNWra108d0qCsTQt4Zj%2BjqJJ8c9TQOsNvfMIvxvuV4bsPCbmvwNlY%2FMVrQ7ayerngKieIv%2BADVyKcCRbvYTGSQN1c%2FhfaciZ%2F4GxN9fjByupzovh4dWySatT"}],"group":"cf-nel","max_age":604800} server cloudflare server-timing cfL4;desc="?proto=QUIC&rtt=49059&min_rtt=47866&rtt_var=8648&sent=12&recv=10&lost=0&retrans=0&sent_bytes=4178&recv_bytes=4496&delivery_rate=369&cwnd=12000&unsent_bytes=0&cid=f0bdf95663f9795e&ts=1149&x=1" cfExtPri cfHdrFlush;dur=0 vary Accept-Encoding
GET H3	200	aclib.js Show response acscdn.com/script/	131 KB 44 KB	221ms 65ms	Script text/javascript	172.67.165.20 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://acscdn.com/script/aclib.js Requested by Host: foreverquote.xyz URL: https://foreverquote.xyz/dec/dec38.php Protocol H3 Security QUIC, , AES_128_GCM Server 172.67.165.20 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 1f435488d45b53058e71d6f4078fbc241c922e8adc35d521593da67830fbb005 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36 Referer https://foreverquote.xyz/ Response headers x-goog-metageneration 2 access-control-expose-headers Content-Length, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace x-goog-hash crc32c=u3ryWg==, md5=1PuVBTh3me3kNVH28DnSPg== cf-cache-status HIT etag W/"d4fb9505387799ede43551f6f039d23e" age 2060 content-encoding zstd report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=HZtB4mEvOMKmEfuO%2FVkut06hPgpAkpo7t4dTzYNIkz4KNCvvTYHpSbtVEDLyoeKPx%2Bgr8eKrB3e5syYay6tszVIfVkfQhWNyw7FQuAPGn%2FbTjvragK6vXWKF6O7u"}],"group":"cf-nel","max_age":604800} x-goog-stored-content-encoding identity expires Thu, 19 Dec 2024 10:21:14 GMT alt-svc h3=":443"; ma=86400 x-goog-stored-content-length 134520 server-timing cfL4;desc="?proto=QUIC&rtt=51886&min_rtt=51841&rtt_var=19472&sent=11&recv=8&lost=0&retrans=0&sent_bytes=4170&recv_bytes=4308&delivery_rate=63112&cwnd=12000&unsent_bytes=0&cid=ab49032768a32082&ts=164&x=1", cfExtPri, cfHdrFlush;dur=0 date Thu, 19 Dec 2024 10:40:31 GMT content-type text/javascript last-modified Tue, 03 Dec 2024 14:39:11 GMT vary Accept-Encoding priority u=1,i=?0 x-guploader-uploadid AFiumC6r2pcDI9WBBTTlcZcGW8cBle51yEtVCLiTXXP6-J9A5-yfPwumMpUkT8YMZkVKtej1XIuw5N4 cache-control public, max-age=3600 nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} x-goog-storage-class MULTI_REGIONAL cf-ray 8f46c6665dfa87b8-PER access-control-allow-origin * x-goog-generation 1733236751689553 server cloudflare
GET H3	200	ut.js Show response acscdn.com/script/	65 KB 25 KB	61ms 60ms	Script text/javascript	172.67.165.20 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://acscdn.com/script/ut.js?cb=1734604831900 Requested by Host: acscdn.com URL: https://acscdn.com/script/aclib.js Protocol H3 Security QUIC, , AES_128_GCM Server 172.67.165.20 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash a4beaec54247a9a3cb97821ecdb68d39cacdcdcc62ae872c13c2cca2d3d88e32 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36 Referer https://foreverquote.xyz/ Response headers x-goog-metageneration 2 access-control-expose-headers Content-Length, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace x-goog-hash crc32c=VBET1w==, md5=SvoqyZ+XMx3JgmPUkCKpWA== cf-cache-status HIT etag W/"4afa2ac99f97331dc98263d49022a958" age 2275 content-encoding zstd report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=2Awf87yNRNp%2FICg5lzidlxdrbOvnsJr54Asbq0U4BOVo7wzeUIgVFswTtMYgPT5qbybV3W978j6j3%2Bjah8aydPZ06zinqnnFJrpBdooOUZzcF0Zyzagv4WGJ%2FpDm"}],"group":"cf-nel","max_age":604800} x-goog-stored-content-encoding identity expires Thu, 19 Dec 2024 10:39:28 GMT alt-svc h3=":443"; ma=86400 x-goog-stored-content-length 66473 server-timing cfL4;desc="?proto=QUIC&rtt=54302&min_rtt=47239&rtt_var=8322&sent=53&recv=32&lost=0&retrans=0&sent_bytes=50105&recv_bytes=5581&delivery_rate=210889&cwnd=27300&unsent_bytes=0&cid=ab49032768a32082&ts=344&x=1", cfExtPri, cfHdrFlush;dur=0 date Thu, 19 Dec 2024 10:40:31 GMT content-type text/javascript last-modified Mon, 02 Dec 2024 08:21:47 GMT vary Accept-Encoding priority u=3,i=?0 x-guploader-uploadid AFiumC4Ht88LPMpJIuPi04_LxbsQdsyN2K5LpZrUetnGQI3DeA1NYNN7ltTitXOpEAx_N4tYQo2Khkk cache-control public, max-age=3600 nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} x-goog-storage-class MULTI_REGIONAL cf-ray 8f46c6678f0c87b8-PER access-control-allow-origin * x-goog-generation 1733127707295818 server cloudflare
GET H3	200	suv5.js Show response acscdn.com/script/	94 KB 34 KB	61ms 60ms	Script text/javascript	172.67.165.20 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://acscdn.com/script/suv5.js Requested by Host: acscdn.com URL: https://acscdn.com/script/aclib.js Protocol H3 Security QUIC, , AES_128_GCM Server 172.67.165.20 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 0a4d2783b78bdf662e363de22187f5a5a8a8eb9c77cac7b159bf7ba9adec15e7 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36 Referer https://foreverquote.xyz/ Response headers x-goog-metageneration 2 x-goog-hash crc32c=Qldx6Q==, md5=XQ7dYpjD2B1FC1uKXb9dSg== cf-cache-status HIT etag W/"5d0edd6298c3d81d450b5b8a5dbf5d4a" age 2236 content-encoding zstd report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=vxqKkwcB0Flyd%2BUr9poHhduxY6%2FnXoY8lXXbKQFwXd20Jom0clkMMgd7bmihEgAwOIvDqTFDRt2HXUq55z3wzf6d%2BlfT%2B47rrZDmDpbBiX5icD3XSWUk1Mo4e%2FN9"}],"group":"cf-nel","max_age":604800} x-goog-stored-content-encoding identity expires Thu, 19 Dec 2024 11:02:00 GMT alt-svc h3=":443"; ma=86400 x-goog-stored-content-length 96192 server-timing cfL4;desc="?proto=QUIC&rtt=54302&min_rtt=47239&rtt_var=8322&sent=76&recv=33&lost=0&retrans=0&sent_bytes=76145&recv_bytes=5843&delivery_rate=210889&cwnd=27300&unsent_bytes=0&cid=ab49032768a32082&ts=367&x=1", cfExtPri, cfHdrFlush;dur=0 date Thu, 19 Dec 2024 10:40:31 GMT content-type text/javascript last-modified Tue, 03 Dec 2024 14:46:43 GMT vary Accept-Encoding priority u=3,i=?0 x-guploader-uploadid AFiumC4UekPI5K8lVJKC38_7Z14G2xPnQBKFw6bAkBvCuURzxa4QX_C_NxEdoG5Nv2TA6hL45rErz9Y cache-control public, max-age=3600 nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} x-goog-storage-class MULTI_REGIONAL cf-ray 8f46c667af3587b8-PER access-control-allow-origin * x-goog-generation 1733237203493345 server cloudflare
GET H2	200	js15_as.js Show response s10.histats.com/	11 KB 5 KB	185ms 72ms	Script text/javascript	2606:4700:10::6814:345 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://s10.histats.com/js15_as.js Requested by Host: foreverquote.xyz URL: https://foreverquote.xyz/dec/dec38.php Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:10::6814:345 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 2defe59e357a7d0683c8283ac42841db404a0884cae2eaecebf4b676e559dede Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36 Referer https://foreverquote.xyz/ Response headers cache-control max-age=28800 content-encoding gzip cf-cache-status HIT etag "-375139978" age 3389 cf-ray 8f46c6685d4a8acd-PER accept-ranges bytes content-length 4547 date Thu, 19 Dec 2024 10:40:32 GMT content-type text/javascript last-modified Thu, 16 Apr 2020 10:44:16 GMT vary Accept-Encoding server cloudflare
GET H3	200	38.php Show response foreverquote.xyz/wp1/ Frame C86B	8 KB 3 KB	337ms 336ms	Document text/html	172.67.131.148 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://foreverquote.xyz/wp1/38.php Requested by Host: foreverquote.xyz URL: https://foreverquote.xyz/dec/dec38.php Protocol H3 Security QUIC, , AES_128_GCM Server 172.67.131.148 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 19608f86b9d614eeba0b5813a822fc05878e602bfa2e16fe64a178de265a5cab Request headers Referer https://foreverquote.xyz/dec/dec38.php Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36 Response headers alt-svc h3=":443"; ma=86400 cf-cache-status DYNAMIC cf-ray 8f46c6686f338643-PER content-encoding zstd content-type text/html; charset=UTF-8 date Thu, 19 Dec 2024 10:40:32 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} priority u=0,i report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=g3CSECv9f1qxED6Sa2O8tavB%2Fv%2FvBvTWqTpkHP%2F1T9IAvYnIkcnbbmOzmZnDJXP9jI1IPqC1xeXi4W%2FPz2xHWrgFBzkkUI5BR5zxf7Ofb0cd4wuBGGEJPI%2FOqZRRZol7mRJl"}],"group":"cf-nel","max_age":604800} server cloudflare server-timing cfL4;desc="?proto=QUIC&rtt=49575&min_rtt=47295&rtt_var=2963&sent=26&recv=18&lost=0&retrans=0&sent_bytes=19698&recv_bytes=5209&delivery_rate=73918&cwnd=24000&unsent_bytes=0&cid=f0bdf95663f9795e&ts=2019&x=1" cfExtPri cfHdrFlush;dur=0 vary Accept-Encoding
GET H3	200	suurl5.php Show response youradexchange.com/script/	873 B 1 KB	484ms 341ms	Fetch application/json	172.67.177.214 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://youradexchange.com/script/suurl5.php?r=9055278&chmob=%3F0&cbur=0.4852253770103996&cbiframe=0&cbWidth=1600&cbHeight=1200&cbtitle=&cbpage=https%3A%2F%2Fforeverquote.xyz%2Fdec%2Fdec38.php&cbref=&cbdescription=&cbkeywords=&cbcdn=acscdn.com&ufp=Linux%20x86_64%2FMozilla%2FNetscape%2Ftrue%2Ffalse%2FGoogle%20Inc.1600x1200-480en-AU81624%20bits&ts=1734604832064&srs=b216b457dcf4134f12a881a9d8626f7d&atv=57.0 Requested by Host: acscdn.com URL: https://acscdn.com/script/suv5.js Protocol H3 Security QUIC, , AES_128_GCM Server 172.67.177.214 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 754d61fda9ed96b40d464eb82388c3a065b33091ca2a5c381fcbf7a92f132dd9 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36 Referer https://foreverquote.xyz/ Response headers content-encoding gzip cf-cache-status DYNAMIC report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=kWFOSSWukne6daopJVR84NmHr6njWn%2B7oGSJHYWGDsrBJ85lDs9septa2cuHfPiFavgml9YfnyvuGUat0AOe3vyNm%2FSfIQ6eM%2B%2FJdrQl0xd7QmhT5CrZ47bWE8Vv4Sf5WwefZ3I%3D"}],"group":"cf-nel","max_age":604800} access-control-allow-methods GET, POST, OPTIONS alt-svc h3=":443"; ma=86400 server-timing cfL4;desc="?proto=QUIC&rtt=48490&min_rtt=47188&rtt_var=9092&sent=13&recv=11&lost=0&retrans=0&sent_bytes=4207&recv_bytes=5269&delivery_rate=381&cwnd=12000&unsent_bytes=0&cid=c0ca7b39a0cf79ee&ts=346&x=1", cfExtPri, cfHdrFlush;dur=0 date Thu, 19 Dec 2024 10:40:32 GMT content-type application/json; charset=utf-8 vary accept-encoding priority u=1,i access-control-allow-headers Content-Type nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} via 1.1 google cf-ray 8f46c6697b8a8653-PER access-control-allow-origin * server cloudflare
GET H/1.1	200 OK	0.php Show response s4.histats.com/stats/	381 B 516 B	897ms 297ms	Script text/html	149.56.240.128 OVH OVH SAS
General Check archive.org Show headers Download Go to Full URL https://s4.histats.com/stats/0.php?4826273&@f16&@g1&@h1&@i1&@j1734604832111&@k0&@l1&@m&@n0&@o1000&@q0&@r0&@s0&@ten-AU&@u1600&@b1:-152170706&@b3:1734604832&@b4:js15_as.js&@b5:480&@a-_0.2.1&@vhttps%3A%2F%2Fforeverquote.xyz%2Fdec%2Fdec38.php&@w Requested by Host: s10.histats.com URL: https://s10.histats.com/js15_as.js Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 149.56.240.128 Montreal, Canada, ASN16276 (OVH OVH SAS, FR), Reverse DNS ns534296.ip-149-56-240.net Software / Resource Hash 88137d1928977727e8df9ceb495e8134c405eec56407161a250e4bb9db611080 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36 Referer https://foreverquote.xyz/ Response headers Content-Length 381 Date Thu, 19 Dec 2024 10:40:32 GMT Content-Type text/html;charset=UTF-8 Connection close
POST H3	204	hb.php pubtrky.com/ut/	0 645 B	373ms 309ms	Ping text/plain	172.67.188.110 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://pubtrky.com/ut/hb.php?cb=0.21494903983291014&v=1 Requested by Host: acscdn.com URL: https://acscdn.com/script/ut.js?cb=1734604831900 Protocol H3 Security QUIC, , AES_128_GCM Server 172.67.188.110 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36 Content-Type text/plain; charset=utf-8 Referer https://foreverquote.xyz/ Response headers nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} cf-cache-status DYNAMIC report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=pb0QSb6vNZ8l3ZOiB%2B1%2B41P1Kl1OQCuRlG7EuRuk5uWZJPR0r7%2FsqiEinhyJF2h0FLdQ5B%2BKmp9p%2B0U4ASqPN%2BYQe8DdJEpqvMkeTryb9ZOjY765zNLPevGAMpkdnw%3D%3D"}],"group":"cf-nel","max_age":604800} via 1.1 google cf-ray 8f46c66988888643-PER access-control-allow-origin * alt-svc h3=":443"; ma=86400 server-timing cfL4;desc="?proto=QUIC&rtt=47399&min_rtt=47080&rtt_var=7752&sent=13&recv=11&lost=0&retrans=0&sent_bytes=4175&recv_bytes=5353&delivery_rate=382&cwnd=12000&unsent_bytes=0&cid=129ac8075ef2f144&ts=317&x=1", cfExtPri, cfHdrFlush;dur=0 date Thu, 19 Dec 2024 10:40:32 GMT server cloudflare priority u=4,i
GET H3	200	aclib.js Show response acscdn.com/script/ Frame C86B	131 KB 0	221ms 65ms	Script text/javascript	172.67.165.20 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://acscdn.com/script/aclib.js Requested by Host: foreverquote.xyz URL: https://foreverquote.xyz/wp1/38.php Protocol H3 Security QUIC, , AES_128_GCM Server 172.67.165.20 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 1f435488d45b53058e71d6f4078fbc241c922e8adc35d521593da67830fbb005 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36 Referer https://foreverquote.xyz/ Response headers x-goog-metageneration 2 access-control-expose-headers Content-Length, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace x-goog-hash crc32c=u3ryWg==, md5=1PuVBTh3me3kNVH28DnSPg== cf-cache-status HIT etag W/"d4fb9505387799ede43551f6f039d23e" age 2060 content-encoding zstd report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=HZtB4mEvOMKmEfuO%2FVkut06hPgpAkpo7t4dTzYNIkz4KNCvvTYHpSbtVEDLyoeKPx%2Bgr8eKrB3e5syYay6tszVIfVkfQhWNyw7FQuAPGn%2FbTjvragK6vXWKF6O7u"}],"group":"cf-nel","max_age":604800} x-goog-stored-content-encoding identity expires Thu, 19 Dec 2024 10:21:14 GMT alt-svc h3=":443"; ma=86400 x-goog-stored-content-length 134520 server-timing cfL4;desc="?proto=QUIC&rtt=51886&min_rtt=51841&rtt_var=19472&sent=11&recv=8&lost=0&retrans=0&sent_bytes=4170&recv_bytes=4308&delivery_rate=63112&cwnd=12000&unsent_bytes=0&cid=ab49032768a32082&ts=164&x=1", cfExtPri, cfHdrFlush;dur=0 date Thu, 19 Dec 2024 10:40:31 GMT content-type text/javascript last-modified Tue, 03 Dec 2024 14:39:11 GMT vary Accept-Encoding priority u=1,i=?0 x-guploader-uploadid AFiumC6r2pcDI9WBBTTlcZcGW8cBle51yEtVCLiTXXP6-J9A5-yfPwumMpUkT8YMZkVKtej1XIuw5N4 cache-control public, max-age=3600 nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} x-goog-storage-class MULTI_REGIONAL cf-ray 8f46c6665dfa87b8-PER access-control-allow-origin * x-goog-generation 1733236751689553 server cloudflare
GET H2	200	clappr.min.js Show response cdn.jsdelivr.net/npm/@clappr/player@0.8/dist/ Frame C86B	616 KB 159 KB	208ms 105ms	Script application/javascript	2a04:4e42::485 FASTLY
General Check archive.org Show headers Download Go to Full URL https://cdn.jsdelivr.net/npm/@clappr/player@0.8/dist/clappr.min.js Requested by Host: foreverquote.xyz URL: https://foreverquote.xyz/wp1/38.php Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a04:4e42::485 , United States, ASN54113 (FASTLY, US), Reverse DNS Software / Resource Hash f0243f6e2395c077f4ae46ae4b1d969090d64106387b45cb39a28bbdb07e6752 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Content-Type-Options nosniff Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36 Referer https://foreverquote.xyz/ Response headers access-control-expose-headers * content-encoding br etag W/"9a048-VUE4kN104YCisqBJlMQIdr2LF2k" age 31129 x-content-type-options nosniff x-jsd-version-type version alt-svc h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400 x-cache HIT, HIT date Thu, 19 Dec 2024 10:40:32 GMT content-type application/javascript; charset=utf-8 x-served-by cache-fra-eddf8230058-FRA, cache-per12623-PER vary Accept-Encoding strict-transport-security max-age=31536000; includeSubDomains; preload cache-control public, max-age=604800, s-maxage=43200 timing-allow-origin * cross-origin-resource-policy cross-origin accept-ranges bytes access-control-allow-origin * content-length 162561 x-jsd-version 0.8.0
GET H2	200	p2p-engine.min.js Show response cdn.jsdelivr.net/npm/@swarmcloud/hls/ Frame C86B	191 KB 55 KB	153ms 51ms	Script application/javascript	2a04:4e42::485 FASTLY
General Check archive.org Show headers Download Go to Full URL https://cdn.jsdelivr.net/npm/@swarmcloud/hls/p2p-engine.min.js Requested by Host: foreverquote.xyz URL: https://foreverquote.xyz/wp1/38.php Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a04:4e42::485 , United States, ASN54113 (FASTLY, US), Reverse DNS Software / Resource Hash 786f269ed18afe713331b4a9dbaa727fb89324862e6be2ca5f4009602e0035f6 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Content-Type-Options nosniff Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36 Referer https://foreverquote.xyz/ Response headers access-control-expose-headers * content-encoding br etag W/"2fdd2-Bd+xgciUAmpgqRrFA/2WZAC5xVU" age 30162 x-content-type-options nosniff x-jsd-version-type version alt-svc h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400 x-cache HIT, HIT date Thu, 19 Dec 2024 10:40:32 GMT content-type application/javascript; charset=utf-8 x-served-by cache-fra-eddf8230149-FRA, cache-per12623-PER vary Accept-Encoding strict-transport-security max-age=31536000; includeSubDomains; preload cache-control public, max-age=604800, s-maxage=43200 timing-allow-origin * cross-origin-resource-policy cross-origin accept-ranges bytes access-control-allow-origin * content-length 56177 x-jsd-version 2.12.15
GET H2	200	level-selector.min.js Show response cdn.jsdelivr.net/clappr.level-selector/latest/ Frame C86B	9 KB 3 KB	207ms 104ms	Script application/javascript	2a04:4e42::485 FASTLY
General Check archive.org Show headers Download Go to Full URL https://cdn.jsdelivr.net/clappr.level-selector/latest/level-selector.min.js Requested by Host: foreverquote.xyz URL: https://foreverquote.xyz/wp1/38.php Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a04:4e42::485 , United States, ASN54113 (FASTLY, US), Reverse DNS Software / Resource Hash 23a715a6d8a35921f8c02eab19a93b6c9c42271ecfccbde0005476959e2edff9 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Content-Type-Options nosniff Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36 Referer https://foreverquote.xyz/ Response headers access-control-expose-headers * content-encoding br etag W/"2524-9Cxz5uiSAcz1rVE5FbtBguw6QQw" age 731308 x-content-type-options nosniff alt-svc h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400 x-cache HIT, HIT date Thu, 19 Dec 2024 10:40:32 GMT content-type application/javascript; charset=utf-8 x-served-by cache-fra-eddf8230115-FRA, cache-per12623-PER vary Accept-Encoding strict-transport-security max-age=31536000; includeSubDomains; preload cache-control public, max-age=31536000, s-maxage=31536000, immutable timing-allow-origin * cross-origin-resource-policy cross-origin accept-ranges bytes access-control-allow-origin * content-length 3219
GET H3	200	ut.js Show response acscdn.com/script/ Frame C86B	65 KB 25 KB	59ms 58ms	Script text/javascript	172.67.165.20 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://acscdn.com/script/ut.js?cb=1734604832406 Requested by Host: acscdn.com URL: https://acscdn.com/script/aclib.js Protocol H3 Security QUIC, , AES_128_GCM Server 172.67.165.20 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash a4beaec54247a9a3cb97821ecdb68d39cacdcdcc62ae872c13c2cca2d3d88e32 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36 Referer https://foreverquote.xyz/ Response headers x-goog-metageneration 2 access-control-expose-headers Content-Length, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace x-goog-hash crc32c=VBET1w==, md5=SvoqyZ+XMx3JgmPUkCKpWA== cf-cache-status HIT etag W/"4afa2ac99f97331dc98263d49022a958" age 2276 content-encoding zstd report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=SW2Uton8TH5rZrB9mcmUhGzJsoFMf%2BLI1adT%2Fge6obJhpBR3kCR%2BECOYjiWFW%2Fyv%2BzNlOUhbNxCxCM8t9C%2FQJXBo6kl9d9CjyyVtIvZJrcBDXr%2Bgzg3KraXXDgwQ"}],"group":"cf-nel","max_age":604800} x-goog-stored-content-encoding identity expires Thu, 19 Dec 2024 10:39:28 GMT alt-svc h3=":443"; ma=86400 x-goog-stored-content-length 66473 server-timing cfL4;desc="?proto=QUIC&rtt=49160&min_rtt=47239&rtt_var=2208&sent=109&recv=61&lost=0&retrans=0&sent_bytes=111472&recv_bytes=7301&delivery_rate=596017&cwnd=53700&unsent_bytes=0&cid=ab49032768a32082&ts=848&x=1", cfExtPri, cfHdrFlush;dur=0 date Thu, 19 Dec 2024 10:40:32 GMT content-type text/javascript last-modified Mon, 02 Dec 2024 08:21:47 GMT vary Accept-Encoding priority u=3,i=?0 x-guploader-uploadid AFiumC4Ht88LPMpJIuPi04_LxbsQdsyN2K5LpZrUetnGQI3DeA1NYNN7ltTitXOpEAx_N4tYQo2Khkk cache-control public, max-age=3600 nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} x-goog-storage-class MULTI_REGIONAL cf-ray 8f46c66aba2687b8-PER access-control-allow-origin * x-goog-generation 1733127707295818 server cloudflare
GET H3	200	suv5.js Show response acscdn.com/script/ Frame C86B	94 KB 0	61ms 60ms	Script text/javascript	172.67.165.20 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://acscdn.com/script/suv5.js Requested by Host: acscdn.com URL: https://acscdn.com/script/aclib.js Protocol H3 Security QUIC, , AES_128_GCM Server 172.67.165.20 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 0a4d2783b78bdf662e363de22187f5a5a8a8eb9c77cac7b159bf7ba9adec15e7 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36 Referer https://foreverquote.xyz/ Response headers x-goog-metageneration 2 x-goog-hash crc32c=Qldx6Q==, md5=XQ7dYpjD2B1FC1uKXb9dSg== cf-cache-status HIT etag W/"5d0edd6298c3d81d450b5b8a5dbf5d4a" age 2236 content-encoding zstd report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=vxqKkwcB0Flyd%2BUr9poHhduxY6%2FnXoY8lXXbKQFwXd20Jom0clkMMgd7bmihEgAwOIvDqTFDRt2HXUq55z3wzf6d%2BlfT%2B47rrZDmDpbBiX5icD3XSWUk1Mo4e%2FN9"}],"group":"cf-nel","max_age":604800} x-goog-stored-content-encoding identity expires Thu, 19 Dec 2024 11:02:00 GMT alt-svc h3=":443"; ma=86400 x-goog-stored-content-length 96192 server-timing cfL4;desc="?proto=QUIC&rtt=54302&min_rtt=47239&rtt_var=8322&sent=76&recv=33&lost=0&retrans=0&sent_bytes=76145&recv_bytes=5843&delivery_rate=210889&cwnd=27300&unsent_bytes=0&cid=ab49032768a32082&ts=367&x=1", cfExtPri, cfHdrFlush;dur=0 date Thu, 19 Dec 2024 10:40:31 GMT content-type text/javascript last-modified Tue, 03 Dec 2024 14:46:43 GMT vary Accept-Encoding priority u=3,i=?0 x-guploader-uploadid AFiumC4UekPI5K8lVJKC38_7Z14G2xPnQBKFw6bAkBvCuURzxa4QX_C_NxEdoG5Nv2TA6hL45rErz9Y cache-control public, max-age=3600 nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} x-goog-storage-class MULTI_REGIONAL cf-ray 8f46c667af3587b8-PER access-control-allow-origin * x-goog-generation 1733237203493345 server cloudflare
GET H2	200	js15_as.js Show response s10.histats.com/ Frame C86B	11 KB 0	185ms 72ms	Script text/javascript	2606:4700:10::6814:345 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://s10.histats.com/js15_as.js Requested by Host: foreverquote.xyz URL: https://foreverquote.xyz/wp1/38.php Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:10::6814:345 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 2defe59e357a7d0683c8283ac42841db404a0884cae2eaecebf4b676e559dede Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36 Referer https://foreverquote.xyz/ Response headers cache-control max-age=28800 content-encoding gzip cf-cache-status HIT etag "-375139978" age 3389 cf-ray 8f46c6685d4a8acd-PER accept-ranges bytes content-length 4547 date Thu, 19 Dec 2024 10:40:32 GMT content-type text/javascript last-modified Thu, 16 Apr 2020 10:44:16 GMT vary Accept-Encoding server cloudflare
GET H3	200	suurl5.php Show response youradexchange.com/script/ Frame C86B	873 B 1 KB	347ms 346ms	Fetch application/json	172.67.177.214 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://youradexchange.com/script/suurl5.php?r=9055278&chmob=%3F0&cbur=0.695050169934893&cbiframe=1&cbWidth=1584&cbHeight=1184&cbtitle=&cbpage=https%3A%2F%2Fforeverquote.xyz%2Fdec%2Fdec38.php&cbref=&cbdescription=&cbkeywords=&cbcdn=acscdn.com&ufp=Linux%20x86_64%2FMozilla%2FNetscape%2Ftrue%2Ffalse%2FGoogle%20Inc.1600x1200-480en-AU81624%20bits&ts=1734604832444&srs=8b370d2bcfe5784252188a30e746dd7f&atv=57.0 Requested by Host: acscdn.com URL: https://acscdn.com/script/suv5.js Protocol H3 Security QUIC, , AES_128_GCM Server 172.67.177.214 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash fdbc89fc423ae04c6e64bbba8538fda15965b399ef8fa46cafaf49abe0bf5f1b Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36 Referer https://foreverquote.xyz/ Response headers content-encoding gzip cf-cache-status DYNAMIC report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=gG8k2ZU4BQnAtP5VOCLCSkp%2FLSevIMqjldyJwsxsRt41hl5w0gWYg4seAawWtAeR430YOyFcK%2Fvf%2FxX7PHfWWufJo3WMHHDMWI9D2YsctGWaV%2F%2BdvG5LaMhb%2BA76g5xw7KeE%2F%2FM%3D"}],"group":"cf-nel","max_age":604800} access-control-allow-methods GET, POST, OPTIONS alt-svc h3=":443"; ma=86400 server-timing cfL4;desc="?proto=QUIC&rtt=48354&min_rtt=47188&rtt_var=7091&sent=15&recv=12&lost=0&retrans=0&sent_bytes=5679&recv_bytes=5312&delivery_rate=14466&cwnd=12000&unsent_bytes=0&cid=c0ca7b39a0cf79ee&ts=584&x=1", cfExtPri, cfHdrFlush;dur=0 date Thu, 19 Dec 2024 10:40:32 GMT content-type application/json; charset=utf-8 vary accept-encoding priority u=1,i access-control-allow-headers Content-Type nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} via 1.1 google cf-ray 8f46c66aece98653-PER access-control-allow-origin * server cloudflare
GET H/1.1	200 OK	0.php Show response s4.histats.com/stats/ Frame C86B	381 B 516 B	856ms 311ms	Script text/html	149.56.240.128 OVH OVH SAS
General Check archive.org Show headers Download Go to Full URL https://s4.histats.com/stats/0.php?3451427&@f16&@g1&@h1&@i1&@j1734604832444&@k0&@l1&@m&@n0&@ohttps%3A%2F%2Fforeverquote.xyz%2Fdec%2Fdec38.php&@q0&@r0&@s0&@ten-AU&@u1600&@b1:-197505161&@b3:1734604832&@b4:js15_as.js&@b5:480&@a-_0.2.1&@vhttps%3A%2F%2Fforeverquote.xyz%2Fwp1%2F38.php&@w Requested by Host: s10.histats.com URL: https://s10.histats.com/js15_as.js Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 149.56.240.128 Montreal, Canada, ASN16276 (OVH OVH SAS, FR), Reverse DNS ns534296.ip-149-56-240.net Software / Resource Hash 20c7a0a15bda6b07c8f583c5c0ea0f6f16dd267ca91a33c4dc90b76db4369651 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36 Referer https://foreverquote.xyz/ Response headers Content-Length 381 Date Thu, 19 Dec 2024 10:40:33 GMT Content-Type text/html;charset=UTF-8 Connection close
POST H3	204	hb.php pubtrky.com/ut/ Frame C86B	0 610 B	296ms 295ms	Ping text/plain	172.67.188.110 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://pubtrky.com/ut/hb.php?cb=0.4405506670867054&v=1 Requested by Host: acscdn.com URL: https://acscdn.com/script/ut.js?cb=1734604832406 Protocol H3 Security QUIC, , AES_128_GCM Server 172.67.188.110 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36 Content-Type text/plain; charset=utf-8 Referer https://foreverquote.xyz/ Response headers nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} cf-cache-status DYNAMIC report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=9hqvoJoLdwD0vWTrMlCcKDDiUlHgD2LwrgHiLXKWv7FnqKU83uMdroswa99FU7LC%2FWefQCVyVBXL%2FLb%2F3qhODW%2FXNsxLJ3DESGGrwUOLyQY8d%2FkQFxwzwaiV3Td6wQ%3D%3D"}],"group":"cf-nel","max_age":604800} via 1.1 google cf-ray 8f46c66d0c788643-PER access-control-allow-origin * alt-svc h3=":443"; ma=86400 server-timing cfL4;desc="?proto=QUIC&rtt=47386&min_rtt=47080&rtt_var=5840&sent=15&recv=14&lost=0&retrans=0&sent_bytes=4866&recv_bytes=6692&delivery_rate=9240&cwnd=12000&unsent_bytes=0&cid=129ac8075ef2f144&ts=861&x=1", cfExtPri, cfHdrFlush;dur=0 date Thu, 19 Dec 2024 10:40:33 GMT server cloudflare priority u=4,i
GET H2	200	/ Show response e.dtscout.com/e/	7 KB 4 KB	686ms 582ms	Script application/javascript	2606:4700:21::8d65:780b CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://e.dtscout.com/e/?v=1a&pid=5200&site=1&l=https%3A%2F%2Fforeverquote.xyz%2Fdec%2Fdec38.php&j= Requested by Host: s4.histats.com URL: https://s4.histats.com/stats/0.php?4826273&@f16&@g1&@h1&@i1&@j1734604832111&@k0&@l1&@m&@n0&@o1000&@q0&@r0&@s0&@ten-AU&@u1600&@b1:-152170706&@b3:1734604832&@b4:js15_as.js&@b5:480&@a-_0.2.1&@vhttps%3A%2F%2Fforeverquote.xyz%2Fdec%2Fdec38.php&@w Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:21::8d65:780b , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash bee002ea773d18ad1032c1c5fa31bd017b6090155071cf94299016e0a3849fc8 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36 Referer https://foreverquote.xyz/ Response headers cache-control no-cache nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} content-encoding br cf-cache-status DYNAMIC report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=e17cDZ%2F0AChV51O3506ma0mD5OInUz3UiZpVqkMgJx1nvpe7fthj5dJviTaVSv5u0amHfWZN%2FopVgzlm3blk1Nidz28Rdw%2B9FqUW4lceEnsSgvdlSYw5Yajw3sATU20DGcD3d%2Fa4k3w41Bs%3D"}],"group":"cf-nel","max_age":604800} x-t 0.864 cf-ray 8f46c66f2d988652-PER expires Thu, 19 Dec 2024 10:40:32 GMT server-timing cfL4;desc="?proto=TCP&rtt=47123&min_rtt=47034&rtt_var=7553&sent=9&recv=12&lost=0&retrans=0&sent_bytes=3992&recv_bytes=2449&delivery_rate=85516&cwnd=253&unsent_bytes=0&cid=d462c08680c86aa5&ts=590&x=0" date Thu, 19 Dec 2024 10:40:33 GMT content-type application/javascript x-s mtl2 server cloudflare
GET H3	200	hlsch38.m3u8 Show response hutg54.site/chunklist/ Frame C86B	4 KB 1 KB	663ms 586ms	XHR application/vnd.apple.mpegurl	172.67.130.111 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://hutg54.site/chunklist/hlsch38.m3u8?wmsAuthSign=c2VydmVyX3RpbWU9MTIvMTkvMjAyNCAxMCA6NDAgOjMyICBBTSZoYXNoX3ZhbHVlPU1YK2JpTGpvMUlKOFQ4MGJiQ3hEOHc9PSZ2YWxpZG1pbnV0ZXM9NzIwJmlkPTEwMy4xMDguMjMxLjEwMCZzdHJtX2xlbj01 Requested by Host: cdn.jsdelivr.net URL: https://cdn.jsdelivr.net/npm/@clappr/player@0.8/dist/clappr.min.js Protocol H3 Security QUIC, , AES_128_GCM Server 172.67.130.111 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash dd0cbcd7674abc8c956656f528d916cc4b30114ba47639492cc3b584a0a24d02 Security Headers Name Value Content-Security-Policy default-src 'self' http: https: data: blob: 'unsafe-inline' Strict-Transport-Security max-age=31536000; includeSubdomains; preload X-Xss-Protection 1; mode=block Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36 Referer https://foreverquote.xyz/ Response headers content-encoding zstd cf-cache-status DYNAMIC etag W/"6763f821-ee3" report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=RpXrQtu8XuBy0moD35RTImOUg3%2FoQhqCp%2FN%2Fl%2FzI7exS6YcdBofmwFuXyTbWMOVpRT2UCDngnYIp%2BegwQFJ4Ii05QPmL%2BmwoocliKaRDYEFRZmrdkdRHBlDpvAG5%2Bw%3D%3D"}],"group":"cf-nel","max_age":604800} access-control-allow-methods POST, GET, OPTIONS, PUT, DELETE alt-svc h3=":443"; ma=86400 server-timing cfL4;desc="?proto=QUIC&rtt=47543&min_rtt=47454&rtt_var=7610&sent=12&recv=10&lost=0&retrans=0&sent_bytes=4161&recv_bytes=4565&delivery_rate=384&cwnd=12000&unsent_bytes=0&cid=439be57a1bb2eb83&ts=602&x=1", cfExtPri, cfHdrFlush;dur=0 date Thu, 19 Dec 2024 10:40:33 GMT content-type application/vnd.apple.mpegurl last-modified Thu, 19 Dec 2024 10:40:33 GMT priority u=1,i access-control-allow-headers X-requested-With, Accept, Content-Type, Origin strict-transport-security max-age=31536000; includeSubdomains; preload content-security-policy default-src 'self' http: https: data: blob: 'unsafe-inline' cache-control max-age=2, no-store, must-revalidate, proxy-revalidate nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} referrer-policy strict-origin cf-ray 8f46c66f4dec8677-PER access-control-allow-origin * x-xss-protection 1; mode=block server cloudflare
GET H2	200	/ Show response e.dtscout.com/e/ Frame C86B	7 KB 3 KB	580ms 580ms	Script application/javascript	2606:4700:21::8d65:780b CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://e.dtscout.com/e/?v=1a&pid=5200&site=1&l=https%3A%2F%2Fforeverquote.xyz%2Fwp1%2F38.php&j=https%3A%2F%2Fforeverquote.xyz%2Fdec%2Fdec38.php Requested by Host: s4.histats.com URL: https://s4.histats.com/stats/0.php?3451427&@f16&@g1&@h1&@i1&@j1734604832444&@k0&@l1&@m&@n0&@ohttps%3A%2F%2Fforeverquote.xyz%2Fdec%2Fdec38.php&@q0&@r0&@s0&@ten-AU&@u1600&@b1:-197505161&@b3:1734604832&@b4:js15_as.js&@b5:480&@a-_0.2.1&@vhttps%3A%2F%2Fforeverquote.xyz%2Fwp1%2F38.php&@w Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:21::8d65:780b , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 7859ef59f060e9b3a30a93584cae9ae0eae3a2ae320c6fc55d093fb07b057336 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36 Referer https://foreverquote.xyz/ Response headers cache-control no-cache nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} content-encoding br cf-cache-status DYNAMIC report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=QF9pluMAuWIScRA%2F5mqvEILljW40Jr6Jiqzd6p97K7x7sdMPRr%2FR2R2GKkSwDuadACeWbTu8yZyDF0TRQ6Om8MWO8J5Hc38GDPZLcKPYAhOLkZFkLAFGPChIZ7Ja3IDscgAlVUn6Xfqw%2Bbg%3D"}],"group":"cf-nel","max_age":604800} x-t 0.555 cf-ray 8f46c6704ea78652-PER expires Thu, 19 Dec 2024 10:40:32 GMT server-timing cfL4;desc="?proto=TCP&rtt=47134&min_rtt=47032&rtt_var=4301&sent=16&recv=15&lost=0&retrans=0&sent_bytes=7923&recv_bytes=2638&delivery_rate=171000&cwnd=255&unsent_bytes=0&cid=d462c08680c86aa5&ts=770&x=0" date Thu, 19 Dec 2024 10:40:33 GMT content-type application/javascript x-s mtl2 server cloudflare
GET H2	200	/ t.dtscout.com/idg/ Frame 32A5	0 0	693ms 583ms	Document text/html	2606:4700:21::8d65:780b CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://t.dtscout.com/idg/?su=10401734604833676B54DE45DBF9C2B4 Requested by Host: e.dtscout.com URL: https://e.dtscout.com/e/?v=1a&pid=5200&site=1&l=https%3A%2F%2Fforeverquote.xyz%2Fdec%2Fdec38.php&j= Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:21::8d65:780b , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash Request headers Referer https://foreverquote.xyz/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36 Response headers cache-control no-cache cf-cache-status DYNAMIC cf-ray 8f46c6739fb1866a-PER content-encoding gzip content-type text/html; charset=UTF-8 date Thu, 19 Dec 2024 10:40:34 GMT expires Thu, 19 Dec 2024 10:40:33 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=P66GIMuAOgZv%2BR4qL3hzTVmJkDXU2QMB%2FAn924DiN4WCztndo72NzFDlmue8znknoz5tuYpnZQ4oAJ7EtJr8NQOPGjh2WM7%2B2m5SjWi0gQskjCm6uQMQrYs3oqhy5sd12nOZQYLhJFT1V7M%3D"}],"group":"cf-nel","max_age":604800} server cloudflare server-timing cfL4;desc="?proto=TCP&rtt=47348&min_rtt=47054&rtt_var=8017&sent=9&recv=13&lost=0&retrans=0&sent_bytes=4016&recv_bytes=2581&delivery_rate=85830&cwnd=254&unsent_bytes=0&cid=aa660c63f9caf79a&ts=600&x=0" vary accept-encoding
GET H/1.1	200 OK	dtscout Show response pd.sharethis.com/pd/	2 KB 3 KB	1006ms 252ms	Script application/javascript	50.18.203.164 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://pd.sharethis.com/pd/dtscout Requested by Host: e.dtscout.com URL: https://e.dtscout.com/e/?v=1a&pid=5200&site=1&l=https%3A%2F%2Fforeverquote.xyz%2Fdec%2Fdec38.php&j= Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 50.18.203.164 San Jose, United States, ASN16509 (AMAZON-02, US), Reverse DNS ec2-50-18-203-164.us-west-1.compute.amazonaws.com Software / Resource Hash fda136aaea02ecf087281f62c26d738db0b7060f61bdcf71f07fe5a901556180 Security Headers Name Value Strict-Transport-Security max-age=63072000; includeSubDomains; Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36 Referer https://foreverquote.xyz/ Response headers Strict-Transport-Security max-age=63072000; includeSubDomains; X-Robots-Tag noindex, nofollow Content-Length 2444 Date Thu, 19 Dec 2024 10:40:34 GMT Content-Type application/javascript Connection keep-alive
GET H2	200	afwu.js Show response cdn.tynt.com/	19 KB 6 KB	181ms 60ms	Script application/javascript	104.18.12.146 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://cdn.tynt.com/afwu.js Requested by Host: e.dtscout.com URL: https://e.dtscout.com/e/?v=1a&pid=5200&site=1&l=https%3A%2F%2Fforeverquote.xyz%2Fdec%2Fdec38.php&j= Protocol H2 Security TLS 1.3, , AES_128_GCM Server 104.18.12.146 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 3db5fc063868d3ca5fc3cc2695f483266cffea00bef68dffd7e4944b947aacc8 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36 Referer https://foreverquote.xyz/ Response headers cache-control public, max-age=259200 content-encoding gzip cf-cache-status HIT etag W/"651ed192-4c00" age 219239 cf-ray 8f46c6739999865f-PER expires Sun, 22 Dec 2024 10:40:33 GMT date Thu, 19 Dec 2024 10:40:33 GMT content-type application/javascript last-modified Thu, 05 Oct 2023 15:09:06 GMT vary Accept-Encoding server cloudflare
GET H3	200	dtsa.js Show response p.dtsan.net/	9 KB 4 KB	118ms 62ms	Script application/javascript	172.67.167.79 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://p.dtsan.net/dtsa.js Requested by Host: e.dtscout.com URL: https://e.dtscout.com/e/?v=1a&pid=5200&site=1&l=https%3A%2F%2Fforeverquote.xyz%2Fdec%2Fdec38.php&j= Protocol H3 Security QUIC, , AES_128_GCM Server 172.67.167.79 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash bae0be00456ea666920477be254fdcf5104a179cc46135c316a70ddbee9f8964 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36 Referer https://foreverquote.xyz/ Response headers content-encoding zstd cf-cache-status HIT etag W/"670f478e-25f4" age 5336 report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=vOkM9INfsJ0TIPAwt%2Fs8ezo9%2FdEmIUe736ZhNfmj0clTdVw4QXLWdLST5kOYNz8%2FHH31aktYAGnq3Rw4jxkgF0NBPrNHHGN9ZNrLw4cmHhF2BjNUYOHj6TVD6BKR9g%3D%3D"}],"group":"cf-nel","max_age":604800} alt-svc h3=":443"; ma=86400 server-timing cfL4;desc="?proto=QUIC&rtt=46959&min_rtt=46901&rtt_var=17629&sent=11&recv=7&lost=0&retrans=0&sent_bytes=4129&recv_bytes=4229&delivery_rate=68419&cwnd=12000&unsent_bytes=0&cid=a153086916e79821&ts=64&x=1", cfExtPri, cfHdrFlush;dur=0 date Thu, 19 Dec 2024 10:40:33 GMT content-type application/javascript last-modified Wed, 16 Oct 2024 04:56:46 GMT vary Accept-Encoding priority u=3,i=?0 cache-control max-age=7200 nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} cf-ray 8f46c6733a302d51-PER server cloudflare
GET H2	200	/ Show response t.dtscout.com/pv/	51 B 546 B	588ms 583ms	Script application/javascript	2606:4700:21::8d65:780b CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://t.dtscout.com/pv/?_a=v&_h=foreverquote.xyz&_ss=3mcrgffdmv&_pv=1&_ls=0&_u1=1&_u3=1&_cc=au&_pl=d&_cbid=75ik&_cb=_dtspv.c Requested by Host: e.dtscout.com URL: https://e.dtscout.com/e/?v=1a&pid=5200&site=1&l=https%3A%2F%2Fforeverquote.xyz%2Fdec%2Fdec38.php&j= Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:21::8d65:780b , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 094b31eaac6c67aa529b69a9d9e37b3bd81bb82bf3c53dd9e5c23129f33e1d61 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36 Referer https://foreverquote.xyz/ Response headers x-c 0 cache-control no-cache content-encoding br cf-cache-status DYNAMIC nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=RzB4EVPHzNmzncNQjNnP7%2BHYT3%2Bu%2FxwDuhNSOYAbz6Ir5eYVDQgKXD0yGi6VB800ausJqBzP2xMVOvNXYyCpOVceywDbeOhA9V5ozag9BT%2BvDEUkL4Y6HS1PGAyWrpykUbXl%2F4i6VGGELK4%3D"}],"group":"cf-nel","max_age":604800} x-t 0.148 cf-ray 8f46c672e8d98652-PER expires Thu, 19 Dec 2024 10:40:33 GMT server-timing cfL4;desc="?proto=TCP&rtt=47068&min_rtt=46772&rtt_var=1926&sent=24&recv=19&lost=0&retrans=0&sent_bytes=11449&recv_bytes=2788&delivery_rate=199809&cwnd=255&unsent_bytes=0&cid=d462c08680c86aa5&ts=1184&x=0" date Thu, 19 Dec 2024 10:40:34 GMT content-type application/javascript server cloudflare
GET		hlsch38_1693_1334.gif kabard2w.site/ Frame C86B	0 0
GET H/1.1	200 OK	json Show response pro.ip-api.com/ Frame C86B	175 B 331 B	297ms 94ms	Fetch application/json	139.99.133.174 OVH OVH SAS
General Check archive.org Show headers Download Go to Full URL https://pro.ip-api.com/json?fields=2181826&key=XOpiansRgYxGTho Requested by Host: cdn.jsdelivr.net URL: https://cdn.jsdelivr.net/npm/@swarmcloud/hls/p2p-engine.min.js Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 139.99.133.174 Sydney, Australia, ASN16276 (OVH OVH SAS, FR), Reverse DNS vps-3a55735c.vps.ovh.ca Software / Resource Hash 377e73cc9f959d2e711e4033dbf6d45a41f746e5ca374a22c6879af3f825e7ab Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36 Referer https://foreverquote.xyz/ Response headers Access-Control-Allow-Origin * Content-Length 175 Date Thu, 19 Dec 2024 10:40:34 GMT Content-Type application/json; charset=utf-8
GET H2	200	/ t.dtscout.com/idg/ Frame 1787	0 0	582ms 582ms	Document text/html	2606:4700:21::8d65:780b CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://t.dtscout.com/idg/?su=1040173460483396DA0F031CB372D2F1 Requested by Host: e.dtscout.com URL: https://e.dtscout.com/e/?v=1a&pid=5200&site=1&l=https%3A%2F%2Fforeverquote.xyz%2Fwp1%2F38.php&j=https%3A%2F%2Fforeverquote.xyz%2Fdec%2Fdec38.php Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:21::8d65:780b , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash Request headers Referer https://foreverquote.xyz/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36 Response headers cache-control no-cache cf-cache-status DYNAMIC cf-ray 8f46c673f80b866a-PER content-encoding gzip content-type text/html; charset=UTF-8 date Thu, 19 Dec 2024 10:40:34 GMT expires Thu, 19 Dec 2024 10:40:33 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Vv7YlzIcsBC7l%2FMbjkSFF3LS4zvvKTfDGtQF8M%2B9vgNXzJgw%2FuvVbn5Ksps7JpcFpErAC%2BalDbF4tE4K47mfQWtt%2B%2FTUAsqZccdmmNUUYomG44VDobo9Bwe2YLYWKUnjLUBhKYFR0yfiF2Y%3D"}],"group":"cf-nel","max_age":604800} server cloudflare server-timing cfL4;desc="?proto=TCP&rtt=47428&min_rtt=47054&rtt_var=6173&sent=12&recv=14&lost=0&retrans=0&sent_bytes=5231&recv_bytes=2581&delivery_rate=85830&cwnd=257&unsent_bytes=0&cid=aa660c63f9caf79a&ts=661&x=0" vary accept-encoding
GET H/1.1	200 OK	dtscout Show response pd.sharethis.com/pd/ Frame C86B	2 KB 3 KB	1080ms 251ms	Script application/javascript	50.18.203.164 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://pd.sharethis.com/pd/dtscout Requested by Host: e.dtscout.com URL: https://e.dtscout.com/e/?v=1a&pid=5200&site=1&l=https%3A%2F%2Fforeverquote.xyz%2Fwp1%2F38.php&j=https%3A%2F%2Fforeverquote.xyz%2Fdec%2Fdec38.php Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 50.18.203.164 San Jose, United States, ASN16509 (AMAZON-02, US), Reverse DNS ec2-50-18-203-164.us-west-1.compute.amazonaws.com Software / Resource Hash 12702de1d5581e57d8e9d96881dd32f3a2517821e62791e91636b55e939f2785 Security Headers Name Value Strict-Transport-Security max-age=63072000; includeSubDomains; Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36 Referer https://foreverquote.xyz/ Response headers Strict-Transport-Security max-age=63072000; includeSubDomains; X-Robots-Tag noindex, nofollow Content-Length 2444 Date Thu, 19 Dec 2024 10:40:34 GMT Content-Type application/javascript Connection keep-alive
GET H3	200	dtsa.js Show response p.dtsan.net/ Frame C86B	9 KB 0	118ms 62ms	Script application/javascript	172.67.167.79 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://p.dtsan.net/dtsa.js Requested by Host: e.dtscout.com URL: https://e.dtscout.com/e/?v=1a&pid=5200&site=1&l=https%3A%2F%2Fforeverquote.xyz%2Fwp1%2F38.php&j=https%3A%2F%2Fforeverquote.xyz%2Fdec%2Fdec38.php Protocol H3 Security QUIC, , AES_128_GCM Server 172.67.167.79 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash bae0be00456ea666920477be254fdcf5104a179cc46135c316a70ddbee9f8964 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36 Referer https://foreverquote.xyz/ Response headers content-encoding zstd cf-cache-status HIT etag W/"670f478e-25f4" age 5336 report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=vOkM9INfsJ0TIPAwt%2Fs8ezo9%2FdEmIUe736ZhNfmj0clTdVw4QXLWdLST5kOYNz8%2FHH31aktYAGnq3Rw4jxkgF0NBPrNHHGN9ZNrLw4cmHhF2BjNUYOHj6TVD6BKR9g%3D%3D"}],"group":"cf-nel","max_age":604800} alt-svc h3=":443"; ma=86400 server-timing cfL4;desc="?proto=QUIC&rtt=46959&min_rtt=46901&rtt_var=17629&sent=11&recv=7&lost=0&retrans=0&sent_bytes=4129&recv_bytes=4229&delivery_rate=68419&cwnd=12000&unsent_bytes=0&cid=a153086916e79821&ts=64&x=1", cfExtPri, cfHdrFlush;dur=0 date Thu, 19 Dec 2024 10:40:33 GMT content-type application/javascript last-modified Wed, 16 Oct 2024 04:56:46 GMT vary Accept-Encoding priority u=3,i=?0 cache-control max-age=7200 nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} cf-ray 8f46c6733a302d51-PER server cloudflare
GET H2	200	/ Show response t.dtscout.com/pv/ Frame C86B	51 B 492 B	582ms 582ms	Script application/javascript	2606:4700:21::8d65:780b CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://t.dtscout.com/pv/?_a=v&_h=foreverquote.xyz&_ss=3mcrgffdmv&_pv=2&_ls=0&_cc=au&_pl=d&_cbid=qazj&_cb=_dtspv.c Requested by Host: e.dtscout.com URL: https://e.dtscout.com/e/?v=1a&pid=5200&site=1&l=https%3A%2F%2Fforeverquote.xyz%2Fwp1%2F38.php&j=https%3A%2F%2Fforeverquote.xyz%2Fdec%2Fdec38.php Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:21::8d65:780b , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash a2dc3da52a49205711473e7a499b9405b3c3d303c9af87e259c450e3cc68e9b9 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36 Referer https://foreverquote.xyz/ Response headers x-c 0 cache-control no-cache content-encoding br cf-cache-status DYNAMIC nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=p9nNZX1Gr0MwUeY8oc3wWdG31HGg6n7kuDhD%2B9aLvWuydt6H5RamO70hbpVjjPNBStpWYRvSjJW5ZdaorIMpzwxp52fJgUpOP6dXe6hB4XK8DOvj%2BOrmW%2Bi%2F8RmTDutuHalqOm83GegixlA%3D"}],"group":"cf-nel","max_age":604800} x-t 0.151 cf-ray 8f46c673f9d98652-PER expires Thu, 19 Dec 2024 10:40:33 GMT server-timing cfL4;desc="?proto=TCP&rtt=52774&min_rtt=46772&rtt_var=12527&sent=27&recv=21&lost=0&retrans=0&sent_bytes=12061&recv_bytes=2788&delivery_rate=199809&cwnd=255&unsent_bytes=0&cid=d462c08680c86aa5&ts=1359&x=0" date Thu, 19 Dec 2024 10:40:34 GMT content-type application/javascript server cloudflare
GET H2	200	p ic.tynt.com/b/	35 B 648 B	848ms 280ms	Image image/gif	67.202.105.31 STEADFAST
General Check archive.org Show headers Download Go to Show image Full URL https://ic.tynt.com/b/p?id=wu!&lm=0&ts=1734604833950&dn=AFWU&iso=0&pu=https%3A%2F%2Fforeverquote.xyz%2Fdec%2Fdec38.php&t=foreverquote.xyz&chmob=0 Requested by Host: foreverquote.xyz URL: https://foreverquote.xyz/dec/dec38.php Protocol H2 Security TLS 1.3, , AES_256_GCM Server 67.202.105.31 , United States, ASN32748 (STEADFAST, US), Reverse DNS ip31.67-202-105.static.steadfastdns.net Software nginx/1.16.1 / Resource Hash 8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36 Referer https://foreverquote.xyz/dec/dec38.php Response headers cache-control "no-store, no-cache, must-revalidate, post-check=0, pre-check=0, false" etag "4bc8846c-23" accept-ch Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Model, Sec-CH-UA-Full-Version-List, Sec-CH-UA, Sec-CH-UA-Mobile expires "Sat, 26 Jul 1997 05:00:00 GMT" accept-ranges bytes content-length 35 p3p policyref="/w3c/p3p.xml", CP="CUR ADM OUR NOR STA NID", CP="NOI DSP COR NID PSA PSD OUR IND UNI COM NAV INT DEM STA" date Thu, 19 Dec 2024 10:40:34 GMT content-type image/gif last-modified Fri, 16 Apr 2010 15:38:20 GMT server nginx/1.16.1
POST H3	200	channel Show response eu.cdnbye.com/v1/ Frame C86B	84 B 756 B	431ms 368ms	Fetch application/json	172.67.146.36 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://eu.cdnbye.com/v1/channel Requested by Host: cdn.jsdelivr.net URL: https://cdn.jsdelivr.net/npm/@swarmcloud/hls/p2p-engine.min.js Protocol H3 Security QUIC, , AES_128_GCM Server 172.67.146.36 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 0043a51b791aff1352c55be2ab996dbc521629ed952be04c9ad04c458c1ab134 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36 Content-Type text/plain;charset=UTF-8 Referer https://foreverquote.xyz/ Response headers nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} content-encoding zstd cf-cache-status DYNAMIC report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=b9zh8lD3EW3%2FRSSC6WCcgrLzn09a9daSsLLlCL0UAvRLF50%2FQUQS%2BvrzeMYb%2BJOVMwHaAOKieqiBXtV2PlwzDqzTeklFoDhRxNyC2ooFKH8e3L0KIVXGOsBO7Lbu7zEE"}],"group":"cf-nel","max_age":604800} cf-ray 8f46c6758c9487b8-PER access-control-allow-origin * alt-svc h3=":443"; ma=86400 server-timing cfL4;desc="?proto=QUIC&rtt=50581&min_rtt=47368&rtt_var=13756&sent=13&recv=11&lost=0&retrans=0&sent_bytes=4174&recv_bytes=4855&delivery_rate=387&cwnd=12000&unsent_bytes=0&cid=7afecd9be370b4ba&ts=374&x=1", cfExtPri, cfHdrFlush;dur=0 date Thu, 19 Dec 2024 10:40:34 GMT content-type application/json; charset=utf-8 server cloudflare priority u=1,i
GET H2	200	v2 Show response de.tynt.com/deb/	767 B 1 KB	847ms 278ms	Script application/javascript	67.202.105.34 STEADFAST
General Check archive.org Show headers Download Go to Full URL https://de.tynt.com/deb/v2?id=wu!&dn=AFWU&cc=1&chmob=0&r=&pu=https%3A%2F%2Fforeverquote.xyz%2Fdec%2Fdec38.php Requested by Host: cdn.tynt.com URL: https://cdn.tynt.com/afwu.js Protocol H2 Security TLS 1.3, , AES_256_GCM Server 67.202.105.34 , United States, ASN32748 (STEADFAST, US), Reverse DNS ip34.67-202-105.static.steadfastdns.net Software / Resource Hash 407aa20797353e8a204268871d56c9a4adec2a5dfe30fa7f1362b7d128ecbb0d Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36 Referer https://foreverquote.xyz/dec/dec38.php Response headers expires Sat, 26 Jul 1997 05:00:00 GMT cache-control no-store, no-cache, must-revalidate, post-check=0, pre-check=0, false content-length 767 p3p CP="NOI DSP COR NID PSA PSD OUR IND UNI COM NAV INT DEM STA" accept-ch Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Model, Sec-CH-UA-Full-Version-List, Sec-CH-UA, Sec-CH-UA-Mobile date Thu, 19 Dec 2024 10:40:34 GMT content-type application/javascript
GET H2	200	v2 Show response de.tynt.com/deb/	4 B 325 B	846ms 278ms	Script application/javascript	67.202.105.34 STEADFAST
General Check archive.org Show headers Download Go to Full URL https://de.tynt.com/deb/v2?id=wu!&dn=AFWU&cc=2&chmob=0&r=&pu=https%3A%2F%2Fforeverquote.xyz%2Fdec%2Fdec38.php Requested by Host: cdn.tynt.com URL: https://cdn.tynt.com/afwu.js Protocol H2 Security TLS 1.3, , AES_256_GCM Server 67.202.105.34 , United States, ASN32748 (STEADFAST, US), Reverse DNS ip34.67-202-105.static.steadfastdns.net Software / Resource Hash d21021784cda31eeae5c8295e047a14bda6ed5a9b5963fca9e7ceb398a9c9179 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36 Referer https://foreverquote.xyz/dec/dec38.php Response headers expires Thu, 19 Dec 2024 10:55:34 GMT cache-control max-age=900 content-length 4 p3p CP="NOI DSP COR NID PSA PSD OUR IND UNI COM NAV INT DEM STA" accept-ch Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Model, Sec-CH-UA-Full-Version-List, Sec-CH-UA, Sec-CH-UA-Mobile date Thu, 19 Dec 2024 10:40:33 GMT content-type application/javascript
GET		hlsch38_1693_1335.gif kabard2w.site/ Frame C86B	0 0
GET H2	200	lt.min.js Show response tags.crwdcntrl.net/lt/c/3825/	62 KB 19 KB	297ms 105ms	Script text/javascript	108.158.20.39 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://tags.crwdcntrl.net/lt/c/3825/lt.min.js Requested by Host: e.dtscout.com URL: https://e.dtscout.com/e/?v=1a&pid=5200&site=1&l=https%3A%2F%2Fforeverquote.xyz%2Fdec%2Fdec38.php&j= Protocol H2 Security TLS 1.3, , AES_128_GCM Server 108.158.20.39 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-108-158-20-39.syd62.r.cloudfront.net Software AmazonS3 / Resource Hash 3029a59a3eb78e1675c02962b4c2efa72c770b73c3336f95f14b4c73b7465397 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36 Referer https://foreverquote.xyz/ Response headers vary Accept-Encoding cache-control public, max-age=86400 content-encoding gzip etag W/"2afd7a7856345176e1c9c378191ae043" age 68663 via 1.1 3d94c83b729a96791b0c271c930b1b6e.cloudfront.net (CloudFront) x-cache Hit from cloudfront x-amz-cf-id JcEvYBm4kvhDBvLTN0I_Ap3tE8uVB7Fl8ATJbFOe4jZefsV9CWpMUQ== date Wed, 18 Dec 2024 15:36:12 GMT content-type text/javascript last-modified Tue, 20 Aug 2024 17:49:20 GMT server AmazonS3 x-amz-cf-pop SYD62-P3 x-amz-server-side-encryption AES256
GET H2	200	/ Show response t.dtscdn.com/widget/	0 760 B	431ms 330ms	Script application/javascript	2606:4700:20::681a:d3c CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://t.dtscdn.com/widget/?d=10401734604833676B54DE45DBF9C2B4&nid=300&p=2114454483&t=-480&s=1600x1200x24&u=https%3A%2F%2Fforeverquote.xyz%2Fdec%2Fdec38.php&r= Requested by Host: e.dtscout.com URL: https://e.dtscout.com/e/?v=1a&pid=5200&site=1&l=https%3A%2F%2Fforeverquote.xyz%2Fdec%2Fdec38.php&j= Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:20::681a:d3c , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36 Referer https://foreverquote.xyz/ Response headers cache-control no-cache nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} content-encoding br cf-cache-status DYNAMIC report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=jyK6WHxRXMqO9Xdbqfoet8TM20yPTTU9AvR2qTWWEx2uzTzSows7tPHoT9wMmBozjdLgZVHEMcHcuD1uBRuSvQFEhiTkM5km9VJ28ydQznTUfzZTWdv8t7teqivtE0u3PgyUYW8uSiE%2Fmw%3D%3D"}],"group":"cf-nel","max_age":604800} x-t 0.97 cf-ray 8f46c677f8a58ac7-PER expires Thu, 19 Dec 2024 10:43:18 GMT server-timing cfL4;desc="?proto=TCP&rtt=46713&min_rtt=46672&rtt_var=7424&sent=8&recv=12&lost=0&retrans=0&sent_bytes=3982&recv_bytes=2510&delivery_rate=86611&cwnd=253&unsent_bytes=0&cid=542916ba95701495&ts=334&x=0" date Thu, 19 Dec 2024 10:40:34 GMT content-type application/javascript; charset=UTF-8 x-server web15.ny1.dtscdn.com server cloudflare
GET		33141 tags.bluekai.com/site/ Redirect Chain https://pixel.onaudience.com/?partner=137085098&mapped=10401734604833676B54DE45DBF9C2B4 https://pixel.onaudience.com/?partner=109&icm&cver&gdpr=0&smartmap=1&redirect=tags.bluekai.com%2Fsite%2F33141%3F%26id%3D%25m https://tags.bluekai.com/site/33141?&id=f182ea8b2fd78724	0 0
GET H2	200	/ Show response t.dtscdn.com/widget/ Frame C86B	0 595 B	375ms 330ms	Script application/javascript	2606:4700:20::681a:d3c CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://t.dtscdn.com/widget/?d=1040173460483396DA0F031CB372D2F1&nid=300&p=2114454483&t=-480&s=1600x1200x24&u=https%3A%2F%2Fforeverquote.xyz%2Fwp1%2F38.php&r=https%3A%2F%2Fforeverquote.xyz%2Fdec%2Fdec38.php Requested by Host: e.dtscout.com URL: https://e.dtscout.com/e/?v=1a&pid=5200&site=1&l=https%3A%2F%2Fforeverquote.xyz%2Fwp1%2F38.php&j=https%3A%2F%2Fforeverquote.xyz%2Fdec%2Fdec38.php Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:20::681a:d3c , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36 Referer https://foreverquote.xyz/ Response headers cache-control no-cache nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} content-encoding br cf-cache-status DYNAMIC report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=OxMuDUna%2F6QuPx9a6dMYwucb3SpxeGKr0qiocrnwz5LgM0vxpQWdHkxL%2F%2BiRA%2BoeyIgNzNh0pS21eqSgfEpM4WzOZ0VIaUysVWUqFT0Pl5G8vbtEeVQBMWq4r6Nxiia4eLdzvZlY4abQWg%3D%3D"}],"group":"cf-nel","max_age":604800} x-t 1.02 cf-ray 8f46c677f8a68ac7-PER expires Thu, 19 Dec 2024 10:43:44 GMT server-timing cfL4;desc="?proto=TCP&rtt=46713&min_rtt=46672&rtt_var=7424&sent=11&recv=12&lost=0&retrans=0&sent_bytes=4808&recv_bytes=2510&delivery_rate=86611&cwnd=253&unsent_bytes=0&cid=542916ba95701495&ts=335&x=0" date Thu, 19 Dec 2024 10:40:34 GMT content-type application/javascript; charset=UTF-8 x-server web4.ny1.dtscdn.com server cloudflare
GET		/ loada.exelator.com/load/ Frame C86B Redirect Chain https://pixel.onaudience.com/?partner=137085098&mapped=1040173460483396DA0F031CB372D2F1 https://loada.exelator.com/load/?p=1164&g=1&j=r&gdpr=0&ru=https%3A%2F%2Fpixel.onaudience.com%2F%3Fpartner%3D161%26icm%26cver%26mapped%3D%25%25UID%25%25%26gdpr%3D0	0 0
GET		hlsch38_1693_1336.gif kabard2w.site/ Frame C86B	0 0
GET H/1.1	200 OK	t.dhj Show response t.sharethis.com/1/k/	2 KB 2 KB	292ms 94ms	Script text/javascript	23.40.52.19 AKAMAI-ASN1 Akama...
General Check archive.org Show headers Download Go to Full URL https://t.sharethis.com/1/k/t.dhj?cid=c010&cls=C&rnd=0.912630592394027&stid=ZHiABGdj%2BCIAAAAJKBB2Aw%3D%3D Requested by Host: pd.sharethis.com URL: https://pd.sharethis.com/pd/dtscout Protocol HTTP/1.1 Security TLS 1.3, , AES_256_GCM Server 23.40.52.19 , United States, ASN20940 (AKAMAI-ASN1 Akamai International B.V., NL), Reverse DNS a23-40-52-19.deploy.static.akamaitechnologies.com Software / Resource Hash bd6ee3bf5bc8a5fa2ba1f3016a3cba3eb0ef9a8936dfeb53120ba755b1de7741 Security Headers Name Value Strict-Transport-Security max-age=2628000 ; includeSubDomains X-Content-Type-Options nosniff Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36 Referer https://foreverquote.xyz/ Response headers Strict-Transport-Security max-age=2628000 ; includeSubDomains X-Robots-Tag noindex, nofollow Cache-Control private, max-age=3600 Content-Encoding gzip Connection keep-alive X-Content-Type-Options nosniff Expires Thu, 19 Dec 2024 11:40:34 GMT Content-Length 1385 Date Thu, 19 Dec 2024 10:40:34 GMT Content-Type text/javascript
GET H/1.1	200 OK	dtscout pd.sharethis.com/pd/	42 B 265 B	504ms 250ms	Image image/gif	50.18.203.164 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://pd.sharethis.com/pd/dtscout?_t_=px&url=https%3A%2F%2Fforeverquote.xyz%2Fdec%2Fdec38.php&event_source=dtscout&rnd=0.912630592394027&exptid=ZHiABGdj%2BCIAAAAJKBB2Aw%3D%3D&fcmp=false Requested by Host: foreverquote.xyz URL: https://foreverquote.xyz/dec/dec38.php Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 50.18.203.164 San Jose, United States, ASN16509 (AMAZON-02, US), Reverse DNS ec2-50-18-203-164.us-west-1.compute.amazonaws.com Software / Resource Hash ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629 Security Headers Name Value Strict-Transport-Security max-age=63072000; includeSubDomains; Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36 Referer https://foreverquote.xyz/ Response headers Strict-Transport-Security max-age=63072000; includeSubDomains; X-Robots-Tag noindex, nofollow Content-Length 42 Date Thu, 19 Dec 2024 10:40:35 GMT Content-Type image/gif Connection keep-alive
GET H/1.1	200 OK	t.dhj Show response t.sharethis.com/1/k/ Frame C86B	2 KB 2 KB	132ms 93ms	Script text/javascript	23.40.52.19 AKAMAI-ASN1 Akama...
General Check archive.org Show headers Download Go to Full URL https://t.sharethis.com/1/k/t.dhj?cid=c010&cls=C&rnd=0.9634844362972388&stid=ZHqABGdj%2BCIAAAALJXg4Aw%3D%3D Requested by Host: pd.sharethis.com URL: https://pd.sharethis.com/pd/dtscout Protocol HTTP/1.1 Security TLS 1.3, , AES_256_GCM Server 23.40.52.19 , United States, ASN20940 (AKAMAI-ASN1 Akamai International B.V., NL), Reverse DNS a23-40-52-19.deploy.static.akamaitechnologies.com Software / Resource Hash bd6ee3bf5bc8a5fa2ba1f3016a3cba3eb0ef9a8936dfeb53120ba755b1de7741 Security Headers Name Value Strict-Transport-Security max-age=2628000 ; includeSubDomains X-Content-Type-Options nosniff Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36 Referer https://foreverquote.xyz/ Response headers Strict-Transport-Security max-age=2628000 ; includeSubDomains X-Robots-Tag noindex, nofollow Cache-Control private, max-age=3600 Content-Encoding gzip Connection keep-alive X-Content-Type-Options nosniff Expires Thu, 19 Dec 2024 11:40:35 GMT Content-Length 1385 Date Thu, 19 Dec 2024 10:40:35 GMT Content-Type text/javascript
GET H/1.1	200 OK	dtscout pd.sharethis.com/pd/ Frame C86B	42 B 265 B	491ms 253ms	Image image/gif	50.18.203.164 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://pd.sharethis.com/pd/dtscout?_t_=px&url=https%3A%2F%2Fforeverquote.xyz%2Fdec%2Fdec38.php&event_source=dtscout&rnd=0.9634844362972388&exptid=ZHqABGdj%2BCIAAAALJXg4Aw%3D%3D&fcmp=false Requested by Host: foreverquote.xyz URL: https://foreverquote.xyz/wp1/38.php Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 50.18.203.164 San Jose, United States, ASN16509 (AMAZON-02, US), Reverse DNS ec2-50-18-203-164.us-west-1.compute.amazonaws.com Software / Resource Hash ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629 Security Headers Name Value Strict-Transport-Security max-age=63072000; includeSubDomains; Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36 Referer https://foreverquote.xyz/ Response headers Strict-Transport-Security max-age=63072000; includeSubDomains; X-Robots-Tag noindex, nofollow Content-Length 42 Date Thu, 19 Dec 2024 10:40:35 GMT Content-Type image/gif Connection keep-alive
GET H/1.1	200 OK	t_.htm t.sharethis.com/a/ Frame 05FE	0 0	288ms 99ms	Document text/html	23.40.52.18 AKAMAI-ASN1 Akama...
General Check archive.org Show headers Download Go to Full URL https://t.sharethis.com/a/t_.htm?ver=1.1620.23405&cid=c010&cls=C Requested by Host: t.sharethis.com URL: https://t.sharethis.com/1/k/t.dhj?cid=c010&cls=C&rnd=0.912630592394027&stid=ZHiABGdj%2BCIAAAAJKBB2Aw%3D%3D Protocol HTTP/1.1 Security TLS 1.3, , AES_256_GCM Server 23.40.52.18 , United States, ASN20940 (AKAMAI-ASN1 Akamai International B.V., NL), Reverse DNS a23-40-52-18.deploy.static.akamaitechnologies.com Software / Resource Hash Security Headers Name Value Strict-Transport-Security max-age=2628000 ; includeSubDomains Request headers Referer https://foreverquote.xyz/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36 Response headers Cache-Control max-age=604800 Connection keep-alive Content-Encoding gzip Content-Length 1190 Content-Type text/html Date Thu, 19 Dec 2024 10:40:35 GMT Expires Thu, 26 Dec 2024 10:40:35 GMT Strict-Transport-Security max-age=2628000 ; includeSubDomains X-Robots-Tag noindex, nofollow
GET H/1.1	200 OK	match ps.eyeota.net/ Redirect Chain https://ps.eyeota.net/pixel?pid=c9gd671&t=gif&uid=E0jMu2dj%2BCLUsQkRQAM8tQ%3D%3D&us_privacy=&33random=1734604834906.1&cat=33across https://ps.eyeota.net/pixel/bounce/?pid=c9gd671&t=gif&uid=E0jMu2dj%2BCLUsQkRQAM8tQ%3D%3D&us_privacy=&33random=1734604834906.1&cat=33across https://cm.g.doubleclick.net/pixel?google_nid=eye&google_cm&google_sc&google_hm=MlVFRFZrTkxBcmJJVlViVEhkTWtCaG1JaVVWSUtnWmFIdVFfcTRQWDhJdWM&gdpr=0&gdpr_consent=&uid=1&bid=gdo9o51&newuser=1&dc_rc=1&... https://cm.g.doubleclick.net/pixel?google_nid=eye&google_cm=&google_sc=&google_hm=MlVFRFZrTkxBcmJJVlViVEhkTWtCaG1JaVVWSUtnWmFIdVFfcTRQWDhJdWM&gdpr=0&gdpr_consent=&uid=1&bid=gdo9o51&newuser=1&dc_rc=... https://ps.eyeota.net/match?gdpr=0&gdpr_consent=&uid=1&bid=gdo9o51&newuser=1&dc_rc=1&dc_mr=1&dc_orig=c9gd671&referrer_pid=c9gd671&google_gid=CAESEARHR41vAjv4tDx2-QmDFv0&google_cver=1	70 B 440 B	94ms 93ms	Image image/gif	54.153.211.209 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://ps.eyeota.net/match?gdpr=0&gdpr_consent=&uid=1&bid=gdo9o51&newuser=1&dc_rc=1&dc_mr=1&dc_orig=c9gd671&referrer_pid=c9gd671&google_gid=CAESEARHR41vAjv4tDx2-QmDFv0&google_cver=1 Requested by Host: foreverquote.xyz URL: https://foreverquote.xyz/dec/dec38.php Protocol HTTP/1.1 Server 54.153.211.209 Sydney, Australia, ASN16509 (AMAZON-02, US), Reverse DNS ec2-54-153-211-209.ap-southeast-2.compute.amazonaws.com Software / Resource Hash de9d3fd0eb948bd294477d0eda60a73b85caff1794803530d0463193a113da98 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36 Referer https://foreverquote.xyz/dec/dec38.php Response headers Content-Length 70 P3P CP="CURa ADMa DEVa TAIo PSAo PSDo OUR SAMo BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR", policyref="http://ps.eyeota.net/w3c/p3p.xml" Date Thu, 19 Dec 2024 10:40:36 GMT Content-Type image/gif Redirect headers cache-control no-cache, must-revalidate location https://ps.eyeota.net/match?gdpr=0&gdpr_consent=&uid=1&bid=gdo9o51&newuser=1&dc_rc=1&dc_mr=1&dc_orig=c9gd671&referrer_pid=c9gd671&google_gid=CAESEARHR41vAjv4tDx2-QmDFv0&google_cver=1 pragma no-cache cross-origin-resource-policy cross-origin expires Fri, 01 Jan 1990 00:00:00 GMT alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" content-length 419 date Thu, 19 Dec 2024 10:40:36 GMT x-xss-protection 0 content-type text/html; charset=UTF-8 server HTTP server (unknown)
GET H/1.1	200 OK	match ps.eyeota.net/ Redirect Chain https://ps.eyeota.net/pixel?pid=c9gd671&t=gif&uid=E0jMu2dj%2BCLUsQkRQAM8tQ%3D%3D&us_privacy=&33random=1734604834906.2&cat=33across https://ps.eyeota.net/pixel/bounce/?pid=c9gd671&t=gif&uid=E0jMu2dj%2BCLUsQkRQAM8tQ%3D%3D&us_privacy=&33random=1734604834906.2&cat=33across https://cm.g.doubleclick.net/pixel?google_nid=eye&google_cm&google_sc&google_hm=MlVJUks0MnEzbDBRWEFqakRvNURHZ2JocU50emVyQ3VRNnVRbVFOVGN2MDQ&gdpr=0&gdpr_consent=&uid=1&bid=gdo9o51&newuser=1&dc_rc=1&... https://cm.g.doubleclick.net/pixel?google_nid=eye&google_cm=&google_sc=&google_hm=MlVJUks0MnEzbDBRWEFqakRvNURHZ2JocU50emVyQ3VRNnVRbVFOVGN2MDQ&gdpr=0&gdpr_consent=&uid=1&bid=gdo9o51&newuser=1&dc_rc=... https://ps.eyeota.net/match?gdpr=0&gdpr_consent=&uid=1&bid=gdo9o51&newuser=1&dc_rc=1&dc_mr=1&dc_orig=c9gd671&referrer_pid=c9gd671&google_gid=CAESEMH59KVo54wwDo-r295JxcM&google_cver=1	70 B 440 B	95ms 95ms	Image image/gif	54.153.211.209 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://ps.eyeota.net/match?gdpr=0&gdpr_consent=&uid=1&bid=gdo9o51&newuser=1&dc_rc=1&dc_mr=1&dc_orig=c9gd671&referrer_pid=c9gd671&google_gid=CAESEMH59KVo54wwDo-r295JxcM&google_cver=1 Requested by Host: foreverquote.xyz URL: https://foreverquote.xyz/dec/dec38.php Protocol HTTP/1.1 Server 54.153.211.209 Sydney, Australia, ASN16509 (AMAZON-02, US), Reverse DNS ec2-54-153-211-209.ap-southeast-2.compute.amazonaws.com Software / Resource Hash de9d3fd0eb948bd294477d0eda60a73b85caff1794803530d0463193a113da98 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36 Referer https://foreverquote.xyz/dec/dec38.php Response headers Content-Length 70 P3P CP="CURa ADMa DEVa TAIo PSAo PSDo OUR SAMo BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR", policyref="http://ps.eyeota.net/w3c/p3p.xml" Date Thu, 19 Dec 2024 10:40:36 GMT Content-Type image/gif Redirect headers cache-control no-cache, must-revalidate location https://ps.eyeota.net/match?gdpr=0&gdpr_consent=&uid=1&bid=gdo9o51&newuser=1&dc_rc=1&dc_mr=1&dc_orig=c9gd671&referrer_pid=c9gd671&google_gid=CAESEMH59KVo54wwDo-r295JxcM&google_cver=1 pragma no-cache cross-origin-resource-policy cross-origin expires Fri, 01 Jan 1990 00:00:00 GMT alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" content-length 419 date Thu, 19 Dec 2024 10:40:36 GMT x-xss-protection 0 content-type text/html; charset=UTF-8 server HTTP server (unknown)
GET H/1.1	200 OK	t_.htm t.sharethis.com/a/ Frame 7D38	0 0	190ms 190ms	Document text/html	23.40.52.18 AKAMAI-ASN1 Akama...
General Check archive.org Show headers Download Go to Full URL https://t.sharethis.com/a/t_.htm?ver=1.1620.23405&cid=c010&cls=C Requested by Host: t.sharethis.com URL: https://t.sharethis.com/1/k/t.dhj?cid=c010&cls=C&rnd=0.9634844362972388&stid=ZHqABGdj%2BCIAAAALJXg4Aw%3D%3D Protocol HTTP/1.1 Security TLS 1.3, , AES_256_GCM Server 23.40.52.18 , United States, ASN20940 (AKAMAI-ASN1 Akamai International B.V., NL), Reverse DNS a23-40-52-18.deploy.static.akamaitechnologies.com Software / Resource Hash Request headers Referer https://foreverquote.xyz/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36 Response headers Cache-Control max-age=604800 Content-Encoding gzip Content-Length 1190 Content-Type text/html Date Thu, 19 Dec 2024 10:40:35 GMT Expires Thu, 26 Dec 2024 10:40:35 GMT X-Robots-Tag noindex, nofollow
GET		hlsch38_1693_1337.gif kabard2w.site/ Frame C86B	0 0
GET		hlsch38_1693_1338.gif kabard2w.site/ Frame C86B	0 0
GET		optimus_rules.json tags.crwdcntrl.net/lt/c/3825/	0 0
GET		hlsch38_1693_1339.gif kabard2w.site/ Frame C86B	0 0
GET		favicon.ico foreverquote.xyz/	0 0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain

kabard2w.site

URL

https://kabard2w.site/hlsch38_1693_1334.gif

Domain

kabard2w.site

URL

https://kabard2w.site/hlsch38_1693_1335.gif

Domain

tags.bluekai.com

URL

https://tags.bluekai.com/site/33141?&id=f182ea8b2fd78724

Domain

loada.exelator.com

URL

https://loada.exelator.com/load/?p=1164&g=1&j=r&gdpr=0&ru=https%3A%2F%2Fpixel.onaudience.com%2F%3Fpartner%3D161%26icm%26cver%26mapped%3D%25%25UID%25%25%26gdpr%3D0

Domain

kabard2w.site

URL

https://kabard2w.site/hlsch38_1693_1336.gif

Domain

kabard2w.site

URL

https://kabard2w.site/hlsch38_1693_1337.gif

Domain

kabard2w.site

URL

https://kabard2w.site/hlsch38_1693_1338.gif

Domain

tags.crwdcntrl.net

URL

https://tags.crwdcntrl.net/lt/c/3825/optimus_rules.json

Domain

kabard2w.site

URL

https://kabard2w.site/hlsch38_1693_1339.gif

Domain

foreverquote.xyz

URL

https://foreverquote.xyz/favicon.ico