ldr2bq.xyz Open in urlscan Pro
2606:4700:3036::6815:1051  Public Scan

0 Outgoing links

These are links going to different origins than the main page.

Redirected requests

There were HTTP redirect chains for the following requests:

25 HTTP transactions Everything HTML Script AJAX CSS Image Expand all
0 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H3	200	Primary Request / Show response ldr2bq.xyz/	12 KB 5 KB	528ms 439ms	Document text/html	2606:4700:3036::6815:1051 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://ldr2bq.xyz/ Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:3036::6815:1051 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash e53a1a680d489fde97bf7b976e1e1416adad6a1445118383cc049f5f901b968a Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36 Response headers access-control-allow-credentials true access-control-allow-headers Authorization, Content-Type, If-Match, If-Modified-Since, If-None-Match, If-Unmodified-Since, X-CSRF-TOKEN, X-Requested-With access-control-allow-methods GET, POST, PATCH, PUT, DELETE, OPTIONS access-control-allow-origin * access-control-max-age 1800 alt-svc h3=":443"; ma=86400 cf-cache-status DYNAMIC cf-ray 8d57519ce98842dc-EWR content-encoding zstd content-type text/html; charset=utf-8 date Sun, 20 Oct 2024 07:33:17 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} priority u=0,i report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=1gA9yYXbR6tMUGcOvs%2Bwcl3ehKHc8XTTiADuNiiMfTc9ss%2F%2BV3nWDFLMthUw71wScM2vzcl7UiYFZqBBMDqQjLspcmdgi0YAL8yRfDM81uW9eDLWWeXn5tljNwUORShY1at%2B0Iunbzq%2F"}],"group":"cf-nel","max_age":604800} server cloudflare server-timing cfL4;desc="?proto=QUIC&rtt=13429&sent=13&recv=11&lost=0&retrans=0&sent_bytes=4225&recv_bytes=4472&delivery_rate=834&cwnd=12000&unsent_bytes=0&cid=89c0d67f4d6858e1&ts=451&x=1" cfExtPri cfHdrFlush;dur=0 vary Accept-Encoding
GET H3	200	index.css 8776faa0.gugif.pages.dev/fmkpxglonb/index_files/	18 KB 4 KB	147ms 38ms	Stylesheet text/css	2606:4700:310c::ac42:2ee8 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://8776faa0.gugif.pages.dev/fmkpxglonb/index_files/index.css Requested by Host: ldr2bq.xyz URL: https://ldr2bq.xyz/ Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:310c::ac42:2ee8 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 92b390cd37a020535d6b45df388ad1367ee8ac0374af7b070923f619b7214271 Security Headers Name Value X-Content-Type-Options nosniff Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36 Referer https://ldr2bq.xyz/ Response headers x-robots-tag noindex content-encoding br etag W/"31e4ce8b9cfa7174b9513145334a186f" report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=oxJo%2FG1NsaKrDfrY2NSmuXNDYyFxm7dU%2BM21SSVOrKeXTl7TUo3V60Vdj1oUceJPLRrcnkeXhoLugorDlmf7CPPgu8KH7e9w2ESp9HHaGgVwfuEKgnGakY1pGDGmmJKHTbvui3OlXIPpM%2FPO6knKJ9kLLTC0e4s%3D"}],"group":"cf-nel","max_age":604800} x-content-type-options nosniff alt-svc h3=":443"; ma=86400 server-timing cfL4;desc="?proto=QUIC&rtt=8728&sent=21&recv=11&lost=0&retrans=0&sent_bytes=16108&recv_bytes=5057&delivery_rate=69998&cwnd=12000&unsent_bytes=0&cid=c1414066c8e0d274&ts=37&x=1", cfExtPri, cfHdrFlush;dur=6 date Sun, 20 Oct 2024 07:33:17 GMT content-type text/css; charset=utf-8 vary Accept-Encoding priority u=0,i=?0 cache-control public, max-age=0, must-revalidate nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} referrer-policy strict-origin-when-cross-origin cf-ray 8d5751a0684618bc-EWR access-control-allow-origin * server cloudflare
GET H3	200	jquery.min.js Show response ldr2bq.xyz/static/js/	87 KB 35 KB	389ms 387ms	Script application/javascript	2606:4700:3036::6815:1051 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://ldr2bq.xyz/static/js/jquery.min.js Requested by Host: ldr2bq.xyz URL: https://ldr2bq.xyz/ Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:3036::6815:1051 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash ff1523fb7389539c84c65aba19260648793bb4f5e29329d2ee8804bc37a3fe6e Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36 Referer https://ldr2bq.xyz/ Response headers content-encoding gzip cf-cache-status REVALIDATED etag W/"1dc09d84-15d9d" report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=RCkorT65F%2Fc7uk8JXEEIkDmDzzRJDOvnZPStZb2gU2wX%2FSrkRjqb%2BNJC0cbOncdSsRof4K11r1wodZYQImg9noiyDYjeBuLhohHq0xohuXP7bOvcskE4BNRMIWTpsAYSL0dUNnEhLT7E"}],"group":"cf-nel","max_age":604800} expires Sun, 20 Oct 2024 19:33:17 GMT alt-svc h3=":443"; ma=86400 server-timing cfL4;desc="?proto=QUIC&rtt=10889&sent=26&recv=20&lost=0&retrans=0&sent_bytes=16490&recv_bytes=5846&delivery_rate=297004&cwnd=12000&unsent_bytes=0&cid=89c0d67f4d6858e1&ts=850&x=1", cfExtPri, cfHdrFlush;dur=0 date Sun, 20 Oct 2024 07:33:17 GMT content-type application/javascript last-modified Sat, 26 Oct 1985 08:15:00 GMT vary Accept-Encoding priority u=1,i=?0 cache-control max-age=43200 nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} cf-ray 8d57519fbb1342dc-EWR server cloudflare
GET H3	200	layer.js Show response ldr2bq.xyz/static/js/	3 KB 2 KB	360ms 358ms	Script application/javascript	2606:4700:3036::6815:1051 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://ldr2bq.xyz/static/js/layer.js Requested by Host: ldr2bq.xyz URL: https://ldr2bq.xyz/ Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:3036::6815:1051 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash e638d65e345e5dce62ec180305e47d5d5afeb05584dd031b47bc091c5771ee2c Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36 Referer https://ldr2bq.xyz/ Response headers content-encoding gzip cf-cache-status REVALIDATED etag W/"5a261926-ce6" report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=ZfqkwSD98%2BMW8pRds5ggqNY2gEQTlhjfHPEueESCVQRNLYUH1Na1bqtpfDOoZz24X8zVmP1FxN1FgqHVDpsEYyi3bKHIItecQZnLVBtC2Vciew6%2FwQ7Kgoexet%2BTNKdi7Zl5j3FnnIM0"}],"group":"cf-nel","max_age":604800} expires Sun, 20 Oct 2024 19:33:17 GMT alt-svc h3=":443"; ma=86400 server-timing cfL4;desc="?proto=QUIC&rtt=11991&sent=19&recv=17&lost=0&retrans=0&sent_bytes=9346&recv_bytes=5717&delivery_rate=573798&cwnd=12000&unsent_bytes=0&cid=89c0d67f4d6858e1&ts=821&x=1", cfExtPri, cfHdrFlush;dur=0 date Sun, 20 Oct 2024 07:33:17 GMT content-type application/javascript last-modified Tue, 05 Dec 2017 03:57:26 GMT vary Accept-Encoding priority u=1,i=?0 cache-control max-age=43200 nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} cf-ray 8d57519fbb1542dc-EWR server cloudflare
GET H3	200	hm.js Show response ldr2bq.xyz/static/js/	6 KB 3 KB	369ms 368ms	Script application/javascript	2606:4700:3036::6815:1051 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://ldr2bq.xyz/static/js/hm.js Requested by Host: ldr2bq.xyz URL: https://ldr2bq.xyz/ Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:3036::6815:1051 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 2bccbd5f85ae09091ca8064418fd05158e5362554b28630638c44eecd72ec477 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36 Referer https://ldr2bq.xyz/ Response headers content-encoding gzip cf-cache-status REVALIDATED etag W/"62da42be-172b" report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=L1rDNQus2Bs8TxECh5KkmURALYyAUqHmoJFpAZ7XxUOe%2BuJ%2BiE06ylZhN21zR7tRp8z1Hiri4A7QAjPxM057EmdyuveSSAY68LiA0NX3IKES11gb%2F7zD5rk9zLiKzHxVuhawjHoPgD5u"}],"group":"cf-nel","max_age":604800} expires Sun, 20 Oct 2024 19:33:17 GMT alt-svc h3=":443"; ma=86400 server-timing cfL4;desc="?proto=QUIC&rtt=11291&sent=23&recv=19&lost=0&retrans=0&sent_bytes=13722&recv_bytes=5803&delivery_rate=12332&cwnd=12000&unsent_bytes=0&cid=89c0d67f4d6858e1&ts=832&x=1", cfExtPri, cfHdrFlush;dur=0 date Sun, 20 Oct 2024 07:33:17 GMT content-type application/javascript last-modified Fri, 22 Jul 2022 06:25:02 GMT vary Accept-Encoding priority u=1,i=?0 cache-control max-age=43200 nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} cf-ray 8d57519fbb1a42dc-EWR server cloudflare
GET H3	200	popup.js Show response ldr2bq.xyz/static/js/	4 KB 2 KB	360ms 359ms	Script application/javascript	2606:4700:3036::6815:1051 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://ldr2bq.xyz/static/js/popup.js Requested by Host: ldr2bq.xyz URL: https://ldr2bq.xyz/ Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:3036::6815:1051 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 5f9dbaf3fbfda7728852264c19920de2cc50580e91ff9397ec9ba99f90b9fe5f Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36 Referer https://ldr2bq.xyz/ Response headers content-encoding gzip cf-cache-status REVALIDATED etag W/"627c70f6-1036" report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=MaOfj3zC1XjrHwP9iAYi6I8XDz0IHv0CnmTMaCvtokXUgLfB7lYEPm7ofufRJhRWmjmCjFt6sQAbiQ9dJLgpBGSLD%2FjR4OhXxKHVXeUZ6sOu6z8opu0BnmLTt7eUF1stKuSTqi8mfVl%2B"}],"group":"cf-nel","max_age":604800} expires Sun, 20 Oct 2024 19:33:17 GMT alt-svc h3=":443"; ma=86400 server-timing cfL4;desc="?proto=QUIC&rtt=11991&sent=21&recv=17&lost=0&retrans=0&sent_bytes=11671&recv_bytes=5717&delivery_rate=573798&cwnd=12000&unsent_bytes=0&cid=89c0d67f4d6858e1&ts=822&x=1", cfExtPri, cfHdrFlush;dur=0 date Sun, 20 Oct 2024 07:33:17 GMT content-type application/javascript last-modified Thu, 12 May 2022 02:29:10 GMT vary Accept-Encoding priority u=1,i=?0 cache-control max-age=43200 nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} cf-ray 8d57519fbb1c42dc-EWR server cloudflare
GET H3	200	1656088564091.png 8776faa0.gugif.pages.dev/fmkpxglonb/index_files/	218 KB 218 KB	146ms 38ms	Image image/png	2606:4700:310c::ac42:2ee8 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://8776faa0.gugif.pages.dev/fmkpxglonb/index_files/1656088564091.png Requested by Host: ldr2bq.xyz URL: https://ldr2bq.xyz/ Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:310c::ac42:2ee8 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 208593bb818c5bf042966b6329bddf812c2b40387ae1b0915edeed035c82982a Security Headers Name Value X-Content-Type-Options nosniff Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36 Referer https://ldr2bq.xyz/ Response headers x-robots-tag noindex etag "1cca9461a44e42922be9a432e065eeab" report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=KSXcaFqLX89GigrU5drnTcWFs%2FkE2gtkJ0lcea3Y%2BrCQscLVZLov4b5Qot3B%2F3%2FRuznRzB1pqDtn0EfNTThExHSIT%2Fyk74R5CfOlDazmYoJ0YXhoAL%2BCikYOZMevLhAYukEZ%2Bj7p2Ncldjs%2FRyQ%2BArNldTfPtGo%3D"}],"group":"cf-nel","max_age":604800} x-content-type-options nosniff alt-svc h3=":443"; ma=86400 server-timing cfL4;desc="?proto=QUIC&rtt=8728&sent=21&recv=11&lost=0&retrans=0&sent_bytes=16108&recv_bytes=5057&delivery_rate=69998&cwnd=12000&unsent_bytes=0&cid=c1414066c8e0d274&ts=36&x=1", cfExtPri, cfHdrFlush;dur=7 date Sun, 20 Oct 2024 07:33:17 GMT content-type image/png vary Accept-Encoding priority u=2,i cache-control public, max-age=0, must-revalidate nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} referrer-policy strict-origin-when-cross-origin cf-ray 8d5751a0684518bc-EWR access-control-allow-origin * content-length 222796 server cloudflare
GET H3	200	qlmm_t2.png 8776faa0.gugif.pages.dev/fmkpxglonb/index_files/	25 KB 26 KB	136ms 28ms	Image image/png	2606:4700:310c::ac42:2ee8 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://8776faa0.gugif.pages.dev/fmkpxglonb/index_files/qlmm_t2.png Requested by Host: ldr2bq.xyz URL: https://ldr2bq.xyz/ Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:310c::ac42:2ee8 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash a692fd90a73181037f2559f95cb02fc14c02ce15cb2dfc2c6b642df6dc63e09f Security Headers Name Value X-Content-Type-Options nosniff Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36 Referer https://ldr2bq.xyz/ Response headers x-robots-tag noindex etag "e99467a75117fabee4f99832f96fb5dc" report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=jsSR5jBPLBmq7ERXW9mZVIuYqMdbXdpT1Zjwuva2TjmGjQZ8L1z5kbJb913J4EibIV3kN3XtApJM6nsSasANuvUuYeChofkcQ%2BLT%2B26hSMsPkGJCCaeMakKJhXiBhpFmRvUJsv7heYqZDagZsOvKq22ly%2Fr0orw%3D"}],"group":"cf-nel","max_age":604800} x-content-type-options nosniff alt-svc h3=":443"; ma=86400 server-timing cfL4;desc="?proto=QUIC&rtt=8728&sent=11&recv=11&lost=0&retrans=0&sent_bytes=4136&recv_bytes=5057&delivery_rate=69998&cwnd=12000&unsent_bytes=0&cid=c1414066c8e0d274&ts=35&x=1", cfExtPri, cfHdrFlush;dur=0 date Sun, 20 Oct 2024 07:33:17 GMT content-type image/png vary Accept-Encoding priority u=2,i cache-control public, max-age=0, must-revalidate nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} referrer-policy strict-origin-when-cross-origin cf-ray 8d5751a0684418bc-EWR access-control-allow-origin * content-length 25917 server cloudflare
GET H3	200	qlmm_t3.png 8776faa0.gugif.pages.dev/fmkpxglonb/index_files/	51 KB 52 KB	21ms 21ms	Image image/png	2606:4700:310c::ac42:2ee8 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://8776faa0.gugif.pages.dev/fmkpxglonb/index_files/qlmm_t3.png Requested by Host: ldr2bq.xyz URL: https://ldr2bq.xyz/ Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:310c::ac42:2ee8 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 1acb05fa4567c6c76a9bbf3d42555e6a39b4c8246c8a24c4f03ccd98d9f67de2 Security Headers Name Value X-Content-Type-Options nosniff Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36 Referer https://ldr2bq.xyz/ Response headers x-robots-tag noindex etag "93fa5205812a076873c9b7cd3e169e66" report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=noILlk8n9EZwqIJPJT%2Bz2yVge0Z%2Bmuq3VZIZo0Dht%2Fp63T%2FI3ajUHnq3iMnRuosR2kUC2j284ZelX%2FgkXS92ricHTrvtciTSxLavyUY7atWhjK2at%2B%2Flw7IeVJ2vbZvG0VL%2Bqgiu5oOJWy7nbFWDe2V5hkX3%2FcU%3D"}],"group":"cf-nel","max_age":604800} x-content-type-options nosniff alt-svc h3=":443"; ma=86400 server-timing cfL4;desc="?proto=QUIC&rtt=9930&sent=233&recv=65&lost=0&retrans=0&sent_bytes=264117&recv_bytes=7748&delivery_rate=9103039&cwnd=142800&unsent_bytes=0&cid=c1414066c8e0d274&ts=74&x=1", cfExtPri, cfHdrFlush;dur=0 date Sun, 20 Oct 2024 07:33:17 GMT content-type image/png vary Accept-Encoding priority u=2,i cache-control public, max-age=0, must-revalidate nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} referrer-policy strict-origin-when-cross-origin cf-ray 8d5751a0a86418bc-EWR access-control-allow-origin * content-length 52512 server cloudflare
GET H3	200	zhizhen.png 8776faa0.gugif.pages.dev/fmkpxglonb/index_files/	16 KB 17 KB	32ms 31ms	Image image/png	2606:4700:310c::ac42:2ee8 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://8776faa0.gugif.pages.dev/fmkpxglonb/index_files/zhizhen.png Requested by Host: ldr2bq.xyz URL: https://ldr2bq.xyz/ Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:310c::ac42:2ee8 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash b3d76ada9cdd98408497e00a865b672a7db3c3d2b1a342af8fe149601fc7a966 Security Headers Name Value X-Content-Type-Options nosniff Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36 Referer https://ldr2bq.xyz/ Response headers x-robots-tag noindex etag "df8c10aca10010451875964d46e26b5b" report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=D01%2FGPf6xReiupUyZqGlokKYMfF4%2Bi9YSinpTn7NYmsNSTk89F31hNLZGvN8rUdieExJbV2k7hYPxe%2Bn8QrMgAPidvek0bVofp8CDffS2%2BhbdmjOeY4XWTN1Qd%2F6ONkyXuU%2B5HEiIORUVkNP%2BJfHUw51hHffXYs%3D"}],"group":"cf-nel","max_age":604800} x-content-type-options nosniff alt-svc h3=":443"; ma=86400 server-timing cfL4;desc="?proto=QUIC&rtt=9148&sent=307&recv=81&lost=0&retrans=0&sent_bytes=349010&recv_bytes=9111&delivery_rate=10058663&cwnd=144000&unsent_bytes=0&cid=c1414066c8e0d274&ts=119&x=1", cfExtPri, cfHdrFlush;dur=0 date Sun, 20 Oct 2024 07:33:17 GMT content-type image/png vary Accept-Encoding priority u=2,i cache-control public, max-age=0, must-revalidate nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} referrer-policy strict-origin-when-cross-origin cf-ray 8d5751a0e87c18bc-EWR access-control-allow-origin * content-length 16707 server cloudflare
GET H3	200	11.jpg 8776faa0.gugif.pages.dev/fmkpxglonb/index_files/	28 KB 29 KB	23ms 23ms	Image image/jpeg	2606:4700:310c::ac42:2ee8 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://8776faa0.gugif.pages.dev/fmkpxglonb/index_files/11.jpg Requested by Host: ldr2bq.xyz URL: https://ldr2bq.xyz/ Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:310c::ac42:2ee8 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 6369e4ce7e8fbd5ae5a603ead9cd08b7e4bb29a18d3a8f0426a97e5fcf405088 Security Headers Name Value X-Content-Type-Options nosniff Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36 Referer https://ldr2bq.xyz/ Response headers x-robots-tag noindex etag "655797506075e8195da9e66b8c7820df" report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=S2%2Bg3sU62vQOOJUVhtykvzxjSydmdZRomrg20za0Nnh0sIdWfbHbBl%2FIkPW%2BSdIyRL2qQqg9GieYs4fHhtdh3r4qwVVifTIzyPk%2BTKgAgCSQXtW0cfPR1nZ3%2FEAmYGQkfQltvqE0LouqI6yB%2Bs%2B%2BmMW7ISFYtQ0%3D"}],"group":"cf-nel","max_age":604800} x-content-type-options nosniff alt-svc h3=":443"; ma=86400 server-timing cfL4;desc="?proto=QUIC&rtt=9148&sent=281&recv=81&lost=0&retrans=0&sent_bytes=318574&recv_bytes=9111&delivery_rate=10058663&cwnd=144000&unsent_bytes=0&cid=c1414066c8e0d274&ts=111&x=1", cfExtPri, cfHdrFlush;dur=0 date Sun, 20 Oct 2024 07:33:17 GMT content-type image/jpeg vary Accept-Encoding priority u=2,i cache-control public, max-age=0, must-revalidate nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} referrer-policy strict-origin-when-cross-origin cf-ray 8d5751a0e87f18bc-EWR access-control-allow-origin * content-length 29062 server cloudflare
GET H3	200	msdp.jpg 8776faa0.gugif.pages.dev/fmkpxglonb/index_files/	209 KB 210 KB	27ms 26ms	Image image/jpeg	2606:4700:310c::ac42:2ee8 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://8776faa0.gugif.pages.dev/fmkpxglonb/index_files/msdp.jpg Requested by Host: ldr2bq.xyz URL: https://ldr2bq.xyz/ Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:310c::ac42:2ee8 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash b95f56d79be506be59dbfe36204bdfede438134be5e5008838b6670cc86fa6c8 Security Headers Name Value X-Content-Type-Options nosniff Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36 Referer https://ldr2bq.xyz/ Response headers x-robots-tag noindex etag "e9520caf506659f067508fa2db5412dd" report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Or7NK%2F2wVUBFUhQqZgJ1OuCvl9Kb3UDZKRS0WUAIVUZpd0nVSITJGw6%2FQVB2FasqI0kAwfq3NpBhmhb0iZkqL0VenD6CSo%2Fn8k3All9LG1Au%2BROOdo0YzTXIyFBRTqf51hHkfAVtWmfS0m5otXO3P8k9A6EMack%3D"}],"group":"cf-nel","max_age":604800} x-content-type-options nosniff alt-svc h3=":443"; ma=86400 server-timing cfL4;desc="?proto=QUIC&rtt=8878&sent=363&recv=93&lost=0&retrans=0&sent_bytes=410241&recv_bytes=10488&delivery_rate=2260767&cwnd=144000&unsent_bytes=0&cid=c1414066c8e0d274&ts=295&x=1", cfExtPri, cfHdrFlush;dur=0 date Sun, 20 Oct 2024 07:33:17 GMT content-type image/jpeg vary Accept-Encoding priority u=3,i cache-control public, max-age=0, must-revalidate nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} referrer-policy strict-origin-when-cross-origin cf-ray 8d5751a2090018bc-EWR access-control-allow-origin * content-length 214511 server cloudflare
GET H3	200	qlmm_c31.jpg 8776faa0.gugif.pages.dev/fmkpxglonb/index_files/	20 KB 20 KB	22ms 22ms	Image image/jpeg	2606:4700:310c::ac42:2ee8 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://8776faa0.gugif.pages.dev/fmkpxglonb/index_files/qlmm_c31.jpg Requested by Host: ldr2bq.xyz URL: https://ldr2bq.xyz/ Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:310c::ac42:2ee8 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash e236b4fad092809087690021c900c90c906b374eadbac78b4cea3f273319eb82 Security Headers Name Value X-Content-Type-Options nosniff Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36 Referer https://ldr2bq.xyz/ Response headers x-robots-tag noindex etag "f25190a470d9bdffc21a86340db0efcf" report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=suq5LDGh28mt4Ecoy7NI9xZYjuWjShFB2HWnWLz3S0mpXSpzV6dRSnq7BpBMiiuZt2dEi8vUSKfQYeQrj%2BgGDuvQe239r3AlFkLUDoEZV%2F1VT4izOTvjRQo32S1Zec2m4TzYCtjP%2BVMM6ZvZx7Ta5q%2B%2B%2BUhtcDU%3D"}],"group":"cf-nel","max_age":604800} x-content-type-options nosniff alt-svc h3=":443"; ma=86400 server-timing cfL4;desc="?proto=QUIC&rtt=11072&sent=548&recv=113&lost=0&retrans=0&sent_bytes=630288&recv_bytes=11695&delivery_rate=2781066&cwnd=192000&unsent_bytes=0&cid=c1414066c8e0d274&ts=327&x=1", cfExtPri, cfHdrFlush;dur=0 date Sun, 20 Oct 2024 07:33:17 GMT content-type image/jpeg vary Accept-Encoding priority u=3,i cache-control public, max-age=0, must-revalidate nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} referrer-policy strict-origin-when-cross-origin cf-ray 8d5751a2391918bc-EWR access-control-allow-origin * content-length 20189 server cloudflare
GET H3	200	qlmm_c32.jpg 8776faa0.gugif.pages.dev/fmkpxglonb/index_files/	16 KB 17 KB	33ms 32ms	Image image/jpeg	2606:4700:310c::ac42:2ee8 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://8776faa0.gugif.pages.dev/fmkpxglonb/index_files/qlmm_c32.jpg Requested by Host: ldr2bq.xyz URL: https://ldr2bq.xyz/ Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:310c::ac42:2ee8 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 072f9e045decd6b788c46962686a8598464c7ecfb420568ee7ed86c2deaf7803 Security Headers Name Value X-Content-Type-Options nosniff Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36 Referer https://ldr2bq.xyz/ Response headers x-robots-tag noindex etag "7ef959b09867efc1994d30d844481d1d" report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=yOsD9yWNnce6mSrNfiOBxktkSx3g7W8IZROFTmTvQPnYeHoL%2BaXpA29PxeYXRi0ml4hHJdgJCr0exhRoGB3h7EXLXHKC9S2PV28NrhOzSYxYGHyQ4ySOMz9XuzvTMXpRlOPj6ggH2KghsmlyLfojfdh2KACCSpM%3D"}],"group":"cf-nel","max_age":604800} x-content-type-options nosniff alt-svc h3=":443"; ma=86400 server-timing cfL4;desc="?proto=QUIC&rtt=10479&sent=584&recv=118&lost=0&retrans=0&sent_bytes=670391&recv_bytes=12888&delivery_rate=2516020&cwnd=192000&unsent_bytes=0&cid=c1414066c8e0d274&ts=600&x=1", cfExtPri, cfHdrFlush;dur=0 date Sun, 20 Oct 2024 07:33:18 GMT content-type image/jpeg vary Accept-Encoding priority u=3,i cache-control public, max-age=0, must-revalidate nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} referrer-policy strict-origin-when-cross-origin cf-ray 8d5751a3ea5018bc-EWR access-control-allow-origin * content-length 16207 server cloudflare
GET H3	200	qlmm_c33.jpg 8776faa0.gugif.pages.dev/fmkpxglonb/index_files/	17 KB 18 KB	25ms 23ms	Image image/jpeg	2606:4700:310c::ac42:2ee8 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://8776faa0.gugif.pages.dev/fmkpxglonb/index_files/qlmm_c33.jpg Requested by Host: ldr2bq.xyz URL: https://ldr2bq.xyz/ Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:310c::ac42:2ee8 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 10339c2f7fcae354c91b7c90f8a13dd1310b92f1b89ecc1fb3d9896bddf3aced Security Headers Name Value X-Content-Type-Options nosniff Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36 Referer https://ldr2bq.xyz/ Response headers x-robots-tag noindex etag "64366564c823a6619fcbb7ade4d02fc5" report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=c3f8ntgZGOJwe4fCqO4toJfRyTO4t0xHT0PqMgK6nAbpgVfjUFhwSQPKfktTqVEO%2FlgmAzDAplQJrH%2B6WmIKJUblJuR0CgmxKV50q4z1WICi%2Ft%2FQ%2FLma0kO2hitdtcZR0Qxpg1ZjgYCs%2B22apET6OelMaZBA%2FXE%3D"}],"group":"cf-nel","max_age":604800} x-content-type-options nosniff alt-svc h3=":443"; ma=86400 server-timing cfL4;desc="?proto=QUIC&rtt=10479&sent=568&recv=118&lost=0&retrans=0&sent_bytes=651689&recv_bytes=12888&delivery_rate=2516020&cwnd=192000&unsent_bytes=0&cid=c1414066c8e0d274&ts=595&x=1", cfExtPri, cfHdrFlush;dur=0 date Sun, 20 Oct 2024 07:33:18 GMT content-type image/jpeg vary Accept-Encoding priority u=3,i cache-control public, max-age=0, must-revalidate nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} referrer-policy strict-origin-when-cross-origin cf-ray 8d5751a3ea5218bc-EWR access-control-allow-origin * content-length 17589 server cloudflare
GET H3	200	jquery-3.1.1.min.js Show response 8776faa0.gugif.pages.dev/fmkpxglonb/index_files/	85 KB 31 KB	27ms 27ms	Script text/javascript	2606:4700:310c::ac42:2ee8 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://8776faa0.gugif.pages.dev/fmkpxglonb/index_files/jquery-3.1.1.min.js Requested by Host: ldr2bq.xyz URL: https://ldr2bq.xyz/ Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:310c::ac42:2ee8 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 85556761a8800d14ced8fcd41a6b8b26bf012d44a318866c0d81a62092efd9bf Security Headers Name Value X-Content-Type-Options nosniff Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36 Referer https://ldr2bq.xyz/ Response headers x-robots-tag noindex content-encoding br etag W/"265af32aa7e03cdd7832e312f52b7b9e" report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Jz2IZjMcWE968sZnbeiMHKJTb0BP10BDh%2FsmgGHmbSyGxJR3Hhz1WnrUabKUJrfxKqO75aSSXwH6gJHaaJR0aQiNtIK8h3tA5QDLsL3ZZRjYapgwHLAQzZLxHxZ1pg94P2dmv3dahQb5%2F1bGQttSJvOXPR4nhAg%3D"}],"group":"cf-nel","max_age":604800} x-content-type-options nosniff alt-svc h3=":443"; ma=86400 server-timing cfL4;desc="?proto=QUIC&rtt=8944&sent=324&recv=88&lost=0&retrans=0&sent_bytes=366852&recv_bytes=9957&delivery_rate=2117826&cwnd=144000&unsent_bytes=0&cid=c1414066c8e0d274&ts=144&x=1", cfExtPri, cfHdrFlush;dur=0 date Sun, 20 Oct 2024 07:33:17 GMT content-type text/javascript; charset=utf-8 vary Accept-Encoding priority u=2,i=?0 cache-control public, max-age=0, must-revalidate nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} referrer-policy strict-origin-when-cross-origin cf-ray 8d5751a1189818bc-EWR access-control-allow-origin * server cloudflare
GET H3	200	data-code.js Show response 8776faa0.gugif.pages.dev/fmkpxglonb/index_files/	28 KB 10 KB	25ms 24ms	Script text/javascript	2606:4700:310c::ac42:2ee8 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://8776faa0.gugif.pages.dev/fmkpxglonb/index_files/data-code.js Requested by Host: ldr2bq.xyz URL: https://ldr2bq.xyz/ Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:310c::ac42:2ee8 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 493c6e213c5d391377ce7d7cfe8d2b40084f4730f0fb1acd5492f7888f6158a5 Security Headers Name Value X-Content-Type-Options nosniff Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36 Referer https://ldr2bq.xyz/ Response headers x-robots-tag noindex content-encoding br etag W/"6224c42e21c0fa04592e52d920135435" report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=fb%2BpoBZ%2Bo3QIT7RiMPqxy4uJz03jZ5ktHME29HqqzB7nN2TRwFp5UBLLr5CJqtTpI7WdEwWjdSnFbAhm3iRCBjss85x%2B%2FwBbRcNTnmG4h0SMWJe1HoaZGdB6aB5g34mbTgZmsJR%2FKXaTQvIl4IH8%2FrFVL8ve7G0%3D"}],"group":"cf-nel","max_age":604800} x-content-type-options nosniff alt-svc h3=":443"; ma=86400 server-timing cfL4;desc="?proto=QUIC&rtt=8944&sent=353&recv=88&lost=0&retrans=0&sent_bytes=399691&recv_bytes=9957&delivery_rate=2117826&cwnd=144000&unsent_bytes=0&cid=c1414066c8e0d274&ts=147&x=1", cfExtPri, cfHdrFlush;dur=0 date Sun, 20 Oct 2024 07:33:17 GMT content-type text/javascript; charset=utf-8 vary Accept-Encoding priority u=2,i=?0 cache-control public, max-age=0, must-revalidate nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} referrer-policy strict-origin-when-cross-origin cf-ray 8d5751a1189b18bc-EWR access-control-allow-origin * server cloudflare
GET H3	200	fbevents.js Show response connect.facebook.net/en_US/	227 KB 58 KB	60ms 18ms	Script application/x-javascript	2a03:2880:f003:100:face:b00c:0:3 FACEBOOK
General Check archive.org Show headers Download Go to Full URL https://connect.facebook.net/en_US/fbevents.js Requested by Host: ldr2bq.xyz URL: https://ldr2bq.xyz/ Protocol H3 Security QUIC, , AES_128_GCM Server 2a03:2880:f003:100:face:b00c:0:3 Ashburn, United States, ASN32934 (FACEBOOK, US), Reverse DNS Software / Resource Hash f4cfd4a5b95dfb31c47cd567d9719fc12a0453f6ff27e2872147a9740e4b9e56 Security Headers Name Value Content-Security-Policy default-src 'self' data: blob: *;script-src 'unsafe-inline' *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* blob: data: 'self' https://*.google-analytics.com *.google.com;style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' https://*.google-analytics.com;img-src 'self' data: blob: * https://*.google-analytics.com;block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script'; Strict-Transport-Security max-age=31536000; preload; includeSubDomains X-Content-Type-Options nosniff X-Frame-Options DENY X-Xss-Protection 0 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36 Referer https://ldr2bq.xyz/ Response headers content-encoding gzip report-to {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"} x-content-type-options nosniff expires Sat, 01 Jan 2000 00:00:00 GMT alt-svc h3=":443"; ma=86400 date Sun, 20 Oct 2024 07:33:18 GMT content-type application/x-javascript; charset=utf-8 vary Accept-Encoding cross-origin-embedder-policy-report-only require-corp;report-to="coep_report" priority u=3,i x-frame-options DENY strict-transport-security max-age=31536000; preload; includeSubDomains reporting-endpoints coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/" content-security-policy default-src 'self' data: blob: *;script-src 'unsafe-inline' *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* blob: data: 'self' https://*.google-analytics.com *.google.com;style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' https://*.google-analytics.com;img-src 'self' data: blob: * https://*.google-analytics.com;block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script'; cache-control public, max-age=1200 timing-allow-origin * cross-origin-opener-policy same-origin-allow-popups x-fb-connection-quality EXCELLENT; q=0.9, rtt=17, rtx=0, c=23, mss=1232, tbw=4442, tp=9, tpl=0, uplat=2, ullat=-1 pragma public x-fb-debug IGNgjYyF5nas5UB6gXfAWX+W17Lr4anku72TRXfwY3zPzjuj5Tf/2GyaZZ63Vw4+DreGMyS+U50+XJ6qeA+5TQ== cross-origin-resource-policy cross-origin permissions-policy accelerometer=(), attribution-reporting=(), autoplay=(), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy" document-policy force-load-at-top content-length 59352 x-xss-protection 0 origin-agent-cluster ?1
GET H3	200	layer.css ldr2bq.xyz/static/js/need/	9 KB 3 KB	391ms 391ms	Stylesheet text/css	2606:4700:3036::6815:1051 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://ldr2bq.xyz/static/js/need/layer.css?2.0 Requested by Host: ldr2bq.xyz URL: https://ldr2bq.xyz/static/js/layer.js Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:3036::6815:1051 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 57db87b8bce03bd6c780be774e0d0ffe96533b1db38bd1b51c9b365f7fb3ad34 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36 Referer https://ldr2bq.xyz/ Response headers content-encoding gzip cf-cache-status REVALIDATED etag W/"62da5890-235b" report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=VwddXQuercd1AMt8ZSGgGE4wL6dM7HsTMOyHx4k4VtUU5LIYYlDtglQSYDcMLtCqnL6q54QWCXAXewG5kLP%2FvyAaui5Tdm1M4Wgufayq1o9tP45PziDGaYn1PF1XEF8pjedQtYcwACaB"}],"group":"cf-nel","max_age":604800} expires Sun, 20 Oct 2024 19:33:18 GMT alt-svc h3=":443"; ma=86400 server-timing cfL4;desc="?proto=QUIC&rtt=9764&sent=61&recv=39&lost=0&retrans=0&sent_bytes=53882&recv_bytes=7271&delivery_rate=3864&cwnd=25200&unsent_bytes=0&cid=89c0d67f4d6858e1&ts=1272&x=1", cfExtPri, cfHdrFlush;dur=0 date Sun, 20 Oct 2024 07:33:18 GMT content-type text/css last-modified Fri, 22 Jul 2022 07:58:08 GMT vary Accept-Encoding priority u=0,i=?0 cache-control max-age=43200 nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} cf-ray 8d5751a25c8f42dc-EWR server cloudflare
GET H3	200	getNum Show response ldr2bq.xyz/Obtain/	254 B 1 KB	247ms 247ms	XHR application/json	2606:4700:3036::6815:1051 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://ldr2bq.xyz/Obtain/getNum?rf=&aw=1600&ah=1200&_=1729409597803 Requested by Host: ldr2bq.xyz URL: https://ldr2bq.xyz/static/js/jquery.min.js Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:3036::6815:1051 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 799526ce82d41a088c331d289b589846993c59c13248b326438c77bc39d73a5a Request headers Referer https://ldr2bq.xyz/ X-Requested-With XMLHttpRequest User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36 Accept application/json, text/javascript, */*; q=0.01 Response headers access-control-max-age 1800 content-encoding gzip cf-cache-status DYNAMIC report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=HGEwmbo%2Bjo6Ullp%2F%2FyJWJNxMTUSszbqmNnD3wJbNUT1viBKu7N4ebU7sDugUxwopeaXzONtuOnj2dbVQxYK7E81vcnAHL8Hn4kl6abm%2Fgj6TKTXS9vNF1PiDM2xBYUVtZ%2BZp3vHqTiAL"}],"group":"cf-nel","max_age":604800} access-control-allow-methods GET, POST, PATCH, PUT, DELETE, OPTIONS alt-svc h3=":443"; ma=86400 server-timing cfL4;desc="?proto=QUIC&rtt=9885&sent=60&recv=38&lost=0&retrans=0&sent_bytes=52826&recv_bytes=7227&delivery_rate=2742056&cwnd=25200&unsent_bytes=0&cid=89c0d67f4d6858e1&ts=1129&x=1", cfExtPri, cfHdrFlush;dur=0 date Sun, 20 Oct 2024 07:33:18 GMT content-type application/json; charset=utf-8 vary Accept-Encoding priority u=0,i access-control-allow-headers Authorization, Content-Type, If-Match, If-Modified-Since, If-None-Match, If-Unmodified-Since, X-CSRF-TOKEN, X-Requested-With nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} access-control-allow-credentials true cf-ray 8d5751a25c9142dc-EWR access-control-allow-origin * server cloudflare
GET H3	200	qlmm_t1.png 8776faa0.gugif.pages.dev/fmkpxglonb/index_files/	39 KB 40 KB	22ms 22ms	Image image/png	2606:4700:310c::ac42:2ee8 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://8776faa0.gugif.pages.dev/fmkpxglonb/index_files/qlmm_t1.png Requested by Host: 8776faa0.gugif.pages.dev URL: https://8776faa0.gugif.pages.dev/fmkpxglonb/index_files/index.css Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:310c::ac42:2ee8 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 44959b4b15d34fe08092ff97a946771769bc5bae4e3da65c7da681288e1c4769 Security Headers Name Value X-Content-Type-Options nosniff Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36 Referer https://8776faa0.gugif.pages.dev/fmkpxglonb/index_files/index.css Response headers x-robots-tag noindex etag "41725fa204aeb80b2383705ae655d815" report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=O7CEgcki0nl0znCwJ1DaBY882IO43ntcBinOvTqx9n%2BYyKd%2BWbfB7mSyOw2GXNoCEFCoLvlpY0%2FUdGqQrQ6KSIuu7a5bNF6bbu7ZseXDBKG9GL7Sp%2Fa93z%2BUjY%2FA7OoXkpyHQO7wpFCvV0CPOElop5Iw3emJ6lE%3D"}],"group":"cf-nel","max_age":604800} x-content-type-options nosniff alt-svc h3=":443"; ma=86400 server-timing cfL4;desc="?proto=QUIC&rtt=10479&sent=599&recv=118&lost=0&retrans=0&sent_bytes=687676&recv_bytes=12888&delivery_rate=2516020&cwnd=192000&unsent_bytes=0&cid=c1414066c8e0d274&ts=603&x=1", cfExtPri, cfHdrFlush;dur=0 date Sun, 20 Oct 2024 07:33:18 GMT content-type image/png vary Accept-Encoding priority u=3,i cache-control public, max-age=0, must-revalidate nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} referrer-policy strict-origin-when-cross-origin cf-ray 8d5751a3fa5818bc-EWR access-control-allow-origin * content-length 40059 server cloudflare
GET H3	200	225444593819455 Show response connect.facebook.net/signals/config/	68 KB 13 KB	81ms 81ms	Script application/x-javascript	2a03:2880:f003:100:face:b00c:0:3 FACEBOOK
General Check archive.org Show headers Download Go to Full URL https://connect.facebook.net/signals/config/225444593819455?v=2.9.172&r=stable&domain=ldr2bq.xyz&hme=d82868061a8c707cd31395a3055e7449daa03bd520872727258c39e6af34523e&ex_m=70%2C120%2C106%2C110%2C61%2C4%2C99%2C69%2C16%2C96%2C88%2C51%2C54%2C171%2C174%2C186%2C182%2C183%2C185%2C29%2C100%2C53%2C77%2C184%2C166%2C169%2C179%2C180%2C187%2C130%2C41%2C34%2C142%2C15%2C50%2C193%2C192%2C132%2C18%2C40%2C1%2C43%2C65%2C66%2C67%2C71%2C92%2C17%2C14%2C95%2C91%2C90%2C107%2C52%2C109%2C39%2C108%2C30%2C93%2C26%2C167%2C170%2C139%2C85%2C56%2C83%2C33%2C73%2C0%2C94%2C32%2C28%2C82%2C87%2C47%2C46%2C86%2C37%2C11%2C12%2C13%2C6%2C7%2C25%2C22%2C23%2C57%2C62%2C64%2C75%2C101%2C27%2C76%2C9%2C8%2C80%2C48%2C21%2C103%2C102%2C104%2C97%2C10%2C20%2C3%2C38%2C74%2C19%2C5%2C89%2C81%2C44%2C35%2C84%2C2%2C36%2C63%2C42%2C105%2C45%2C79%2C68%2C111%2C60%2C59%2C31%2C98%2C58%2C55%2C49%2C78%2C72%2C24%2C112 Requested by Host: connect.facebook.net URL: https://connect.facebook.net/en_US/fbevents.js Protocol H3 Security QUIC, , AES_128_GCM Server 2a03:2880:f003:100:face:b00c:0:3 Ashburn, United States, ASN32934 (FACEBOOK, US), Reverse DNS Software / Resource Hash 00fa78f129b4390200a07ab24488b013b0cc48b3509ce69c9302e3063f480448 Security Headers Name Value Content-Security-Policy default-src 'self' data: blob: *;script-src 'unsafe-inline' *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* blob: data: 'self' https://*.google-analytics.com *.google.com;style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' https://*.google-analytics.com;img-src 'self' data: blob: * https://*.google-analytics.com;block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script'; Strict-Transport-Security max-age=31536000; preload; includeSubDomains X-Content-Type-Options nosniff X-Frame-Options DENY X-Xss-Protection 0 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36 Referer https://ldr2bq.xyz/ Response headers content-encoding gzip report-to {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"} x-content-type-options nosniff expires Sat, 01 Jan 2000 00:00:00 GMT alt-svc h3=":443"; ma=86400 date Sun, 20 Oct 2024 07:33:18 GMT content-type application/x-javascript; charset=utf-8 vary Accept-Encoding cross-origin-embedder-policy-report-only require-corp;report-to="coep_report" priority u=3,i x-frame-options DENY strict-transport-security max-age=31536000; preload; includeSubDomains reporting-endpoints coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/" content-security-policy default-src 'self' data: blob: *;script-src 'unsafe-inline' *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* blob: data: 'self' https://*.google-analytics.com *.google.com;style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' https://*.google-analytics.com;img-src 'self' data: blob: * https://*.google-analytics.com;block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script'; cache-control public, max-age=1200 timing-allow-origin * cross-origin-opener-policy same-origin-allow-popups x-fb-connection-quality EXCELLENT; q=0.9, rtt=13, rtx=0, c=68, mss=1232, tbw=67450, tp=63, tpl=0, uplat=66, ullat=0 pragma public x-fb-debug kvplEunTi4aUolBXPTVDQwLL4+2fJh8jmgSzGbXy3UqXDzMx79GaWChYWuz+IO442NrBrGe/LMKsg9llPSI3zQ== cross-origin-resource-policy cross-origin permissions-policy accelerometer=(), attribution-reporting=(), autoplay=(), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy" document-policy force-load-at-top x-xss-protection 0 origin-agent-cluster ?1
GET H2	200	/ www.facebook.com/tr/	0 274 B	61ms 16ms	Image text/plain	2a03:2880:f103:181:face:b00c:0:25de FACEBOOK
General Check archive.org Show headers Download Go to Show image Full URL https://www.facebook.com/tr/?id=225444593819455&ev=PageView&dl=https%3A%2F%2Fldr2bq.xyz%2F&rl=&if=false&ts=1729409598273&sw=1600&sh=1200&v=2.9.172&r=stable&ec=0&o=12318&fbp=fb.1.1729409598268.17913734584735542&ler=empty&cdl=API_unavailable&it=1729409598161&coo=false&rqm=GET Requested by Host: ldr2bq.xyz URL: https://ldr2bq.xyz/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a03:2880:f103:181:face:b00c:0:25de Ashburn, United States, ASN32934 (FACEBOOK, US), Reverse DNS Software proxygen-bolt / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36 Referer https://ldr2bq.xyz/ Response headers strict-transport-security max-age=31536000; includeSubDomains x-fb-connection-quality EXCELLENT; q=0.9, rtt=15, rtx=0, c=10, mss=1328, tbw=2945, tp=-1, tpl=-1, uplat=0, ullat=0 cross-origin-resource-policy cross-origin access-control-allow-credentials true access-control-allow-origin alt-svc h3=":443"; ma=86400 content-length 0 date Sun, 20 Oct 2024 07:33:18 GMT content-type text/plain server proxygen-bolt
GET H2	200	/ www.facebook.com/privacy_sandbox/pixel/register/trigger/	67 B 3 KB	141ms 97ms	Image image/png	2a03:2880:f103:181:face:b00c:0:25de FACEBOOK
General Check archive.org Show headers Download Go to Show image Full URL https://www.facebook.com/privacy_sandbox/pixel/register/trigger/?id=225444593819455&ev=PageView&dl=https%3A%2F%2Fldr2bq.xyz%2F&rl=&if=false&ts=1729409598273&sw=1600&sh=1200&v=2.9.172&r=stable&ec=0&o=12318&fbp=fb.1.1729409598268.17913734584735542&ler=empty&cdl=API_unavailable&it=1729409598161&coo=false&rqm=FGET Requested by Host: ldr2bq.xyz URL: https://ldr2bq.xyz/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a03:2880:f103:181:face:b00c:0:25de Ashburn, United States, ASN32934 (FACEBOOK, US), Reverse DNS Software / Resource Hash aa7b6c81e85551eeb5c4809f1e683efa0b780c33d12ddfc2067a1b136803e45a Security Headers Name Value Content-Security-Policy default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net 'unsafe-eval';script-src *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'unsafe-eval' https://*.google-analytics.com *.google.com;style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline' https://fonts.googleapis.com;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com https://*.google-analytics.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com https://fonts.gstatic.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: *.whatsapp.net *.fb.com *.oculuscdn.com *.tenor.co *.tenor.com *.giphy.com https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://*.google-analytics.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data: *.tenor.co *.tenor.com https://*.giphy.com;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://www.google.com https://td.doubleclick.net *.google.com *.doubleclick.net;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests; Strict-Transport-Security max-age=15552000; preload X-Content-Type-Options nosniff X-Frame-Options DENY X-Xss-Protection 0 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36 Referer https://ldr2bq.xyz/ Response headers content-encoding zstd report-to {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown&brsid=7427757666463866140"}]}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"} x-content-type-options nosniff expires Sat, 01 Jan 2000 00:00:00 GMT alt-svc h3=":443"; ma=86400 date Sun, 20 Oct 2024 07:33:18 GMT content-type image/png vary Accept-Encoding x-fb-debug 3VJmsjFOcM7ORmztNsOn/9Gban8GAjeJrJ/YrueKhBytGu/spJM7nE0DDgfNI2W5cURY36lWdf4pHcZjw4m9jg== x-frame-options DENY strict-transport-security max-age=15552000; preload reporting-endpoints coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", default="https://www.facebook.com/ajax/browser_error_reports/?device_level=unknown&brsid=7427757666463866140", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/" content-security-policy default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net 'unsafe-eval';script-src *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'unsafe-eval' https://*.google-analytics.com *.google.com;style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline' https://fonts.googleapis.com;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com https://*.google-analytics.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com https://fonts.gstatic.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: *.whatsapp.net *.fb.com *.oculuscdn.com *.tenor.co *.tenor.com *.giphy.com https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://*.google-analytics.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data: *.tenor.co *.tenor.com https://*.giphy.com;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://www.google.com https://td.doubleclick.net *.google.com *.doubleclick.net;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests; cache-control private, no-store, no-cache, must-revalidate x-fb-connection-quality EXCELLENT; q=0.9, rtt=14, rtx=0, c=14, mss=1328, tbw=3263, tp=-1, tpl=-1, uplat=81, ullat=0 cross-origin-opener-policy same-origin-allow-popups pragma no-cache cross-origin-resource-policy cross-origin permissions-policy accelerometer=(), attribution-reporting=(self), autoplay=(), bluetooth=(), browsing-topics=(self), camera=(self), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(self), clipboard-write=(self), compute-pressure=(), display-capture=(self), encrypted-media=(self), fullscreen=(self), gamepad=*, geolocation=(self), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(self), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(self), midi=(), otp-credentials=(), payment=(), picture-in-picture=(self), private-state-token-issuance=(), publickey-credentials-get=(self), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), unload=(self), window-management=(), xr-spatial-tracking=(self);report-to="permissions_policy" document-policy force-load-at-top x-xss-protection 0 origin-agent-cluster ?0
GET H3	200	favicon.ico ldr2bq.xyz/	1 KB 1 KB	362ms 361ms	Other image/x-icon	2606:4700:3036::6815:1051 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://ldr2bq.xyz/favicon.ico Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:3036::6815:1051 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 6c3d94809877f076b27d502a7742c62ca8ffd4dc3ec3a25b2f921ac76a91ee57 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36 Referer https://ldr2bq.xyz/ Response headers server cloudflare cache-control max-age=14400 nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} content-encoding zstd cf-cache-status MISS etag W/"61c80dd6-47e" report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=1taJEACXfcbjWmYa%2FhR1IHy8mL1j0lEHeZQkivPazv0USbEiY50jKGMCBj3IuWfQIpI1kPvN1bcWr1qUUDpljvOmusGPXqF34lMMhO3OoAjyS8AhOwiPX5ElSHJhyQbx2OTk9hMyqKVT"}],"group":"cf-nel","max_age":604800} cf-ray 8d5751a62e7a42dc-EWR alt-svc h3=":443"; ma=86400 server-timing cfL4;desc="?proto=QUIC&rtt=9477&sent=65&recv=42&lost=0&retrans=0&sent_bytes=56736&recv_bytes=7729&delivery_rate=345960&cwnd=25200&unsent_bytes=0&cid=89c0d67f4d6858e1&ts=1855&x=1", cfExtPri, cfHdrFlush;dur=0 date Sun, 20 Oct 2024 07:33:18 GMT content-type image/x-icon last-modified Sun, 26 Dec 2021 06:38:14 GMT vary Accept-Encoding priority u=1,i

15 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

function| fbq function| _fbq function| $ function| jQuery object| layer number| ssid object| hlnum object| hlOther object| objText string| visHidden string| visibilityChange object| adApi function| handleVisibilityChange object| adDialog object| s

1 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			.ldr2bq.xyz/	1970-01-21 02:33:05	Name: _fbp Value: fb.1.1729409598268.17913734584735542

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

8776faa0.gugif.pages.dev
connect.facebook.net
ldr2bq.xyz
www.facebook.com
2606:4700:3036::6815:1051
2606:4700:310c::ac42:2ee8
2a03:2880:f003:100:face:b00c:0:3
2a03:2880:f103:181:face:b00c:0:25de
00fa78f129b4390200a07ab24488b013b0cc48b3509ce69c9302e3063f480448
072f9e045decd6b788c46962686a8598464c7ecfb420568ee7ed86c2deaf7803
10339c2f7fcae354c91b7c90f8a13dd1310b92f1b89ecc1fb3d9896bddf3aced
1acb05fa4567c6c76a9bbf3d42555e6a39b4c8246c8a24c4f03ccd98d9f67de2
208593bb818c5bf042966b6329bddf812c2b40387ae1b0915edeed035c82982a
2bccbd5f85ae09091ca8064418fd05158e5362554b28630638c44eecd72ec477
44959b4b15d34fe08092ff97a946771769bc5bae4e3da65c7da681288e1c4769
493c6e213c5d391377ce7d7cfe8d2b40084f4730f0fb1acd5492f7888f6158a5
57db87b8bce03bd6c780be774e0d0ffe96533b1db38bd1b51c9b365f7fb3ad34
5f9dbaf3fbfda7728852264c19920de2cc50580e91ff9397ec9ba99f90b9fe5f
6369e4ce7e8fbd5ae5a603ead9cd08b7e4bb29a18d3a8f0426a97e5fcf405088
6c3d94809877f076b27d502a7742c62ca8ffd4dc3ec3a25b2f921ac76a91ee57
799526ce82d41a088c331d289b589846993c59c13248b326438c77bc39d73a5a
85556761a8800d14ced8fcd41a6b8b26bf012d44a318866c0d81a62092efd9bf
92b390cd37a020535d6b45df388ad1367ee8ac0374af7b070923f619b7214271
a692fd90a73181037f2559f95cb02fc14c02ce15cb2dfc2c6b642df6dc63e09f
aa7b6c81e85551eeb5c4809f1e683efa0b780c33d12ddfc2067a1b136803e45a
b3d76ada9cdd98408497e00a865b672a7db3c3d2b1a342af8fe149601fc7a966
b95f56d79be506be59dbfe36204bdfede438134be5e5008838b6670cc86fa6c8
e236b4fad092809087690021c900c90c906b374eadbac78b4cea3f273319eb82
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e53a1a680d489fde97bf7b976e1e1416adad6a1445118383cc049f5f901b968a
e638d65e345e5dce62ec180305e47d5d5afeb05584dd031b47bc091c5771ee2c
f4cfd4a5b95dfb31c47cd567d9719fc12a0453f6ff27e2872147a9740e4b9e56
ff1523fb7389539c84c65aba19260648793bb4f5e29329d2ee8804bc37a3fe6e