urlscan.io logo urlscan.io
SecurityTrails logo

service.orwell.fun Open in urlscan Pro
142.132.140.101  Public Scan

Go To Rescan Add Verdict Report
URL: https://service.orwell.fun/
Submission: On March 02 via automatic, source certstream-suspicious — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 11 IPs in 4 countries across 10 domains to perform 23 HTTP transactions. The main IP is 142.132.140.101, located in Falkenstein, Germany and belongs to HETZNER-AS, DE. The main domain is service.orwell.fun.
TLS certificate: Issued by R3 on March 2nd 2023. Valid for: 3 months.
This is the only time service.orwell.fun was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

2    142.132.140.101 (Falkenstein, Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.101.140.132.142.clients.your-server.de
service.orwell.fun
8    2606:4700:3108::ac42:2aea (United States)

ASN13335 (CLOUDFLARENET, US)
betteruptime.com
1    2a00:1450:4001:82f::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
1    2a00:1450:4001:809::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
2    2a00:1450:4001:828::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google-analytics.com
1    2a00:1450:4001:827::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
2    2606:4700:3108::ac42:285e (United States)

ASN13335 (CLOUDFLARENET, US)
t.betterstack.com
1    2a00:1450:4001:800::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
googleads.g.doubleclick.net
2    2a00:1450:400d:803::2004 (Ireland)

ASN15169 (GOOGLE, US)
www.google.com
2    2a00:1450:400d:80a::2003 (Ireland)

ASN15169 (GOOGLE, US)
www.google.de
1    2a00:1450:400c:c0b::9a (Brussels, Belgium)

ASN15169 (GOOGLE, US)
stats.g.doubleclick.net
Apex Domain
Subdomains		 Transfer
8 betteruptime.com
betteruptime.com — Cisco Umbrella Rank: 99426
368 KB
2 google.de
www.google.de — Cisco Umbrella Rank: 6149
562 B
2 google.com
www.google.com — Cisco Umbrella Rank: 2
562 B
2 doubleclick.net
googleads.g.doubleclick.net — Cisco Umbrella Rank: 35
stats.g.doubleclick.net — Cisco Umbrella Rank: 77
2 KB
2 betterstack.com
t.betterstack.com — Cisco Umbrella Rank: 539247
1 KB
2 google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 30
20 KB
2 orwell.fun
service.orwell.fun
20 KB
1 gstatic.com
fonts.gstatic.com
38 KB
1 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 44
65 KB
1 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 36
1 KB
23 10
Domain Requested by
8 betteruptime.com service.orwell.fun
2 www.google.de service.orwell.fun
2 www.google.com service.orwell.fun
2 t.betterstack.com betteruptime.com
2 www.google-analytics.com service.orwell.fun
www.google-analytics.com
2 service.orwell.fun betteruptime.com
1 stats.g.doubleclick.net www.google-analytics.com
1 googleads.g.doubleclick.net www.googletagmanager.com
1 fonts.gstatic.com fonts.googleapis.com
1 www.googletagmanager.com service.orwell.fun
1 fonts.googleapis.com service.orwell.fun
23 11

This site contains links to these domains. Also see Links.

Domain
orwell.fun
betterstack.com
Subject Issuer Validity Valid
service.orwell.fun
R3		 2023-03-02 -
2023-05-31		 3 months crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2022-06-02 -
2023-06-01		 a year crt.sh
upload.video.google.com
GTS CA 1C3		 2023-02-08 -
2023-05-03		 3 months crt.sh
*.google-analytics.com
GTS CA 1C3		 2023-02-08 -
2023-05-03		 3 months crt.sh
*.gstatic.com
GTS CA 1C3		 2023-02-08 -
2023-05-03		 3 months crt.sh
*.betterstack.com
E1		 2023-01-27 -
2023-04-27		 3 months crt.sh
*.g.doubleclick.net
GTS CA 1C3		 2023-02-08 -
2023-05-03		 3 months crt.sh
www.google.com
GTS CA 1C3		 2023-02-08 -
2023-05-03		 3 months crt.sh
www.google.de
GTS CA 1C3		 2023-02-08 -
2023-05-03		 3 months crt.sh

This page contains 1 frames:

Primary Page: https://service.orwell.fun/
Frame ID: 1AD552287090F2C64F39691B87A5C4C9
Requests: 23 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Orwell Fun Community status

Detected technologies

Overall confidence: 100%
Detected patterns
  • <[^>]+data-controller
Overall confidence: 100%
Detected patterns
Overall confidence: 100%
Detected patterns
  • google-analytics\.com/(?:ga|urchin|analytics)\.js
Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com
Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtag/js

Page Statistics

23
Requests

100 %
HTTPS

91 %
IPv6

10
Domains

11
Subdomains

11
IPs

4
Countries

516 kB
Transfer

1731 kB
Size

9
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

23 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
service.orwell.fun/ 		19 KB
20 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://service.orwell.fun/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
142.132.140.101 Falkenstein, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.101.140.132.142.clients.your-server.de
Software
openresty/1.19.3.2 /
Resource Hash
d6b92bc59d6462a934215f9baa0a629e36d435e4e3aae36d64219358ad6ab438
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains max-age=15724800; includeSubdomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Cache-Control
no-cache
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Date
Thu, 02 Mar 2023 21:46:13 GMT
Referrer-Policy
strict-origin-when-cross-origin
Server
openresty/1.19.3.2
Strict-Transport-Security
max-age=31536000; includeSubDomains max-age=15724800; includeSubdomains
Transfer-Encoding
chunked
Vary
Accept-Encoding
X-Content-Type-Options
nosniff
X-Download-Options
noopen
X-Permitted-Cross-Domain-Policies
none
X-Request-Id
8e360d24-a532-4b29-92e8-8b2b38ca0ec5
X-Runtime
0.030868
X-XSS-Protection
1; mode=block
status_page_v2-bbf825bf.css
betteruptime.com/packs/css/ 		99 KB
17 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://betteruptime.com/packs/css/status_page_v2-bbf825bf.css
Requested by
Host: service.orwell.fun
URL: https://service.orwell.fun/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3108::ac42:2aea , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7b9b2756c0ce9b6e99b7e5822ba6f4b176fc5a7880a7465e910b7f8f729363a3
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://service.orwell.fun/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Thu, 02 Mar 2023 21:46:13 GMT
strict-transport-security
max-age=0
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
1403
cf-polished
origSize=124575
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-bgj
minify
last-modified
Thu, 02 Mar 2023 16:00:59 GMT
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ztIVs8%2BoNvL37XzslT0ZEeLGcJ2OIpoq1DEzgK5snoxMF1FUwc0ihYOqkAGK9y9Ld7FAyGzAMvr4%2FR6OJ3B2drkSbxJm4u0CmPpQfzj1Oz%2BPyW1Kf8Mj3f03%2FXLavSaJ%2Fryzvr1rYgxA9Ir2cZM%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=31536000
cf-ray
7a1cd4cb5c61bbf5-FRA
runtime-490d4d92f1b1705b8904.js
betteruptime.com/packs/js/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://betteruptime.com/packs/js/runtime-490d4d92f1b1705b8904.js
Requested by
Host: service.orwell.fun
URL: https://service.orwell.fun/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3108::ac42:2aea , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8ac74b0cd41cfe2f2782765342601f23fd9d975370118e52a7288dbb8f6a442b
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://service.orwell.fun/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Thu, 02 Mar 2023 21:46:13 GMT
strict-transport-security
max-age=0
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
1684
cf-polished
origSize=3106
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-bgj
minify
last-modified
Thu, 02 Mar 2023 16:00:59 GMT
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=i3l6EYDsUyhJpE%2FyvO312cs5WL95uy0FHC3a0Bi1dbIVKEzpzA0ZkBQTK%2Fy2EWrt2cplQZ1pyIB%2B%2BmU25RD0LiMAwGVlIk8OwDTIyVxJNNgVF7IL5PH%2BOC1M16yNMMPZ1azJBX3q7tp5xpVyM7I%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=31536000
cf-ray
7a1cd4cb5c64bbf5-FRA
109-39b8e793b58e6359bf19.js
betteruptime.com/packs/js/ 		954 KB
262 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://betteruptime.com/packs/js/109-39b8e793b58e6359bf19.js
Requested by
Host: service.orwell.fun
URL: https://service.orwell.fun/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3108::ac42:2aea , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
fe1545f527ccdc3ac06e4d23ed216a7a1b1f29d2cc5a53188d40779ca720b175
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://service.orwell.fun/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Thu, 02 Mar 2023 21:46:13 GMT
strict-transport-security
max-age=0
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
7078
cf-polished
origSize=977409
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-bgj
minify
last-modified
Thu, 02 Mar 2023 16:00:59 GMT
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=zxYzh4UQAdbeY%2FJhr7DMbIXPZHPeA%2B66UkKwMlHMeK6xG2GZJ8dtgtDSt18N%2F5V9gwhbODeZT%2Fk9uU09OlFl%2FMcMWyEu2m36dCSAS6oJyfYEIYC39GS3mprrNG%2Fz4Y6PjUfTz%2FQB2BH1Kcq7M30%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=31536000
cf-ray
7a1cd4cb9cc1bbf5-FRA
63-669ca59756f02a1e5824.js
betteruptime.com/packs/js/ 		182 KB
53 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://betteruptime.com/packs/js/63-669ca59756f02a1e5824.js
Requested by
Host: service.orwell.fun
URL: https://service.orwell.fun/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3108::ac42:2aea , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ea819b563c871d476e9ec7add790b41868a6a8c8d5a44e60778dcb556b13e19d
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://service.orwell.fun/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Thu, 02 Mar 2023 21:46:13 GMT
strict-transport-security
max-age=0
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
7078
cf-polished
origSize=186373
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-bgj
minify
last-modified
Thu, 02 Mar 2023 16:00:59 GMT
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=uIiKgIG8Y4DUnn0CCGq5rbexxeDDxmLXW9MrlD8I82FbZLzgMpJTjFooTK0Dvh5Q2mXL0wAKjOexXd%2F4qR3wFgPH0IGQUW8bKwJl%2FL3hMOz%2F8eb4c2YJUF0pQyGOF2mmVxPkzMo1laJAFl4EG30%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=31536000
cf-ray
7a1cd4cbfc638fef-FRA
701-f6ca40e376e425e5fdfa.js
betteruptime.com/packs/js/ 		18 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://betteruptime.com/packs/js/701-f6ca40e376e425e5fdfa.js
Requested by
Host: service.orwell.fun
URL: https://service.orwell.fun/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3108::ac42:2aea , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c72d0961b28ee45f050dea49a0b4b62f89e85e39b472529f1ca8676194764394
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://service.orwell.fun/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Thu, 02 Mar 2023 21:46:13 GMT
strict-transport-security
max-age=0
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
1792
cf-polished
origSize=18596
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-bgj
minify
last-modified
Thu, 02 Mar 2023 16:00:59 GMT
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=rfzRUsCw%2BqIyw4pj8J8rf%2BuzTbpBlNrJ2GSKdXF21qvSYfeXxaXPXQ8IeJOB2Dn8gafzIVcPwtoLlRSIH3FdIcckgsZt%2FiiUsBx6Qlr2jXvEBvWVFkkRqOEHGRrl4dzt0I3q22zaEMujYzB1AyI%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=31536000
cf-ray
7a1cd4cbfc658fef-FRA
270-e88a12dac3f85d13091d.js
betteruptime.com/packs/js/ 		154 KB
19 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://betteruptime.com/packs/js/270-e88a12dac3f85d13091d.js
Requested by
Host: service.orwell.fun
URL: https://service.orwell.fun/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3108::ac42:2aea , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
61abef790b9da011e45fbce4b30fd208fa630bf4d14c4f3056b67981b07bd0d0
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://service.orwell.fun/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Thu, 02 Mar 2023 21:46:13 GMT
strict-transport-security
max-age=0
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
7077
cf-polished
origSize=157295
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-bgj
minify
last-modified
Thu, 02 Mar 2023 16:00:59 GMT
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=uHXhCzhmT9RHojwzOgOfgIqOBJ88xRkgzKfjVRezx%2FiELqNutMdCPZK%2BIa4IkU18x%2BcDNVLAa9dnwJjPDNMytg568FzrDRQ8zO%2FHifWkytWkVfnVVlIiiYqyRK3Y%2FLph8z6kRELJmgef2PZwnmc%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=31536000
cf-ray
7a1cd4cbfc668fef-FRA
664-a27e66986cf6916d224e.js
betteruptime.com/packs/js/ 		18 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://betteruptime.com/packs/js/664-a27e66986cf6916d224e.js
Requested by
Host: service.orwell.fun
URL: https://service.orwell.fun/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3108::ac42:2aea , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
949616576f0aaae01ec347bf9a0ed9b25b8112913fe0e1eb1df18f20a6c6a564
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://service.orwell.fun/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Thu, 02 Mar 2023 21:46:13 GMT
strict-transport-security
max-age=0
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
5797
cf-polished
origSize=18433
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-bgj
minify
last-modified
Thu, 02 Mar 2023 16:00:59 GMT
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=OAZb5L17rUmmJ%2BGECns8RQCQxier%2F%2FXuFE9PVALik%2BsY1V3iXQeRaWmOf4o9NBU9ezClC%2Fg2SvxaQf0GPZ2OW5nTyfCsx8dYcjir6rz7J1WlYRabL%2FSNWzOT%2BXkW8Vwkyg3x3B0N8kLziUFRIvk%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=31536000
cf-ray
7a1cd4cbfc688fef-FRA
status_page_v2-641f0855d240fecb4902.js
betteruptime.com/packs/js/ 		11 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://betteruptime.com/packs/js/status_page_v2-641f0855d240fecb4902.js
Requested by
Host: service.orwell.fun
URL: https://service.orwell.fun/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3108::ac42:2aea , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
67b386f72b2016ee1e6c264f2a90b0c3331b5ba7da139fce57c76847fd4332c9
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://service.orwell.fun/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Thu, 02 Mar 2023 21:46:13 GMT
strict-transport-security
max-age=0
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
6302
cf-polished
origSize=11261
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-bgj
minify
last-modified
Thu, 02 Mar 2023 16:00:59 GMT
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2BcoedCfc713wqGHcao6qULzchuPdvBe8r9VWrbCrcWcGONFfBRJlhvV3C9dO3%2F5BxJW4O%2Br8CYk6FwqESYh1YjeEGOdVu8QMxo9FCY8HWXqSQhQzXgGkCJ%2B60%2FmfqvVGtkxir8S%2Bhe%2F5cu2FKJw%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=31536000
cf-ray
7a1cd4cbfc698fef-FRA
css2
fonts.googleapis.com/ 		9 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css2?family=Inter:wght@400;500;600;700&display=swap
Requested by
Host: service.orwell.fun
URL: https://service.orwell.fun/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
cc4772532e5066f9e49faf08fde464ad5f7947463c4c2b48a4c339efe7cd5f28
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://service.orwell.fun/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Thu, 02 Mar 2023 21:46:13 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Thu, 02 Mar 2023 21:27:16 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Thu, 02 Mar 2023 21:46:13 GMT
js
www.googletagmanager.com/gtag/ 		175 KB
65 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=AW-10805602682
Requested by
Host: service.orwell.fun
URL: https://service.orwell.fun/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:809::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
e58a725dd2b5a8bf11abb6ed59fa906facbcba610553af0a2dd28f06f516f361
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://service.orwell.fun/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Thu, 02 Mar 2023 21:46:13 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
65676
x-xss-protection
0
last-modified
Thu, 02 Mar 2023 21:23:27 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Thu, 02 Mar 2023 21:46:13 GMT
analytics.js
www.google-analytics.com/ 		49 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: service.orwell.fun
URL: https://service.orwell.fun/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
5971b095cff574a66d35ada016d4c077c86e2dea62e9c0f14cf7c94b258619de
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://service.orwell.fun/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
date
Thu, 02 Mar 2023 21:19:39 GMT
last-modified
Tue, 10 Jan 2023 21:29:14 GMT
server
Golfe2
age
1594
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
20085
expires
Thu, 02 Mar 2023 23:19:39 GMT
UcC73FwrK3iLTeHuS_fvQtMwCp50KnMa1ZL7.woff2
fonts.gstatic.com/s/inter/v12/ 		37 KB
38 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/inter/v12/UcC73FwrK3iLTeHuS_fvQtMwCp50KnMa1ZL7.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Inter:wght@400;500;600;700&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
450f3ba4e47ee174bd9692b396f264b907d37d2528f53911760f3d0edb785f7e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://service.orwell.fun
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Fri, 24 Feb 2023 09:24:48 GMT
x-content-type-options
nosniff
age
562885
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
37924
x-xss-protection
0
last-modified
Mon, 11 Jul 2022 20:54:46 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 24 Feb 2024 09:24:48 GMT
/
t.betterstack.com/decide/ 		193 B
773 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://t.betterstack.com/decide/?v=2&ip=1&_=1677793573832&ver=1.25.2
Requested by
Host: betteruptime.com
URL: https://betteruptime.com/packs/js/109-39b8e793b58e6359bf19.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3108::ac42:285e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
bffad81246e13f89b8aff1aa4415ff0cd6d7ec01aec2a19e740a48e64fd5cf1b
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://service.orwell.fun/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

date
Thu, 02 Mar 2023 21:46:13 GMT
content-encoding
br
referrer-policy
same-origin
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
access-control-allow-methods
GET, POST, OPTIONS
content-type
application/json
access-control-allow-origin
https://service.orwell.fun
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=hItzb2pQqIlfT3Xza7Zyst2Dqv1PeKFLyk3Ioy5lm3YxZDd1lTBeieqlfZXxCrazV7DmtujCogiY67mKBAZhLqK8agd9tlmZ7pvPURT2FfXVTjj4Dx79yQrbMIj0UuF0uWXxf9l5SQxVR%2Bv%2F4gaX"}],"group":"cf-nel","max_age":604800}
access-control-allow-credentials
true
cf-ray
7a1cd4cd1da52c1c-FRA
access-control-allow-headers
X-Requested-With,Content-Type
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
visits
service.orwell.fun/ahoy/ 		211 B
843 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://service.orwell.fun/ahoy/visits
Requested by
Host: betteruptime.com
URL: https://betteruptime.com/packs/js/109-39b8e793b58e6359bf19.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
142.132.140.101 Falkenstein, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.101.140.132.142.clients.your-server.de
Software
openresty/1.19.3.2 /
Resource Hash
2bdd1c80321fbf61e6d4f464ddd69d30a31949aff4d092df183ffc8508766336
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains, max-age=15724800; includeSubdomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Accept
application/json, text/javascript, */*; q=0.01
Referer
https://service.orwell.fun/
X-Requested-With
XMLHttpRequest
X-CSRF-Token
b4JVYticQ1mkCZ1Si9mO2Wb3x7ky+I0eaaJnYpQV4Iz9lmzGannnYq1gwIkBWnNk0KkJVTYGSvDc6AJoZOnsSQ==
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
Content-Type
application/json; charset=UTF-8

Response headers

X-Runtime
0.012723
Date
Thu, 02 Mar 2023 21:46:13 GMT
Strict-Transport-Security
max-age=31536000; includeSubDomains, max-age=15724800; includeSubdomains
X-Content-Type-Options
nosniff
Referrer-Policy
strict-origin-when-cross-origin
Server
openresty/1.19.3.2
X-Permitted-Cross-Domain-Policies
none
X-Download-Options
noopen
X-Frame-Options
SAMEORIGIN
Transfer-Encoding
chunked
Content-Type
application/json; charset=utf-8
Vary
Accept-Encoding
Connection
keep-alive
X-XSS-Protection
1; mode=block
X-Request-Id
650e9879-2345-4025-9bb3-c32447108244
/
googleads.g.doubleclick.net/pagead/viewthroughconversion/10805602682/ 		2 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/viewthroughconversion/10805602682/?random=1677793574065&cv=11&fst=1677793574065&bg=ffffff&guid=ON&async=1&gtm=45be3310&u_w=1600&u_h=1200&hn=www.googleadservices.com&frm=0&url=https%3A%2F%2Fservice.orwell.fun%2F&tiba=Orwell%20Fun%20Community%20status&auid=1448607887.1677793574&uamb=0&uaw=0&data=event%3Dgtag.config&rfmt=3&fmt=4
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=AW-10805602682
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
cf3994c5d402f66c36e59d777155127dc87eb97f9a9693caf70211127f06aec7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://service.orwell.fun/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 02 Mar 2023 21:46:14 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
text/javascript; charset=UTF-8
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1207
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
www.google.com/pagead/1p-user-list/10805602682/ 		42 B
455 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/pagead/1p-user-list/10805602682/?random=1677793574065&cv=11&fst=1677790800000&bg=ffffff&guid=ON&async=1&gtm=45be3310&u_w=1600&u_h=1200&frm=0&url=https%3A%2F%2Fservice.orwell.fun%2F&tiba=Orwell%20Fun%20Community%20status&data=event%3Dgtag.config&fmt=3&is_vtc=1&random=2646847444&rmt_tld=0&ipr=y
Requested by
Host: service.orwell.fun
URL: https://service.orwell.fun/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400d:803::2004 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://service.orwell.fun/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 02 Mar 2023 21:46:15 GMT
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
www.google.de/pagead/1p-user-list/10805602682/ 		42 B
455 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.de/pagead/1p-user-list/10805602682/?random=1677793574065&cv=11&fst=1677790800000&bg=ffffff&guid=ON&async=1&gtm=45be3310&u_w=1600&u_h=1200&frm=0&url=https%3A%2F%2Fservice.orwell.fun%2F&tiba=Orwell%20Fun%20Community%20status&data=event%3Dgtag.config&fmt=3&is_vtc=1&random=2646847444&rmt_tld=1&ipr=y
Requested by
Host: service.orwell.fun
URL: https://service.orwell.fun/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400d:80a::2003 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://service.orwell.fun/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 02 Mar 2023 21:46:15 GMT
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
www.google-analytics.com/j/ 		4 B
211 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j99&a=1645584366&t=pageview&_s=1&dl=https%3A%2F%2Fservice.orwell.fun%2F&ul=en-us&de=UTF-8&dt=Orwell%20Fun%20Community%20status&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=aEBAAEABAAAAACgAI~&jid=685418061&gjid=209670118&cid=914625787.1677793574&tid=UA-752796-25&_gid=2014058591.1677793574&_r=1&_slc=1&z=1127532839
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://service.orwell.fun/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Thu, 02 Mar 2023 21:46:15 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://service.orwell.fun
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
4
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
stats.g.doubleclick.net/j/ 		4 B
351 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j99&tid=UA-752796-25&cid=914625787.1677793574&jid=685418061&gjid=209670118&_gid=2014058591.1677793574&_u=aEBAAEAAAAAAACgAI~&z=1310247893
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400c:c0b::9a Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://service.orwell.fun/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
strict-transport-security
max-age=10886400; includeSubDomains; preload
date
Thu, 02 Mar 2023 21:46:15 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://service.orwell.fun
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
4
expires
Fri, 01 Jan 1990 00:00:00 GMT
ga-audiences
www.google.com/ads/ 		42 B
107 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j99&tid=UA-752796-25&cid=914625787.1677793574&jid=685418061&_u=aEBAAEAAAAAAACgAI~&z=1305591327
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400d:803::2004 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://service.orwell.fun/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 02 Mar 2023 21:46:15 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ga-audiences
www.google.de/ads/ 		42 B
107 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j99&tid=UA-752796-25&cid=914625787.1677793574&jid=685418061&_u=aEBAAEAAAAAAACgAI~&z=1305591327
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400d:80a::2003 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://service.orwell.fun/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 02 Mar 2023 21:46:15 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
t.betterstack.com/e/ 		13 B
351 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://t.betterstack.com/e/?compression=gzip-js&ip=1&_=1677793576868&ver=1.25.2
Requested by
Host: betteruptime.com
URL: https://betteruptime.com/packs/js/109-39b8e793b58e6359bf19.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3108::ac42:285e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7d4afed20a912db310862a5294bcf8fb6269c76a292908ddc1fbd496456eff56
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

Referer
https://service.orwell.fun/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
Content-Type
text/plain

Response headers

date
Thu, 02 Mar 2023 21:46:16 GMT
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
13
referrer-policy
same-origin
server
cloudflare
vary
Cookie
access-control-allow-methods
GET, POST, OPTIONS
content-type
application/json
access-control-allow-origin
https://service.orwell.fun
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=3ksSLtFnrAhEUD1ymnn57nmlMT3%2B2avonIRZzBdMfJLobM61TqtWi24o%2Fnq1bczESBqDgT4uYxqjpDOrtLWzrCrq%2B%2FCsQmMqKvGzjddH6fnj%2FbWq7Fj8nOI9%2FxCjkyHgFXMXEJdEyjWMSpuGS3SQ"}],"group":"cf-nel","max_age":604800}
x-frame-options
DENY
access-control-allow-credentials
true
cf-ray
7a1cd4df686d2c1c-FRA
access-control-allow-headers
X-Requested-With,Content-Type

Verdicts & Comments Add Verdict or Comment

36 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

boolean| credentialless string| GoogleAnalyticsObject function| ga function| gtag object| dataLayer object| cfg object| webpackChunk boolean| _rails_loaded function| $ object| Rails object| ahoy object| asyncIntervals function| clearAsyncIntervals function| initButtonGroups object| DragNDrop function| initHtmlTooltips boolean| isShopifyApp object| Routes function| smoothScrollTo function| theme function| diffHighestMeasures function| initTimeDistance function| initTimeago function| initTooltips object| Turbo function| turboSetInterval function| smartFormSubmit object| regeneratorRuntime boolean| isMobile function| recaptcha_submit object| google_tag_data object| gaplugins object| gaGlobal object| gaData object| google_tag_manager object| GooglebQhCsO

9 Cookies

Domain/Path Name / Value
service.orwell.fun/ Name: _ph
Value: 186a44a3bc338c-0364082f0e1d8-6f385457-1d4c00-186a44a3bc489e
service.orwell.fun/ Name: ahoy_visit
Value: 1cd312de-f732-4697-ae56-0e332883a1e7
service.orwell.fun/ Name: ahoy_visitor
Value: 6954f635-505c-407f-ad71-09b1135f13c7
.orwell.fun/ Name: _ga
Value: GA1.2.914625787.1677793574
.orwell.fun/ Name: _gid
Value: GA1.2.2014058591.1677793574
.orwell.fun/ Name: _gcl_au
Value: 1.1.1448607887.1677793574
.doubleclick.net/ Name: test_cookie
Value: CheckForPermission
.orwell.fun/ Name: _gat
Value: 1
.orwell.fun/ Name: ph_phc_Tbfg4EiRsr5iefFoth2Y1Hi3sttTeLQ5RV5TLg4hL1W_posthog
Value: %7B%22distinct_id%22%3A%22186a44a3bc338c-0364082f0e1d8-6f385457-1d4c00-186a44a3bc489e%22%2C%22%24device_id%22%3A%22186a44a3bc338c-0364082f0e1d8-6f385457-1d4c00-186a44a3bc489e%22%2C%22%24session_recording_enabled_server_side%22%3Afalse%2C%22%24active_feature_flags%22%3A%5B%5D%2C%22%24enabled_feature_flags%22%3A%7B%7D%2C%22%24initial_referrer%22%3A%22%24direct%22%2C%22%24initial_referring_domain%22%3A%22%24direct%22%2C%22%24referrer%22%3A%22%24direct%22%2C%22%24referring_domain%22%3A%22%24direct%22%2C%22%24sesid%22%3A%5B1677793575080%2C%22186a44a40ab701-0ad834f54234e5-6f385457-1d4c00-186a44a40acbc1%22%2C1677793575080%5D%7D

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Strict-Transport-Security max-age=31536000; includeSubDomains max-age=15724800; includeSubdomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

betteruptime.com
fonts.googleapis.com
fonts.gstatic.com
googleads.g.doubleclick.net
service.orwell.fun
stats.g.doubleclick.net
t.betterstack.com
www.google-analytics.com
www.google.com
www.google.de
www.googletagmanager.com
142.132.140.101
2606:4700:3108::ac42:285e
2606:4700:3108::ac42:2aea
2a00:1450:4001:800::2002
2a00:1450:4001:809::2008
2a00:1450:4001:827::2003
2a00:1450:4001:828::200e
2a00:1450:4001:82f::200a
2a00:1450:400c:c0b::9a
2a00:1450:400d:803::2004
2a00:1450:400d:80a::2003
2bdd1c80321fbf61e6d4f464ddd69d30a31949aff4d092df183ffc8508766336
450f3ba4e47ee174bd9692b396f264b907d37d2528f53911760f3d0edb785f7e
5971b095cff574a66d35ada016d4c077c86e2dea62e9c0f14cf7c94b258619de
61abef790b9da011e45fbce4b30fd208fa630bf4d14c4f3056b67981b07bd0d0
67b386f72b2016ee1e6c264f2a90b0c3331b5ba7da139fce57c76847fd4332c9
7b9b2756c0ce9b6e99b7e5822ba6f4b176fc5a7880a7465e910b7f8f729363a3
7d4afed20a912db310862a5294bcf8fb6269c76a292908ddc1fbd496456eff56
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
8ac74b0cd41cfe2f2782765342601f23fd9d975370118e52a7288dbb8f6a442b
949616576f0aaae01ec347bf9a0ed9b25b8112913fe0e1eb1df18f20a6c6a564
aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8
bffad81246e13f89b8aff1aa4415ff0cd6d7ec01aec2a19e740a48e64fd5cf1b
c72d0961b28ee45f050dea49a0b4b62f89e85e39b472529f1ca8676194764394
cc4772532e5066f9e49faf08fde464ad5f7947463c4c2b48a4c339efe7cd5f28
cf3994c5d402f66c36e59d777155127dc87eb97f9a9693caf70211127f06aec7
d6b92bc59d6462a934215f9baa0a629e36d435e4e3aae36d64219358ad6ab438
e58a725dd2b5a8bf11abb6ed59fa906facbcba610553af0a2dd28f06f516f361
ea819b563c871d476e9ec7add790b41868a6a8c8d5a44e60778dcb556b13e19d
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
fe1545f527ccdc3ac06e4d23ed216a7a1b1f29d2cc5a53188d40779ca720b175