maddened-curler-186082.appspot.com Open in urlscan Pro
2607:f8b0:4006:80f::2014  Public Scan

13 Outgoing links

These are links going to different origins than the main page.

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 42

• https://www.tns-counter.ru/V13a***R%3E*zonamedia_ru/ru/UTF-8/tmsec=zonamedia_total/764586231 HTTP 302
• https://www.tns-counter.ru/V13b***R%3E*zonamedia_ru/ru/UTF-8/tmsec=zonamedia_total/764586231

64 HTTP transactions Everything HTML Script AJAX CSS Image Expand all
0 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H2	200	Primary Request / Show response maddened-curler-186082.appspot.com/	68 KB 22 KB	469ms 386ms	Document text/html	2607:f8b0:4006:80f::2014 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://maddened-curler-186082.appspot.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2607:f8b0:4006:80f::2014 , United States, ASN15169 (GOOGLE, US), Reverse DNS Software Google Frontend / Resource Hash a2d0c4d7eab19746a22b4dc6146f5f982db1548581a97a1afce054012a4fc5e3 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36 Response headers alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 cache-control s-max-age=200, max-age=0 cf-cache-status DYNAMIC cf-ray 8cabd22d689a0dff-MXP content-encoding gzip content-length 22099 content-type text/html; charset=utf-8 date Sun, 29 Sep 2024 12:01:52 GMT server Google Frontend strict-transport-security max-age=31536000; includeSubDomains; preload vary Accept-Encoding Accept-Encoding x-cloud-trace-context d10f32bd12a7d8ffdcb714db7b59e830;o=1
GET H2	200	main.a948ce542262258e.css maddened-curler-186082.appspot.com/css/	269 KB 57 KB	744ms 739ms	Stylesheet text/css	2607:f8b0:4006:80f::2014 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://maddened-curler-186082.appspot.com/css/main.a948ce542262258e.css Requested by Host: maddened-curler-186082.appspot.com URL: https://maddened-curler-186082.appspot.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2607:f8b0:4006:80f::2014 , United States, ASN15169 (GOOGLE, US), Reverse DNS Software Google Frontend / Resource Hash ef2e1e001571e7ac46ebc2f380d1376cebcd4e39bddfffbdbab5297678d3fdcb Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Content-Type-Options nosniff X-Xss-Protection 1; mode=block Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36 Referer https://maddened-curler-186082.appspot.com/ Response headers content-encoding gzip cf-cache-status HIT etag W/"66f93679-434c0" age 930 x-content-type-options nosniff expires Sun, 29 Sep 2024 12:16:23 GMT alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 date Sun, 29 Sep 2024 12:01:53 GMT x-cloud-trace-context de5730b90c523c3ba6542f0217432451 content-type text/css vary Accept-Encoding, Accept-Encoding last-modified Sun, 29 Sep 2024 11:14:01 GMT strict-transport-security max-age=31536000; includeSubDomains; preload cache-control max-age=7200 cf-ray 8cabd23319af5a2b-MXP content-length 57719 x-xss-protection 1; mode=block server Google Frontend
GET H2	200	Graphik-Bold-Cy-Web.woff maddened-curler-186082.appspot.com/font/	65 KB 65 KB	893ms 889ms	Font application/font-woff	2607:f8b0:4006:80f::2014 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://maddened-curler-186082.appspot.com/font/Graphik-Bold-Cy-Web.woff Requested by Host: maddened-curler-186082.appspot.com URL: https://maddened-curler-186082.appspot.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2607:f8b0:4006:80f::2014 , United States, ASN15169 (GOOGLE, US), Reverse DNS Software Google Frontend / Resource Hash 639b2d2513c351e7ed770d2b976423ebf56815e265cb36791979a612cc251d8b Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Content-Type-Options nosniff X-Xss-Protection 1; mode=block Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36 Origin https://maddened-curler-186082.appspot.com Referer https://maddened-curler-186082.appspot.com/ Response headers server Google Frontend strict-transport-security max-age=31536000; includeSubDomains; preload cache-control max-age=7200 cf-cache-status EXPIRED etag W/"66f93679-10388" x-content-type-options nosniff cf-ray 8cabd232adb80dfa-MXP alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 66440 x-xss-protection 1; mode=block date Sun, 29 Sep 2024 12:01:53 GMT content-type application/font-woff last-modified Sun, 29 Sep 2024 11:14:01 GMT vary Accept-Encoding x-cloud-trace-context 988683bf4a683785f337214ddbb73f9f
GET H2	200	Graphik-Regular-Cy-Web.woff maddened-curler-186082.appspot.com/font/	60 KB 61 KB	372ms 369ms	Font application/font-woff	2607:f8b0:4006:80f::2014 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://maddened-curler-186082.appspot.com/font/Graphik-Regular-Cy-Web.woff Requested by Host: maddened-curler-186082.appspot.com URL: https://maddened-curler-186082.appspot.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2607:f8b0:4006:80f::2014 , United States, ASN15169 (GOOGLE, US), Reverse DNS Software Google Frontend / Resource Hash 3459d9a960bd4916952512ae214caa13113ab31f5c949fb9cac7a2e19bcf1f1f Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Content-Type-Options nosniff X-Xss-Protection 1; mode=block Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36 Origin https://maddened-curler-186082.appspot.com Referer https://maddened-curler-186082.appspot.com/ Response headers server Google Frontend strict-transport-security max-age=31536000; includeSubDomains; preload cache-control max-age=7200 cf-cache-status EXPIRED etag W/"66f93679-f1a8" x-content-type-options nosniff cf-ray 8cabd22ffce64c75-MXP alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 61864 x-xss-protection 1; mode=block date Sun, 29 Sep 2024 12:01:52 GMT content-type application/font-woff last-modified Sun, 29 Sep 2024 11:14:01 GMT vary Accept-Encoding x-cloud-trace-context 339d71d44ee46c287815d1811b690fca
GET H2	200	firamono-regular-webfont.woff2 maddened-curler-186082.appspot.com/font/firamono/	29 KB 29 KB	672ms 669ms	Font application/octet-stream	2607:f8b0:4006:80f::2014 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://maddened-curler-186082.appspot.com/font/firamono/firamono-regular-webfont.woff2 Requested by Host: maddened-curler-186082.appspot.com URL: https://maddened-curler-186082.appspot.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2607:f8b0:4006:80f::2014 , United States, ASN15169 (GOOGLE, US), Reverse DNS Software Google Frontend / Resource Hash c35755c3299bb1739908187102395e0c33a962a9d4d1764124b0d9eb80d10909 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Content-Type-Options nosniff X-Xss-Protection 1; mode=block Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36 Origin https://maddened-curler-186082.appspot.com Referer https://maddened-curler-186082.appspot.com/ Response headers cf-cache-status HIT etag "66f8bf2f-74d0" age 4893 x-content-type-options nosniff alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 date Sun, 29 Sep 2024 12:01:53 GMT content-type application/octet-stream last-modified Sun, 29 Sep 2024 02:45:03 GMT vary Accept-Encoding x-cloud-trace-context 13585a471686d4d621fec667ced5fc56 strict-transport-security max-age=31536000; includeSubDomains; preload cache-control max-age=7200 cf-ray 8cabd232c9b7374b-MXP accept-ranges bytes content-length 29904 x-xss-protection 1; mode=block server Google Frontend
GET H2	200	firamono-bold-webfont.woff2 maddened-curler-186082.appspot.com/font/firamono/	29 KB 29 KB	730ms 727ms	Font application/octet-stream	2607:f8b0:4006:80f::2014 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://maddened-curler-186082.appspot.com/font/firamono/firamono-bold-webfont.woff2 Requested by Host: maddened-curler-186082.appspot.com URL: https://maddened-curler-186082.appspot.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2607:f8b0:4006:80f::2014 , United States, ASN15169 (GOOGLE, US), Reverse DNS Software Google Frontend / Resource Hash 24bc5f6147aaf087cda91a5874c9f2a64fe75037dfd20b1a3ff0ca5f584f9eb9 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Content-Type-Options nosniff X-Xss-Protection 1; mode=block Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36 Origin https://maddened-curler-186082.appspot.com Referer https://maddened-curler-186082.appspot.com/ Response headers cf-cache-status EXPIRED etag "66f93679-74ac" x-content-type-options nosniff alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 date Sun, 29 Sep 2024 12:01:53 GMT content-type application/octet-stream last-modified Sun, 29 Sep 2024 11:14:01 GMT vary Accept-Encoding x-cloud-trace-context 79ead369f0baf05c91bb04f8e3cdc18c strict-transport-security max-age=31536000; includeSubDomains; preload cache-control max-age=7200 cf-ray 8cabd232ce1c59bf-MXP accept-ranges bytes content-length 29868 x-xss-protection 1; mode=block server Google Frontend
GET H2	200	WilliamTextStd-Regular.woff maddened-curler-186082.appspot.com/font/williamtext/	246 KB 246 KB	1026ms 1024ms	Font application/font-woff	2607:f8b0:4006:80f::2014 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://maddened-curler-186082.appspot.com/font/williamtext/WilliamTextStd-Regular.woff Requested by Host: maddened-curler-186082.appspot.com URL: https://maddened-curler-186082.appspot.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2607:f8b0:4006:80f::2014 , United States, ASN15169 (GOOGLE, US), Reverse DNS Software Google Frontend / Resource Hash 6dc415f1743764c2fb44cd16d108a6a1012b63a54ec44f475ae6e84f647abfd9 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Content-Type-Options nosniff X-Xss-Protection 1; mode=block Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36 Origin https://maddened-curler-186082.appspot.com Referer https://maddened-curler-186082.appspot.com/ Response headers server Google Frontend strict-transport-security max-age=31536000; includeSubDomains; preload cache-control max-age=7200 cf-cache-status EXPIRED etag W/"66f93679-3d714" x-content-type-options nosniff cf-ray 8cabd232cc610e42-MXP alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 251668 x-xss-protection 1; mode=block date Sun, 29 Sep 2024 12:01:53 GMT content-type application/font-woff last-modified Sun, 29 Sep 2024 11:14:01 GMT vary Accept-Encoding x-cloud-trace-context a7beb83fd28bbc9cc15df5c3e2b3233b
GET H2	200	WilliamTextStd-RegularItalic.woff maddened-curler-186082.appspot.com/font/williamtext/	291 KB 291 KB	801ms 800ms	Font application/font-woff	2607:f8b0:4006:80f::2014 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://maddened-curler-186082.appspot.com/font/williamtext/WilliamTextStd-RegularItalic.woff Requested by Host: maddened-curler-186082.appspot.com URL: https://maddened-curler-186082.appspot.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2607:f8b0:4006:80f::2014 , United States, ASN15169 (GOOGLE, US), Reverse DNS Software Google Frontend / Resource Hash 0b39671bd2a9cffcec3c8fed2783bc2460d3abf88e9e447ef43783309c7b467b Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Content-Type-Options nosniff X-Xss-Protection 1; mode=block Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36 Origin https://maddened-curler-186082.appspot.com Referer https://maddened-curler-186082.appspot.com/ Response headers server Google Frontend strict-transport-security max-age=31536000; includeSubDomains; preload cache-control max-age=7200 cf-cache-status EXPIRED etag W/"66f93679-48a40" x-content-type-options nosniff cf-ray 8cabd232a9c30dff-MXP alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 297536 x-xss-protection 1; mode=block date Sun, 29 Sep 2024 12:01:53 GMT content-type application/font-woff last-modified Sun, 29 Sep 2024 11:14:01 GMT vary Accept-Encoding x-cloud-trace-context d1af8e0f1ed7738c045caf5a1f9f0c59
GET H2	200	gtm.js Show response www.googletagmanager.com/	266 KB 88 KB	266ms 72ms	Script application/javascript	2607:f8b0:4023:1417::61 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.googletagmanager.com/gtm.js?id=GTM-N8VFP5 Requested by Host: maddened-curler-186082.appspot.com URL: https://maddened-curler-186082.appspot.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2607:f8b0:4023:1417::61 Columbus, United States, ASN15169 (GOOGLE, US), Reverse DNS Software Google Tag Manager / Resource Hash 4d6fa47cf0b2d6fa36d6c0786a94013fe5e86e4078ee0718b94ba676bc8f26e6 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains X-Xss-Protection 0 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36 Referer https://maddened-curler-186082.appspot.com/ Response headers content-encoding br report-to {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcycc:1080:0"}],} expires Sun, 29 Sep 2024 12:01:53 GMT alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 date Sun, 29 Sep 2024 12:01:53 GMT content-type application/javascript; charset=UTF-8 vary Accept-Encoding access-control-allow-headers Cache-Control strict-transport-security max-age=31536000; includeSubDomains cache-control private, max-age=900 cross-origin-resource-policy cross-origin access-control-allow-credentials true content-security-policy-report-only script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcycc:1080:0 access-control-allow-origin * cross-origin-opener-policy-report-only same-origin; report-to=coop_reporting content-length 89904 x-xss-protection 0 server Google Tag Manager
GET H2	200	roxot-manager.js Show response cdn-plus.roxot-panel.com/roxot-wrapper/js/	3 KB 1 KB	750ms 139ms	Script text/javascript	2a11:27c0:10::182 EDGECENTERLLC
General Check archive.org Show headers Download Go to Full URL https://cdn-plus.roxot-panel.com/roxot-wrapper/js/roxot-manager.js?pid=56d60cf6-fe21-45d9-9499-2f7c8fa84c36 Requested by Host: maddened-curler-186082.appspot.com URL: https://maddened-curler-186082.appspot.com/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2a11:27c0:10::182 , Russian Federation, ASN210756 (EDGECENTERLLC, RU), Reverse DNS Software nginx / Resource Hash ba6121f7eb96be4b0d3ee34ff87864056aea1e3c768c0f168613145703bf2f4f Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36 Referer https://maddened-curler-186082.appspot.com/ Response headers cache HIT cache-control max-age=600, public, s-maxage=600 content-encoding gzip access-control-allow-origin * date Sun, 29 Sep 2024 12:01:54 GMT content-type text/javascript; charset=UTF-8 x-cached-since 2024-09-29T11:55:16+00:00 server nginx x-node k12-up-gc17
GET H3	200	api.js Show response www.google.com/recaptcha/	1 KB 970 B	238ms 62ms	Script text/javascript	142.251.182.105 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.google.com/recaptcha/api.js Requested by Host: maddened-curler-186082.appspot.com URL: https://maddened-curler-186082.appspot.com/ Protocol H3 Security QUIC, , AES_128_GCM Server 142.251.182.105 Farmingdale, United States, ASN15169 (GOOGLE, US), Reverse DNS go-in-f105.1e100.net Software ESF / Resource Hash 8ab3bc08e25f6a7e24ef75ee66ed06360bceeace487d22822d7724b3f2bbed50 Security Headers Name Value X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 0 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36 Referer https://maddened-curler-186082.appspot.com/ Response headers cache-control private, max-age=300 content-encoding gzip cross-origin-resource-policy cross-origin report-to {"group":"coop_38fac9d5b82543fc4729580d18ff2d3d","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/38fac9d5b82543fc4729580d18ff2d3d"}]} x-content-type-options nosniff expires Sun, 29 Sep 2024 12:01:53 GMT alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 cross-origin-opener-policy-report-only same-origin; report-to="coop_38fac9d5b82543fc4729580d18ff2d3d" date Sun, 29 Sep 2024 12:01:53 GMT x-xss-protection 0 content-type text/javascript; charset=utf-8 server ESF x-frame-options SAMEORIGIN
GET H3	200	0199289a5a560dda3b2813d477cf6788 www.jfqwej.net/banner/	377 KB 378 KB	524ms 356ms	Image image/png	172.67.171.216 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://www.jfqwej.net/banner/0199289a5a560dda3b2813d477cf6788 Requested by Host: maddened-curler-186082.appspot.com URL: https://maddened-curler-186082.appspot.com/ Protocol H3 Security QUIC, , AES_128_GCM Server 172.67.171.216 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 3ae5368fce6ba66e8dae7bcfe8f700d13e4e8232cc0499216a6b8e60196245ac Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 1; mode=block Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36 Referer https://maddened-curler-186082.appspot.com/ Response headers cf-cache-status DYNAMIC etag "0e1e7d6211cf2a2557818f9eeb6e5d87" x-amz-version-id xARZxFkKk2Fhs9JNRhAaNcnE2654ARYw report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=9vsE0jSlsXBzXOy2JgQh7LseRDZIg1lrUCTQC9e1MPBBjdnZ9x7VzOw0JA2DlnwiyremfnpGAskkY%2Bxh2BE2UxNFBvG9%2FoBjDfTbMNKcO9Ro98atxLw1THakQVPqbaVUJw%3D%3D"}],"group":"cf-nel","max_age":604800} x-content-type-options nosniff date Sun, 29 Sep 2024 12:01:53 GMT content-type image/png last-modified Mon, 16 Sep 2024 15:59:11 GMT x-amz-id-2 qCI7b3Lo7dbm2EVXH0N/afsSyEDUCkTVAQEhuc3HJUPgr2duCE0sJE/nCSb61bFBXo4ml+zpqxpl0bezG88OWg== nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} x-amz-request-id PZGBEGMGYKSQMER8 cf-ray 8cabd2307f9ba204-YYZ accept-ranges bytes content-length 386329 x-xss-protection 1; mode=block server cloudflare x-amz-server-side-encryption AES256
GET H3	200	e0ccfc670e84d194ce09d485b91fa5c3_470x290 www.jfqwej.net/i/e/	22 KB 22 KB	357ms 333ms	Image image/jpeg	172.67.171.216 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://www.jfqwej.net/i/e/e0ccfc670e84d194ce09d485b91fa5c3_470x290 Requested by Host: maddened-curler-186082.appspot.com URL: https://maddened-curler-186082.appspot.com/ Protocol H3 Security QUIC, , AES_128_GCM Server 172.67.171.216 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 806608db63da115fcd8cea62b36034ae53f4b43a9ffc19c730294c467bce1b7e Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 1; mode=block Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36 Referer https://maddened-curler-186082.appspot.com/ Response headers cf-cache-status DYNAMIC etag "d4c3adc579f330f0e0686dee2ac06575" x-amz-version-id Q2gsVtXlvxaMFBtw9sRxFKiAa.Xfmds. report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=itQzeWd08M9aGMqBIW3aO6lcead0SHH42qOLLtYTQlXN6PuzNx8Olpy%2BTPVbT3K3WxdKjCByx60tTIFMU7xJxIMkkvDE0lcjWDvPUy9tM%2FyhEF%2BXG4h4R6NtXRrZYIRMqg%3D%3D"}],"group":"cf-nel","max_age":604800} x-content-type-options nosniff date Sun, 29 Sep 2024 12:01:53 GMT content-type image/jpeg last-modified Thu, 26 Sep 2024 10:59:02 GMT x-amz-id-2 mUtc5neW22AF8PtlPlpkdeWePsmsSF35z5xHVgbUWEvwO9L+Yvy9gKkckOj9OO3nNHJib1b819Y= nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} x-amz-request-id PZG7N83R2RHD1P8A cf-ray 8cabd2307f98a204-YYZ accept-ranges bytes content-length 22255 x-xss-protection 1; mode=block server cloudflare x-amz-server-side-encryption AES256
GET H3	200	917dfc4e2ff097b058ca6985fb9356f5_470x290 www.jfqwej.net/i/e/	29 KB 29 KB	607ms 607ms	Image image/jpeg	172.67.171.216 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://www.jfqwej.net/i/e/917dfc4e2ff097b058ca6985fb9356f5_470x290 Requested by Host: maddened-curler-186082.appspot.com URL: https://maddened-curler-186082.appspot.com/ Protocol H3 Security QUIC, , AES_128_GCM Server 172.67.171.216 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash c289683a7da043400d0ab52fb33f22c7d1cf3dc94dd0bd3c9f3407206fd7d7c9 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 1; mode=block Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36 Referer https://maddened-curler-186082.appspot.com/ Response headers cf-cache-status DYNAMIC etag "89246a6481bd2a46f923bdf4f0885ab5" x-amz-version-id 8a6UZafE6f0tzo7VqfaRfszE6lIRgQLT report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=b%2FSrQURcHiAYiC8QUeHGexWqcL84g3N4Duu7R8pgm50Cm5dW%2FuF1XQsR9P31WRWQijrQJZxjAqbaSE9r5LI4NQzpG%2BVN4Ajxekf%2BEwHoQ1b%2Bwzqi2iUO11JrfQF83HjAAg%3D%3D"}],"group":"cf-nel","max_age":604800} x-content-type-options nosniff date Sun, 29 Sep 2024 12:01:53 GMT content-type image/jpeg last-modified Tue, 24 Sep 2024 07:21:23 GMT x-amz-id-2 Xr5GS2ealpZTcl7MtIwyVet9GV2rtnh7oiJim3G3Hek6UMeEle1W8hDIASSIb+kCqUVL9QrSTeGWrui9zi8v4OIopkwSyDHH nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} x-amz-request-id AGK55S2GNJT02YW4 cf-ray 8cabd2332985a204-YYZ accept-ranges bytes content-length 29202 x-xss-protection 1; mode=block server cloudflare x-amz-server-side-encryption AES256
GET H3	200	07054a3c58c30c1fbd31bc0a3d2c6419_470x290 www.jfqwej.net/i/e/	11 KB 12 KB	323ms 236ms	Image image/jpeg	172.67.171.216 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://www.jfqwej.net/i/e/07054a3c58c30c1fbd31bc0a3d2c6419_470x290 Requested by Host: maddened-curler-186082.appspot.com URL: https://maddened-curler-186082.appspot.com/ Protocol H3 Security QUIC, , AES_128_GCM Server 172.67.171.216 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 9f1680c5b51ef255cfb3f5b487bb39710f533e29f579c28ba581e47b06a9d578 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 1; mode=block Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36 Referer https://maddened-curler-186082.appspot.com/ Response headers cf-cache-status DYNAMIC etag "c3966e337c8c494bbbe5eebff782a8ae" x-amz-version-id yBywJeQKwMhQ5fx2vS0X7uRX6nqhePpP report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Kpf8vkOHj4rMbEAseWY2nQDx3nl4jBNUIVmm%2Fuu0GDQmDwRzqsA2hUvRPn8cIAIbOHNqDuCOFjm7wI2zeGL3s%2FPJaWl0KnV0UL2FXGn7WAjxoOOlMnvPyul%2Bg%2Beh42ZenA%3D%3D"}],"group":"cf-nel","max_age":604800} x-content-type-options nosniff date Sun, 29 Sep 2024 12:01:53 GMT content-type image/jpeg last-modified Thu, 19 Sep 2024 14:56:26 GMT x-amz-id-2 q+q57SOZsYVuO7GWu5eZBwo1AodIiaiNlApnuFLX/FXUA6P6DRflE8XyKQFDVHZ394+XtFRZ55I= nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} x-amz-request-id AGK8ZAT6T4K0G71M cf-ray 8cabd235ab7ea204-YYZ accept-ranges bytes content-length 11628 x-xss-protection 1; mode=block server cloudflare x-amz-server-side-encryption AES256
GET H3	200	97e80f0e584343541afea972c4aa957b_470x290 www.jfqwej.net/i/e/	20 KB 21 KB	328ms 240ms	Image image/jpeg	172.67.171.216 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://www.jfqwej.net/i/e/97e80f0e584343541afea972c4aa957b_470x290 Requested by Host: maddened-curler-186082.appspot.com URL: https://maddened-curler-186082.appspot.com/ Protocol H3 Security QUIC, , AES_128_GCM Server 172.67.171.216 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 4fe07afaa7ece4d0a64f66d33450ebbeaa5f03bd0ff5deb9dd0cbab35c1bc2c3 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 1; mode=block Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36 Referer https://maddened-curler-186082.appspot.com/ Response headers cf-cache-status DYNAMIC etag "c232f81adf60887c4d71708045412839" x-amz-version-id U5yTw6E0jRXSRXbU_ypeU4z68rkB_0i. report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=cP82aia%2FXTpHgwNjo9T8zQw4fFffkPWVDgqOBY2iIdMj9jo8P1DTqF0%2FygiXgqjPpmZmiqQanPis5RO3eq7BaO9dxXgMIw6hOlh4s%2FDM0JTyQSYYNicGcpYtjJ239Hq%2BUQ%3D%3D"}],"group":"cf-nel","max_age":604800} x-content-type-options nosniff date Sun, 29 Sep 2024 12:01:53 GMT content-type image/jpeg last-modified Thu, 19 Sep 2024 07:31:39 GMT x-amz-id-2 PCzciueKxZbqMmFGdPldlnFwvc1jss4DztZ7K0o+kiT4QJcbIGaY7PHwpmkIJk/aLon8SDUeRSiOquS6T2LB9q2msBltw7N5 nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} x-amz-request-id AGKBQ5MWN5HXECZQ cf-ray 8cabd235ab87a204-YYZ accept-ranges bytes content-length 20960 x-xss-protection 1; mode=block server cloudflare x-amz-server-side-encryption AES256
GET H3	200	68a084081827dbc02fb3e4ecf473eb13_470x290 www.jfqwej.net/i/e/	36 KB 37 KB	442ms 360ms	Image image/jpeg	172.67.171.216 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://www.jfqwej.net/i/e/68a084081827dbc02fb3e4ecf473eb13_470x290 Requested by Host: maddened-curler-186082.appspot.com URL: https://maddened-curler-186082.appspot.com/ Protocol H3 Security QUIC, , AES_128_GCM Server 172.67.171.216 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash acf99d48ccbed0b7a5b2fe0a952a55d7b26199fb992598d5c8c8433f1cafd50d Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 1; mode=block Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36 Referer https://maddened-curler-186082.appspot.com/ Response headers cf-cache-status DYNAMIC etag "3ba00f7da5cb523afbb7a735e2a72985" x-amz-version-id e.09WTTVoAFECqrCaM7oQ38glblX2K9J report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=v5EcID1ra7tk2LvY5uqr4zF%2BrQscTKIRXMHQIGSp5hzfdcuZxOmbRBL%2FTHu7kfVLvfkZzjH7e3lWHM2t1OeTwuBoWW5lDxkJttAZ%2B6sQTPKpK4d%2FqgIZke5laZ8Jp1ucGQ%3D%3D"}],"group":"cf-nel","max_age":604800} x-content-type-options nosniff date Sun, 29 Sep 2024 12:01:53 GMT content-type image/jpeg last-modified Tue, 17 Sep 2024 11:57:56 GMT x-amz-id-2 Rk1ZwKJogf2KvlLY7UrCUe6pPFjJOocEd65dHXFhLYe/BfUODJ8ip0VR+4pazbUSgVH2a1brUxU= nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} x-amz-request-id AGK8F6WER78MNHFM cf-ray 8cabd235ab8aa204-YYZ accept-ranges bytes content-length 37098 x-xss-protection 1; mode=block server cloudflare x-amz-server-side-encryption AES256
GET H3	200	9dff66a24087ad49c55fd1c1dfc0ced3_470x290 www.jfqwej.net/i/e/	21 KB 21 KB	443ms 361ms	Image image/jpeg	172.67.171.216 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://www.jfqwej.net/i/e/9dff66a24087ad49c55fd1c1dfc0ced3_470x290 Requested by Host: maddened-curler-186082.appspot.com URL: https://maddened-curler-186082.appspot.com/ Protocol H3 Security QUIC, , AES_128_GCM Server 172.67.171.216 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 3e22b797ef65cdab0cff3a0061f59175733abe37fcff342e2c52f9cf9d60e8cc Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 1; mode=block Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36 Referer https://maddened-curler-186082.appspot.com/ Response headers cf-cache-status DYNAMIC etag "fa8aa16c5d50755508fcea1c52d4b07b" x-amz-version-id VTrpILJ8l75obA4CK1g.m9zu0_g94l2c report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=zbS%2F278yEKEuZlKiyNKFYJ7kjiyt1lVyR3nCDTo3rqn9u%2BlirwzY8MvT5EtzGjoGGNv4pLLpdqUC3BkCseP2UEwDMj3qkzS5%2BPv%2F5S9Zkf%2FYp5Ig7H8EnVabOad3H7Pyyw%3D%3D"}],"group":"cf-nel","max_age":604800} x-content-type-options nosniff date Sun, 29 Sep 2024 12:01:53 GMT content-type image/jpeg last-modified Tue, 17 Sep 2024 14:07:49 GMT x-amz-id-2 Hx0IP4Sw9A5fY1aUqGt3e2KbojfG0RPzGPuuuxdIeNNQVebGBLk+vO0bONXeGh8BBE2pT+aOq6c= nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} x-amz-request-id AGK60045KWRMZ682 cf-ray 8cabd235ab8ba204-YYZ accept-ranges bytes content-length 21292 x-xss-protection 1; mode=block server cloudflare x-amz-server-side-encryption AES256
GET H3	200	a42dd73f44493c752f9345366f128a14_470x290 www.jfqwej.net/i/e/	32 KB 33 KB	439ms 349ms	Image image/jpeg	172.67.171.216 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://www.jfqwej.net/i/e/a42dd73f44493c752f9345366f128a14_470x290 Requested by Host: maddened-curler-186082.appspot.com URL: https://maddened-curler-186082.appspot.com/ Protocol H3 Security QUIC, , AES_128_GCM Server 172.67.171.216 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 9548bb9006e8d3113c60c44e50ba9e6c96040e38afccfdc6e5b45b283892308a Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 1; mode=block Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36 Referer https://maddened-curler-186082.appspot.com/ Response headers cf-cache-status DYNAMIC etag "b9016629dfa11fe723fd0e1d1f73b7f8" x-amz-version-id GecgBU6_6CNGEqsaRjUAZASnLCkDIjcX report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=8wYAXnKHtCEwl40fkuOcO%2BwNfomZzIpiyT0p%2Fuo7gdj0Cq%2FKaCrTCWjh657TnNkdIvcBC0A61Hd%2FiLfYqUCBrBqQtAyeWRWxp%2BJn8Jf3rwO0Fh5SF1Wwk%2FBioKDlfapovw%3D%3D"}],"group":"cf-nel","max_age":604800} x-content-type-options nosniff date Sun, 29 Sep 2024 12:01:53 GMT content-type image/jpeg last-modified Thu, 05 Sep 2024 05:52:10 GMT x-amz-id-2 KEX1ZOJmE5pG2gGaxW1IdyfqCyBVVFrYTP8o1iC3BvgOWnqDoUiEBg2zqxrXs24z5TpsiT6lkiZXMdOto8Rr/kFb7EOtFAu0 nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} x-amz-request-id AGK8JQAN42HFNVQX cf-ray 8cabd235bb93a204-YYZ accept-ranges bytes content-length 32652 x-xss-protection 1; mode=block server cloudflare x-amz-server-side-encryption AES256
GET H3	200	77bb730d574f7ccc2b0a00bcad8c5017_470x290 www.jfqwej.net/i/e/	36 KB 36 KB	414ms 325ms	Image image/jpeg	172.67.171.216 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://www.jfqwej.net/i/e/77bb730d574f7ccc2b0a00bcad8c5017_470x290 Requested by Host: maddened-curler-186082.appspot.com URL: https://maddened-curler-186082.appspot.com/ Protocol H3 Security QUIC, , AES_128_GCM Server 172.67.171.216 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 7968f7f9e9e805fb129a9ad416986785519e860275c8aac6acd29b094a3189d7 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 1; mode=block Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36 Referer https://maddened-curler-186082.appspot.com/ Response headers cf-cache-status DYNAMIC etag "12c0068b235c94264bac71fe457aa87c" x-amz-version-id T7isyZWt_J.MFIKiXiUtWCz4YhwI.sqs report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=xvc2G0TMTKMfznOoAwFLooEz4Q8s7sbmTktq%2BxIo1mnTyQ4eHAGJHYclxhjRgrXUQfjrhOQ9xSyulFfsM68kT8cvKLSvWrTYZCyEorI%2BYpYe8aNQAmxsWN1WHTKUdeV2vQ%3D%3D"}],"group":"cf-nel","max_age":604800} x-content-type-options nosniff date Sun, 29 Sep 2024 12:01:53 GMT content-type image/jpeg last-modified Fri, 13 Sep 2024 09:02:20 GMT x-amz-id-2 LgMVOVG5fghLvh5FEE0APzVxx4RH631dhBhqupu3ubr7NfyysPHQZaLRLhlD+eVlebJ6R3eQogRLLhT8X5UPnyB5TJC5HPid nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} x-amz-request-id AGKF2HMA5PGT0Q1Q cf-ray 8cabd235bb94a204-YYZ accept-ranges bytes content-length 36692 x-xss-protection 1; mode=block server cloudflare x-amz-server-side-encryption AES256
GET H3	200	d9886f86b01da7f89b8a646a2a3a27c0_470x290 www.jfqwej.net/i/e/	18 KB 19 KB	411ms 325ms	Image image/jpeg	172.67.171.216 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://www.jfqwej.net/i/e/d9886f86b01da7f89b8a646a2a3a27c0_470x290 Requested by Host: maddened-curler-186082.appspot.com URL: https://maddened-curler-186082.appspot.com/ Protocol H3 Security QUIC, , AES_128_GCM Server 172.67.171.216 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 7eeb535843b5527cfd7b05b9d7635cd2dc148aab92c19c06689961f98488b6f0 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 1; mode=block Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36 Referer https://maddened-curler-186082.appspot.com/ Response headers cf-cache-status DYNAMIC etag "98d99d36e91e669b683efb657c482c4d" x-amz-version-id HEyg8kejhC6cEXulhUeuB9QTpA6nAb_m report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=mPSm89QTCpagkqcGNqwqqWOKcrSbogZhSF08M2mePVXHtALtZB8F74%2B7KOUP5YjjyDdn%2FbY0D7KYI%2Fadqu3Tf7eUxSdkaM544FGreDlYkc7RTcVcDy09ZZRE83g0fc5PsA%3D%3D"}],"group":"cf-nel","max_age":604800} x-content-type-options nosniff date Sun, 29 Sep 2024 12:01:53 GMT content-type image/jpeg last-modified Wed, 04 Sep 2024 11:28:33 GMT x-amz-id-2 YF0AfcvkxTHy55puTbYdik4jqBdYpQo1HUFtxXvGkj6ogJiV3RDFrLWyOJdxILPkZu0QBNOAsgI= nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} x-amz-request-id AGK8TVFMDXK3G07R cf-ray 8cabd235bb96a204-YYZ accept-ranges bytes content-length 18580 x-xss-protection 1; mode=block server cloudflare x-amz-server-side-encryption AES256
GET H3	200	a9a7c36abc9c0762d1b6a08dd6b33407_470x290 www.jfqwej.net/i/e/	33 KB 34 KB	434ms 351ms	Image image/jpeg	172.67.171.216 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://www.jfqwej.net/i/e/a9a7c36abc9c0762d1b6a08dd6b33407_470x290 Requested by Host: maddened-curler-186082.appspot.com URL: https://maddened-curler-186082.appspot.com/ Protocol H3 Security QUIC, , AES_128_GCM Server 172.67.171.216 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 66a4b891618300ea1342241eb85a5fef4910c59ddbd44d2590003cbcd86a53b3 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 1; mode=block Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36 Referer https://maddened-curler-186082.appspot.com/ Response headers cf-cache-status DYNAMIC etag "9e2b50372c651b142ac81039dc3d1c26" x-amz-version-id .P.u6IG7vkMDt871EPNcDgHkwXKTBZu0 report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=33wSZxN5lXWEChaKixrczUQa3IYFMr08z4eEZFNl8LFUjG0ftb0g8DGzd0gSeIM8Xug%2F8tkWDRSn0Bu7CcIv2vRX0w5OKkiHodbbZAIOvtMkJLZmUVpVhEuRud3K16wU9Q%3D%3D"}],"group":"cf-nel","max_age":604800} x-content-type-options nosniff date Sun, 29 Sep 2024 12:01:53 GMT content-type image/jpeg last-modified Thu, 12 Sep 2024 08:19:55 GMT x-amz-id-2 8KO2EFyQAFz0DbMUo8QoIF73py7DFvSgxYVs3OabrYLhMLCOSP8/eshmDVA3W/0mIQ+j/jXeQZy0vY4DhsAhQccVdvejg/Gb nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} x-amz-request-id AGK2VMTF48B0MZKN cf-ray 8cabd235bb97a204-YYZ accept-ranges bytes content-length 34160 x-xss-protection 1; mode=block server cloudflare x-amz-server-side-encryption AES256
GET H3	200	85feb48137a41afde2eeff1a2f651acc_470x290 www.jfqwej.net/i/e/	29 KB 30 KB	410ms 326ms	Image image/jpeg	172.67.171.216 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://www.jfqwej.net/i/e/85feb48137a41afde2eeff1a2f651acc_470x290 Requested by Host: maddened-curler-186082.appspot.com URL: https://maddened-curler-186082.appspot.com/ Protocol H3 Security QUIC, , AES_128_GCM Server 172.67.171.216 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 1dbdf1ed9ec2290de3bf12cb49f22b47ebc746e15cabf727339c91e2b4665bd2 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 1; mode=block Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36 Referer https://maddened-curler-186082.appspot.com/ Response headers cf-cache-status DYNAMIC etag "bc43b4fee8a5166df92c41165e09f42b" x-amz-version-id rBeRjPuHNb4gxu1gfWVIMqhrcp.sTFnG report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=9LhNY4OhfIcO0wDc7wBa%2BHSdpONCIc%2BwE%2FH%2Fv9Ucip5ugF%2FjG5tGzTswspzUCBsScOXYVtzNpxeZ218yY6ekoMIJiF%2BjSuhRA1KsjBrDsHS67lffrx4izOM0QE5tovGK6A%3D%3D"}],"group":"cf-nel","max_age":604800} x-content-type-options nosniff date Sun, 29 Sep 2024 12:01:53 GMT content-type image/jpeg last-modified Tue, 10 Sep 2024 10:26:08 GMT x-amz-id-2 2XGvZYPB0ksNhcyPo81PD90I6pPSOxmsGRLk/eQfwNrhRfNMosrvJeIDLnEVVRBHYCAIJGKiTnQ= nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} x-amz-request-id AGK5ABMM91PJGP14 cf-ray 8cabd235bb98a204-YYZ accept-ranges bytes content-length 29927 x-xss-protection 1; mode=block server cloudflare x-amz-server-side-encryption AES256
GET H3	200	b455a5740c2c53a03214c98c43c641b2_470x290 www.jfqwej.net/i/e/	40 KB 41 KB	456ms 373ms	Image image/jpeg	172.67.171.216 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://www.jfqwej.net/i/e/b455a5740c2c53a03214c98c43c641b2_470x290 Requested by Host: maddened-curler-186082.appspot.com URL: https://maddened-curler-186082.appspot.com/ Protocol H3 Security QUIC, , AES_128_GCM Server 172.67.171.216 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 68ac5b5d7c26c8c6fe3476e69ae238284c9e15d0247a95629909c9bb6a898762 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 1; mode=block Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36 Referer https://maddened-curler-186082.appspot.com/ Response headers cf-cache-status DYNAMIC etag "0e5e42a0a42e2e925dbcc0a304beafcc" x-amz-version-id iVT4zFf4HjdRlZs5m.buFSPaxkionhb4 report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=32LhLG7yNe%2FOGYkDzD4MUvKtwUt8670b8KSiQeeU2%2FJMu%2FNwFLCUP5t6WlE1URT0ydIjcqs%2FuzDZCft4mOtYp1nR7%2Bek8Tn6F1%2FXpc8P6WZE32TrEpIrdN0qVsBD0QQuSw%3D%3D"}],"group":"cf-nel","max_age":604800} x-content-type-options nosniff date Sun, 29 Sep 2024 12:01:53 GMT content-type image/jpeg last-modified Wed, 04 Sep 2024 20:09:25 GMT x-amz-id-2 iwQWBDgzr/zz2dzTirAfqnj/ZU1sBGcpSKRguADDS5+J9//Di0ndRs2sjQpkIIhSdjnkMCYOaP0= nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} x-amz-request-id AGK6ZNEJC7GP5YXS cf-ray 8cabd235bb9ba204-YYZ accept-ranges bytes content-length 41103 x-xss-protection 1; mode=block server cloudflare x-amz-server-side-encryption AES256
GET H3	200	main.dda32616.js Show response maddened-curler-186082.appspot.com/js/	378 KB 136 KB	777ms 689ms	Script application/javascript	142.250.64.84 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://maddened-curler-186082.appspot.com/js/main.dda32616.js Requested by Host: maddened-curler-186082.appspot.com URL: https://maddened-curler-186082.appspot.com/ Protocol H3 Security QUIC, , AES_128_GCM Server 142.250.64.84 Plainview, United States, ASN15169 (GOOGLE, US), Reverse DNS lga34s30-in-f20.1e100.net Software Google Frontend / Resource Hash 2de713788f5b42d70cc3dd7d0019cd6dc5787ee3353d0c9baa7ed2b22a931f1f Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Content-Type-Options nosniff X-Xss-Protection 1; mode=block Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36 Referer https://maddened-curler-186082.appspot.com/ Response headers content-encoding gzip cf-cache-status HIT etag W/"66f93679-5e97a" age 931 x-content-type-options nosniff expires Sun, 29 Sep 2024 12:16:23 GMT alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 date Sun, 29 Sep 2024 12:01:54 GMT x-cloud-trace-context 674c722d6f66220756468d886ce88530 content-type application/javascript vary Accept-Encoding, Accept-Encoding last-modified Sun, 29 Sep 2024 11:14:01 GMT strict-transport-security max-age=31536000; includeSubDomains; preload cache-control max-age=7200 cf-ray 8cabd238fd4c0dff-MXP content-length 139492 x-xss-protection 1; mode=block server Google Frontend
GET H2	200	gpt.js Show response www.googletagservices.com/tag/js/	105 KB 33 KB	228ms 53ms	Script text/javascript	2607:f8b0:4006:824::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.googletagservices.com/tag/js/gpt.js Requested by Host: maddened-curler-186082.appspot.com URL: https://maddened-curler-186082.appspot.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2607:f8b0:4006:824::2002 , United States, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash 68e8dadd924ad76c152b5ae909796ab55543fc4f430d3280aa028379a3be8999 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36 Referer https://maddened-curler-186082.appspot.com/ Response headers content-encoding br etag 916 / 19995 / m202409240101 / config-hash: 5915868342135973707 x-content-type-options nosniff expires Fri, 01 Jan 1990 00:00:00 GMT alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" date Sun, 29 Sep 2024 12:01:53 GMT content-type text/javascript; charset=UTF-8 vary Accept-Encoding content-disposition attachment; filename="f.txt" cache-control no-cache, must-revalidate timing-allow-origin * pragma no-cache cross-origin-resource-policy cross-origin access-control-allow-origin * content-length 32802 x-xss-protection 0 server cafe
GET H2	200	tcounter.js Show response www.tns-counter.ru/	552 B 750 B	563ms 194ms	Script application/javascript	2001:6d0:4001::226 ADFACT
General Check archive.org Show headers Download Go to Full URL https://www.tns-counter.ru/tcounter.js Requested by Host: maddened-curler-186082.appspot.com URL: https://maddened-curler-186082.appspot.com/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2001:6d0:4001::226 , Russian Federation, ASN52016 (ADFACT, RU), Reverse DNS Software ms-counter-4.4.3/1.22.1 / Resource Hash 92a82d0233445685062df7115e244b34f3e71657d0c80f54cce716b5952eb8dc Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36 Referer https://maddened-curler-186082.appspot.com/ Response headers etag "63d90709-228" accept-ranges bytes content-length 552 p3p policyref="/w3c/p3p.xml", CP="NOI DSP COR NID CUR OUR NOR" date Sun, 29 Sep 2024 12:01:53 GMT content-type application/javascript last-modified Tue, 31 Jan 2023 12:18:17 GMT server ms-counter-4.4.3/1.22.1
GET H3	200	left-arrow-slider.svg maddened-curler-186082.appspot.com/img/	1 KB 1 KB	650ms 593ms	Image image/svg+xml	142.250.64.84 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://maddened-curler-186082.appspot.com/img/left-arrow-slider.svg Requested by Host: maddened-curler-186082.appspot.com URL: https://maddened-curler-186082.appspot.com/ Protocol H3 Security QUIC, , AES_128_GCM Server 142.250.64.84 Plainview, United States, ASN15169 (GOOGLE, US), Reverse DNS lga34s30-in-f20.1e100.net Software Google Frontend / Resource Hash 29f8eb8d0d86a6acc1a8d1b064a57770c03a0d5c6821b29da723bcb07add58f9 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Content-Type-Options nosniff X-Xss-Protection 1; mode=block Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36 Referer https://maddened-curler-186082.appspot.com/ Response headers cf-cache-status HIT etag W/"66f8bf2f-405" age 5770 x-content-type-options nosniff alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 date Sun, 29 Sep 2024 12:01:54 GMT content-type image/svg+xml last-modified Sun, 29 Sep 2024 02:45:03 GMT vary Accept-Encoding x-cloud-trace-context 3707ca287031d1b24506b5814263016b strict-transport-security max-age=31536000; includeSubDomains; preload cache-control max-age=7200 cf-ray 8caa758f8e7d4c4f-MXP content-length 1029 x-xss-protection 1; mode=block server Google Frontend
GET H3	200	right-arrow-slider.svg maddened-curler-186082.appspot.com/img/	1 KB 1 KB	192ms 136ms	Image image/svg+xml	142.250.64.84 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://maddened-curler-186082.appspot.com/img/right-arrow-slider.svg Requested by Host: maddened-curler-186082.appspot.com URL: https://maddened-curler-186082.appspot.com/ Protocol H3 Security QUIC, , AES_128_GCM Server 142.250.64.84 Plainview, United States, ASN15169 (GOOGLE, US), Reverse DNS lga34s30-in-f20.1e100.net Software Google Frontend / Resource Hash 7499d248f5be459c0247e96b025cf5860291b94d16cf53171008130d2fa7892c Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Content-Type-Options nosniff X-Xss-Protection 1; mode=block Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36 Referer https://maddened-curler-186082.appspot.com/ Response headers cf-cache-status HIT etag W/"66f8c030-407" age 5770 x-content-type-options nosniff alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 date Sun, 29 Sep 2024 12:01:53 GMT content-type image/svg+xml last-modified Sun, 29 Sep 2024 02:49:20 GMT vary Accept-Encoding x-cloud-trace-context 501dc72c7e08048402aae163d89d09e3 strict-transport-security max-age=31536000; includeSubDomains; preload cache-control max-age=7200 cf-ray 8caa758faf21baf7-MXP content-length 1031 x-xss-protection 1; mode=block server Google Frontend
GET H3	200	6d236542635fda964b43d411783fbc81_1400x850 www.jfqwej.net/i/e/	241 KB 241 KB	530ms 474ms	Image image/jpeg	172.67.171.216 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://www.jfqwej.net/i/e/6d236542635fda964b43d411783fbc81_1400x850 Requested by Host: maddened-curler-186082.appspot.com URL: https://maddened-curler-186082.appspot.com/ Protocol H3 Security QUIC, , AES_128_GCM Server 172.67.171.216 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash bdb887bac0dbcea52d4140d7ae413ef7c90b23c3923067c2040786cc866e3ffb Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 1; mode=block Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36 Referer https://maddened-curler-186082.appspot.com/ Response headers cf-cache-status DYNAMIC etag "5cf88dd382e306a425e66cd80f5453ed" x-amz-version-id 2AGzhcoTSSD7Wln.L4KHXRfr1XlIoST6 report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=z7uYR4%2BohL81HgsfuKD7Au4UT1NckIkS%2B1jATWNxEu6bJ4csfHbBtp92nBTP1bi4Oyng%2F3byFBMddRuSgFMgylcP5giukbgixk6FMi7VCrqgYTHDJPTQ2Fvj%2FtD8%2BNH66Q%3D%3D"}],"group":"cf-nel","max_age":604800} x-content-type-options nosniff date Sun, 29 Sep 2024 12:01:53 GMT content-type image/jpeg last-modified Sat, 24 Feb 2024 06:25:22 GMT x-amz-id-2 U8jLFoxwhhvyGAjkTMTxlg8m0wJlwwVXKS1K10P4PNV8LtW+/501ERxgVRiuxbFXaHHVC5ai4qrI3m0SfaR2Hw== nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} x-amz-request-id AGK2B3GV2XCZA0HF cf-ray 8cabd235bb9ca204-YYZ accept-ranges bytes content-length 246338 x-xss-protection 1; mode=block server cloudflare x-amz-server-side-encryption AES256
GET H3	200	29e65b6d01c6480e04260f3629310748_1400x850 www.jfqwej.net/i/e/	143 KB 144 KB	555ms 519ms	Image image/jpeg	172.67.171.216 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://www.jfqwej.net/i/e/29e65b6d01c6480e04260f3629310748_1400x850 Requested by Host: maddened-curler-186082.appspot.com URL: https://maddened-curler-186082.appspot.com/ Protocol H3 Security QUIC, , AES_128_GCM Server 172.67.171.216 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash d4d08ba17819503177483f2b8fee628d52cf3f5457a318913919d1e1bd861e95 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 1; mode=block Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36 Referer https://maddened-curler-186082.appspot.com/ Response headers cf-cache-status DYNAMIC etag "1b3288d21638e1b8b54a9f1fa6551687" x-amz-version-id h7FEfO29QlxpkWMumxYlIaVwsd0UL1wN report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=DlzKttR%2BPHuDIjRKYBgA2DlOoUuWA0lFtdafQ%2Bq6P5wJnFhALIaLkptKgnMAKJxaoOguz0LpytLVRPG8Z%2BI%2FbJQkc%2FLLHwpzpT2evoa9K%2BucEyyUMdifIcWvRqV0dMD0Gw%3D%3D"}],"group":"cf-nel","max_age":604800} x-content-type-options nosniff alt-svc h3=":443"; ma=86400 date Sun, 29 Sep 2024 12:01:53 GMT content-type image/jpeg last-modified Fri, 27 Sep 2024 10:08:25 GMT x-amz-id-2 djqM3p7Z3Ra7q/BADJ7QJ7KSvrhFKAsv4ZG6prguNGLooWWhcpTfYhebvDubJFKbyfaC0TQxIfs= nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} x-amz-request-id AGKBN665A9A3MXFF cf-ray 8cabd2363bf6a204-YYZ accept-ranges bytes content-length 146421 x-xss-protection 1; mode=block server cloudflare x-amz-server-side-encryption AES256
GET H3	200	686703a3c76bab3ad08cf64ce971650a_1400x850 www.jfqwej.net/i/e/	215 KB 216 KB	570ms 543ms	Image image/jpeg	172.67.171.216 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://www.jfqwej.net/i/e/686703a3c76bab3ad08cf64ce971650a_1400x850 Requested by Host: maddened-curler-186082.appspot.com URL: https://maddened-curler-186082.appspot.com/ Protocol H3 Security QUIC, , AES_128_GCM Server 172.67.171.216 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 08853a5a34c204d9629186bfc9ed3baff768de4a768d7e5d3045d793cdbe992e Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 1; mode=block Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36 Referer https://maddened-curler-186082.appspot.com/ Response headers cf-cache-status DYNAMIC etag "356a991ea6e382de357b60a26ff9470d" x-amz-version-id i2I4tnS3Z5rMMjLKBcDdNOaaJjDBrIyz report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=09Pe958Fvaowk6LMQWb9d1wMK0W6dL6h0KidJALK%2BT3xEJcMbfLDQvhy6z5Pbkl%2B7wM4xEofSWkaEwhAtmRbf1rklm4SbG0DDknvAeMVeqGATPy%2BMoEmQM3DLC4xOP%2BWbg%3D%3D"}],"group":"cf-nel","max_age":604800} x-content-type-options nosniff alt-svc h3=":443"; ma=86400 date Sun, 29 Sep 2024 12:01:53 GMT content-type image/jpeg last-modified Fri, 27 Sep 2024 12:39:20 GMT x-amz-id-2 eGcqdA1P8oJhoXPkCJF+6Yijv18OmuXiNZ4+kR4GfC2KDnIq/dOTbuCvkRWV5UdpsmcGjgq7EyUofhBYidynZsZVjGcf0GHK nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} x-amz-request-id AGKDA3RGM5ED6P26 cf-ray 8cabd2363bf8a204-YYZ accept-ranges bytes content-length 220488 x-xss-protection 1; mode=block server cloudflare x-amz-server-side-encryption AES256
GET H3	200	7735c947af2eb83bbabc02ca02dd739e_1400x850 www.jfqwej.net/i/e/	184 KB 185 KB	828ms 801ms	Image image/jpeg	172.67.171.216 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://www.jfqwej.net/i/e/7735c947af2eb83bbabc02ca02dd739e_1400x850 Requested by Host: maddened-curler-186082.appspot.com URL: https://maddened-curler-186082.appspot.com/ Protocol H3 Security QUIC, , AES_128_GCM Server 172.67.171.216 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 8feae957440e760fdc2c45db6b1999d0879836d682b64e8b10b68753606fc410 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 1; mode=block Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36 Referer https://maddened-curler-186082.appspot.com/ Response headers cf-cache-status DYNAMIC etag "b5b47444d743e179d1b57e05d7717a84" x-amz-version-id scH73m2VFu.lRz_kLaMtlpkn.06rayJm report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=2s7%2BJPs3KlCmyXC2%2BIbIQAoYEAAQG8vzQFtUE%2FWJ8Oq9SsBAqlQDcggGXUvQBuXQrS0we4JFCG9iT0RtA084xSduFG6TferZ%2B%2F5rJZsHaPM67ewbm%2FwGnDqZ6HIwtG5btg%3D%3D"}],"group":"cf-nel","max_age":604800} x-content-type-options nosniff date Sun, 29 Sep 2024 12:01:53 GMT content-type image/jpeg last-modified Tue, 24 Sep 2024 11:57:23 GMT x-amz-id-2 XlpARhDR2a74cPHGRZXCiQ6oOZ1HwuE5yPmzHbmwoAZ/uCXlv/XSfHRkt+MQRozGY3s0IheGVbc= nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} x-amz-request-id AGK2H7M30BREMGEZ cf-ray 8cabd2363bf9a204-YYZ accept-ranges bytes content-length 188506 x-xss-protection 1; mode=block server cloudflare x-amz-server-side-encryption AES256
GET H3	200	9dfae322a413cafd0825dca2128054b3_810x500 www.jfqwej.net/i/e/	78 KB 79 KB	924ms 897ms	Image image/jpeg	172.67.171.216 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://www.jfqwej.net/i/e/9dfae322a413cafd0825dca2128054b3_810x500 Requested by Host: maddened-curler-186082.appspot.com URL: https://maddened-curler-186082.appspot.com/ Protocol H3 Security QUIC, , AES_128_GCM Server 172.67.171.216 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash faf65e667930443571c0eedba547ba6ae22c28541368280b606af9516fe17bb2 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 1; mode=block Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36 Referer https://maddened-curler-186082.appspot.com/ Response headers cf-cache-status DYNAMIC etag "005678654627525036a963fdd22f3633" x-amz-version-id 3V2M.2a1OYWGXuxlQTzyzR8pMXC9Erea report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=yPB4Y72sZ4lmrpziD7hyrM2TQMxueYhRugeU00YV4gNUnGtJIUa1%2FKzkWkSg7MROtbkzscWQKihMgVbGS5rMaAz4SxcZySYzXrw2wYjmo8YdWgiFb2t7zzZtto%2ByQ77AgA%3D%3D"}],"group":"cf-nel","max_age":604800} x-content-type-options nosniff date Sun, 29 Sep 2024 12:01:53 GMT content-type image/jpeg last-modified Wed, 18 Sep 2024 10:44:35 GMT x-amz-id-2 cYnJxDkssOV7+ZfiiaFN0yftk1BnpsczwNQ2woDEG7Vg8Y5+BVPq/s896J6fER2nlO3h88hQTP9f8TOXuYz8hYd2d1D99Blk nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} x-amz-request-id AGKAFMXE6N0T8YGF cf-ray 8cabd2363bfda204-YYZ accept-ranges bytes content-length 80243 x-xss-protection 1; mode=block server cloudflare x-amz-server-side-encryption AES256
GET H3	200	f354091de061c7325ac02e178758b8ac_810x500 www.jfqwej.net/i/e/	43 KB 44 KB	433ms 406ms	Image image/jpeg	172.67.171.216 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://www.jfqwej.net/i/e/f354091de061c7325ac02e178758b8ac_810x500 Requested by Host: maddened-curler-186082.appspot.com URL: https://maddened-curler-186082.appspot.com/ Protocol H3 Security QUIC, , AES_128_GCM Server 172.67.171.216 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash f5c1b839b7fde83ebfb7004fb5625e6a1beff9d112d4a3dec5cc67af5e5ef8ef Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 1; mode=block Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36 Referer https://maddened-curler-186082.appspot.com/ Response headers cf-cache-status DYNAMIC etag "5f260a9d8fbbc1edbc82d5fdbf70ccb8" x-amz-version-id da_6DOXGFxPWpfPbelcZaBX5Yul_XAhM report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=uVDgDae2rzmtnOOZ4VcBcc9iOFlW4ZEKfjXCQaMyimtkgenLRoKSF9T1FmXDDA6%2BE0EJxjuM5B0Gs9PqG%2BDjHY1n4tgty4FL%2BDAKvSGDoXnToXMEWRQXJ2nQ3qaevBQluA%3D%3D"}],"group":"cf-nel","max_age":604800} x-content-type-options nosniff date Sun, 29 Sep 2024 12:01:53 GMT content-type image/jpeg last-modified Thu, 12 Sep 2024 16:40:49 GMT x-amz-id-2 0QoCQBnfRU9U0Zl/pHeJCget027dXpiJxGvsNi50eIix9qMUCoR1PGfr6buMKkxvhMEym75/60f9l6/JM4eMX4ANq6e+k7qg nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} x-amz-request-id AGK54TFM0HKDACZ7 cf-ray 8cabd2363bffa204-YYZ accept-ranges bytes content-length 44100 x-xss-protection 1; mode=block server cloudflare x-amz-server-side-encryption AES256
GET H3	200	90ed696863f61c96f0e4f79f9bca9745_810x500 www.jfqwej.net/i/e/	94 KB 95 KB	969ms 943ms	Image image/jpeg	172.67.171.216 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://www.jfqwej.net/i/e/90ed696863f61c96f0e4f79f9bca9745_810x500 Requested by Host: maddened-curler-186082.appspot.com URL: https://maddened-curler-186082.appspot.com/ Protocol H3 Security QUIC, , AES_128_GCM Server 172.67.171.216 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 0a750f2f8c9b8fb3ff90b3c75984b461ef697586c8933fa23a11475872702340 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 1; mode=block Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36 Referer https://maddened-curler-186082.appspot.com/ Response headers cf-cache-status DYNAMIC etag "3f6d1ba51be97ac3db54be82abcd5a5c" x-amz-version-id Eww7moWKrqx4S2pqeP1RAnKc3CxOWT.G report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=ZBQMabOBAdaox529Sa3FOQkp3zNoXKhbWegv33Iedux0jtPDfmO4pYFDHKoC6AO%2BxmEuD5P5ht%2BRnpzVl2aF7veCVOS%2FCmtaet4OKl1L%2Fr079zHhhVnL2R8NsRq93EnYKg%3D%3D"}],"group":"cf-nel","max_age":604800} x-content-type-options nosniff date Sun, 29 Sep 2024 12:01:53 GMT content-type image/jpeg last-modified Mon, 02 Sep 2024 08:33:56 GMT x-amz-id-2 oYipj8itq4Lz9XvP3wWVLrCKa/s63+dDfAYnomPuWbI+9sPevsww4sZplKzcL9kLwqqe0beR+SCGpK6Cc3ThTQ== nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} x-amz-request-id AGKFTB2J1G0KS08D cf-ray 8cabd2363c00a204-YYZ accept-ranges bytes content-length 96319 x-xss-protection 1; mode=block server cloudflare x-amz-server-side-encryption AES256
GET H3	200	Graphik-Medium-Cy-Web.woff maddened-curler-186082.appspot.com/font/	63 KB 63 KB	658ms 658ms	Font application/font-woff	142.250.64.84 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://maddened-curler-186082.appspot.com/font/Graphik-Medium-Cy-Web.woff Requested by Host: maddened-curler-186082.appspot.com URL: https://maddened-curler-186082.appspot.com/css/main.a948ce542262258e.css Protocol H3 Security QUIC, , AES_128_GCM Server 142.250.64.84 Plainview, United States, ASN15169 (GOOGLE, US), Reverse DNS lga34s30-in-f20.1e100.net Software Google Frontend / Resource Hash 59e00c861449720b83694c29302ac430f85ef3016a46f0ca36f1795e23a40d48 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Content-Type-Options nosniff X-Xss-Protection 1; mode=block Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36 Origin https://maddened-curler-186082.appspot.com Referer https://maddened-curler-186082.appspot.com/css/main.a948ce542262258e.css Response headers cf-cache-status HIT etag W/"66f8bf2f-fb70" age 4893 x-content-type-options nosniff alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 date Sun, 29 Sep 2024 12:01:54 GMT content-type application/font-woff last-modified Sun, 29 Sep 2024 02:45:03 GMT vary Accept-Encoding x-cloud-trace-context 2dd9bf8eab552ac138831bc71f155a83 strict-transport-security max-age=31536000; includeSubDomains; preload cache-control max-age=7200 cf-ray 8cabd23a1e520dfa-MXP content-length 64368 x-xss-protection 1; mode=block server Google Frontend
GET H3	200	recaptcha__en.js Show response www.gstatic.com/recaptcha/releases/xds0rzGrktR88uEZ2JUvdgOY/	539 KB 213 KB	106ms 51ms	Script text/javascript	142.250.123.94 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.gstatic.com/recaptcha/releases/xds0rzGrktR88uEZ2JUvdgOY/recaptcha__en.js Requested by Host: www.google.com URL: https://www.google.com/recaptcha/api.js Protocol H3 Security QUIC, , AES_128_GCM Server 142.250.123.94 Plainview, United States, ASN15169 (GOOGLE, US), Reverse DNS gh-in-f94.1e100.net Software sffe / Resource Hash b5e8ec5d4dcc080657deb2d004f65d974bf4ec9e9aa5d621e10749182fff8731 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36 Origin https://maddened-curler-186082.appspot.com Referer https://maddened-curler-186082.appspot.com/ Response headers content-encoding gzip age 503404 report-to {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]} x-content-type-options nosniff expires Tue, 23 Sep 2025 16:11:49 GMT alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 date Mon, 23 Sep 2024 16:11:49 GMT last-modified Mon, 23 Sep 2024 04:00:50 GMT content-type text/javascript vary Accept-Encoding cache-control public, max-age=31536000 cross-origin-opener-policy same-origin-allow-popups; report-to="recaptcha" cross-origin-resource-policy cross-origin content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha accept-ranges bytes access-control-allow-origin * content-length 218137 x-xss-protection 0 server sffe
GET H3	200	pubads_impl.js Show response securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202409240101/	478 KB 149 KB	95ms 32ms	Script text/javascript	142.250.72.98 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202409240101/pubads_impl.js Requested by Host: www.googletagservices.com URL: https://www.googletagservices.com/tag/js/gpt.js Protocol H3 Security QUIC, , AES_128_GCM Server 142.250.72.98 Plainview, United States, ASN15169 (GOOGLE, US), Reverse DNS lga34s32-in-f2.1e100.net Software cafe / Resource Hash 35e9ccb1d2b7a55ac143b6ba8704e240ae9217d76f1db2cb735501af0b5eb765 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36 Referer https://maddened-curler-186082.appspot.com/ Response headers content-encoding br etag 11534241471022370290 age 2043 x-content-type-options nosniff expires Mon, 29 Sep 2025 11:27:50 GMT alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" date Sun, 29 Sep 2024 11:27:50 GMT content-disposition attachment; filename="f.txt" content-type text/javascript; charset=UTF-8 vary Accept-Encoding cache-control public, immutable, max-age=31536000 timing-allow-origin * cross-origin-resource-policy cross-origin access-control-allow-origin * content-length 152927 x-xss-protection 0 server cafe
GET H3	200	ppub_config Show response securepubads.g.doubleclick.net/pagead/	82 B 91 B	101ms 46ms	XHR application/json	142.250.72.98 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://securepubads.g.doubleclick.net/pagead/ppub_config?ippd=maddened-curler-186082.appspot.com Requested by Host: www.googletagservices.com URL: https://www.googletagservices.com/tag/js/gpt.js Protocol H3 Security QUIC, , AES_128_GCM Server 142.250.72.98 Plainview, United States, ASN15169 (GOOGLE, US), Reverse DNS lga34s32-in-f2.1e100.net Software cafe / Resource Hash f809911033039c62ecae24818fb27478908ac4de54c4bdb61d4bbae523e84af2 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36 Referer https://maddened-curler-186082.appspot.com/ Response headers cache-control private, max-age=3600, stale-while-revalidate=3600 timing-allow-origin * content-encoding br cross-origin-resource-policy cross-origin x-content-type-options nosniff expires Sun, 29 Sep 2024 12:01:53 GMT access-control-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" content-length 66 date Sun, 29 Sep 2024 12:01:53 GMT x-xss-protection 0 content-type application/json; charset=UTF-8 content-disposition attachment; filename="f.txt" server cafe
GET H2	200	js Show response www.googletagmanager.com/gtag/	328 KB 107 KB	177ms 174ms	Script application/javascript	2607:f8b0:4023:1417::61 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.googletagmanager.com/gtag/js?id=G-MQ4BHWPRFV&l=dataLayer&cx=c Requested by Host: www.googletagmanager.com URL: https://www.googletagmanager.com/gtm.js?id=GTM-N8VFP5 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2607:f8b0:4023:1417::61 Columbus, United States, ASN15169 (GOOGLE, US), Reverse DNS Software Google Tag Manager / Resource Hash 8ccb4c7aae0fed4fa16a320495b8074b2f5d235a3d9b7d27fe0f58473fd59c8e Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains X-Xss-Protection 0 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36 Referer https://maddened-curler-186082.appspot.com/ Response headers content-encoding br report-to {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcycc:838:0"}],} expires Sun, 29 Sep 2024 12:01:53 GMT alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 date Sun, 29 Sep 2024 12:01:53 GMT content-type application/javascript; charset=UTF-8 vary Accept-Encoding access-control-allow-headers Cache-Control strict-transport-security max-age=31536000; includeSubDomains cache-control private, max-age=900 cross-origin-resource-policy cross-origin access-control-allow-credentials true content-security-policy-report-only script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcycc:838:0 access-control-allow-origin * cross-origin-opener-policy-report-only same-origin; report-to=coop_reporting content-length 109097 x-xss-protection 0 server Google Tag Manager
GET H2	200	analytics.js Show response www.google-analytics.com/	52 KB 21 KB	217ms 40ms	Script text/javascript	2607:f8b0:4023:1402::8b GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.google-analytics.com/analytics.js Requested by Host: www.googletagmanager.com URL: https://www.googletagmanager.com/gtm.js?id=GTM-N8VFP5 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2607:f8b0:4023:1402::8b Columbus, United States, ASN15169 (GOOGLE, US), Reverse DNS Software Golfe2 / Resource Hash de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Content-Type-Options nosniff Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36 Referer https://maddened-curler-186082.appspot.com/ Response headers content-encoding gzip age 5168 report-to {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsgac:225:0"}],} x-content-type-options nosniff expires Sun, 29 Sep 2024 12:35:46 GMT alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 date Sun, 29 Sep 2024 10:35:46 GMT last-modified Tue, 12 Dec 2023 18:09:08 GMT content-type text/javascript vary Accept-Encoding strict-transport-security max-age=31536000; includeSubDomains; preload cache-control public, max-age=7200 cross-origin-resource-policy cross-origin content-security-policy-report-only script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsgac:225:0 cross-origin-opener-policy-report-only same-origin; report-to=coop_reporting content-length 20994 server Golfe2
GET H3	200	fbevents.js Show response connect.facebook.net/en_US/	226 KB 58 KB	149ms 116ms	Script application/x-javascript	157.240.241.1 FACEBOOK
General Check archive.org Show headers Download Go to Full URL https://connect.facebook.net/en_US/fbevents.js Requested by Host: maddened-curler-186082.appspot.com URL: https://maddened-curler-186082.appspot.com/ Protocol H3 Security QUIC, , AES_128_GCM Server 157.240.241.1 Secaucus, United States, ASN32934 (FACEBOOK, US), Reverse DNS xx-fbcdn-shv-02-lga3.fbcdn.net Software / Resource Hash 5ebce957851eb83517851e8613f012eb45aa4ebb6142b92c30b7d9492c874e22 Security Headers Name Value Content-Security-Policy default-src 'self' data: blob: *;script-src 'unsafe-inline' *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* blob: data: 'self' https://*.google-analytics.com *.google.com;style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' https://*.google-analytics.com;img-src 'self' data: blob: * https://*.google-analytics.com;block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script'; Strict-Transport-Security max-age=31536000; preload; includeSubDomains X-Content-Type-Options nosniff X-Frame-Options DENY X-Xss-Protection 0 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36 Referer https://maddened-curler-186082.appspot.com/ Response headers content-encoding gzip report-to {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"} x-content-type-options nosniff expires Sat, 01 Jan 2000 00:00:00 GMT alt-svc h3=":443"; ma=86400 edge-control cache-maxage=10m date Sun, 29 Sep 2024 12:01:53 GMT content-type application/x-javascript; charset=utf-8 vary Accept-Encoding cross-origin-embedder-policy-report-only require-corp;report-to="coep_report" priority u=3,i x-frame-options DENY strict-transport-security max-age=31536000; preload; includeSubDomains reporting-endpoints coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/" content-security-policy default-src 'self' data: blob: *;script-src 'unsafe-inline' *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* blob: data: 'self' https://*.google-analytics.com *.google.com;style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' https://*.google-analytics.com;img-src 'self' data: blob: * https://*.google-analytics.com;block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script'; cache-control public, max-age=1200 timing-allow-origin * cross-origin-opener-policy same-origin-allow-popups x-fb-connection-quality EXCELLENT; q=0.9, rtt=23, rtx=0, c=23, mss=1232, tbw=4443, tp=9, tpl=0, uplat=0, ullat=-1 pragma public x-fb-debug +4AaNsYnveGXAvbsnyfWKQIJeecEw8MdGw8Zu/xzZzV236pBci5whZeni/ZTmSvC5yI3vlruWAYjm7t8hfCwXg== cross-origin-resource-policy cross-origin permissions-policy accelerometer=(), attribution-reporting=(), autoplay=(), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy" x-fb-optimizer 0 document-policy force-load-at-top content-length 59131 x-xss-protection 0
GET H2	200	764586231 www.tns-counter.ru/V13b***R%3E*zonamedia_ru/ru/UTF-8/tmsec=zonamedia_total/ Redirect Chain https://www.tns-counter.ru/V13a***R%3E*zonamedia_ru/ru/UTF-8/tmsec=zonamedia_total/764586231 https://www.tns-counter.ru/V13b***R%3E*zonamedia_ru/ru/UTF-8/tmsec=zonamedia_total/764586231	43 B 297 B	145ms 140ms	Image image/gif	2001:6d0:4001::226 ADFACT
General Check archive.org Show headers Download Go to Show image Full URL https://www.tns-counter.ru/V13b***R%3E*zonamedia_ru/ru/UTF-8/tmsec=zonamedia_total/764586231 Requested by Host: maddened-curler-186082.appspot.com URL: https://maddened-curler-186082.appspot.com/ Protocol H2 Server 2001:6d0:4001::226 , Russian Federation, ASN52016 (ADFACT, RU), Reverse DNS Software ms-counter-4.4.3/1.22.1 / Resource Hash cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36 Referer https://maddened-curler-186082.appspot.com/ Response headers cache-control no-store, no-cache, must-revalidate, post-check=0, pre-check=0, no-cache=Set-Cookie, max-age=0, proxy-revalidate timing-allow-origin * pragma no-cache expires Thu, 01 Jan 1970 00:00:01 GMT content-length 43 date Sun, 29 Sep 2024 12:01:54 GMT content-type image/gif last-modified Mon, 28 Sep 1970 06:00:00 GMT server ms-counter-4.4.3/1.22.1 Redirect headers strict-transport-security max-age=2678400 cache-control no-store, no-cache, must-revalidate, post-check=0, pre-check=0, no-cache=Set-Cookie, max-age=0, proxy-revalidate location https://www.tns-counter.ru/V13b***R%3E*zonamedia_ru/ru/UTF-8/tmsec=zonamedia_total/764586231 timing-allow-origin * pragma no-cache expires Thu, 01 Jan 1970 00:00:01 GMT content-length 0 date Sun, 29 Sep 2024 12:01:54 GMT content-type image/gif server ms-counter-4.4.3/1.22.1
GET H3	200	1772702523170584 Show response connect.facebook.net/signals/config/	68 KB 13 KB	79ms 79ms	Script application/x-javascript	157.240.241.1 FACEBOOK
General Check archive.org Show headers Download Go to Full URL https://connect.facebook.net/signals/config/1772702523170584?v=2.9.169&r=stable&domain=maddened-curler-186082.appspot.com&hme=d82868061a8c707cd31395a3055e7449daa03bd520872727258c39e6af34523e&ex_m=70%2C120%2C106%2C110%2C61%2C4%2C99%2C69%2C16%2C96%2C88%2C51%2C54%2C171%2C174%2C186%2C182%2C183%2C185%2C29%2C100%2C53%2C77%2C184%2C166%2C169%2C179%2C180%2C187%2C130%2C41%2C34%2C142%2C15%2C50%2C193%2C192%2C132%2C18%2C40%2C1%2C43%2C65%2C66%2C67%2C71%2C92%2C17%2C14%2C95%2C91%2C90%2C107%2C52%2C109%2C39%2C108%2C30%2C93%2C26%2C167%2C170%2C139%2C28%2C11%2C12%2C13%2C6%2C7%2C25%2C22%2C23%2C57%2C62%2C64%2C75%2C101%2C27%2C76%2C9%2C8%2C80%2C48%2C21%2C103%2C102%2C104%2C97%2C10%2C20%2C3%2C38%2C74%2C19%2C85%2C56%2C83%2C33%2C73%2C0%2C94%2C32%2C82%2C87%2C47%2C46%2C86%2C37%2C5%2C89%2C81%2C44%2C35%2C84%2C2%2C36%2C63%2C42%2C105%2C45%2C79%2C68%2C111%2C60%2C59%2C31%2C98%2C58%2C55%2C49%2C78%2C72%2C24%2C112 Requested by Host: connect.facebook.net URL: https://connect.facebook.net/en_US/fbevents.js Protocol H3 Security QUIC, , AES_128_GCM Server 157.240.241.1 Secaucus, United States, ASN32934 (FACEBOOK, US), Reverse DNS xx-fbcdn-shv-02-lga3.fbcdn.net Software / Resource Hash bcfb3ee85b9695f251144200a4617b5cc6b8345096e52166f954961a585b4f68 Security Headers Name Value Content-Security-Policy default-src 'self' data: blob: *;script-src 'unsafe-inline' *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* blob: data: 'self' https://*.google-analytics.com *.google.com;style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' https://*.google-analytics.com;img-src 'self' data: blob: * https://*.google-analytics.com;block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script'; Strict-Transport-Security max-age=31536000; preload; includeSubDomains X-Content-Type-Options nosniff X-Frame-Options DENY X-Xss-Protection 0 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36 Referer https://maddened-curler-186082.appspot.com/ Response headers content-encoding gzip report-to {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"} x-content-type-options nosniff expires Sat, 01 Jan 2000 00:00:00 GMT alt-svc h3=":443"; ma=86400 edge-control cache-maxage=10m date Sun, 29 Sep 2024 12:01:54 GMT content-type application/x-javascript; charset=utf-8 vary Accept-Encoding cross-origin-embedder-policy-report-only require-corp;report-to="coep_report" priority u=3,i x-frame-options DENY strict-transport-security max-age=31536000; preload; includeSubDomains reporting-endpoints coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/" content-security-policy default-src 'self' data: blob: *;script-src 'unsafe-inline' *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* blob: data: 'self' https://*.google-analytics.com *.google.com;style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' https://*.google-analytics.com;img-src 'self' data: blob: * https://*.google-analytics.com;block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script'; cache-control public, max-age=1200 timing-allow-origin * cross-origin-opener-policy same-origin-allow-popups x-fb-connection-quality EXCELLENT; q=0.9, rtt=35, rtx=0, c=74, mss=1232, tbw=67243, tp=62, tpl=0, uplat=54, ullat=0 pragma public x-fb-debug Kn/LEGa++4bwlgK8xb27/VD9zfg9cKB8g/kV4eyNo5ehfW38tBz5+x2Ciu7K/vZIDX+sdxXQXeE45apBXUZEyA== cross-origin-resource-policy cross-origin permissions-policy accelerometer=(), attribution-reporting=(), autoplay=(), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy" document-policy force-load-at-top x-xss-protection 0 origin-agent-cluster ?0
POST H2	200	collect Show response www.google-analytics.com/j/	3 B 434 B	56ms 55ms	XHR text/plain	2607:f8b0:4023:1402::8b GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.google-analytics.com/j/collect?v=1&_v=j101&a=1039753179&t=pageview&_s=1&dl=https%3A%2F%2Fmaddened-curler-186082.appspot.com%2F&ul=en-ca&de=UTF-8&dt=%D0%9C%D0%B5%D0%B4%D0%B8%D0%B0%D0%B7%D0%BE%D0%BD%D0%B0&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YEBAAEABAAAAACAAI~&jid=226983121&gjid=1819526071&cid=45433187.1727611314&tid=UA-71413026-1&_gid=1379084163.1727611314&_r=1&_slc=1&gtm=45He49p0n71N8VFP5v72229179za200&gcd=13l3l3l3l1l1&dma=0&tag_exp=101671035~101747727&z=1066757837 Requested by Host: www.google-analytics.com URL: https://www.google-analytics.com/analytics.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2607:f8b0:4023:1402::8b Columbus, United States, ASN15169 (GOOGLE, US), Reverse DNS Software Golfe2 / Resource Hash 1cffc2b3146584685cd72751d7f28aa030ab9ae2f1bc78f2c27909f8d8287b26 Security Headers Name Value X-Content-Type-Options nosniff Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36 Content-Type text/plain Referer https://maddened-curler-186082.appspot.com/ Response headers report-to {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsgac:175:0"}],} x-content-type-options nosniff expires Fri, 01 Jan 1990 00:00:00 GMT alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 date Sun, 29 Sep 2024 12:01:54 GMT last-modified Sun, 17 May 1998 03:00:00 GMT content-type text/plain cache-control no-cache, no-store, must-revalidate pragma no-cache cross-origin-resource-policy cross-origin access-control-allow-credentials true content-security-policy-report-only script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsgac:175:0 access-control-allow-origin https://maddened-curler-186082.appspot.com cross-origin-opener-policy-report-only same-origin; report-to=coop_reporting content-length 3 server Golfe2
GET H3	200	topics_frame.html securepubads.g.doubleclick.net/static/topics/ Frame F8BF	0 0	82ms 31ms	Document text/html	142.250.72.98 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://securepubads.g.doubleclick.net/static/topics/topics_frame.html Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202409240101/pubads_impl.js Protocol H3 Security QUIC, , AES_128_GCM Server 142.250.72.98 Plainview, United States, ASN15169 (GOOGLE, US), Reverse DNS lga34s32-in-f2.1e100.net Software sffe / Resource Hash Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://maddened-curler-186082.appspot.com/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36 Response headers accept-ranges bytes age 1294 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 cache-control public, max-age=3000, stale-while-revalidate=3600 content-encoding br content-length 29441 content-type text/html cross-origin-opener-policy-report-only same-origin; report-to="ads-gpt-scs" cross-origin-resource-policy cross-origin date Sun, 29 Sep 2024 11:40:20 GMT expires Sun, 29 Sep 2024 12:30:20 GMT last-modified Mon, 23 Sep 2024 19:43:02 GMT report-to {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]} server sffe vary Accept-Encoding x-content-type-options nosniff x-xss-protection 0
POST H2	204	collect analytics.google.com/g/	0 0	150ms 48ms	Fetch text/plain	2001:4860:4802:34::181 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://analytics.google.com/g/collect?v=2&tid=G-MQ4BHWPRFV&gtm=45je49p0v9103513916z872229179za200zb72229179&_p=1727611313430&_gaz=1&gcd=13l3l3l3l1l1&npa=0&dma=0&tag_exp=101671035~101747727&cid=45433187.1727611314&ecid=987853868&ul=en-ca&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&are=1&pae=1&frm=0&pscdl=noapi&ec_mode=a&_s=1&sid=1727611314&sct=1&seg=0&dl=https%3A%2F%2Fmaddened-curler-186082.appspot.com%2F&dt=%D0%9C%D0%B5%D0%B4%D0%B8%D0%B0%D0%B7%D0%BE%D0%BD%D0%B0&en=page_view&_fv=1&_ss=1&tfd=2328 Requested by Host: www.googletagmanager.com URL: https://www.googletagmanager.com/gtag/js?id=G-MQ4BHWPRFV&l=dataLayer&cx=c Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2001:4860:4802:34::181 , United States, ASN15169 (GOOGLE, US), Reverse DNS Software Golfe2 / Resource Hash Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36 Referer https://maddened-curler-186082.appspot.com/ Response headers cache-control no-cache, no-store, must-revalidate pragma no-cache cross-origin-resource-policy cross-origin access-control-allow-credentials true content-security-policy-report-only script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsggc:136:0 report-to {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsggc:136:0"}],} expires Fri, 01 Jan 1990 00:00:00 GMT access-control-allow-origin https://maddened-curler-186082.appspot.com cross-origin-opener-policy-report-only same-origin; report-to=coop_reporting content-length 0 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 date Sun, 29 Sep 2024 12:01:54 GMT content-type text/plain server Golfe2
POST H2	204	collect stats.g.doubleclick.net/g/	0 567 B	154ms 53ms	Ping text/plain	2607:f8b0:4023:1404::9d GOOGLE
General Check archive.org Show headers Download Go to Full URL https://stats.g.doubleclick.net/g/collect?v=2&tid=G-MQ4BHWPRFV&cid=45433187.1727611314&gtm=45je49p0v9103513916z872229179za200zb72229179&aip=1&dma=0&gcd=13l3l3l3l1l1&npa=0&frm=0&tag_exp=101671035~101747727 Requested by Host: www.googletagmanager.com URL: https://www.googletagmanager.com/gtag/js?id=G-MQ4BHWPRFV&l=dataLayer&cx=c Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2607:f8b0:4023:1404::9d Columbus, United States, ASN15169 (GOOGLE, US), Reverse DNS Software Golfe2 / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36 Referer https://maddened-curler-186082.appspot.com/ Response headers cache-control no-cache, no-store, must-revalidate pragma no-cache cross-origin-resource-policy cross-origin access-control-allow-credentials true content-security-policy-report-only script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsggc:111:0 report-to {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsggc:111:0"}],} expires Fri, 01 Jan 1990 00:00:00 GMT access-control-allow-origin https://maddened-curler-186082.appspot.com cross-origin-opener-policy-report-only same-origin; report-to=coop_reporting content-length 0 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 date Sun, 29 Sep 2024 12:01:54 GMT content-type text/plain server Golfe2
GET H2	200	rul td.doubleclick.net/td/ga/ Frame 790C	0 0	230ms 156ms	Document text/html	2607:f8b0:4023:1407::9b GOOGLE
General Check archive.org Show headers Download Go to Full URL https://td.doubleclick.net/td/ga/rul?tid=G-MQ4BHWPRFV&gacid=45433187.1727611314&gtm=45je49p0v9103513916z872229179za200zb72229179&dma=0&gcd=13l3l3l3l1l1&npa=0&pscdl=noapi&aip=1&fledge=1&frm=0&tag_exp=101671035~101747727&z=653041406 Requested by Host: www.googletagmanager.com URL: https://www.googletagmanager.com/gtag/js?id=G-MQ4BHWPRFV&l=dataLayer&cx=c Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2607:f8b0:4023:1407::9b Columbus, United States, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://maddened-curler-186082.appspot.com/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36 Response headers alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 cache-control no-cache, must-revalidate content-encoding br content-length 16 content-type text/html; charset=UTF-8 cross-origin-resource-policy cross-origin date Sun, 29 Sep 2024 12:01:54 GMT expires Fri, 01 Jan 1990 00:00:00 GMT p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" pragma no-cache server cafe timing-allow-origin * x-content-type-options nosniff x-xss-protection 0
GET H3	200	ga-audiences www.google.ca/ads/	42 B 63 B	222ms 163ms	Image image/gif	142.251.177.94 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://www.google.ca/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-MQ4BHWPRFV&cid=45433187.1727611314&gtm=45je49p0v9103513916z872229179za200zb72229179&aip=1&dma=0&gcd=13l3l3l3l1l1&npa=0&frm=0&tag_exp=101671035~101747727&tag_exp=101671035~101747727&z=1661593889 Requested by Host: maddened-curler-186082.appspot.com URL: https://maddened-curler-186082.appspot.com/ Protocol H3 Security QUIC, , AES_128_GCM Server 142.251.177.94 Farmingdale, United States, ASN15169 (GOOGLE, US), Reverse DNS yucmhac-in-f94.1e100.net Software cafe / Resource Hash ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36 Referer https://maddened-curler-186082.appspot.com/ Response headers cache-control no-cache, no-store, must-revalidate timing-allow-origin * pragma no-cache cross-origin-resource-policy cross-origin x-content-type-options nosniff expires Fri, 01 Jan 1990 00:00:00 GMT alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" content-length 42 date Sun, 29 Sep 2024 12:01:54 GMT x-xss-protection 0 content-type image/gif server cafe
GET H2	200	common-engine.js Show response cdn.skcrtxr.com/wrapper/js/	530 KB 129 KB	615ms 159ms	Script text/javascript	2a11:27c0:10::182 EDGECENTERLLC
General Check archive.org Show headers Download Go to Full URL https://cdn.skcrtxr.com/wrapper/js/common-engine.js?v=s-48df6e69-08b8-492a-88d8-42cca1c9e880 Requested by Host: cdn-plus.roxot-panel.com URL: https://cdn-plus.roxot-panel.com/roxot-wrapper/js/roxot-manager.js?pid=56d60cf6-fe21-45d9-9499-2f7c8fa84c36 Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2a11:27c0:10::182 , Russian Federation, ASN210756 (EDGECENTERLLC, RU), Reverse DNS Software nginx / Resource Hash d8ddad60101ca96c520e63abd236882de086f7d226ee5b28b7f1ab3c9c969178 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36 Referer https://maddened-curler-186082.appspot.com/ Response headers cache HIT cache-control max-age=31536000, public, s-maxage=31536000 content-encoding gzip access-control-allow-origin * date Sun, 29 Sep 2024 12:01:55 GMT content-type text/javascript; charset=UTF-8 x-cached-since 2024-09-23T08:44:48+00:00 server nginx x-node m9-up-gc8
GET H2	200	/ www.facebook.com/tr/	0 274 B	94ms 28ms	Image text/plain	2a03:2880:f112:182:face:b00c:0:25de FACEBOOK
General Check archive.org Show headers Download Go to Show image Full URL https://www.facebook.com/tr/?id=1772702523170584&ev=PageView&dl=https%3A%2F%2Fmaddened-curler-186082.appspot.com%2F&rl=&if=false&ts=1727611314573&sw=1600&sh=1200&v=2.9.169&r=stable&ec=0&o=4126&fbp=fb.2.1727611314570.612828145710692571&ler=empty&cdl=API_unavailable&it=1727611314133&coo=false&exp=f0&rqm=GET Requested by Host: maddened-curler-186082.appspot.com URL: https://maddened-curler-186082.appspot.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a03:2880:f112:182:face:b00c:0:25de Secaucus, United States, ASN32934 (FACEBOOK, US), Reverse DNS Software proxygen-bolt / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36 Referer https://maddened-curler-186082.appspot.com/ Response headers strict-transport-security max-age=31536000; includeSubDomains x-fb-connection-quality EXCELLENT; q=0.9, rtt=23, rtx=0, c=10, mss=1297, tbw=2814, tp=-1, tpl=-1, uplat=0, ullat=0 cross-origin-resource-policy cross-origin access-control-allow-credentials true access-control-allow-origin alt-svc h3=":443"; ma=86400 content-length 0 date Sun, 29 Sep 2024 12:01:54 GMT content-type text/plain server proxygen-bolt
GET H2	200	/ www.facebook.com/privacy_sandbox/pixel/register/trigger/	67 B 3 KB	152ms 88ms	Image image/png	2a03:2880:f112:182:face:b00c:0:25de FACEBOOK
General Check archive.org Show headers Download Go to Show image Full URL https://www.facebook.com/privacy_sandbox/pixel/register/trigger/?id=1772702523170584&ev=PageView&dl=https%3A%2F%2Fmaddened-curler-186082.appspot.com%2F&rl=&if=false&ts=1727611314573&sw=1600&sh=1200&v=2.9.169&r=stable&ec=0&o=4126&fbp=fb.2.1727611314570.612828145710692571&ler=empty&cdl=API_unavailable&it=1727611314133&coo=false&exp=f0&rqm=FGET Requested by Host: maddened-curler-186082.appspot.com URL: https://maddened-curler-186082.appspot.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a03:2880:f112:182:face:b00c:0:25de Secaucus, United States, ASN32934 (FACEBOOK, US), Reverse DNS Software / Resource Hash aa7b6c81e85551eeb5c4809f1e683efa0b780c33d12ddfc2067a1b136803e45a Security Headers Name Value Content-Security-Policy default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net 'unsafe-eval';script-src *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'unsafe-eval' https://*.google-analytics.com *.google.com;style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline' https://fonts.googleapis.com;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com https://*.google-analytics.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com https://fonts.gstatic.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: *.whatsapp.net *.fb.com *.oculuscdn.com *.tenor.co *.tenor.com *.giphy.com https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://*.google-analytics.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data: *.tenor.co *.tenor.com https://*.giphy.com;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://www.google.com https://td.doubleclick.net *.google.com *.doubleclick.net;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests; Strict-Transport-Security max-age=15552000; preload X-Content-Type-Options nosniff X-Frame-Options DENY X-Xss-Protection 0 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36 Referer https://maddened-curler-186082.appspot.com/ Response headers content-encoding zstd report-to {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown&brsid=7420034094082168779"}]}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"} x-content-type-options nosniff expires Sat, 01 Jan 2000 00:00:00 GMT alt-svc h3=":443"; ma=86400 date Sun, 29 Sep 2024 12:01:54 GMT content-type image/png vary Accept-Encoding x-fb-debug mhhpviNBqEVhyfSt5BN3QtmRUSmUtRtP/NEtKqnY6rYV6DreZk21Xb+fpKscPjEdKzgyD16cRXXkDoxnMybt3g== x-frame-options DENY strict-transport-security max-age=15552000; preload reporting-endpoints coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", default="https://www.facebook.com/ajax/browser_error_reports/?device_level=unknown&brsid=7420034094082168779", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/" content-security-policy default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net 'unsafe-eval';script-src *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'unsafe-eval' https://*.google-analytics.com *.google.com;style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline' https://fonts.googleapis.com;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com https://*.google-analytics.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com https://fonts.gstatic.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: *.whatsapp.net *.fb.com *.oculuscdn.com *.tenor.co *.tenor.com *.giphy.com https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://*.google-analytics.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data: *.tenor.co *.tenor.com https://*.giphy.com;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://www.google.com https://td.doubleclick.net *.google.com *.doubleclick.net;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests; cache-control private, no-store, no-cache, must-revalidate x-fb-connection-quality EXCELLENT; q=0.9, rtt=23, rtx=0, c=17, mss=1297, tbw=3132, tp=-1, tpl=-1, uplat=60, ullat=0 cross-origin-opener-policy same-origin-allow-popups;report-to="coop_report" pragma no-cache cross-origin-resource-policy cross-origin permissions-policy accelerometer=(), attribution-reporting=(self), autoplay=(), bluetooth=(), browsing-topics=(self), camera=(self), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(self), clipboard-write=(self), compute-pressure=(), display-capture=(self), encrypted-media=(self), fullscreen=(self), gamepad=*, geolocation=(self), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(self), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(self), midi=(), otp-credentials=(), payment=(), picture-in-picture=(self), private-state-token-issuance=(), publickey-credentials-get=(self), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), unload=(self), window-management=(), xr-spatial-tracking=(self);report-to="permissions_policy" document-policy force-load-at-top x-xss-protection 0 origin-agent-cluster ?0
GET H2	200	campaigns Show response rsm.zona.media/	2 B 259 B	324ms 262ms	XHR text/plain	2606:4700:10::6816:bd0 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://rsm.zona.media/campaigns?rnd=979 Requested by Host: maddened-curler-186082.appspot.com URL: https://maddened-curler-186082.appspot.com/js/main.dda32616.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:10::6816:bd0 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36 Accept */* Referer https://maddened-curler-186082.appspot.com/ Response headers cf-cache-status DYNAMIC access-control-allow-credentials true access-control-allow-methods GET, POST, OPTIONS cf-ray 8cabd23d2f89a2d8-YUL access-control-allow-origin * content-length 2 date Sun, 29 Sep 2024 12:01:54 GMT content-type text/plain; charset=utf-8 server cloudflare access-control-allow-headers Origin, X-Requested-With, Content-Type, Accept
GET H3	404	ajax-loader.gif maddened-curler-186082.appspot.com/css/	548 B 548 B	738ms 738ms	Image text/html	142.250.64.84 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://maddened-curler-186082.appspot.com/css/ajax-loader.gif Requested by Host: maddened-curler-186082.appspot.com URL: https://maddened-curler-186082.appspot.com/css/main.a948ce542262258e.css Protocol H3 Security QUIC, , AES_128_GCM Server 142.250.64.84 Plainview, United States, ASN15169 (GOOGLE, US), Reverse DNS lga34s30-in-f20.1e100.net Software Google Frontend / Resource Hash d465172175d35d493fb1633e237700022bd849fa123164790b168b8318acb090 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36 Referer https://maddened-curler-186082.appspot.com/css/main.a948ce542262258e.css Response headers strict-transport-security max-age=31536000; includeSubDomains; preload cache-control max-age=7200 content-encoding gzip cf-cache-status EXPIRED cf-ray 8cabd2405a1f0dfa-MXP alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 176 date Sun, 29 Sep 2024 12:01:55 GMT content-type text/html vary Accept-Encoding, Accept-Encoding server Google Frontend x-cloud-trace-context e09ed479b9d5189f338cd27e9e84523c
GET H2	200	dynamic.js Show response cdn.skcrtxr.com/wrapper-builder/56d60cf6-fe21-45d9-9499-2f7c8fa84c36/	0 88 B	162ms 162ms	Script text/javascript	2a11:27c0:10::182 EDGECENTERLLC
General Check archive.org Show headers Download Go to Full URL https://cdn.skcrtxr.com/wrapper-builder/56d60cf6-fe21-45d9-9499-2f7c8fa84c36/dynamic.js?host=maddened-curler-186082.appspot.com&v=d-1643721057__s-48df6e69-08b8-492a-88d8-42cca1c9e880 Requested by Host: cdn.skcrtxr.com URL: https://cdn.skcrtxr.com/wrapper/js/common-engine.js?v=s-48df6e69-08b8-492a-88d8-42cca1c9e880 Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2a11:27c0:10::182 , Russian Federation, ASN210756 (EDGECENTERLLC, RU), Reverse DNS Software nginx / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36 Referer https://maddened-curler-186082.appspot.com/ Response headers cache HIT cache-control max-age=31536000, public, s-maxage=31536000 content-encoding gzip access-control-allow-origin * date Sun, 29 Sep 2024 12:01:55 GMT content-type text/javascript; charset=UTF-8 x-cached-since 2024-09-26T16:17:01+00:00 server nginx x-node m9-up-gc69
GET H2	200	sync Show response skcrtxr.com/user-sync-api/	70 B 428 B	1187ms 179ms	XHR application/json	51.250.75.211 YANDEXCLOUD
General Check archive.org Show headers Download Go to Full URL https://skcrtxr.com/user-sync-api/sync Requested by Host: maddened-curler-186082.appspot.com URL: https://maddened-curler-186082.appspot.com/js/main.dda32616.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 51.250.75.211 , Russian Federation, ASN200350 (YANDEXCLOUD, RU), Reverse DNS Software ycalb / Resource Hash aaf97b2764b65538365bd6a260fa934f5bd709556d6d7d043520b7dc5e6ea0bb Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36 Accept application/json, text/plain, */* Referer https://maddened-curler-186082.appspot.com/ Response headers cache-control max-age=600, public, s-maxage=600 content-encoding gzip access-control-allow-credentials true access-control-allow-methods GET, OPTIONS access-control-allow-origin https://maddened-curler-186082.appspot.com date Sun, 29 Sep 2024 12:01:56 GMT content-type application/json server ycalb access-control-allow-headers *
GET H2	200	chartbeat.js Show response static.chartbeat.com/js/	38 KB 15 KB	134ms 27ms	Script application/x-javascript	2600:9000:24f1:f400:18:1fcd:354:4b41 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://static.chartbeat.com/js/chartbeat.js Requested by Host: maddened-curler-186082.appspot.com URL: https://maddened-curler-186082.appspot.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:24f1:f400:18:1fcd:354:4b41 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software nginx / Resource Hash 3a1f53a72a4ff3c23812f7a06cc3ef3ea1f188046f2c75d9c0b19e1cb2b652a9 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36 Referer https://maddened-curler-186082.appspot.com/ Response headers cache-control max-age=86400 content-encoding gzip etag W/"665fad8c-9895" age 3118 cross-origin-resource-policy cross-origin via 1.1 bd83fc15ab125846f839dd3c1ad21462.cloudfront.net (CloudFront) expires Mon, 30 Sep 2024 11:09:57 GMT x-cache Hit from cloudfront x-amz-cf-id ZBUuKfqq2vx8ccwQbni01r8vyZnyI2HA9foVgD6fM7_jenh7XYvJCw== date Sun, 29 Sep 2024 11:09:57 GMT content-type application/x-javascript last-modified Wed, 05 Jun 2024 00:13:00 GMT server nginx x-amz-cf-pop JFK50-P4 vary Accept-Encoding
GET H3	200	favicon.ico maddened-curler-186082.appspot.com/s/favicon/mz/	1 KB 1 KB	596ms 595ms	Other image/x-icon	142.250.64.84 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://maddened-curler-186082.appspot.com/s/favicon/mz/favicon.ico Protocol H3 Security QUIC, , AES_128_GCM Server 142.250.64.84 Plainview, United States, ASN15169 (GOOGLE, US), Reverse DNS lga34s30-in-f20.1e100.net Software Google Frontend / Resource Hash 4ba9d76063e8f25347a57db7d567243d1d69e4c4dd0eb78999ca6ffffcba707a Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Content-Type-Options nosniff X-Xss-Protection 1; mode=block Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36 Referer https://maddened-curler-186082.appspot.com/ Response headers cf-cache-status EXPIRED etag W/"66f8bf2f-47e" x-content-type-options nosniff expires Sun, 29 Sep 2024 08:41:18 GMT alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 date Sun, 29 Sep 2024 12:01:56 GMT content-type image/x-icon last-modified Sun, 29 Sep 2024 02:45:03 GMT vary Accept-Encoding x-cloud-trace-context 06b12448095db87ccf25a2cfe8cf4515 strict-transport-security max-age=31536000; includeSubDomains; preload cache-control max-age=7200 cf-ray 8caa806f58f30d6c-MXP content-length 1150 x-xss-protection 1; mode=block server Google Frontend
GET H2	200	ping ping.chartbeat.net/	43 B 201 B	635ms 35ms	Image image/gif	54.84.29.112 AMAZON-AES
General Check archive.org Show headers Download Go to Show image Full URL https://ping.chartbeat.net/ping?h=zona.media&p=%2F&u=BcYlUpCXqCAnCxBGnq&d=maddened-curler-186082.appspot.com&g=65540&g0=No%20Section&g1=No%20Author&n=1&f=00001&c=0&x=0&m=0&y=7532&o=1600&w=1200&j=45&R=1&W=0&I=0&E=0&e=0&r=&PA=https%3A%2F%2Fmaddened-curler-186082.appspot.com%2F&b=3688&t=Bgs6TT97J_korkyDCnhKjGC0LZQt&V=147&i=%D0%9C%D0%B5%D0%B4%D0%B8%D0%B0%D0%B7%D0%BE%D0%BD%D0%B0&tz=420&sn=1&sv=Cgfm1SDM2tzABeTZrRDRKZ02DYrGNe&sr=external&sd=1&im=06532c43&_ Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 54.84.29.112 Ashburn, United States, ASN14618 (AMAZON-AES, US), Reverse DNS ec2-54-84-29-112.compute-1.amazonaws.com Software / Resource Hash cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36 Referer https://maddened-curler-186082.appspot.com/ Response headers expires 0 cache-control no-cache, no-store, must-revalidate content-length 43 date Sun, 29 Sep 2024 12:01:56 GMT pragma no-cache content-type image/gif cross-origin-resource-policy cross-origin
GET H3	200	favicon-32x32.png maddened-curler-186082.appspot.com/s/favicon/mz/	347 B 372 B	590ms 586ms	Other image/png	142.250.64.84 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://maddened-curler-186082.appspot.com/s/favicon/mz/favicon-32x32.png Protocol H3 Security QUIC, , AES_128_GCM Server 142.250.64.84 Plainview, United States, ASN15169 (GOOGLE, US), Reverse DNS lga34s30-in-f20.1e100.net Software Google Frontend / Resource Hash f55ed36047f431927c4c9b605df69f9bb85f98211602c85f2a867a6d2d22a76b Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Content-Type-Options nosniff X-Xss-Protection 1; mode=block Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36 Referer https://maddened-curler-186082.appspot.com/ Response headers cf-cache-status EXPIRED etag "66f92b16-15b" x-content-type-options nosniff expires Sun, 29 Sep 2024 11:10:22 GMT alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 date Sun, 29 Sep 2024 12:01:57 GMT content-type image/png last-modified Sun, 29 Sep 2024 10:25:26 GMT vary Accept-Encoding x-cloud-trace-context 425caa87f69f4baa7c9c236db93d80b5 strict-transport-security max-age=31536000; includeSubDomains; preload cache-control max-age=7200 cf-ray 8cab5ace1bd50e21-MXP accept-ranges bytes content-length 347 x-xss-protection 1; mode=block server Google Frontend
OPTIONS H2	200	cf rpc.skcrtxr.com/ Frame	0 0	624ms 154ms	Preflight text/plain	158.160.49.136 YANDEXCLOUD
General Check archive.org Show headers Download Go to Full URL https://rpc.skcrtxr.com/cf Protocol H2 Security TLS 1.3, , AES_128_GCM Server 158.160.49.136 Moscow, Russian Federation, ASN200350 (YANDEXCLOUD, RU), Reverse DNS Software ycalb / Resource Hash Request headers Accept */* Access-Control-Request-Headers content-type Access-Control-Request-Method POST Origin https://maddened-curler-186082.appspot.com Sec-Fetch-Mode cors User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36 Response headers access-control-allow-credentials true access-control-allow-headers * access-control-allow-origin https://maddened-curler-186082.appspot.com content-length 16 content-type text/plain; charset=utf-8 date Sun, 29 Sep 2024 12:01:56 GMT server ycalb
POST H2	200	cf Show response rpc.skcrtxr.com/	15 B 54 B	155ms 153ms	Fetch text/plain	158.160.49.136 YANDEXCLOUD
General Check archive.org Show headers Download Go to Full URL https://rpc.skcrtxr.com/cf Requested by Host: maddened-curler-186082.appspot.com URL: https://maddened-curler-186082.appspot.com/js/main.dda32616.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 158.160.49.136 Moscow, Russian Federation, ASN200350 (YANDEXCLOUD, RU), Reverse DNS Software ycalb / Resource Hash a29ee2b15c494311c52521766e44af56a3ad2248e7a8ab465e5206463c13d288 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36 Content-Type application/json Referer https://maddened-curler-186082.appspot.com/ Response headers access-control-allow-origin https://maddened-curler-186082.appspot.com content-length 15 date Sun, 29 Sep 2024 12:01:56 GMT content-type text/plain; charset=utf-8 server ycalb access-control-allow-credentials true access-control-allow-headers *