urlscan.io logo urlscan.io
SecurityTrails logo

rj.xpdbk.com Open in urlscan Pro
2606:4700:3033::6815:190e  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://rj.xpdbk.com/
Effective URL: https://rj.xpdbk.com/
Submission: On May 22 via manual from HK — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 10 IPs in 2 countries across 8 domains to perform 28 HTTP transactions. The main IP is 2606:4700:3033::6815:190e, located in United States and belongs to CLOUDFLARENET, US. The main domain is rj.xpdbk.com.
TLS certificate: Issued by GTS CA 1P5 on May 15th 2024. Valid for: 3 months.
This is the only time rj.xpdbk.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

4    2606:4700:3033::6815:190e (United States)

ASN13335 (CLOUDFLARENET, US)
rj.xpdbk.com
1    2a00:1450:4001:82f::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
10    172.67.221.143 (United States)

ASN13335 (CLOUDFLARENET, US)
rj.xpdbk.com
1    2606:4700::6810:4f49 (United States)

ASN13335 (CLOUDFLARENET, US)
static.cloudflareinsights.com
1    2001:4860:4802:32::36 (United States)

ASN15169 (GOOGLE, US)
region1.google-analytics.com
3    2a00:1450:4001:811::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fundingchoicesmessages.google.com
2    216.58.206.66 (United States)

ASN15169 (GOOGLE, US)
PTR: mil07s08-in-f2.1e100.net
pagead2.googlesyndication.com
4    142.250.185.174 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s51-in-f14.1e100.net
fundingchoicesmessages.google.com
1    2a00:1450:4001:810::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
2    2a00:1450:4001:81d::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
Apex Domain
Subdomains		 Transfer
14 xpdbk.com
rj.xpdbk.com
112 KB
7 google.com
fundingchoicesmessages.google.com — Cisco Umbrella Rank: 646
186 KB
2 gstatic.com
fonts.gstatic.com
173 KB
2 googlesyndication.com
pagead2.googlesyndication.com — Cisco Umbrella Rank: 103
191 KB
1 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 33
6 KB
1 google-analytics.com
region1.google-analytics.com — Cisco Umbrella Rank: 2533
252 B
1 cloudflareinsights.com
static.cloudflareinsights.com — Cisco Umbrella Rank: 804
7 KB
1 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 39
100 KB
28 8
Domain Requested by
14 rj.xpdbk.com 1 redirects rj.xpdbk.com
static.cloudflareinsights.com
7 fundingchoicesmessages.google.com rj.xpdbk.com
pagead2.googlesyndication.com
2 fonts.gstatic.com rj.xpdbk.com
2 pagead2.googlesyndication.com rj.xpdbk.com
pagead2.googlesyndication.com
1 fonts.googleapis.com
1 region1.google-analytics.com www.googletagmanager.com
1 static.cloudflareinsights.com rj.xpdbk.com
1 www.googletagmanager.com rj.xpdbk.com
28 8

This site contains no links.

Subject Issuer Validity Valid
rj.xpdbk.com
GTS CA 1P5		 2024-05-15 -
2024-08-13		 3 months crt.sh
*.google-analytics.com
WR2		 2024-05-06 -
2024-07-29		 3 months crt.sh
cloudflareinsights.com
GTS CA 1P5		 2024-05-08 -
2024-08-06		 3 months crt.sh
*.google.com
WR2		 2024-05-06 -
2024-07-29		 3 months crt.sh
*.g.doubleclick.net
WR2		 2024-05-06 -
2024-07-29		 3 months crt.sh
upload.video.google.com
WR2		 2024-05-06 -
2024-07-29		 3 months crt.sh
*.gstatic.com
WR2		 2024-05-06 -
2024-07-29		 3 months crt.sh

This page contains 2 frames:

Primary Page: https://rj.xpdbk.com/
Frame ID: 090E9265F1973CE4DCC48D9F386CB4BA
Requests: 26 HTTP requests in this frame

Frame: https://rj.xpdbk.com/cdn-cgi/challenge-platform/h/b/scripts/jsd/695da7821231/main.js
Frame ID: 37644C8340B012CFD117F86B2129E736
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

雷锋软件下载站

Page URL History Show full URLs

  1. http://rj.xpdbk.com/ HTTP 307
    https://rj.xpdbk.com/ Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • static\.cloudflareinsights\.com/beacon(?:\.min)?\.js
Overall confidence: 100%
Detected patterns
  • googlesyndication\.com/
Overall confidence: 100%
Detected patterns
Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com
Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtag/js

Page Statistics

28
Requests

96 %
HTTPS

70 %
IPv6

8
Domains

8
Subdomains

10
IPs

2
Countries

774 kB
Transfer

2061 kB
Size

3
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://rj.xpdbk.com/ HTTP 307
    https://rj.xpdbk.com/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 10
  • https://rj.xpdbk.com/cdn-cgi/challenge-platform/scripts/jsd/main.js HTTP 302
  • https://rj.xpdbk.com/cdn-cgi/challenge-platform/h/b/scripts/jsd/695da7821231/main.js

28 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
rj.xpdbk.com/
Redirect Chain
  • http://rj.xpdbk.com/
  • https://rj.xpdbk.com/
25 KB
8 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://rj.xpdbk.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3033::6815:190e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
05dbe8ca7940331b32eed06d014d379fe67cc5b92b59ca010188034a1cefef0c
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Content-Type-Options nosniff nosniff
X-Frame-Options SAMEORIGIN DENY
X-Xss-Protection 1; mode=block 0

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36

Response headers

access-control-allow-origin
*
alt-svc
h3=":443"; ma=86400
cache-control
public, max-age=0, must-revalidate
cf-cache-status
DYNAMIC
cf-ray
887b3854c8751d86-FRA
content-encoding
br
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp require-corp
date
Wed, 22 May 2024 07:51:16 GMT
expect-ct
max-age=86400, enforce
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
referrer-policy
same-origin strict-origin-when-cross-origin
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=sMYhrFFMN6eiH8PKrON1VUoD0Qu7xivGAyQgD2Cnc%2Fkm%2FK%2BF9OJfs5syfBss1PA6JHwmc4u1Fd67SvflXP0nzkZo2dZhvRk48UVLAGPeU2pFBJxjGwVJzB9UNoKrDtML2oVUepQyvUgyXWs%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
strict-transport-security
max-age=15552000; includeSubDomains; preload
vary
Accept-Encoding
x-content-type-options
nosniff nosniff
x-frame-options
SAMEORIGIN DENY
x-xss-protection
1; mode=block 0

Redirect headers

Location
https://rj.xpdbk.com/
Non-Authoritative-Reason
HttpsUpgrades
style.css
rj.xpdbk.com/css/ 		17 KB
4 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://rj.xpdbk.com/css/style.css
Requested by
Host: rj.xpdbk.com
URL: https://rj.xpdbk.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3033::6815:190e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e58c4baadbcdb8784c6417a710d2de380d7ba9bb00093e3eb204d97dd30d66ea
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Content-Type-Options nosniff, nosniff
X-Frame-Options SAMEORIGIN, DENY
X-Xss-Protection 1; mode=block, 0

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://rj.xpdbk.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 22 May 2024 07:51:16 GMT
content-encoding
gzip
x-content-type-options
nosniff, nosniff
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=15552000; includeSubDomains; preload
cross-origin-embedder-policy
require-corp
alt-svc
h3=":443"; ma=86400
x-xss-protection
1; mode=block, 0
referrer-policy
same-origin, strict-origin-when-cross-origin
server
cloudflare
etag
W/"221f1efba57dcc0709f3570388404a2a"
expect-ct
max-age=86400, enforce
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=YgudjDE0pTmyXwjEXhc969yLFlNV1IB813XWsz3KGGm9KzlPy8vjnJt%2B5vKQzoqRohxIIldnyYW5VdZMWDpigJDfV0bH%2BSd8gO7l6v6jvazlN0053uAe4m3a5REFpNkvz0oUDwUxZfJY0Xk%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=86400, must-revalidate
x-frame-options
SAMEORIGIN, DENY
cf-ray
887b38560a881d86-FRA
js
www.googletagmanager.com/gtag/ 		302 KB
100 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-3Z93D2VBZ4
Requested by
Host: rj.xpdbk.com
URL: https://rj.xpdbk.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
ba606b66ad1713f1edd2ef4ff50f9bf23336b98ad139bddabcf218951f2e3cc1
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://rj.xpdbk.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 22 May 2024 07:51:16 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
102331
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Wed, 22 May 2024 07:51:16 GMT
Spacedesk.png
rj.xpdbk.com/img/ 		7 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rj.xpdbk.com/img/Spacedesk.png
Requested by
Host: rj.xpdbk.com
URL: https://rj.xpdbk.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3033::6815:190e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c6a0e2b67b4f0ed322e1e775d307662b568467915d9e78f63a4ae7d20acc4af1
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Content-Type-Options nosniff, nosniff
X-Frame-Options SAMEORIGIN, DENY
X-Xss-Protection 1; mode=block, 0

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://rj.xpdbk.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 22 May 2024 07:51:16 GMT
strict-transport-security
max-age=15552000; includeSubDomains; preload
x-content-type-options
nosniff, nosniff
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cross-origin-embedder-policy
require-corp
alt-svc
h3=":443"; ma=86400
content-length
6749
x-xss-protection
1; mode=block, 0
referrer-policy
same-origin, strict-origin-when-cross-origin
server
cloudflare
etag
"fd8c2437576a831325b0f7cdc32b54e8"
expect-ct
max-age=86400, enforce
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=V%2FVX0JsXgvWAuKMDMbXeeU0dPQTwwiRIjnJ82xmCqPztunD%2FwA1QYiiiYf%2FzUGje68tWGD9f0v%2Fxc9XI0apZSGspf57TI%2FrlcISTxOy1oDGfAgoAygwu5XiK1ckRVaTxakCVAxRFl%2BJMr08%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=86400, must-revalidate
x-frame-options
SAMEORIGIN, DENY
accept-ranges
bytes
cf-ray
887b38560a8b1d86-FRA
vmos.png
rj.xpdbk.com/img/ 		22 KB
23 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rj.xpdbk.com/img/vmos.png
Requested by
Host: rj.xpdbk.com
URL: https://rj.xpdbk.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3033::6815:190e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
725512785d563a7abddf4860d78af1c6f87493e409c032942ceddfda16ff4ce0
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Content-Type-Options nosniff, nosniff
X-Frame-Options SAMEORIGIN, DENY
X-Xss-Protection 1; mode=block, 0

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://rj.xpdbk.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 22 May 2024 07:51:16 GMT
strict-transport-security
max-age=15552000; includeSubDomains; preload
x-content-type-options
nosniff, nosniff
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cross-origin-embedder-policy
require-corp
alt-svc
h3=":443"; ma=86400
content-length
22740
x-xss-protection
1; mode=block, 0
referrer-policy
same-origin, strict-origin-when-cross-origin
server
cloudflare
etag
"09dde1d0e1b1d7af7b0968fd86429d86"
expect-ct
max-age=86400, enforce
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Nb1yL6Ntae2V%2FHWhAZE2L8G0i4chjXoB2V%2BLu2XvnDienlapgam00DbDo2SmvogKlI3HtbjmG9iJ%2F2l04Zo%2FK0Euwo1wkXbl2Vwti%2FOkUR1EEx2Pq6YehCOp84IyCZ%2BaCj6In%2FIaBwCLZdg%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=86400, must-revalidate
x-frame-options
SAMEORIGIN, DENY
accept-ranges
bytes
cf-ray
887b38560a8c1d86-FRA
nodejs-logo.png
rj.xpdbk.com/img/ 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rj.xpdbk.com/img/nodejs-logo.png
Requested by
Host: rj.xpdbk.com
URL: https://rj.xpdbk.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.221.143 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
554d66b3f3f0f27bf7261e5a4880b8b9448ae41136be31d3718ddd92676b79c9
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Content-Type-Options nosniff, nosniff
X-Frame-Options SAMEORIGIN, DENY
X-Xss-Protection 1; mode=block, 0

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://rj.xpdbk.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 22 May 2024 07:51:16 GMT
strict-transport-security
max-age=15552000; includeSubDomains; preload
x-content-type-options
nosniff, nosniff
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cross-origin-embedder-policy
require-corp
alt-svc
h3=":443"; ma=86400
content-length
3840
x-xss-protection
1; mode=block, 0
referrer-policy
same-origin, strict-origin-when-cross-origin
server
cloudflare
etag
"c5fc3394cf4a611fea6d95f43a018856"
expect-ct
max-age=86400, enforce
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=e%2F1pXciyuuLamljz8L8T8YOjHHK7MBunyZXJdHj9koO%2B2iU4ZoMUvpSFYY39oXSWYAfY2cc7zEdm5ZInLF%2B47KJu0g1YfCP1wcVl1J8K2PHdbI3Zy5%2BzCckS%2Fj84Xa0%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=86400, must-revalidate
x-frame-options
SAMEORIGIN, DENY
accept-ranges
bytes
cf-ray
887b3856a9282c56-FRA
priority
u=2,i
menu.js
rj.xpdbk.com/js/ 		723 B
964 B 		Script
General
Check archive.org
Download Go to
Full URL
https://rj.xpdbk.com/js/menu.js
Requested by
Host: rj.xpdbk.com
URL: https://rj.xpdbk.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.221.143 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d7df5597d8d0a6669262b56cf82be299f1e6313a1a5190e8f4249f0f20fd3129
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Content-Type-Options nosniff, nosniff
X-Frame-Options SAMEORIGIN, DENY
X-Xss-Protection 1; mode=block, 0

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://rj.xpdbk.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 22 May 2024 07:51:16 GMT
content-encoding
gzip
x-content-type-options
nosniff, nosniff
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=15552000; includeSubDomains; preload
cross-origin-embedder-policy
require-corp
alt-svc
h3=":443"; ma=86400
x-xss-protection
1; mode=block, 0
referrer-policy
same-origin, strict-origin-when-cross-origin
server
cloudflare
etag
W/"484e649b38009bb4915d886aa6df062a"
expect-ct
max-age=86400, enforce
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Bxbt3ABTtBOjrIn0Yav18nswDeEWME%2FWjomkKdVCg0fibCnbo4Qgnb7mK7N6eVNFHhdcccTtY63%2FqLF5KEBC09yXI0xPIHUDfvkRB2BqP2C3Lbg6HtuTQIZntAhDZss%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=86400, must-revalidate
x-frame-options
SAMEORIGIN, DENY
cf-ray
887b3856a9302c56-FRA
priority
u=3,i=?0
vedd3670a3b1c4e178fdfb0cc912d969e1713874337387
static.cloudflareinsights.com/beacon.min.js/ 		19 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.cloudflareinsights.com/beacon.min.js/vedd3670a3b1c4e178fdfb0cc912d969e1713874337387
Requested by
Host: rj.xpdbk.com
URL: https://rj.xpdbk.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:4f49 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d2e817d2c44b9cf45f0e45cfa351abba3203af38f5aa1c8576a2db69ebd15192

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://rj.xpdbk.com/
Origin
https://rj.xpdbk.com
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 22 May 2024 07:51:16 GMT
content-encoding
gzip
last-modified
Mon, 06 May 2024 19:01:13 GMT
server
cloudflare
etag
W/"2024.4.1"
vary
Accept-Encoding
content-type
text/javascript;charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
cf-ray
887b38571f5a5d46-FRA
normal.woff2
rj.xpdbk.com/cf-fonts/s/open-sans/5.0.20/latin/700/ 		18 KB
18 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://rj.xpdbk.com/cf-fonts/s/open-sans/5.0.20/latin/700/normal.woff2
Requested by
Host: rj.xpdbk.com
URL: https://rj.xpdbk.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.221.143 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
023cf8b8a67fe94bcef10d2a02505f939fe00978a20638cc40de1d7842b3521c
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Content-Type-Options nosniff, nosniff
X-Frame-Options SAMEORIGIN, DENY
X-Xss-Protection 1; mode=block, 0

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://rj.xpdbk.com/
Origin
https://rj.xpdbk.com
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 22 May 2024 07:51:16 GMT
strict-transport-security
max-age=15552000; includeSubDomains; preload
x-content-type-options
nosniff, nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cross-origin-embedder-policy
require-corp
alt-svc
h3=":443"; ma=86400
content-length
18232
x-xss-protection
1; mode=block, 0
referrer-policy
same-origin, strict-origin-when-cross-origin
server
cloudflare
expect-ct
max-age=86400, enforce
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=yutbSSynRBv%2Fb%2BW0Uzn%2BxMBDtd44eFs8X%2FCsc1owYmA8dFPJEkXd9OrO7mfX0%2B9B7ig%2Fy9lrADH4bYVgB7G%2FchKgK5d1v8mmFzUM4%2B4GODVNn9Vu4qfJegv3UVH1Q4s%3D"}],"group":"cf-nel","max_age":604800}
x-frame-options
SAMEORIGIN, DENY
cache-control
public, max-age=31536000, immutable
cf-ray
887b3856d95e2c56-FRA
priority
u=0,i=?0
normal.woff2
rj.xpdbk.com/cf-fonts/s/open-sans/5.0.20/latin/400/ 		18 KB
19 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://rj.xpdbk.com/cf-fonts/s/open-sans/5.0.20/latin/400/normal.woff2
Requested by
Host: rj.xpdbk.com
URL: https://rj.xpdbk.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.221.143 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
441e23601fe7525a142857c98cbb2784997579d51a17f736d7964dceee609709
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Content-Type-Options nosniff, nosniff
X-Frame-Options SAMEORIGIN, DENY
X-Xss-Protection 1; mode=block, 0

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://rj.xpdbk.com/
Origin
https://rj.xpdbk.com
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 22 May 2024 07:51:16 GMT
strict-transport-security
max-age=15552000; includeSubDomains; preload
x-content-type-options
nosniff, nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cross-origin-embedder-policy
require-corp
alt-svc
h3=":443"; ma=86400
content-length
18664
x-xss-protection
1; mode=block, 0
referrer-policy
same-origin, strict-origin-when-cross-origin
server
cloudflare
expect-ct
max-age=86400, enforce
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=cLsIkdSHHv9EjThOButWze2byG%2BuU1lO1zJPLo74MawQDINCZypDuuqTX0IVuC%2Byf0jY0PrZzOvkMuTJTG0pdsRO6JWg%2FOnyidfcnZ263RO9wrqJexM%2FG6umLMikiEE%3D"}],"group":"cf-nel","max_age":604800}
x-frame-options
SAMEORIGIN, DENY
cache-control
public, max-age=31536000, immutable
cf-ray
887b3856d9602c56-FRA
priority
u=0,i=?0
collect
region1.google-analytics.com/g/ 		0
252 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://region1.google-analytics.com/g/collect?v=2&tid=G-3Z93D2VBZ4&gtm=45je45k0v9177380742za200&_p=1716364276256&gcd=13l3l3l2l1&npa=1&dma_cps=sypham&dma=1&cid=435412003.1716364276&ul=de-de&sr=1600x1200&uaa=x86&uab=64&uafvl=Google%2520Chrome%3B125.0.6422.76%7CChromium%3B125.0.6422.76%7CNot.A%252FBrand%3B24.0.0.0&uamb=0&uam=&uap=Win32&uapv=10.0.0&uaw=0&are=1&frm=0&pscdl=noapi&_s=1&sid=1716364276&sct=1&seg=0&dl=https%3A%2F%2Frj.xpdbk.com%2F&dt=%E9%9B%B7%E9%94%8B%E8%BD%AF%E4%BB%B6%E4%B8%8B%E8%BD%BD%E7%AB%99&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1&ep.anonymize_ip=false&tfd=449
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-3Z93D2VBZ4
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://rj.xpdbk.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

pragma
no-cache
date
Wed, 22 May 2024 07:51:16 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://rj.xpdbk.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
main.js
rj.xpdbk.com/cdn-cgi/challenge-platform/h/b/scripts/jsd/695da7821231/ Frame 3764
Redirect Chain
  • https://rj.xpdbk.com/cdn-cgi/challenge-platform/scripts/jsd/main.js
  • https://rj.xpdbk.com/cdn-cgi/challenge-platform/h/b/scripts/jsd/695da7821231/main.js
8 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://rj.xpdbk.com/cdn-cgi/challenge-platform/h/b/scripts/jsd/695da7821231/main.js
Requested by
Host: rj.xpdbk.com
URL: https://rj.xpdbk.com/
Protocol
H3
Server
172.67.221.143 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
fccdcbc907f362d2212d66808653d77e633df7fa1721dc0f030c80307ae554fc
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Content-Type-Options nosniff, nosniff
X-Frame-Options SAMEORIGIN, DENY
X-Xss-Protection 1; mode=block, 0

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36

Response headers

date
Wed, 22 May 2024 07:51:16 GMT
strict-transport-security
max-age=15552000; includeSubDomains; preload
x-content-type-options
nosniff, nosniff
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding
br
cross-origin-embedder-policy
require-corp
alt-svc
h3=":443"; ma=86400
x-xss-protection
1; mode=block, 0
referrer-policy
same-origin, strict-origin-when-cross-origin
server
cloudflare
expect-ct
max-age=86400, enforce
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=%2BTteAiaduHwSuAKGFRGGVeBjRQ1kL0V6p3d5V5Uv867iWplDQk2Y5oMPNCg3mw7O7wux%2FGuzHvQiV9NbsAipPdExe%2BESpE7dZw5zOTETdWjXyZUtKZn48gY%2FKqzT4jU%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=UTF-8
x-frame-options
SAMEORIGIN, DENY
cache-control
max-age=14400, public
cf-ray
887b3857ca6c2c56-FRA
priority
u=3,i=?0

Redirect headers

date
Wed, 22 May 2024 07:51:16 GMT
strict-transport-security
max-age=15552000; includeSubDomains; preload
x-content-type-options
nosniff, nosniff
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cross-origin-embedder-policy
require-corp
alt-svc
h3=":443"; ma=86400
content-length
0
x-xss-protection
1; mode=block, 0
referrer-policy
same-origin, strict-origin-when-cross-origin
server
cloudflare
expect-ct
max-age=86400, enforce
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=RPlYOh63aXYBw3M%2FUxNgfk8N%2BA5oZ3BtHTJx32AUC4ChBIG9Nm97tsIuxz9F36eIK5PDQGnmv%2BItVXgBFRIQBCQbDUSR9OsPar0IeqVUrWYLplmkc4i2799UssI%2BNWs%3D"}],"group":"cf-nel","max_age":604800}
location
/cdn-cgi/challenge-platform/h/b/scripts/jsd/695da7821231/main.js
access-control-allow-origin
*
cache-control
max-age=300, public
x-frame-options
SAMEORIGIN, DENY
cf-ray
887b38579a342c56-FRA
priority
u=3,i=?0
s2e.js
rj.xpdbk.com/gdizfu/xp5dw2/ 		23 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://rj.xpdbk.com/gdizfu/xp5dw2/s2e.js?z=JTdCJTIyZXhlY3V0ZWQlMjIlM0ElNUIlNUQlMkMlMjJ0JTIyJTNBJTIyJUU5JTlCJUI3JUU5JTk0JThCJUU4JUJEJUFGJUU0JUJCJUI2JUU0JUI4JThCJUU4JUJEJUJEJUU3JUFCJTk5JTIyJTJDJTIyeCUyMiUzQTAuODUyMjc1OTQxMDk3MzM3MSUyQyUyMnclMjIlM0ExNjAwJTJDJTIyaCUyMiUzQTEyMDAlMkMlMjJqJTIyJTNBMTIwMCUyQyUyMmUlMjIlM0ExNjAwJTJDJTIybCUyMiUzQSUyMmh0dHBzJTNBJTJGJTJGcmoueHBkYmsuY29tJTJGJTIyJTJDJTIyciUyMiUzQSUyMiUyMiUyQyUyMmslMjIlM0EyNCUyQyUyMm4lMjIlM0ElMjJVVEYtOCUyMiUyQyUyMm8lMjIlM0EtMTIwJTJDJTIycSUyMiUzQSU1QiU3QiUyMm0lMjIlM0ElMjJzZXQlMjIlMkMlMjJhJTIyJTNBJTVCJTIyMCUyMiUyQyUyMi0lMjIlMkMlN0IlMjJzY29wZSUyMiUzQSUyMnBhZ2UlMjIlN0QlNUQlN0QlNUQlN0Q=
Requested by
Host: rj.xpdbk.com
URL: https://rj.xpdbk.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.221.143 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e898441c132b8611a787d8170850bf4ce282523246f34498be051c40662a6edb
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Content-Type-Options nosniff, nosniff
X-Frame-Options SAMEORIGIN, DENY
X-Xss-Protection 1; mode=block, 0

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://rj.xpdbk.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 22 May 2024 07:51:16 GMT
strict-transport-security
max-age=15552000; includeSubDomains; preload
x-content-type-options
nosniff, nosniff
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding
br
cross-origin-embedder-policy
require-corp
alt-svc
h3=":443"; ma=86400
x-xss-protection
1; mode=block, 0
referrer-policy
same-origin, strict-origin-when-cross-origin
server
cloudflare
expect-ct
max-age=86400, enforce
access-control-max-age
600
vary
Origin, Accept-Encoding
access-control-allow-methods
GET, HEAD, POST, OPTIONS
access-control-allow-origin
https://rj.xpdbk.com
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=6y%2BAW%2FFeTfJYWRp1kr5i4dOBTdi3eLp%2BAlWTyR4wrN04NPK6eAcKymkvmhCRpPN1JlS3d9RJPDA5Kk2giKOhJTWypyO%2BsqUPnDijGVhKVqw85iDvkGaictCGoREXwbg%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/javascript; charset=utf-8
x-frame-options
SAMEORIGIN, DENY
access-control-allow-credentials
true
x-robots-tag
none
access-control-allow-headers
Content-Type, Set-Cookie, Cache-Control
priority
u=3,i=?0
cf-ray
887b38579a352c56-FRA
887b3854c8751d86
rj.xpdbk.com/cdn-cgi/challenge-platform/h/b/jsd/r/ Frame 3764 		0
770 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://rj.xpdbk.com/cdn-cgi/challenge-platform/h/b/jsd/r/887b3854c8751d86
Requested by
Host: rj.xpdbk.com
URL: https://rj.xpdbk.com/cdn-cgi/challenge-platform/scripts/jsd/main.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.221.143 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Content-Type-Options nosniff, nosniff
X-Frame-Options SAMEORIGIN, DENY
X-Xss-Protection 1; mode=block, 0

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
sec-ch-ua-platform
"Win32"
Referer
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
Content-Type
application/json

Response headers

date
Wed, 22 May 2024 07:51:16 GMT
strict-transport-security
max-age=15552000; includeSubDomains; preload
x-content-type-options
nosniff, nosniff
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cross-origin-embedder-policy
require-corp
alt-svc
h3=":443"; ma=86400
content-length
0
x-xss-protection
1; mode=block, 0
referrer-policy
same-origin, strict-origin-when-cross-origin
server
cloudflare
expect-ct
max-age=86400, enforce
x-frame-options
SAMEORIGIN, DENY
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=O0QGJINh7Gf0qJNedo5gpALGRKTEMhLugq6zwy2%2BrdBSLI2xQ5zIVyNhS1lS4tLpyDB%2BbZOuF9%2BZxlrmQfrAhfbekUjfNWai3d339mQ%2FwisJp4Gq0gNbAR9q4Km3JmU%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/plain; charset=UTF-8
cf-ray
887b38585ad72c56-FRA
priority
u=1,i
pub-1246136685364828
fundingchoicesmessages.google.com/b/ 		10 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://fundingchoicesmessages.google.com/b/pub-1246136685364828
Requested by
Host: rj.xpdbk.com
URL: https://rj.xpdbk.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
59d81a11e5b5445352995778be58b3a9b1373899ec8b4486238c3c0f984bd8c4
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-5avG9Ux_711ZaDQGOANvrw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingWebSwitchboardHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://rj.xpdbk.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 22 May 2024 07:51:16 GMT
content-security-policy
script-src 'report-sample' 'nonce-5avG9Ux_711ZaDQGOANvrw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingWebSwitchboardHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
reporting-endpoints
default="/_/ContributorServingWebSwitchboardHttp/web-reports?context=eJzjytDikmII1pBiOO90h-k6EBtoPGeyAGKJry-ZNIA45vl01hQgdkqfwRoExD71M1hjgLj15jnWqUCc9O88axEQ71x8gfUgEK86coF1ExC3f77AOh2Iv7NfZP0PxEI8HF-Ob9vEJrDj0IUFTEoaSfmF8cn5eSVFmUmlJflFaclpqcWpRWWpRfFGBkYmBqZGBnoGZvEFBgCoBkPl"
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy
same-origin
server
ESF
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-frame-options
SAMEORIGIN
content-type
application/javascript; charset=utf-8
cache-control
no-cache, no-store, max-age=0, must-revalidate
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
expires
Mon, 01 Jan 1990 00:00:00 GMT
pub-1246136685364828
fundingchoicesmessages.google.com/i/ 		182 KB
60 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://fundingchoicesmessages.google.com/i/pub-1246136685364828?ers=1
Requested by
Host: rj.xpdbk.com
URL: https://rj.xpdbk.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
8bd9b8f2f0150d197289eaf8f83fbe0e4a278b6e733d02d96b0e5d8bc7d812a3
Security Headers
Name Value
Content-Security-Policy require-trusted-types-for 'script';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport, script-src 'report-sample' 'nonce-mGDQudU--0hLHA6rirH5Ww' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingWebSwitchboardHttp/cspreport/allowlist
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://rj.xpdbk.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 22 May 2024 07:51:16 GMT
content-security-policy
require-trusted-types-for 'script';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport, script-src 'report-sample' 'nonce-mGDQudU--0hLHA6rirH5Ww' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingWebSwitchboardHttp/cspreport/allowlist
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
reporting-endpoints
default="/_/ContributorServingWebSwitchboardHttp/web-reports?context=eJzjqtDikmJw0pBiOHnrNtNFID7vdIfpOhAbaDxnsgBiia8vmTSAOOb5dNYUIHZKn8EaBMQ-9TNYY4C49eY51qlAnPTvPGsREO9cfIH1IBCvOnKBdRMQt3--wDodiL-zX2T9D8TljhdZ64FYiIfjy_Ftm9gEJpz4upxJSSMpvzA-OT-vpCgzqbQkvygtOS21OLWoLLUo3sjAyMTA1MhAz8AsvsAAACsdTBo"
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy
same-origin
server
ESF
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-frame-options
SAMEORIGIN
content-type
application/javascript; charset=utf-8
cache-control
no-cache, no-store, max-age=0, must-revalidate
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
timing-allow-origin
*
expires
Mon, 01 Jan 1990 00:00:00 GMT
adsbygoogle.js
pagead2.googlesyndication.com/pagead/js/ 		150 KB
51 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-1246136685364828
Requested by
Host: rj.xpdbk.com
URL: https://rj.xpdbk.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
216.58.206.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
mil07s08-in-f2.1e100.net
Software
cafe /
Resource Hash
24b17b32eb92474c3d243d4bf171f1ca4119403b1b19cb7ecbbe0d835dac7dd8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://rj.xpdbk.com/
Origin
https://rj.xpdbk.com
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 22 May 2024 07:51:16 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
51873
x-xss-protection
0
server
cafe
etag
11094752817894259245
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin
*
link
<https://googleads.g.doubleclick.net>; rel="preconnect"; crossorigin
expires
Wed, 22 May 2024 07:51:16 GMT
AGSKWxUeMQgeLatLl_ORq9n0CR5ZTvQMbqzS3UsRlIo-Qdqjv22LiBcVbJbcaHvcdrJ9NsS5K4ixn2N3tDV_dSSP5uoW9Q==
fundingchoicesmessages.google.com/el/ 		0
29 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://fundingchoicesmessages.google.com/el/AGSKWxUeMQgeLatLl_ORq9n0CR5ZTvQMbqzS3UsRlIo-Qdqjv22LiBcVbJbcaHvcdrJ9NsS5K4ixn2N3tDV_dSSP5uoW9Q==
Requested by
Host: rj.xpdbk.com
URL: https://rj.xpdbk.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.174 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s51-in-f14.1e100.net
Software
ESF /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-pQ2GJ1bbQvDkOKQKHt10Bw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://rj.xpdbk.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 22 May 2024 07:51:16 GMT
content-security-policy
script-src 'report-sample' 'nonce-pQ2GJ1bbQvDkOKQKHt10Bw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
reporting-endpoints
default="/_/ContributorLoggingHttp/web-reports?context=eJzjEtDikmII0pBicEqfwRoCxEI8HF-Ob9vEJnBga_sZJiWXpPzC-OT8vJLUvBLdxJRiXRC7KDOptCS_CIWdWgZSkZOfnp6Zlx5vZGBkYmBqZKBnYB5fYAAA01Ai4A"
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy
same-origin
server
ESF
access-control-max-age
86400
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
content-type
text/html; charset=utf-8
access-control-allow-origin
https://rj.xpdbk.com
access-control-allow-methods
POST, GET, OPTIONS
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
x-frame-options
SAMEORIGIN
expires
Mon, 01 Jan 1990 00:00:00 GMT
show_ads_impl_with_ama_fy2021.js
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202405160101/ 		415 KB
140 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202405160101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-1246136685364828&plah=rj.xpdbk.com&aplac=true
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-1246136685364828
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
216.58.206.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
mil07s08-in-f2.1e100.net
Software
cafe /
Resource Hash
c914061e8bfbc96d1e5e90446caef92fd8bef801b832490967825f09b254bcf2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://rj.xpdbk.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 22 May 2024 07:51:16 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
143406
x-xss-protection
0
server
cafe
etag
12252676047800089638
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin
*
expires
Wed, 22 May 2024 07:51:16 GMT
AGSKWxWXUl-yi204SwyLlJ6-CwHMy8m6mQMt6TL_lmdN3GB_9LH4HFQ1NinCVPIMK9NeH0He-tPNCgWHzXzRh9XtvytfGRQxeI1ABnV7nYk0ZipgD4z860n2zeLTsC5-0OI4M15VUacbhw==
fundingchoicesmessages.google.com/f/ 		361 KB
60 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://fundingchoicesmessages.google.com/f/AGSKWxWXUl-yi204SwyLlJ6-CwHMy8m6mQMt6TL_lmdN3GB_9LH4HFQ1NinCVPIMK9NeH0He-tPNCgWHzXzRh9XtvytfGRQxeI1ABnV7nYk0ZipgD4z860n2zeLTsC5-0OI4M15VUacbhw==?fccs=W251bGwsbnVsbCxudWxsLG51bGwsbnVsbCxudWxsLFsxNzE2MzY0Mjc2LDcwMTAwMDAwMF0sbnVsbCxudWxsLG51bGwsW251bGwsWzddXSwiaHR0cHM6Ly9yai54cGRiay5jb20vIixudWxsLFtbOCwiWHV4WlA0U1hXaWMiXSxbOSwiZGUiXSxbMTksIjEiXV1d
Requested by
Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.de.XuxZP4SXWic.es5.O/am=AgM/d=1/rs=AJlcJMz_5-EoRUBRnT7UZWddoB1r9qoBhg/m=kernel_loader,loader_js_executable
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
4d66b27258647be3a94ea1481b4c4deb9c318bfa9566fa2fbc69a7138c287624
Security Headers
Name Value
Content-Security-Policy require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport, script-src 'report-sample' 'nonce-_8Bb0_cp6gbbwoxHsgKOGA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://rj.xpdbk.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 22 May 2024 07:51:16 GMT
content-security-policy
require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport, script-src 'report-sample' 'nonce-_8Bb0_cp6gbbwoxHsgKOGA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
reporting-endpoints
default="/_/ContributorGlobalRouterHttp/web-reports?context=eJzjKtDikmLw0pBiOO90h-k6EBtoPGeyAGKJry-ZNIA45vl01hQgdkqfwRoExD71M1hjgLj15jnWqUCc9O88axEQ71x8gfUgEK86coF1ExC3f77AOh2Iv7NfZP0PxGWOF1nrgFiIh-PL8W2b2AQuLLnaxKykkZRfGJ-cn1dSlJlUWpJflJacllqcWlSWWhRvZGBkYmBqZKBnYBZfYAAA2xhG6A"
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy
same-origin
server
ESF
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-frame-options
SAMEORIGIN
content-type
application/javascript; charset=utf-8
cache-control
no-cache, no-store, max-age=0, must-revalidate
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
timing-allow-origin
*
expires
Mon, 01 Jan 1990 00:00:00 GMT
css
fonts.googleapis.com/ 		109 KB
6 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Archivo:400,500|Arimo:400,500|Bitter:400,500|EB+Garamond:400,500|Lato|Libre+Baskervill|Libre+Franklin:400,500|Lora:400,500|Google+Sans:regular,medium:400,500|Material+Icons|Google+Symbols|Merriweather|Montserrat:400,500|Mukta:400,500|Muli:400,500|Nunito:400,500|Open+Sans:400,500,600|Open+Sans+Condensed:400,600|Oswald:500|Playfair+Display:400,500|Poppins:400,500|Raleway:400,500|Roboto:400,500|Roboto+Condensed:400,500|Roboto+Slab:400,500|Slabo+27px|Source+Sans+Pro|Ubuntu:400,500|Volkhov&display=swap
Requested by
Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.de.XuxZP4SXWic.es5.O/d=1/exm=kernel_loader,loader_js_executable/ed=1/rs=AJlcJMxWM8E4KJyzrTglKSOum0wlS7PdBA/m=web_iab_tcf_v2_wall_executable
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
6b7dfb79b63e4202eaad4d930a87c85325776c5b800a672363283ad3dc73af1c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://rj.xpdbk.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

strict-transport-security
max-age=31536000
date
Wed, 22 May 2024 07:51:16 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Wed, 22 May 2024 07:51:16 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Wed, 22 May 2024 07:51:16 GMT
memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
fonts.gstatic.com/s/opensans/v40/ 		47 KB
48 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/opensans/v40/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
Requested by
Host: rj.xpdbk.com
URL: https://rj.xpdbk.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81d::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
3c4d6a1421c7ddb7e404521fe8c4cd5be5af446d7689cd880be26612eaad3cfa
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://rj.xpdbk.com/
Origin
https://rj.xpdbk.com
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 21 May 2024 00:50:53 GMT
x-content-type-options
nosniff
age
111623
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
48236
x-xss-protection
0
last-modified
Thu, 14 Dec 2023 02:08:40 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 21 May 2025 00:50:53 GMT
flUhRq6tzZclQEJ-Vdg-IuiaDsNc.woff2
fonts.gstatic.com/s/materialicons/v142/ 		125 KB
126 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/materialicons/v142/flUhRq6tzZclQEJ-Vdg-IuiaDsNc.woff2
Requested by
Host: rj.xpdbk.com
URL: https://rj.xpdbk.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81d::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
8265f64786397d6b832d1ca0aafdf149ad84e72759fffa9f7272e91a0fb015d1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://rj.xpdbk.com/
Origin
https://rj.xpdbk.com
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 21 May 2024 14:16:48 GMT
x-content-type-options
nosniff
age
63268
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
128352
x-xss-protection
0
last-modified
Mon, 08 Apr 2024 19:04:47 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 21 May 2025 14:16:48 GMT
AGSKWxW0HlcDpUULt2q-YAoGlDGgmiWkykBaxoet_3HkKZwmEV7YNFaSeToK5mPOccqvB3Ww7slKGTRDoucNy9DXRldeI31o_Es2Ezv0jco3YvC1caTVy-SJweiy1b85dtzNrGs-i0QbLw==
fundingchoicesmessages.google.com/el/ 		0
29 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://fundingchoicesmessages.google.com/el/AGSKWxW0HlcDpUULt2q-YAoGlDGgmiWkykBaxoet_3HkKZwmEV7YNFaSeToK5mPOccqvB3Ww7slKGTRDoucNy9DXRldeI31o_Es2Ezv0jco3YvC1caTVy-SJweiy1b85dtzNrGs-i0QbLw==
Requested by
Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.de.XuxZP4SXWic.es5.O/am=AgM/d=1/rs=AJlcJMz_5-EoRUBRnT7UZWddoB1r9qoBhg/m=kernel_loader,loader_js_executable
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.174 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s51-in-f14.1e100.net
Software
ESF /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-RAiFtPlvqGQ0_GgSCmOk-w' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
sec-ch-ua-platform
"Win32"
Referer
https://rj.xpdbk.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
Content-Type
text/plain

Response headers

date
Wed, 22 May 2024 07:51:16 GMT
content-security-policy
require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-RAiFtPlvqGQ0_GgSCmOk-w' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
reporting-endpoints
default="/_/ContributorLoggingHttp/web-reports?context=eJzjEtDikmJw0gDi9BmsIUAsxMPx5fi2TWwCJx5P3M6s5JKUXxifnJ9XkppXopuYUqwLYhdlJpWW5BehsFPLQCpy8tPTM_PS440MjEwMTI0M9AzM4wsMANotIvw"
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy
same-origin
server
ESF
access-control-max-age
86400
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
content-type
text/html; charset=utf-8
access-control-allow-origin
https://rj.xpdbk.com
access-control-allow-methods
POST, GET, OPTIONS
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
x-frame-options
SAMEORIGIN
expires
Mon, 01 Jan 1990 00:00:00 GMT
AGSKWxW0HlcDpUULt2q-YAoGlDGgmiWkykBaxoet_3HkKZwmEV7YNFaSeToK5mPOccqvB3Ww7slKGTRDoucNy9DXRldeI31o_Es2Ezv0jco3YvC1caTVy-SJweiy1b85dtzNrGs-i0QbLw==
fundingchoicesmessages.google.com/el/ 		0
29 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://fundingchoicesmessages.google.com/el/AGSKWxW0HlcDpUULt2q-YAoGlDGgmiWkykBaxoet_3HkKZwmEV7YNFaSeToK5mPOccqvB3Ww7slKGTRDoucNy9DXRldeI31o_Es2Ezv0jco3YvC1caTVy-SJweiy1b85dtzNrGs-i0QbLw==
Requested by
Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.de.XuxZP4SXWic.es5.O/am=AgM/d=1/rs=AJlcJMz_5-EoRUBRnT7UZWddoB1r9qoBhg/m=kernel_loader,loader_js_executable
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.174 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s51-in-f14.1e100.net
Software
ESF /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-ZicXrrRM-H5HM-bsGvXx9A' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
sec-ch-ua-platform
"Win32"
Referer
https://rj.xpdbk.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
Content-Type
text/plain

Response headers

date
Wed, 22 May 2024 07:51:16 GMT
content-security-policy
require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-ZicXrrRM-H5HM-bsGvXx9A' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
reporting-endpoints
default="/_/ContributorLoggingHttp/web-reports?context=eJzjEtDikmLw0ZBicEqfwRoCxEI8HF-Ob9vEJvChv2cds5JLUn5hfHJ-XklqXoluYkqxLohdlJlUWpJfhMJOLQOpyMlPT8_MS483MjAyMTA1MtAzMI8vMAAAzWgizA"
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy
same-origin
server
ESF
access-control-max-age
86400
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
content-type
text/html; charset=utf-8
access-control-allow-origin
https://rj.xpdbk.com
access-control-allow-methods
POST, GET, OPTIONS
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
x-frame-options
SAMEORIGIN
expires
Mon, 01 Jan 1990 00:00:00 GMT
ca-pub-1246136685364828
fundingchoicesmessages.google.com/i/ 		182 KB
60 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://fundingchoicesmessages.google.com/i/ca-pub-1246136685364828?href=https%3A%2F%2Frj.xpdbk.com&ers=2
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202405160101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-1246136685364828&plah=rj.xpdbk.com&aplac=true
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.174 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s51-in-f14.1e100.net
Software
ESF /
Resource Hash
7bed3510e9ee751101790f18736237ef8da6abddb1ad415de151be7779a084ea
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-mBYdCFMaCkVkxMpKQOo-hw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingWebSwitchboardHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://rj.xpdbk.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 22 May 2024 07:51:16 GMT
content-security-policy
script-src 'report-sample' 'nonce-mBYdCFMaCkVkxMpKQOo-hw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingWebSwitchboardHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
reporting-endpoints
default="/_/ContributorServingWebSwitchboardHttp/web-reports?context=eJzjytDikmJw1ZBiOO90h-k6EBtoPGeyAGKJry-ZNIA45vl01hQgdkqfwRoExD71M1hjgLj15jnWqUCc9O88axEQ71x8gfUgEK86coF1ExC3f77AOh2Iv7FfZP0HxEI8HF-Ob9vEJvDh6M0dzEoaSfmF8cn5eSVFmUmlJflFaclpqcWpRWWpRfFGBkYmBqZGBnoGZvEFBgCvtEQy"
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy
same-origin
server
ESF
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-frame-options
SAMEORIGIN
content-type
application/javascript; charset=utf-8
cache-control
no-cache, no-store, max-age=0, must-revalidate
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
timing-allow-origin
*
expires
Mon, 01 Jan 1990 00:00:00 GMT
rum
rj.xpdbk.com/cdn-cgi/ 		0
139 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://rj.xpdbk.com/cdn-cgi/rum?
Requested by
Host: static.cloudflareinsights.com
URL: https://static.cloudflareinsights.com/beacon.min.js/vedd3670a3b1c4e178fdfb0cc912d969e1713874337387
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.221.143 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
sec-ch-ua-platform
"Win32"
Referer
https://rj.xpdbk.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
content-type
application/json

Response headers

date
Wed, 22 May 2024 07:51:17 GMT
x-content-type-options
nosniff
server
cloudflare
vary
Origin
access-control-max-age
86400
access-control-allow-methods
POST,OPTIONS
access-control-allow-origin
https://rj.xpdbk.com
x-frame-options
DENY
access-control-allow-credentials
true
cf-ray
887b385b6d992c56-FRA
favicon.ico
rj.xpdbk.com/ 		17 KB
11 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://rj.xpdbk.com/favicon.ico
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.221.143 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5cf87bdb24f8e456275e9c5cabfc900f76d09e60e3eea9dac8a3c5ce538c341a
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Content-Type-Options nosniff, nosniff
X-Frame-Options SAMEORIGIN, DENY
X-Xss-Protection 1; mode=block, 0

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://rj.xpdbk.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 22 May 2024 07:51:17 GMT
content-encoding
gzip
x-content-type-options
nosniff, nosniff
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=15552000; includeSubDomains; preload
cross-origin-embedder-policy
require-corp
alt-svc
h3=":443"; ma=86400
x-xss-protection
1; mode=block, 0
referrer-policy
same-origin, strict-origin-when-cross-origin
server
cloudflare
etag
W/"20fc59da2e5a8fdfde44cc64033ab096"
expect-ct
max-age=86400, enforce
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=56g%2BRilw2vvhJoNN19AXJuiV4EJOQ83Pr8lncAOYNBGrnRxV%2FfJyz%2B9x3RvkLcL9fnhdsRDOObrA19KdSWl%2FvAhnmVKzFywLfdoO6LaVjtBnkJ62g9y5iu%2Fcn607e6w%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/vnd.microsoft.icon
access-control-allow-origin
*
cache-control
public, max-age=86400, must-revalidate
x-frame-options
SAMEORIGIN, DENY
cf-ray
887b385b6d9c2c56-FRA
priority
u=1,i

Verdicts & Comments Add Verdict or Comment

61 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| 4 object| 5 object| 6 boolean| doNotTrack function| gtag object| dataLayer object| zarazData object| zaraz object| google_tag_manager object| google_tag_data function| onYouTubeIframeAPIReady object| gaGlobal object| __cfBeacon string| prefixedKey function| __h82AlnkH6D91__ object| adsbygoogle function| __p4qa8r1lb17__ string| cHViLTEyNDYxMzY2ODUzNjQ4Mjg= object| google_js_reporting_queue number| google_srt object| google_persistent_state_async object| google_logging_queue number| tmod object| google_ad_modifications object| ggeac boolean| google_measure_js_timing object| google_reactive_ads_global_state object| google_sa_queue function| google_process_slots function| google_spfd number| google_unique_id object| google_sv_map number| google_rum_task_id_counter string| google_user_agent_client_hint object| default_ContributorServingResponseClientJs object| _F_toggles object| __googlefc string| __fcInvoked string| __fcexpdef string| ZTM2ZTE1MTMxYTU0ZjljMWxvYWRlcl9qcw== string| ZTM2ZTE1MTMxYTU0ZjljMWNhY2hlZF9qcw== object| googlefc object| __fcInternalApiManager boolean| __fcInternalApiPostMessageReady object| __tcfapiEventListeners function| __tcfapi object| __tcfapiManager boolean| __tcfapiPostMessageReady function| __uspapi object| __uspapiManager boolean| __uspapiPostMessageReady object| __gppEventListeners function| __gpp object| __gppManager boolean| __gppPostMessageReady function| google_sa_impl boolean| adsbygoogle_ama_fc_has_run

3 Cookies

Domain/Path Name / Value
.xpdbk.com/ Name: _ga_3Z93D2VBZ4
Value: GS1.1.1716364276.1.0.1716364276.0.0.0
.xpdbk.com/ Name: _ga
Value: GA1.1.435412003.1716364276
.xpdbk.com/ Name: cf_clearance
Value: ElsWzMvfHtIlnMUUdxEIGlo9z7JAqdIOyzf6lPpr4vk-1716364276-1.0.1.1-fHGcS2tC.jNfqjrcVHjNWoJ.0T8UDlAyFesEaCqCnk.ihSpzDNhYIS6bdupXRQtvmhAT5AdEI7Q4l3TS87imSQ

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Content-Type-Options nosniff nosniff
X-Frame-Options SAMEORIGIN DENY
X-Xss-Protection 1; mode=block 0

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

fonts.googleapis.com
fonts.gstatic.com
fundingchoicesmessages.google.com
pagead2.googlesyndication.com
region1.google-analytics.com
rj.xpdbk.com
static.cloudflareinsights.com
www.googletagmanager.com
142.250.185.174
172.67.221.143
2001:4860:4802:32::36
216.58.206.66
2606:4700:3033::6815:190e
2606:4700::6810:4f49
2a00:1450:4001:810::200a
2a00:1450:4001:811::200e
2a00:1450:4001:81d::2003
2a00:1450:4001:82f::2008
023cf8b8a67fe94bcef10d2a02505f939fe00978a20638cc40de1d7842b3521c
05dbe8ca7940331b32eed06d014d379fe67cc5b92b59ca010188034a1cefef0c
24b17b32eb92474c3d243d4bf171f1ca4119403b1b19cb7ecbbe0d835dac7dd8
3c4d6a1421c7ddb7e404521fe8c4cd5be5af446d7689cd880be26612eaad3cfa
441e23601fe7525a142857c98cbb2784997579d51a17f736d7964dceee609709
4d66b27258647be3a94ea1481b4c4deb9c318bfa9566fa2fbc69a7138c287624
554d66b3f3f0f27bf7261e5a4880b8b9448ae41136be31d3718ddd92676b79c9
59d81a11e5b5445352995778be58b3a9b1373899ec8b4486238c3c0f984bd8c4
5cf87bdb24f8e456275e9c5cabfc900f76d09e60e3eea9dac8a3c5ce538c341a
6b7dfb79b63e4202eaad4d930a87c85325776c5b800a672363283ad3dc73af1c
725512785d563a7abddf4860d78af1c6f87493e409c032942ceddfda16ff4ce0
7bed3510e9ee751101790f18736237ef8da6abddb1ad415de151be7779a084ea
8265f64786397d6b832d1ca0aafdf149ad84e72759fffa9f7272e91a0fb015d1
8bd9b8f2f0150d197289eaf8f83fbe0e4a278b6e733d02d96b0e5d8bc7d812a3
ba606b66ad1713f1edd2ef4ff50f9bf23336b98ad139bddabcf218951f2e3cc1
c6a0e2b67b4f0ed322e1e775d307662b568467915d9e78f63a4ae7d20acc4af1
c914061e8bfbc96d1e5e90446caef92fd8bef801b832490967825f09b254bcf2
d2e817d2c44b9cf45f0e45cfa351abba3203af38f5aa1c8576a2db69ebd15192
d7df5597d8d0a6669262b56cf82be299f1e6313a1a5190e8f4249f0f20fd3129
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e58c4baadbcdb8784c6417a710d2de380d7ba9bb00093e3eb204d97dd30d66ea
e898441c132b8611a787d8170850bf4ce282523246f34498be051c40662a6edb
fccdcbc907f362d2212d66808653d77e633df7fa1721dc0f030c80307ae554fc