urlscan.io logo urlscan.io
SecurityTrails logo

fqqafw.com Open in urlscan Pro
172.67.197.212  Public Scan

Go To Rescan Add Verdict Report
URL: https://fqqafw.com/
Submission: On July 24 via api from US — Scanned from CA
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 12 IPs in 4 countries across 8 domains to perform 43 HTTP transactions. The main IP is 172.67.197.212, located in United States and belongs to CLOUDFLARENET, US. The main domain is fqqafw.com.
TLS certificate: Issued by WE1 on July 24th 2024. Valid for: 3 months.
This is the only time fqqafw.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
13 22 172.67.197.212 13335 (CLOUDFLAR...)
1 1 194.147.99.252 201106 (SPARTANHOST)
1 172.83.153.68 201106 (SPARTANHOST)
15 43.129.196.182 132203 (TENCENT-N...)
5 172.253.62.157 15169 (GOOGLE)
1 4.79.109.103 3356 (LEVEL3)
1 142.251.111.138 15169 (GOOGLE)
3 54.36.211.7 16276 (OVH)
3 172.253.63.155 15169 (GOOGLE)
1 203.107.62.211 37963 (ALIBABA-C...)
2 142.251.167.132 15169 (GOOGLE)
1 142.251.167.99 15169 (GOOGLE)
43 12
22    172.67.197.212 (United States)

ASN13335 (CLOUDFLARENET, US)
fqqafw.com
1    194.147.99.252 (Seattle, United States)

ASN201106 (SPARTANHOST, GB)
googlefonts.wp-china-yes.net
1    172.83.153.68 (Seattle, United States)

ASN201106 (SPARTANHOST, GB)
googlefonts.admincdn.com
15    43.129.196.182 (Hong Kong, Hong Kong)

ASN132203 (TENCENT-NET-AP-CN Tencent Building, Kejizhongyi Avenue, CN)
thornbird.org
5    172.253.62.157 (United States)

ASN15169 (GOOGLE, US)
PTR: bc-in-f157.1e100.net
pagead2.googlesyndication.com
1    4.79.109.103 (Seattle, United States)

ASN3356 (LEVEL3, US)
sdk.51.la
1    142.251.111.138 (Farmingdale, United States)

ASN15169 (GOOGLE, US)
PTR: bk-in-f138.1e100.net
fundingchoicesmessages.google.com
3    54.36.211.7 (France)

ASN16276 (OVH, FR)
PTR: ip7.ip-54-36-211.eu
gstatic.admincdn.com
3    172.253.63.155 (United States)

ASN15169 (GOOGLE, US)
PTR: bi-in-f155.1e100.net
googleads.g.doubleclick.net
1    203.107.62.211 (China)

ASN37963 (ALIBABA-CN-NET Hangzhou Alibaba Advertising Co.,Ltd., CN)
collect-v6.51.la
2    142.251.167.132 (Farmingdale, United States)

ASN15169 (GOOGLE, US)
PTR: ww-in-f132.1e100.net
tpc.googlesyndication.com
1    142.251.167.99 (Farmingdale, United States)

ASN15169 (GOOGLE, US)
PTR: ww-in-f99.1e100.net
www.google.com
Apex Domain
Subdomains		 Transfer
22 fqqafw.com
fqqafw.com
148 KB
15 thornbird.org
thornbird.org
90 KB
7 googlesyndication.com
pagead2.googlesyndication.com — Cisco Umbrella Rank: 157
tpc.googlesyndication.com — Cisco Umbrella Rank: 203
266 KB
4 admincdn.com
googlefonts.admincdn.com
gstatic.admincdn.com
64 KB
3 doubleclick.net
googleads.g.doubleclick.net — Cisco Umbrella Rank: 77
2 google.com
fundingchoicesmessages.google.com — Cisco Umbrella Rank: 662
www.google.com — Cisco Umbrella Rank: 10
10 KB
2 51.la
sdk.51.la — Cisco Umbrella Rank: 46121
collect-v6.51.la — Cisco Umbrella Rank: 35990
13 KB
1 wp-china-yes.net
googlefonts.wp-china-yes.net
365 B
43 8
Domain Requested by
22 fqqafw.com 13 redirects fqqafw.com
15 thornbird.org fqqafw.com
5 pagead2.googlesyndication.com fqqafw.com
pagead2.googlesyndication.com
3 googleads.g.doubleclick.net pagead2.googlesyndication.com
3 gstatic.admincdn.com googlefonts.admincdn.com
2 tpc.googlesyndication.com pagead2.googlesyndication.com
tpc.googlesyndication.com
1 www.google.com tpc.googlesyndication.com
1 collect-v6.51.la sdk.51.la
1 fundingchoicesmessages.google.com fqqafw.com
1 sdk.51.la fqqafw.com
1 googlefonts.admincdn.com fqqafw.com
1 googlefonts.wp-china-yes.net 1 redirects
43 12
Subject Issuer Validity Valid
fqqafw.com
WE1		 2024-07-24 -
2024-10-22		 3 months crt.sh
*.g.doubleclick.net
WR2		 2024-06-24 -
2024-09-16		 3 months crt.sh
*.51.la
Sectigo RSA Domain Validation Secure Server CA		 2024-05-14 -
2025-05-14		 a year crt.sh
*.google.com
WR2		 2024-06-24 -
2024-09-16		 3 months crt.sh
thornbird.org
R10		 2024-06-15 -
2024-09-13		 3 months crt.sh
*.admincdn.com
GlobalSign GCC R6 AlphaSSL CA 2023		 2024-03-09 -
2025-04-10		 a year crt.sh
tpc.googlesyndication.com
WR2		 2024-06-24 -
2024-09-16		 3 months crt.sh

This page contains 6 frames:

Primary Page: https://fqqafw.com/
Frame ID: 5E18FC6FC10C9180807C26A21036CC47
Requests: 38 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20240722/r20110914/zrt_lookup_fy2021.html
Frame ID: 47896473E7EFB5BEC62D28F03DEE48F3
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1902165735651346&output=html&adk=1812271804&adf=3025194257&abgtt=6&lmt=1721837102&plat=9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&plas=164x945_l%7C164x945_r&format=0x0&url=https%3A%2F%2Ffqqafw.com%2F&pra=5&wgl=1&easpi=0&aihb=0&asro=0&ailel=29~27~1~2~4~6~7~8~9~10~11~12~13~14~15~16~17~18~19~20~21~24~30&aiael=29~27~1~2~4~6~7~8~9~10~11~12~13~14~15~16~17~18~19~20~21~24~30&aifxl=27_14~30_19&aiixl=29_5~27_3~30_6&aslmct=0.7&asamct=0.7&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1721837102382&bpp=17&bdt=5714&idt=492&shv=r20240722&mjsv=m202407180101&ptt=9&saldr=aa&abxe=1&cookie_enabled=1&eoidce=1&nras=1&correlator=3940601013507&frm=20&pv=2&ga_vid=581318720.1721837103&ga_sid=1721837103&ga_hid=1247849138&ga_fc=0&u_tz=-420&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C31085512%2C42532524%2C95331689%2C95334529%2C95334828%2C95337870%2C95338255%2C31084185%2C31078663%2C31078668%2C31078670&oid=2&pvsid=1066885775048044&tmod=95892661&uas=0&nvt=1&fsapi=1&fc=1920&brdim=660%2C660%2C660%2C660%2C1600%2C0%2C1600%2C1285%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&cms=2&fu=32768&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&nt=1&ifi=1&uci=a!1&fsb=1&dtd=554
Frame ID: 08CB0EE4A03C125EB606365E72E06548
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-0455162410312294&output=html&h=250&slotname=7862040239&adk=2192414650&adf=3335720523&pi=t.ma~as.7862040239&w=301&abgtt=6&fwrn=4&fwrnh=100&lmt=1721837102&rafmt=1&format=301x250&url=https%3A%2F%2Ffqqafw.com%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1721837102399&bpp=3&bdt=5732&idt=567&shv=r20240722&mjsv=m202407180101&ptt=9&saldr=aa&abxe=1&cookie_enabled=1&eoidce=1&prev_fmts=0x0&nras=1&correlator=3940601013507&frm=20&pv=2&ga_vid=581318720.1721837103&ga_sid=1721837103&ga_hid=1247849138&ga_fc=0&u_tz=-420&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=220&ady=1339&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C31085512%2C42532524%2C95331689%2C95334529%2C95334828%2C95337870%2C95338255%2C31084185%2C31078663%2C31078668%2C31078670&oid=2&pvsid=1066885775048044&tmod=95892661&uas=0&nvt=1&fc=1920&brdim=660%2C660%2C660%2C660%2C1600%2C0%2C1600%2C1285%2C1600%2C1200&vis=1&rsz=%7C%7CpEebr%7C&abl=CS&pfx=0&fu=128&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&nt=1&ifi=2&uci=a!2&btvi=1&fsb=1&dtd=583
Frame ID: 23E96A2FD2FD9F5412B46D3554877CCF
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 8C5C1E41C288DC99762D80485186277B
Requests: 1 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 46E168E355C4879B47C596784BD5CFED
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

鳥叔の窩

Detected technologies

Overall confidence: 100%
Detected patterns
  • /wp-(?:content|includes)/
Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]*?bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.css
  • bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js
Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]*?(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
  • (?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
Overall confidence: 100%
Detected patterns
  • googlesyndication\.com/
Overall confidence: 100%
Detected patterns
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?
Overall confidence: 100%
Detected patterns
  • jquery[.-]migrate(?:-([\d.]+))?(?:\.min)?\.js(?:\?ver=([\d.]+))?

Page Statistics

43
Requests

65 %
HTTPS

0 %
IPv6

8
Domains

12
Subdomains

12
IPs

4
Countries

586 kB
Transfer

1640 kB
Size

6
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 4
  • https://googlefonts.wp-china-yes.net/css?family=Nunito+Sans%3A400%2C400i%2C700%2C700i%7CRoboto%3A400%2C400i%2C700%2C700i&subset=latin%2Clatin-ext HTTP 301
  • https://googlefonts.admincdn.com/css?family=Nunito+Sans%3A400%2C400i%2C700%2C700i%7CRoboto%3A400%2C400i%2C700%2C700i&subset=latin%2Clatin-ext
Request Chain 6
  • https://fqqafw.com/?wp-includes/js/jquery/jquery.min.js?ver=3.6.0 HTTP 302
  • https://thornbird.org/wp-includes/js/jquery/jquery.min.js?ver=3.6.0
Request Chain 7
  • https://fqqafw.com/?wp-includes/js/jquery/jquery-migrate.min.js?ver=3.3.2 HTTP 302
  • https://thornbird.org/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.3.2
Request Chain 10
  • https://fqqafw.com/?wp-content/uploads/ta-thumbnails-cache/214x138-c/2023/12/3442-1.jpg HTTP 302
  • https://thornbird.org/wp-content/uploads/ta-thumbnails-cache/214x138-c/2023/12/3442-1.jpg
Request Chain 11
  • https://fqqafw.com/?wp-content/uploads/ta-thumbnails-cache/214x138-c/2023/12/3438-1.jpg HTTP 302
  • https://thornbird.org/wp-content/uploads/ta-thumbnails-cache/214x138-c/2023/12/3438-1.jpg
Request Chain 12
  • https://fqqafw.com/?wp-content/uploads/ta-thumbnails-cache/214x138-c/2023/12/3432-1.jpg HTTP 302
  • https://thornbird.org/wp-content/uploads/ta-thumbnails-cache/214x138-c/2023/12/3432-1.jpg
Request Chain 13
  • https://fqqafw.com/?wp-content/uploads/ta-thumbnails-cache/214x138-c/2023/11/3398-1.jpg HTTP 302
  • https://thornbird.org/wp-content/uploads/ta-thumbnails-cache/214x138-c/2023/11/3398-1.jpg
Request Chain 14
  • https://fqqafw.com/?wp-content/uploads/ta-thumbnails-cache/214x138-c/2023/11/3387-1.jpg HTTP 302
  • https://thornbird.org/wp-content/uploads/ta-thumbnails-cache/214x138-c/2023/11/3387-1.jpg
Request Chain 16
  • https://fqqafw.com/?wp-content/themes/allium/js/enquire.js?ver=2.1.6 HTTP 302
  • https://thornbird.org/wp-content/themes/allium/js/enquire.js?ver=2.1.6
Request Chain 17
  • https://fqqafw.com/?wp-content/themes/allium/js/fitvids.js?ver=1.1 HTTP 302
  • https://thornbird.org/wp-content/themes/allium/js/fitvids.js?ver=1.1
Request Chain 18
  • https://fqqafw.com/?wp-content/themes/allium/js/hover-intent.js?ver=r7 HTTP 302
  • https://thornbird.org/wp-content/themes/allium/js/hover-intent.js?ver=r7
Request Chain 19
  • https://fqqafw.com/?wp-content/themes/allium/js/superfish.js?ver=1.7.10 HTTP 302
  • https://thornbird.org/wp-content/themes/allium/js/superfish.js?ver=1.7.10
Request Chain 20
  • https://fqqafw.com/?wp-content/themes/allium/js/custom.js?ver=1.0 HTTP 302
  • https://thornbird.org/wp-content/themes/allium/js/custom.js?ver=1.0
Request Chain 21
  • https://fqqafw.com/?wp-content/plugins/wpfront-scroll-top/js/wpfront-scroll-top.min.js?ver=2.2.10081 HTTP 302
  • https://thornbird.org/wp-content/plugins/wpfront-scroll-top/js/wpfront-scroll-top.min.js?ver=2.2.10081

43 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
fqqafw.com/ 		46 KB
11 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://fqqafw.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.197.212 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / PHP/5.6.40
Resource Hash
25b7a146105fe107d32074d9041b45360e10c24d4feffa9f127ebba30adbe3a1

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

alt-svc
h3=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
8a85260dabcbac87-YYZ
content-encoding
br
content-type
text/html;charset=utf-8
date
Wed, 24 Jul 2024 16:04:56 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=P15XOUrPrziagao1MzexOdxNPY6j02KZnQX3%2Fpyki3H1rCT6dKnwJW1bkzZeixxfYN%2FdFhAKQ%2FpzgnizmjziaxAB1f17Sv2fdGRAjqO4dSGAp359O6jS9gdEZr%2FZ"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
x-powered-by
PHP/5.6.40
/
fqqafw.com/ 		87 KB
15 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fqqafw.com/?wp-includes/css/dist/block-library/style.min.css?ver=6.0.2
Requested by
Host: fqqafw.com
URL: https://fqqafw.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.197.212 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / PHP/5.6.40
Resource Hash
d7705700d24d5919255576642ad2c28bfc790390b7183a369038ff5c1e814d51

Request headers

Referer
https://fqqafw.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Wed, 24 Jul 2024 16:04:58 GMT
content-encoding
gzip
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
x-powered-by
PHP/5.6.40
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=oOCSVVMYL45VT0GUGbRUHTUs6trcOv4V1oPuCgM9w3ZlozjoQ9k%2B8pXNh%2F9V2xrQNC%2BiLkTQg8xKaJweG0a2rZtPpNum4Dn4%2B0trSYJ41FBFxZV3zVx%2B8gqb4pon"}],"group":"cf-nel","max_age":604800}
content-type
text/css;charset=from
cf-ray
8a8526225ed1ac87-YYZ
alt-svc
h3=":443"; ma=86400
/
fqqafw.com/ 		3 KB
891 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fqqafw.com/?wp-content/plugins/widget-options/assets/css/widget-options.css
Requested by
Host: fqqafw.com
URL: https://fqqafw.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.197.212 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / PHP/5.6.40
Resource Hash
abb0f964c9209344eba89cb789ed800a211da042d8341fbe4144f254d16e0458

Request headers

Referer
https://fqqafw.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Wed, 24 Jul 2024 16:04:58 GMT
content-encoding
gzip
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
x-powered-by
PHP/5.6.40
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=zDTWaxztIbrb8wvKFa35iihMxRieVK5tPiY87scCvV43Tf%2Fj%2BzlGPKapql6YMnJ%2BzJrfeMe1zjRIxA7mv2Mf6kz%2BsTTatXPRhDyvyJp2qU9y6Ysu%2FOFwmlSwACXl"}],"group":"cf-nel","max_age":604800}
content-type
text/css;charset=from
cf-ray
8a8526225ed5ac87-YYZ
alt-svc
h3=":443"; ma=86400
/
fqqafw.com/ 		31 KB
4 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fqqafw.com/?wp-content/themes/allium/css/bootstrap-custom.css?ver=6.0.2
Requested by
Host: fqqafw.com
URL: https://fqqafw.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.197.212 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / PHP/5.6.40
Resource Hash
3b8e92f7fca6451069a3ffd853597ad9c7ccc075bcf1bb326ec866579cf5e0cb

Request headers

Referer
https://fqqafw.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Wed, 24 Jul 2024 16:04:58 GMT
content-encoding
gzip
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
x-powered-by
PHP/5.6.40
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=FojmtZM3NVw5yuYJty5IBbuQjHqqxEENupW9EB8LCxLJ0cn8OfBpfIU68EOOfRKzsrc7aXkPB0alIFqn5ucE0SsGY%2B2cYoLB%2BZ7b9mvj7WnOJbgWmt%2B2vwIO85gV"}],"group":"cf-nel","max_age":604800}
content-type
text/css;charset=from
cf-ray
8a8526225ed8ac87-YYZ
alt-svc
h3=":443"; ma=86400
/
fqqafw.com/ 		66 KB
14 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fqqafw.com/?wp-content/themes/allium/css/fontawesome-all.css?ver=6.0.2
Requested by
Host: fqqafw.com
URL: https://fqqafw.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.197.212 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / PHP/5.6.40
Resource Hash
dae999d0a20a12daf561bb2dd7fa204c65586d3462aacc307c3e9fb384775d68

Request headers

Referer
https://fqqafw.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Wed, 24 Jul 2024 16:04:58 GMT
content-encoding
gzip
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
x-powered-by
PHP/5.6.40
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=60SsrgivMLI360rAC713ij6Gd4rtHVNg0co1fNFOJltEqMtFd6LKNSXLV1pz0b1dJa6xFSk6XJLTqmh4hlvb0De80aN2cLr1rn9AFaCp5wIZIriFE0YRr%2BHBjTUY"}],"group":"cf-nel","max_age":604800}
content-type
text/css;charset=from
cf-ray
8a8526225ed9ac87-YYZ
alt-svc
h3=":443"; ma=86400
css
googlefonts.admincdn.com/
Redirect Chain
  • https://googlefonts.wp-china-yes.net/css?family=Nunito+Sans%3A400%2C400i%2C700%2C700i%7CRoboto%3A400%2C400i%2C700%2C700i&subset=latin%2Clatin-ext
  • https://googlefonts.admincdn.com/css?family=Nunito+Sans%3A400%2C400i%2C700%2C700i%7CRoboto%3A400%2C400i%2C700%2C700i&subset=latin%2Clatin-ext
17 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://googlefonts.admincdn.com/css?family=Nunito+Sans%3A400%2C400i%2C700%2C700i%7CRoboto%3A400%2C400i%2C700%2C700i&subset=latin%2Clatin-ext
Requested by
Host: fqqafw.com
URL: https://fqqafw.com/
Protocol
H2
Server
172.83.153.68 Seattle, United States, ASN201106 (SPARTANHOST, GB),
Reverse DNS
Software
WJDUN /
Resource Hash
1355c0936536410c7776e861202da82c2d2c874a19ad6c1cd4b0de739d738d06
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Xss-Protection 0

Request headers

Referer
https://fqqafw.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Wed, 24 Jul 2024 16:05:01 GMT
strict-transport-security
max-age=31536000
content-encoding
br
server
WJDUN
x-cache-status
EXPIRED
vary
Accept-Encoding, User-Agent
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=2592000
admincdn-cache
HIT
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
x-xss-protection
0
expires
Fri, 23 Aug 2024 16:05:01 GMT

Redirect headers

location
https://googlefonts.admincdn.com/css?family=Nunito+Sans%3A400%2C400i%2C700%2C700i%7CRoboto%3A400%2C400i%2C700%2C700i&subset=latin%2Clatin-ext
date
Wed, 24 Jul 2024 16:04:58 GMT
strict-transport-security
max-age=31536000
server
nginx
content-length
162
content-type
text/html
/
fqqafw.com/ 		78 KB
17 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fqqafw.com/?wp-content/themes/allium/style.css?ver=6.0.2
Requested by
Host: fqqafw.com
URL: https://fqqafw.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.197.212 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / PHP/5.6.40
Resource Hash
180e2e84d638ccedf87e03698fce89f1ccee1f639ad92415ee92662ef9b37c08

Request headers

Referer
https://fqqafw.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Wed, 24 Jul 2024 16:04:58 GMT
content-encoding
gzip
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
x-powered-by
PHP/5.6.40
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=xoAcf%2BYm6V%2BM6sgLfdudnpSEr15W9Al0y5e0rHYtRkU4v89hucCNjnLpWZAzJGGNmqQxSchV%2FtPENlljL0T0s4w%2FoBnM7xPxWuxu%2BsI5uygPK44NV6O7tGMNI5D3"}],"group":"cf-nel","max_age":604800}
content-type
text/css;charset=from
cf-ray
8a8526226effac87-YYZ
alt-svc
h3=":443"; ma=86400
jquery.min.js
thornbird.org/wp-includes/js/jquery/
Redirect Chain
  • https://fqqafw.com/?wp-includes/js/jquery/jquery.min.js?ver=3.6.0
  • https://thornbird.org/wp-includes/js/jquery/jquery.min.js?ver=3.6.0
87 KB
34 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://thornbird.org/wp-includes/js/jquery/jquery.min.js?ver=3.6.0
Requested by
Host: fqqafw.com
URL: https://fqqafw.com/
Protocol
H2
Server
43.129.196.182 Hong Kong, Hong Kong, ASN132203 (TENCENT-NET-AP-CN Tencent Building, Kejizhongyi Avenue, CN),
Reverse DNS
Software
nginx /
Resource Hash
bd4de6a3fc0fb68d6f76ba7b93514b96a92e585c295b5351c31ad92a4b0777ea
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://fqqafw.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Wed, 24 Jul 2024 16:04:58 GMT
strict-transport-security
max-age=31536000
content-encoding
gzip
last-modified
Fri, 20 Aug 2021 11:34:44 GMT
server
nginx
etag
W/"611f9354-15db1"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=43200
expires
Thu, 25 Jul 2024 04:04:58 GMT

Redirect headers

date
Wed, 24 Jul 2024 16:04:57 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
x-powered-by
PHP/5.6.40
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=XBXtfCoo8YT792j8U3Et4fAqJTKa7fQLqVEXbqOp%2FFUSUJywETo0JfMDJ17kRJ1Yec1oc9prBTcoCXsFGImJQgjzgg3Rm1bJylPNF8MpvabzPxZcfR14YfQzoBk2"}],"group":"cf-nel","max_age":604800}
content-type
text/javascript;charset=UTF-8
location
https://thornbird.org/wp-includes/js/jquery/jquery.min.js?ver=3.6.0
cf-ray
8a8526226f01ac87-YYZ
alt-svc
h3=":443"; ma=86400
jquery-migrate.min.js
thornbird.org/wp-includes/js/jquery/
Redirect Chain
  • https://fqqafw.com/?wp-includes/js/jquery/jquery-migrate.min.js?ver=3.3.2
  • https://thornbird.org/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.3.2
11 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://thornbird.org/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.3.2
Requested by
Host: fqqafw.com
URL: https://fqqafw.com/
Protocol
H2
Server
43.129.196.182 Hong Kong, Hong Kong, ASN132203 (TENCENT-NET-AP-CN Tencent Building, Kejizhongyi Avenue, CN),
Reverse DNS
Software
nginx /
Resource Hash
029e0a2e809fd6b5dbe76abe8b7a74936be306c9a8c27c814c4d44aa54623300
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://fqqafw.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Wed, 24 Jul 2024 16:04:58 GMT
strict-transport-security
max-age=31536000
content-encoding
gzip
last-modified
Mon, 04 Jan 2021 13:15:51 GMT
server
nginx
etag
W/"5ff31507-2bd8"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=43200
expires
Thu, 25 Jul 2024 04:04:58 GMT

Redirect headers

date
Wed, 24 Jul 2024 16:04:57 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
x-powered-by
PHP/5.6.40
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=GXIzSvQ3ucST%2FdPWV9KRkP6R%2Fdp9wK8%2BjU9YW49kn30N1dosjaCgxrB%2BoNZNRtgR1j37bJfzDemY%2BJsbS6X%2FwxhO%2BX9tMlRGX9B6QPvOQNQN2rfutSDFMdnJsGjO"}],"group":"cf-nel","max_age":604800}
content-type
text/javascript;charset=UTF-8
location
https://thornbird.org/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.3.2
cf-ray
8a8526226f02ac87-YYZ
alt-svc
h3=":443"; ma=86400
/
fqqafw.com/ 		2 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fqqafw.com/?wp-content/plugins/wp-thumbnails/style.css
Requested by
Host: fqqafw.com
URL: https://fqqafw.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.197.212 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / PHP/5.6.40
Resource Hash
b3bdef7b1d61c5710fde8fe96bb8693c0222ff7edf0c8c40b52848f84afe81a4

Request headers

Referer
https://fqqafw.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Wed, 24 Jul 2024 16:04:58 GMT
content-encoding
gzip
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
x-powered-by
PHP/5.6.40
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=mGInUDIZuM116jVYQnuZPUR2G8co9SCI1UED4oLSitJLRUPCIwuM3YV1pVcuV26MKzlXctgEn8R9S6Cww%2BNZv3iTag0%2FJ0vjqZSoJkqmEWTbQSdo5zkMhGrInXrN"}],"group":"cf-nel","max_age":604800}
content-type
text/css;charset=from
cf-ray
8a8526226f05ac87-YYZ
alt-svc
h3=":443"; ma=86400
adsbygoogle.js
pagead2.googlesyndication.com/pagead/js/ 		159 KB
52 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-1902165735651346
Requested by
Host: fqqafw.com
URL: https://fqqafw.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.253.62.157 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bc-in-f157.1e100.net
Software
cafe /
Resource Hash
4ca3d9850f6728d2f83979e849d826c4c1a77860572de9479a41ad305c47a303
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fqqafw.com/
Origin
https://fqqafw.com
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Wed, 24 Jul 2024 16:05:01 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
53431
x-xss-protection
0
server
cafe
etag
3280913499756560811
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin
*
link
<https://googleads.g.doubleclick.net>; rel="preconnect"; crossorigin
expires
Wed, 24 Jul 2024 16:05:01 GMT
3442-1.jpg
thornbird.org/wp-content/uploads/ta-thumbnails-cache/214x138-c/2023/12/
Redirect Chain
  • https://fqqafw.com/?wp-content/uploads/ta-thumbnails-cache/214x138-c/2023/12/3442-1.jpg
  • https://thornbird.org/wp-content/uploads/ta-thumbnails-cache/214x138-c/2023/12/3442-1.jpg
8 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://thornbird.org/wp-content/uploads/ta-thumbnails-cache/214x138-c/2023/12/3442-1.jpg
Requested by
Host: fqqafw.com
URL: https://fqqafw.com/
Protocol
H2
Server
43.129.196.182 Hong Kong, Hong Kong, ASN132203 (TENCENT-NET-AP-CN Tencent Building, Kejizhongyi Avenue, CN),
Reverse DNS
Software
nginx /
Resource Hash
27cbf1afdbacbaf8dbd2a54984c1b66dab55fef87ff1d1879758a0db51445d0c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://fqqafw.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Wed, 24 Jul 2024 16:04:58 GMT
strict-transport-security
max-age=31536000
last-modified
Sun, 31 Dec 2023 03:20:40 GMT
server
nginx
etag
"6590de08-1e48"
content-type
image/jpeg
cache-control
max-age=2592000
accept-ranges
bytes
content-length
7752
expires
Fri, 23 Aug 2024 16:04:58 GMT

Redirect headers

date
Wed, 24 Jul 2024 16:04:57 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
x-powered-by
PHP/5.6.40
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=cTWIisqKGRqJSjUVcatE4x4I7S7ElPRfF5hAv0z0wV0T2V5CtT9I0jlybWCMwH0hGH9Et7lJxyi9eB9H0d9pmmu2aPU5rtxrT4MZuHXYS5wBw0JnkqdBp3qr78BK"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg; charset=UTF-8
location
https://thornbird.org/wp-content/uploads/ta-thumbnails-cache/214x138-c/2023/12/3442-1.jpg
cf-ray
8a8526226f07ac87-YYZ
alt-svc
h3=":443"; ma=86400
3438-1.jpg
thornbird.org/wp-content/uploads/ta-thumbnails-cache/214x138-c/2023/12/
Redirect Chain
  • https://fqqafw.com/?wp-content/uploads/ta-thumbnails-cache/214x138-c/2023/12/3438-1.jpg
  • https://thornbird.org/wp-content/uploads/ta-thumbnails-cache/214x138-c/2023/12/3438-1.jpg
4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://thornbird.org/wp-content/uploads/ta-thumbnails-cache/214x138-c/2023/12/3438-1.jpg
Requested by
Host: fqqafw.com
URL: https://fqqafw.com/
Protocol
H2
Server
43.129.196.182 Hong Kong, Hong Kong, ASN132203 (TENCENT-NET-AP-CN Tencent Building, Kejizhongyi Avenue, CN),
Reverse DNS
Software
nginx /
Resource Hash
a346be255ebae0bd52054cfe6904173f86528b86a59cd56ebd3c0149db9d15f3
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://fqqafw.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Wed, 24 Jul 2024 16:04:58 GMT
strict-transport-security
max-age=31536000
last-modified
Mon, 25 Dec 2023 07:56:08 GMT
server
nginx
etag
"65893598-e69"
content-type
image/jpeg
cache-control
max-age=2592000
accept-ranges
bytes
content-length
3689
expires
Fri, 23 Aug 2024 16:04:58 GMT

Redirect headers

date
Wed, 24 Jul 2024 16:04:57 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
x-powered-by
PHP/5.6.40
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=fjpsrEm5VXg3IFvfISFe8pAg9btN%2F%2FE8E5WhqYyQ8PU8Ji2V256lBHkz8fod1V2qwtTmdaJim61rFbb1L2VrNfxGEkKH3sGit126uw%2BTt8C8gs882B1S7ocf1DuS"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg; charset=UTF-8
location
https://thornbird.org/wp-content/uploads/ta-thumbnails-cache/214x138-c/2023/12/3438-1.jpg
cf-ray
8a8526226f09ac87-YYZ
alt-svc
h3=":443"; ma=86400
3432-1.jpg
thornbird.org/wp-content/uploads/ta-thumbnails-cache/214x138-c/2023/12/
Redirect Chain
  • https://fqqafw.com/?wp-content/uploads/ta-thumbnails-cache/214x138-c/2023/12/3432-1.jpg
  • https://thornbird.org/wp-content/uploads/ta-thumbnails-cache/214x138-c/2023/12/3432-1.jpg
5 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://thornbird.org/wp-content/uploads/ta-thumbnails-cache/214x138-c/2023/12/3432-1.jpg
Requested by
Host: fqqafw.com
URL: https://fqqafw.com/
Protocol
H2
Server
43.129.196.182 Hong Kong, Hong Kong, ASN132203 (TENCENT-NET-AP-CN Tencent Building, Kejizhongyi Avenue, CN),
Reverse DNS
Software
nginx /
Resource Hash
11abf517edbce41d0aa05d1a618e7154bb5bb139901b45d47c878c6ef8c1e6a6
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://fqqafw.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Wed, 24 Jul 2024 16:05:00 GMT
strict-transport-security
max-age=31536000
last-modified
Wed, 13 Dec 2023 00:53:00 GMT
server
nginx
etag
"6579006c-1284"
content-type
image/jpeg
cache-control
max-age=2592000
accept-ranges
bytes
content-length
4740
expires
Fri, 23 Aug 2024 16:05:00 GMT

Redirect headers

date
Wed, 24 Jul 2024 16:05:00 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
x-powered-by
PHP/5.6.40
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=haAA8dkwXjajl8UIScf9rYzqTN1onZ2cP3c25ySDZGK5h9UdRcOPZlXjQ1NC07%2F6F%2F8hRxCrOgk8X6EzeWH%2Fe6FQszR44qlRPhOnATETuq%2BJLQATpjgPvgwdTcgv"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg; charset=UTF-8
location
https://thornbird.org/wp-content/uploads/ta-thumbnails-cache/214x138-c/2023/12/3432-1.jpg
cf-ray
8a8526303974ac87-YYZ
alt-svc
h3=":443"; ma=86400
3398-1.jpg
thornbird.org/wp-content/uploads/ta-thumbnails-cache/214x138-c/2023/11/
Redirect Chain
  • https://fqqafw.com/?wp-content/uploads/ta-thumbnails-cache/214x138-c/2023/11/3398-1.jpg
  • https://thornbird.org/wp-content/uploads/ta-thumbnails-cache/214x138-c/2023/11/3398-1.jpg
6 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://thornbird.org/wp-content/uploads/ta-thumbnails-cache/214x138-c/2023/11/3398-1.jpg
Requested by
Host: fqqafw.com
URL: https://fqqafw.com/
Protocol
H2
Server
43.129.196.182 Hong Kong, Hong Kong, ASN132203 (TENCENT-NET-AP-CN Tencent Building, Kejizhongyi Avenue, CN),
Reverse DNS
Software
nginx /
Resource Hash
fe8134c4457bd6ed11e97d3497a22ade6b253a2e882ca50fcf0a6d72701226fa
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://fqqafw.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Wed, 24 Jul 2024 16:05:00 GMT
strict-transport-security
max-age=31536000
last-modified
Sun, 10 Dec 2023 13:41:36 GMT
server
nginx
etag
"6575c010-1666"
content-type
image/jpeg
cache-control
max-age=2592000
accept-ranges
bytes
content-length
5734
expires
Fri, 23 Aug 2024 16:05:00 GMT

Redirect headers

date
Wed, 24 Jul 2024 16:05:00 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
x-powered-by
PHP/5.6.40
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=O8LF5RXz9lNzPfRgY%2FN5rBEC69p3eTq7AITkTvgse1FIs3SSEV6Hefs%2FzOabhnwVwfTvtpgEBE0wLT6OKZgQj9i9akeEiotLyNK2hbpS1h9fSl27Ol52v9xzxS9H"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg; charset=UTF-8
location
https://thornbird.org/wp-content/uploads/ta-thumbnails-cache/214x138-c/2023/11/3398-1.jpg
cf-ray
8a85263049abac87-YYZ
alt-svc
h3=":443"; ma=86400
3387-1.jpg
thornbird.org/wp-content/uploads/ta-thumbnails-cache/214x138-c/2023/11/
Redirect Chain
  • https://fqqafw.com/?wp-content/uploads/ta-thumbnails-cache/214x138-c/2023/11/3387-1.jpg
  • https://thornbird.org/wp-content/uploads/ta-thumbnails-cache/214x138-c/2023/11/3387-1.jpg
10 KB
10 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://thornbird.org/wp-content/uploads/ta-thumbnails-cache/214x138-c/2023/11/3387-1.jpg
Requested by
Host: fqqafw.com
URL: https://fqqafw.com/
Protocol
H2
Server
43.129.196.182 Hong Kong, Hong Kong, ASN132203 (TENCENT-NET-AP-CN Tencent Building, Kejizhongyi Avenue, CN),
Reverse DNS
Software
nginx /
Resource Hash
216e8e853db9114054a09bcb10ddb7f34abaead56f7fe967e580f30ffca2adb8
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://fqqafw.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Wed, 24 Jul 2024 16:05:01 GMT
strict-transport-security
max-age=31536000
last-modified
Tue, 28 Nov 2023 10:09:45 GMT
server
nginx
etag
"6565bc69-266d"
content-type
image/jpeg
cache-control
max-age=2592000
accept-ranges
bytes
content-length
9837
expires
Fri, 23 Aug 2024 16:05:01 GMT

Redirect headers

date
Wed, 24 Jul 2024 16:05:00 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
x-powered-by
PHP/5.6.40
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Y4nYZgr%2Bmk%2B1IXTdR8kftUIfK%2F647ozLphj08wNHzQ5t7%2B6yJSWGApsKXBUHOLhQTLuh1gQYgW%2FGVry7dhaHczQCFkd%2Fi6KnT3TYgMAg4RU6fbGZYiwJFJ6RuUZ6"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg; charset=UTF-8
location
https://thornbird.org/wp-content/uploads/ta-thumbnails-cache/214x138-c/2023/11/3387-1.jpg
cf-ray
8a8526355f96ac87-YYZ
alt-svc
h3=":443"; ma=86400
adsbygoogle.js
pagead2.googlesyndication.com/pagead/js/ 		159 KB
52 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-0455162410312294
Requested by
Host: fqqafw.com
URL: https://fqqafw.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.253.62.157 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bc-in-f157.1e100.net
Software
cafe /
Resource Hash
fc56f2f6d3eaf76e7106aebd644c3b166c61dcffce97b359c4275f54457bf9f2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fqqafw.com/
Origin
https://fqqafw.com
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Wed, 24 Jul 2024 16:05:01 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
53432
x-xss-protection
0
server
cafe
etag
16439640376696487271
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin
*
link
<https://googleads.g.doubleclick.net>; rel="preconnect"; crossorigin
expires
Wed, 24 Jul 2024 16:05:01 GMT
enquire.js
thornbird.org/wp-content/themes/allium/js/
Redirect Chain
  • https://fqqafw.com/?wp-content/themes/allium/js/enquire.js?ver=2.1.6
  • https://thornbird.org/wp-content/themes/allium/js/enquire.js?ver=2.1.6
10 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://thornbird.org/wp-content/themes/allium/js/enquire.js?ver=2.1.6
Requested by
Host: fqqafw.com
URL: https://fqqafw.com/
Protocol
H2
Server
43.129.196.182 Hong Kong, Hong Kong, ASN132203 (TENCENT-NET-AP-CN Tencent Building, Kejizhongyi Avenue, CN),
Reverse DNS
Software
nginx /
Resource Hash
6a9ffd212b49ebb3c4972bf0596b49e6e82d8df757a3a989d4cff99b20d64526
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://fqqafw.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Wed, 24 Jul 2024 16:05:01 GMT
strict-transport-security
max-age=31536000
content-encoding
gzip
last-modified
Wed, 12 Apr 2023 02:35:46 GMT
server
nginx
etag
W/"64361902-2687"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=43200
expires
Thu, 25 Jul 2024 04:05:01 GMT

Redirect headers

date
Wed, 24 Jul 2024 16:05:00 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
x-powered-by
PHP/5.6.40
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Zoa0U%2BEs7bW%2Bk9V%2ByXCEnkvsUZI4mibnLeQyhi5ri0qDokT7FBSAxC4703lfjGEAeG1h%2BGWXuUS9KeRn5GxMXDaxcyW%2Bqt9mQLL2X8EkdygOI1sY3UDr2Y01mbC2"}],"group":"cf-nel","max_age":604800}
content-type
text/javascript;charset=UTF-8
location
https://thornbird.org/wp-content/themes/allium/js/enquire.js?ver=2.1.6
cf-ray
8a8526356fabac87-YYZ
alt-svc
h3=":443"; ma=86400
fitvids.js
thornbird.org/wp-content/themes/allium/js/
Redirect Chain
  • https://fqqafw.com/?wp-content/themes/allium/js/fitvids.js?ver=1.1
  • https://thornbird.org/wp-content/themes/allium/js/fitvids.js?ver=1.1
3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://thornbird.org/wp-content/themes/allium/js/fitvids.js?ver=1.1
Requested by
Host: fqqafw.com
URL: https://fqqafw.com/
Protocol
H2
Server
43.129.196.182 Hong Kong, Hong Kong, ASN132203 (TENCENT-NET-AP-CN Tencent Building, Kejizhongyi Avenue, CN),
Reverse DNS
Software
nginx /
Resource Hash
07f79fbda35a2bf03f2940978670a2a53cf21e490ecce887bf92fc2e3f359293
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://fqqafw.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Wed, 24 Jul 2024 16:05:02 GMT
strict-transport-security
max-age=31536000
content-encoding
gzip
last-modified
Wed, 12 Apr 2023 02:35:46 GMT
server
nginx
etag
W/"64361902-d16"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=43200
expires
Thu, 25 Jul 2024 04:05:02 GMT

Redirect headers

date
Wed, 24 Jul 2024 16:05:01 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
x-powered-by
PHP/5.6.40
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=kSfylxXFzH0ethtnAJsMG6Qydf7rg1wOpajCno1V05iP3dHPQRxnQ6qxf9FVPM8RGbvG2NjW89zElu9LEwLPZ0gUrH3YHHPZU2oQPcIu0iJwdo9Z8pVxjGELrMjo"}],"group":"cf-nel","max_age":604800}
content-type
text/javascript;charset=UTF-8
location
https://thornbird.org/wp-content/themes/allium/js/fitvids.js?ver=1.1
cf-ray
8a85263a7de6ac87-YYZ
alt-svc
h3=":443"; ma=86400
hover-intent.js
thornbird.org/wp-content/themes/allium/js/
Redirect Chain
  • https://fqqafw.com/?wp-content/themes/allium/js/hover-intent.js?ver=r7
  • https://thornbird.org/wp-content/themes/allium/js/hover-intent.js?ver=r7
5 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://thornbird.org/wp-content/themes/allium/js/hover-intent.js?ver=r7
Requested by
Host: fqqafw.com
URL: https://fqqafw.com/
Protocol
H2
Server
43.129.196.182 Hong Kong, Hong Kong, ASN132203 (TENCENT-NET-AP-CN Tencent Building, Kejizhongyi Avenue, CN),
Reverse DNS
Software
nginx /
Resource Hash
6448707333e2cd315212bb14e3ec42b201f2a08cc7bf8aad63de93149dd86479
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://fqqafw.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Wed, 24 Jul 2024 16:05:02 GMT
strict-transport-security
max-age=31536000
content-encoding
gzip
last-modified
Wed, 12 Apr 2023 02:35:46 GMT
server
nginx
etag
W/"64361902-134b"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=43200
expires
Thu, 25 Jul 2024 04:05:02 GMT

Redirect headers

date
Wed, 24 Jul 2024 16:05:01 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
x-powered-by
PHP/5.6.40
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=D7E5QTFbXKIKKFyxeULUW2laJXXI2GqMbvKI%2B1Gx%2FhwJ9dySikQO6hTK9z%2FO8cC1op3yHCoU8ZIzVbxYzWGGkXxdOQZ5u%2B4JzRP4cYGMaBRSgbD7Jt3JAD82cOZy"}],"group":"cf-nel","max_age":604800}
content-type
text/javascript;charset=UTF-8
location
https://thornbird.org/wp-content/themes/allium/js/hover-intent.js?ver=r7
cf-ray
8a85263aae0fac87-YYZ
alt-svc
h3=":443"; ma=86400
superfish.js
thornbird.org/wp-content/themes/allium/js/
Redirect Chain
  • https://fqqafw.com/?wp-content/themes/allium/js/superfish.js?ver=1.7.10
  • https://thornbird.org/wp-content/themes/allium/js/superfish.js?ver=1.7.10
7 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://thornbird.org/wp-content/themes/allium/js/superfish.js?ver=1.7.10
Requested by
Host: fqqafw.com
URL: https://fqqafw.com/
Protocol
H2
Server
43.129.196.182 Hong Kong, Hong Kong, ASN132203 (TENCENT-NET-AP-CN Tencent Building, Kejizhongyi Avenue, CN),
Reverse DNS
Software
nginx /
Resource Hash
5c94aadfbe04dda0b0b5e2caa901efbab78ea6092ca3fa63d849c7e66688269f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://fqqafw.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Wed, 24 Jul 2024 16:05:02 GMT
strict-transport-security
max-age=31536000
content-encoding
gzip
last-modified
Wed, 12 Apr 2023 02:35:46 GMT
server
nginx
etag
W/"64361902-1dba"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=43200
expires
Thu, 25 Jul 2024 04:05:02 GMT

Redirect headers

date
Wed, 24 Jul 2024 16:05:02 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
x-powered-by
PHP/5.6.40
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=5ZwLtS9%2Fa%2BeymKmNhOukxraxtv3lrK0jvSoy4fvi9HRZo6dhVbOBUpjHfkbZVSEyT1UEsKFhEeYf4gIUfz83v1xOQ16IONJU1c5g1EXZ5ISIiW%2BgCXJaVnnGjJ6v"}],"group":"cf-nel","max_age":604800}
content-type
text/javascript;charset=UTF-8
location
https://thornbird.org/wp-content/themes/allium/js/superfish.js?ver=1.7.10
cf-ray
8a85263d3a3bac87-YYZ
alt-svc
h3=":443"; ma=86400
custom.js
thornbird.org/wp-content/themes/allium/js/
Redirect Chain
  • https://fqqafw.com/?wp-content/themes/allium/js/custom.js?ver=1.0
  • https://thornbird.org/wp-content/themes/allium/js/custom.js?ver=1.0
5 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://thornbird.org/wp-content/themes/allium/js/custom.js?ver=1.0
Requested by
Host: fqqafw.com
URL: https://fqqafw.com/
Protocol
H2
Server
43.129.196.182 Hong Kong, Hong Kong, ASN132203 (TENCENT-NET-AP-CN Tencent Building, Kejizhongyi Avenue, CN),
Reverse DNS
Software
nginx /
Resource Hash
526de1df499ec6af5ca31bddf53c5582c5b23dd9c77bf22e9d3c36ab3c4c2b35
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://fqqafw.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Wed, 24 Jul 2024 16:05:02 GMT
strict-transport-security
max-age=31536000
content-encoding
gzip
last-modified
Wed, 12 Apr 2023 02:35:46 GMT
server
nginx
etag
W/"64361902-1333"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=43200
expires
Thu, 25 Jul 2024 04:05:02 GMT

Redirect headers

date
Wed, 24 Jul 2024 16:05:02 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
x-powered-by
PHP/5.6.40
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=rJRBUTt2htf%2Btjeeut0WFZSk2903Ucfp6MGuslXy8BosmNYw3iIt6u56TpzWohbJwmki4p1lz4toF%2Fth8IRVNZ5950rgnEiffNZ7YX%2Fl56WisofBBZw8s1vLnupY"}],"group":"cf-nel","max_age":604800}
content-type
text/javascript;charset=UTF-8
location
https://thornbird.org/wp-content/themes/allium/js/custom.js?ver=1.0
cf-ray
8a85263d4a44ac87-YYZ
alt-svc
h3=":443"; ma=86400
wpfront-scroll-top.min.js
thornbird.org/wp-content/plugins/wpfront-scroll-top/js/
Redirect Chain
  • https://fqqafw.com/?wp-content/plugins/wpfront-scroll-top/js/wpfront-scroll-top.min.js?ver=2.2.10081
  • https://thornbird.org/wp-content/plugins/wpfront-scroll-top/js/wpfront-scroll-top.min.js?ver=2.2.10081
1 KB
882 B 		Script
General
Check archive.org
Download Go to
Full URL
https://thornbird.org/wp-content/plugins/wpfront-scroll-top/js/wpfront-scroll-top.min.js?ver=2.2.10081
Requested by
Host: fqqafw.com
URL: https://fqqafw.com/
Protocol
H2
Server
43.129.196.182 Hong Kong, Hong Kong, ASN132203 (TENCENT-NET-AP-CN Tencent Building, Kejizhongyi Avenue, CN),
Reverse DNS
Software
nginx /
Resource Hash
620e1bf8ac9225fd82f6bfd9b6e809ec4bed0eea1b844951745454ecba214a44
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://fqqafw.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Wed, 24 Jul 2024 16:05:02 GMT
strict-transport-security
max-age=31536000
content-encoding
gzip
last-modified
Thu, 12 Oct 2023 23:00:31 GMT
server
nginx
etag
W/"65287a8f-5d1"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=43200
expires
Thu, 25 Jul 2024 04:05:02 GMT

Redirect headers

date
Wed, 24 Jul 2024 16:05:02 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
x-powered-by
PHP/5.6.40
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=9DyYYibsdl9p0QRRWdpE03%2FZIRT9MbKcxTPLWti6zr1iDdLdznf5awTnOmzEluL%2F9jQVXCopCs1Aqr3DBiu0LT%2FPgQZYTz%2FInKtjcvqhzBwXO6V%2BtPGkEtyYEZzP"}],"group":"cf-nel","max_age":604800}
content-type
text/javascript;charset=UTF-8
location
https://thornbird.org/wp-content/plugins/wpfront-scroll-top/js/wpfront-scroll-top.min.js?ver=2.2.10081
cf-ray
8a85263d4a47ac87-YYZ
alt-svc
h3=":443"; ma=86400
js-sdk-pro.min.js
sdk.51.la/ 		34 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://sdk.51.la/js-sdk-pro.min.js
Requested by
Host: fqqafw.com
URL: https://fqqafw.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
4.79.109.103 Seattle, United States, ASN3356 (LEVEL3, US),
Reverse DNS
Software
openresty /
Resource Hash
c54ff899b5b9f90bd2ecc4dd87d877e87562f8c739ba2c167ccb61f02096abfa

Request headers

Referer
https://fqqafw.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Date
Wed, 24 Jul 2024 16:05:02 GMT
Content-Encoding
gzip
Server
openresty
Transfer-Encoding
chunked
Content-Type
text/plain; charset=utf-8
Access-Control-Allow-Origin
*
Cache-Control
no-store
Access-Control-Allow-Credentials
true
Connection
keep-alive
X-Ser
BC194_lt-obgp-fujian-xiamen-33-cache-1, BC103_US-Washington-seattle-1-cache-5
pub-0455162410312294
fundingchoicesmessages.google.com/i/ 		23 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://fundingchoicesmessages.google.com/i/pub-0455162410312294?ers=1
Requested by
Host: fqqafw.com
URL: https://fqqafw.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.111.138 Farmingdale, United States, ASN15169 (GOOGLE, US),
Reverse DNS
bk-in-f138.1e100.net
Software
ESF /
Resource Hash
351e56009cc70d51b85a208a6c7103dc9522fa684cbdc4cd2eb7b424a99ec8dd
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-hr_QsGWGhZuxevz5N82kSA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingWebSwitchboardHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://fqqafw.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Wed, 24 Jul 2024 16:05:01 GMT
content-security-policy
script-src 'report-sample' 'nonce-hr_QsGWGhZuxevz5N82kSA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingWebSwitchboardHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
reporting-endpoints
default="/_/ContributorServingWebSwitchboardHttp/web-reports?context=eJzjitDikmLw15BiOO90h-k6EEt8fcmkBcRO6TNYQ4DYp34GaxwQt948xzodiD8_Psf6G4iT_p1nLQHiJREXWY8kXmQ9-Pgi60kgNlS4xOoMxEI8HGvPtGxlE5gxa2ELs5JGUn5hfHJ-XklRZlJpSX5RWnJaanFqUVlqUbyRgZGJgbmRkZ6BaXyBAQChrDu6"
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy
same-origin
server
ESF
x-frame-options
SAMEORIGIN
content-type
application/javascript; charset=utf-8
cache-control
no-cache, no-store, max-age=0, must-revalidate
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factors=*, ch-ua-platform=*, ch-ua-platform-version=*
expires
Mon, 01 Jan 1990 00:00:00 GMT
wp-emoji-release.min.js
thornbird.org/wp-includes/js/ 		18 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://thornbird.org/wp-includes/js/wp-emoji-release.min.js?ver=6.0.2
Requested by
Host: fqqafw.com
URL: https://fqqafw.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
43.129.196.182 Hong Kong, Hong Kong, ASN132203 (TENCENT-NET-AP-CN Tencent Building, Kejizhongyi Avenue, CN),
Reverse DNS
Software
nginx /
Resource Hash
5aad5fbd4238981a9ff5e2772ff1353dfe1a801fb49542fe157418c1438f7782
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://fqqafw.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Wed, 24 Jul 2024 16:05:01 GMT
strict-transport-security
max-age=31536000
content-encoding
gzip
last-modified
Thu, 26 May 2022 23:27:17 GMT
server
nginx
etag
W/"62900cd5-48b9"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=43200
expires
Thu, 25 Jul 2024 04:05:01 GMT
KFOlCnqEu92Fr1MmWUlfBBc4.woff2
gstatic.admincdn.com/s/roboto/v30/ 		15 KB
16 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://gstatic.admincdn.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2
Requested by
Host: googlefonts.admincdn.com
URL: https://googlefonts.admincdn.com/css?family=Nunito+Sans%3A400%2C400i%2C700%2C700i%7CRoboto%3A400%2C400i%2C700%2C700i&subset=latin%2Clatin-ext
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
54.36.211.7 , France, ASN16276 (OVH, FR),
Reverse DNS
ip7.ip-54-36-211.eu
Software
LINUX /
Resource Hash
f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googlefonts.admincdn.com/
Origin
https://fqqafw.com
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Wed, 24 Jul 2024 16:05:03 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
content-encoding
br
age
404202
x-cache-status
HIT
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
admincdn-cache
HIT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
server
LINUX
cross-origin-opener-policy
same-origin; report-to="apps-themes"
vary
Accept-Encoding
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
max-age=2592000
timing-allow-origin
*
expires
Tue, 20 Aug 2024 23:57:04 GMT
/
fqqafw.com/ 		77 KB
78 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fqqafw.com/?wp-content/themes/allium/webfonts/fa-solid-900.woff2
Requested by
Host: fqqafw.com
URL: https://fqqafw.com/?wp-content/themes/allium/css/fontawesome-all.css?ver=6.0.2
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.197.212 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / PHP/5.6.40
Resource Hash
f419ad7a4477f36ce73c74a23dce784150ca38fa5075a8e06109709cbb716903

Request headers

Referer
https://fqqafw.com/?wp-content/themes/allium/css/fontawesome-all.css?ver=6.0.2
Origin
https://fqqafw.com
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Wed, 24 Jul 2024 16:05:02 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
x-powered-by
PHP/5.6.40
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=%2FBaf4kGhcxCmFMLPAqXkczhjI%2F2fDXIZbROQJWycdPPGq2qyKNV9qZ%2FAWL6GbQL8FPAVwBHScake3XZbf%2BDSuhExRcqf55fwX1TfIRZD1nrVTUXO5E3IfDiybuEF"}],"group":"cf-nel","max_age":604800}
content-type
application/font-woff2
cf-ray
8a85263ecc21ac87-YYZ
alt-svc
h3=":443"; ma=86400
KFOmCnqEu92Fr1Mu4mxK.woff2
gstatic.admincdn.com/s/roboto/v30/ 		15 KB
16 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://gstatic.admincdn.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2
Requested by
Host: googlefonts.admincdn.com
URL: https://googlefonts.admincdn.com/css?family=Nunito+Sans%3A400%2C400i%2C700%2C700i%7CRoboto%3A400%2C400i%2C700%2C700i&subset=latin%2Clatin-ext
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
54.36.211.7 , France, ASN16276 (OVH, FR),
Reverse DNS
ip7.ip-54-36-211.eu
Software
LINUX /
Resource Hash
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googlefonts.admincdn.com/
Origin
https://fqqafw.com
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Wed, 24 Jul 2024 16:05:03 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
content-encoding
br
age
457028
x-cache-status
HIT
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
admincdn-cache
MISS
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
server
LINUX
cross-origin-opener-policy
same-origin; report-to="apps-themes"
vary
Accept-Encoding
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
max-age=2592000
timing-allow-origin
*
expires
Tue, 20 Aug 2024 23:57:04 GMT
pe0TMImSLYBIv1o4X1M8ce2xCx3yop4tQpF_MeTm0lfGWVpNn64CL7U8upHZIbMV51Q42ptCp7t1R-s.woff2
gstatic.admincdn.com/s/nunitosans/v15/ 		30 KB
31 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://gstatic.admincdn.com/s/nunitosans/v15/pe0TMImSLYBIv1o4X1M8ce2xCx3yop4tQpF_MeTm0lfGWVpNn64CL7U8upHZIbMV51Q42ptCp7t1R-s.woff2
Requested by
Host: googlefonts.admincdn.com
URL: https://googlefonts.admincdn.com/css?family=Nunito+Sans%3A400%2C400i%2C700%2C700i%7CRoboto%3A400%2C400i%2C700%2C700i&subset=latin%2Clatin-ext
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
54.36.211.7 , France, ASN16276 (OVH, FR),
Reverse DNS
ip7.ip-54-36-211.eu
Software
LINUX /
Resource Hash
1393acc632c160def86b45c2521c8ee742b7e6239d0d90fb95f51d55cf48b9c3
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googlefonts.admincdn.com/
Origin
https://fqqafw.com
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Wed, 24 Jul 2024 16:05:03 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
content-encoding
br
age
600648
x-cache-status
HIT
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
admincdn-cache
MISS
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
server
LINUX
cross-origin-opener-policy
same-origin; report-to="apps-themes"
vary
Accept-Encoding
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
max-age=2592000
timing-allow-origin
*
expires
Wed, 14 Aug 2024 12:33:35 GMT
show_ads_impl_fy2021.js
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202407180101/ 		423 KB
143 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202407180101/show_ads_impl_fy2021.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-1902165735651346
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.253.62.157 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bc-in-f157.1e100.net
Software
cafe /
Resource Hash
390796272f640a582cbb99f6e1be305f11d7ecae213a4c9d92d59a88dceab7b9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fqqafw.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Wed, 24 Jul 2024 16:05:02 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
146104
x-xss-protection
0
server
cafe
etag
8197411556082298858
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=1209600
timing-allow-origin
*
expires
Wed, 24 Jul 2024 16:05:02 GMT
adsbygoogle.js
pagead2.googlesyndication.com/pagead/js/ 		159 KB
0 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-0455162410312294
Requested by
Host: fqqafw.com
URL: https://fqqafw.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.253.62.157 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bc-in-f157.1e100.net
Software
cafe /
Resource Hash
fc56f2f6d3eaf76e7106aebd644c3b166c61dcffce97b359c4275f54457bf9f2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fqqafw.com/
Origin
https://fqqafw.com
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Wed, 24 Jul 2024 16:05:01 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
53432
x-xss-protection
0
server
cafe
etag
16439640376696487271
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin
*
link
<https://googleads.g.doubleclick.net>; rel="preconnect"; crossorigin
expires
Wed, 24 Jul 2024 16:05:01 GMT
zrt_lookup_fy2021.html
googleads.g.doubleclick.net/pagead/html/r20240722/r20110914/ Frame 4789 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/html/r20240722/r20110914/zrt_lookup_fy2021.html
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202407180101/show_ads_impl_fy2021.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.253.63.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bi-in-f155.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fqqafw.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

age
85855
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=1209600
content-encoding
br
content-length
4142
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Tue, 23 Jul 2024 16:14:08 GMT
etag
2738592464165616
expires
Tue, 06 Aug 2024 16:14:08 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
ads
googleads.g.doubleclick.net/pagead/ Frame 08CB 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1902165735651346&output=html&adk=1812271804&adf=3025194257&abgtt=6&lmt=1721837102&plat=9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&plas=164x945_l%7C164x945_r&format=0x0&url=https%3A%2F%2Ffqqafw.com%2F&pra=5&wgl=1&easpi=0&aihb=0&asro=0&ailel=29~27~1~2~4~6~7~8~9~10~11~12~13~14~15~16~17~18~19~20~21~24~30&aiael=29~27~1~2~4~6~7~8~9~10~11~12~13~14~15~16~17~18~19~20~21~24~30&aifxl=27_14~30_19&aiixl=29_5~27_3~30_6&aslmct=0.7&asamct=0.7&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1721837102382&bpp=17&bdt=5714&idt=492&shv=r20240722&mjsv=m202407180101&ptt=9&saldr=aa&abxe=1&cookie_enabled=1&eoidce=1&nras=1&correlator=3940601013507&frm=20&pv=2&ga_vid=581318720.1721837103&ga_sid=1721837103&ga_hid=1247849138&ga_fc=0&u_tz=-420&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C31085512%2C42532524%2C95331689%2C95334529%2C95334828%2C95337870%2C95338255%2C31084185%2C31078663%2C31078668%2C31078670&oid=2&pvsid=1066885775048044&tmod=95892661&uas=0&nvt=1&fsapi=1&fc=1920&brdim=660%2C660%2C660%2C660%2C1600%2C0%2C1600%2C1285%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&cms=2&fu=32768&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&nt=1&ifi=1&uci=a!1&fsb=1&dtd=554
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202407180101/show_ads_impl_fy2021.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.253.63.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bi-in-f155.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fqqafw.com/
Sec-Browsing-Topics
();p=P0000000000000000000000000000000
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private
content-encoding
br
content-length
46
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Wed, 24 Jul 2024 16:05:03 GMT
expires
Wed, 24 Jul 2024 16:05:03 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
ads
googleads.g.doubleclick.net/pagead/ Frame 23E9 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-0455162410312294&output=html&h=250&slotname=7862040239&adk=2192414650&adf=3335720523&pi=t.ma~as.7862040239&w=301&abgtt=6&fwrn=4&fwrnh=100&lmt=1721837102&rafmt=1&format=301x250&url=https%3A%2F%2Ffqqafw.com%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1721837102399&bpp=3&bdt=5732&idt=567&shv=r20240722&mjsv=m202407180101&ptt=9&saldr=aa&abxe=1&cookie_enabled=1&eoidce=1&prev_fmts=0x0&nras=1&correlator=3940601013507&frm=20&pv=2&ga_vid=581318720.1721837103&ga_sid=1721837103&ga_hid=1247849138&ga_fc=0&u_tz=-420&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=220&ady=1339&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C31085512%2C42532524%2C95331689%2C95334529%2C95334828%2C95337870%2C95338255%2C31084185%2C31078663%2C31078668%2C31078670&oid=2&pvsid=1066885775048044&tmod=95892661&uas=0&nvt=1&fc=1920&brdim=660%2C660%2C660%2C660%2C1600%2C0%2C1600%2C1285%2C1600%2C1200&vis=1&rsz=%7C%7CpEebr%7C&abl=CS&pfx=0&fu=128&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&nt=1&ifi=2&uci=a!2&btvi=1&fsb=1&dtd=583
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202407180101/show_ads_impl_fy2021.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.253.63.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bi-in-f155.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fqqafw.com/
Sec-Browsing-Topics
();p=P0000000000000000000000000000000
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding
br
content-length
46
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Wed, 24 Jul 2024 16:05:03 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
collect
collect-v6.51.la/v6/ 		0
398 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://collect-v6.51.la/v6/collect?dt=4
Requested by
Host: sdk.51.la
URL: https://sdk.51.la/js-sdk-pro.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
203.107.62.211 , China, ASN37963 (ALIBABA-CN-NET Hangzhou Alibaba Advertising Co.,Ltd., CN),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://fqqafw.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Access-Control-Allow-Origin
https://fqqafw.com
Date
Wed, 24 Jul 2024 16:05:04 GMT
Access-Control-Allow-Credentials
true
Server
nginx
Connection
keep-alive
Content-Length
0
Vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
102.png
thornbird.org/wp-content/plugins/wpfront-scroll-top/images/icons/ 		604 B
809 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://thornbird.org/wp-content/plugins/wpfront-scroll-top/images/icons/102.png
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
43.129.196.182 Hong Kong, Hong Kong, ASN132203 (TENCENT-NET-AP-CN Tencent Building, Kejizhongyi Avenue, CN),
Reverse DNS
Software
nginx /
Resource Hash
169355009c640109ab8af1d3de6e009526ca15082ef3a9405c89f66ae688cac7
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://fqqafw.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Wed, 24 Jul 2024 16:05:05 GMT
strict-transport-security
max-age=31536000
last-modified
Thu, 12 Oct 2023 23:00:31 GMT
server
nginx
etag
"65287a8f-25c"
content-type
image/png
cache-control
max-age=2592000
accept-ranges
bytes
content-length
604
expires
Fri, 23 Aug 2024 16:05:05 GMT
sodar
pagead2.googlesyndication.com/getconfig/ 		17 KB
13 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20240722&st=env
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202407180101/show_ads_impl_fy2021.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.253.62.157 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bc-in-f157.1e100.net
Software
cafe /
Resource Hash
b86ee517283c092943679e1e9ed6a667b8d9a7a487b5d455c0fcff636f55b306
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fqqafw.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Wed, 24 Jul 2024 16:05:05 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
12877
x-xss-protection
0
favicon.ico
fqqafw.com/ 		548 B
541 B 		Other
General
Check archive.org
Download Go to
Full URL
https://fqqafw.com/favicon.ico
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.197.212 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d465172175d35d493fb1633e237700022bd849fa123164790b168b8318acb090

Request headers

Referer
https://fqqafw.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Wed, 24 Jul 2024 16:05:05 GMT
content-encoding
br
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=oxugP1VPoAPoA6AD9kXwUDsIVx2Ep3WCecluNcLiqRECex5RTqyahWSRYbdNWLO9qgndVoDXTcCQRk8itKSdxqRJ3Cs1S69yT4AKO1ZPSB3f1oGkaoNPDl%2B0zApB"}],"group":"cf-nel","max_age":604800}
content-type
text/html
cache-control
max-age=14400
cf-ray
8a8526537f10ac87-YYZ
alt-svc
h3=":443"; ma=86400
sodar2.js
tpc.googlesyndication.com/sodar/ 		17 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202407180101/show_ads_impl_fy2021.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.167.132 Farmingdale, United States, ASN15169 (GOOGLE, US),
Reverse DNS
ww-in-f132.1e100.net
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fqqafw.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Wed, 24 Jul 2024 16:05:05 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Wed, 24 Jul 2024 16:05:05 GMT
runner.html
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 8C5C 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.167.132 Farmingdale, United States, ASN15169 (GOOGLE, US),
Reverse DNS
ww-in-f132.1e100.net
Software
sffe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fqqafw.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

accept-ranges
bytes
age
84919
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
5046
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Tue, 23 Jul 2024 16:29:46 GMT
expires
Wed, 23 Jul 2025 16:29:46 GMT
last-modified
Mon, 21 Jun 2021 20:47:05 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
aframe
www.google.com/recaptcha/api2/ Frame 46E1 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.167.99 Farmingdale, United States, ASN15169 (GOOGLE, US),
Reverse DNS
ww-in-f99.1e100.net
Software
GSE /
Resource Hash
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce--Hup9ZBD3Nsg1SSeHMA7TQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://fqqafw.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private, max-age=300
content-encoding
gzip
content-security-policy
script-src 'report-sample' 'nonce--Hup9ZBD3Nsg1SSeHMA7TQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Wed, 24 Jul 2024 16:05:05 GMT
expires
Wed, 24 Jul 2024 16:05:05 GMT
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block
sodar
pagead2.googlesyndication.com/pagead/ 		0
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
pagead2.googlesyndication.com
URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gda_r20240722&jk=1066885775048044&bg=!xsWlxYrNAAYaZPuaOmQ7ADQBe5WfOERoG22VLt__FlDYvq_TMoz9McKTKzONzP0fZBmL3UwWaG81tO4uAS2hxmgv_aENAgAAAi1SAAAABGgBB34ANpyXA3IaHK2p1-Rv7OjiHgpPRIJxBbh2XWz9O_1xcD90bd71YQGHu-ufzBj-RTE6zoy-212NTwoAapi2UhaKKR5mcG9ECxYMMFmn6QvNDePA8RpTy0ad-9Xwwa_10Pe_HUj4bvT5EV9PhXubxQWRvK1kIVRYkqAPEIYWhGNQcm-n3lPKpbzlParu7fbshLJoSmPXJBfwMwUEO3EYxG8RiEXbV4yZAqw34pPtUlfFyR_vuAgsxsI_4x205mmaMqNhJJqc3jl2JDEn4jj-wVSrGfCrrUvKjTORuMREHgGQWOJsR86RC9ChsJkxasWJFVyRyeds8wLe6tstlsI-ZFfJGls8t6pW5zitYB8I6DpyPDujsX6Ypda_dHDNk9iEftxDrFi7JPdAyEjcCjCwTSYcZlDsQUHDTTBWh1x6FHIM9qNbd470kb1SMevS5WJpSWnp0tdF_yTYNtbfC5czVeulA81FHtAvZ4Rx4-f0OexhMRVnpvMca3qIBZcslc9R5ch4sdxMulkvbW2El-ekJaMprSSrbekE9m_xFu89fmckZ0uw9K2c_h_V6ZELJmUrHraKJ_uIT7y9VSNNfDsHuOqIdWGgVPjZ2lxAchM0Ow0-pq-g5Qum-HFI-zShwuP1TLouek0FUZbRIsNofnO_Pdstr1uQvc4-IP52QkXfhYXoVrI2Te1S4hlIVhFqaA-VdL7v7GWoBs9xp5q5L-OgNKHA8UsK3bRWTiuZwXGK0_fPJx8xcd7Cf8MbKkpdstRb37ETqzqeupPmNaTYvnVymJJH3DWq_9P3hYYuPNNfRRJ4qtBjZVLjG5vPIgN7wymkPZw6MjhFX_YMxO-LHos6L0sIPJWtY7YPJps3JPuZu0PEZ_Ezgeu7FMSaDrd2wwqVhZ_aBpTJ357jPVRpbQTLxYcefGIizzatCuJsebSUUTmVAG0Vbf5J7cAiy23UPhzEnE_uRZQIYCq4jgi1ODUWq56A2F2Q2eM11I1HsU6e8Lwsyd0guZz6Kcwz4sfa7KVms6n0LgSoNilbT_y-RCKcadrwJacvbmQoYQtnUuWLe0FbSctfhAec6XHr1JL1Omga6fdNOzkn795g8BA21WsXpc67PVCD9uf2lIxJlbq2rYVHRZwC1ns

Verdicts & Comments Add Verdict or Comment

46 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| 4 object| 5 object| 6 object| _wpemojiSettings function| jQuery object| adsbygoogle object| enquire object| twemoji object| wp object| google_js_reporting_queue number| google_srt object| google_persistent_state_async object| google_logging_queue number| tmod object| google_ad_modifications object| ggeac object| google_tag_data object| google_reactive_ads_global_state object| google_sa_queue function| google_process_slots function| google_spfd number| google_unique_id object| google_sv_map number| google_rum_task_id_counter string| google_user_agent_client_hint object| wpfront_scroll_top_data function| google_sa_impl number| google_global_correlator object| google_prev_clients object| gaGlobal object| ampInaboxIframes object| ampInaboxPendingMessages object| LA number| laWaitTime function| __an6na521li18__ string| bG9hZGVyX2pz string| Y2FjaGVkX2pz object| googlefc object| __fcInternalApiManager boolean| __fcInternalApiPostMessageReady object| GoogleGcLKhOms object| google_image_requests

6 Cookies

Domain/Path Name / Value
fqqafw.com/ Name: X_CACHE_KEY
Value: aa4cbaa1aa49f5fa13687caf747d4a5d
fqqafw.com/ Name: __vtins__JLXn4PkYy3TIplD1
Value: %7B%22sid%22%3A%20%22fffaf0f7-1ac0-52c4-bdb5-274b61172841%22%2C%20%22vd%22%3A%201%2C%20%22stt%22%3A%200%2C%20%22dr%22%3A%200%2C%20%22expires%22%3A%201721838903157%2C%20%22ct%22%3A%201721837103157%7D
fqqafw.com/ Name: __51uvsct__JLXn4PkYy3TIplD1
Value: 1
fqqafw.com/ Name: __51vcke__JLXn4PkYy3TIplD1
Value: f7372fb2-95fd-5295-b9d5-74568918a974
fqqafw.com/ Name: __51vuft__JLXn4PkYy3TIplD1
Value: 1721837103226
.doubleclick.net/ Name: test_cookie
Value: CheckForPermission

2 Console Messages

Source Level URL
Text
network error URL: https://collect-v6.51.la/v6/collect?dt=4
Message:
Failed to load resource: the server responded with a status of 406 ()
network error URL: https://fqqafw.com/favicon.ico
Message:
Failed to load resource: the server responded with a status of 404 ()

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

collect-v6.51.la
fqqafw.com
fundingchoicesmessages.google.com
googleads.g.doubleclick.net
googlefonts.admincdn.com
googlefonts.wp-china-yes.net
gstatic.admincdn.com
pagead2.googlesyndication.com
sdk.51.la
thornbird.org
tpc.googlesyndication.com
www.google.com
pagead2.googlesyndication.com
142.251.111.138
142.251.167.132
142.251.167.99
172.253.62.157
172.253.63.155
172.67.197.212
172.83.153.68
194.147.99.252
203.107.62.211
4.79.109.103
43.129.196.182
54.36.211.7
029e0a2e809fd6b5dbe76abe8b7a74936be306c9a8c27c814c4d44aa54623300
07f79fbda35a2bf03f2940978670a2a53cf21e490ecce887bf92fc2e3f359293
11abf517edbce41d0aa05d1a618e7154bb5bb139901b45d47c878c6ef8c1e6a6
1355c0936536410c7776e861202da82c2d2c874a19ad6c1cd4b0de739d738d06
1393acc632c160def86b45c2521c8ee742b7e6239d0d90fb95f51d55cf48b9c3
169355009c640109ab8af1d3de6e009526ca15082ef3a9405c89f66ae688cac7
180e2e84d638ccedf87e03698fce89f1ccee1f639ad92415ee92662ef9b37c08
216e8e853db9114054a09bcb10ddb7f34abaead56f7fe967e580f30ffca2adb8
25b7a146105fe107d32074d9041b45360e10c24d4feffa9f127ebba30adbe3a1
27cbf1afdbacbaf8dbd2a54984c1b66dab55fef87ff1d1879758a0db51445d0c
351e56009cc70d51b85a208a6c7103dc9522fa684cbdc4cd2eb7b424a99ec8dd
390796272f640a582cbb99f6e1be305f11d7ecae213a4c9d92d59a88dceab7b9
3b8e92f7fca6451069a3ffd853597ad9c7ccc075bcf1bb326ec866579cf5e0cb
4ca3d9850f6728d2f83979e849d826c4c1a77860572de9479a41ad305c47a303
526de1df499ec6af5ca31bddf53c5582c5b23dd9c77bf22e9d3c36ab3c4c2b35
5aad5fbd4238981a9ff5e2772ff1353dfe1a801fb49542fe157418c1438f7782
5c94aadfbe04dda0b0b5e2caa901efbab78ea6092ca3fa63d849c7e66688269f
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
620e1bf8ac9225fd82f6bfd9b6e809ec4bed0eea1b844951745454ecba214a44
6448707333e2cd315212bb14e3ec42b201f2a08cc7bf8aad63de93149dd86479
6a9ffd212b49ebb3c4972bf0596b49e6e82d8df757a3a989d4cff99b20d64526
a346be255ebae0bd52054cfe6904173f86528b86a59cd56ebd3c0149db9d15f3
abb0f964c9209344eba89cb789ed800a211da042d8341fbe4144f254d16e0458
b3bdef7b1d61c5710fde8fe96bb8693c0222ff7edf0c8c40b52848f84afe81a4
b86ee517283c092943679e1e9ed6a667b8d9a7a487b5d455c0fcff636f55b306
bd4de6a3fc0fb68d6f76ba7b93514b96a92e585c295b5351c31ad92a4b0777ea
c54ff899b5b9f90bd2ecc4dd87d877e87562f8c739ba2c167ccb61f02096abfa
d465172175d35d493fb1633e237700022bd849fa123164790b168b8318acb090
d7705700d24d5919255576642ad2c28bfc790390b7183a369038ff5c1e814d51
dae999d0a20a12daf561bb2dd7fa204c65586d3462aacc307c3e9fb384775d68
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
f419ad7a4477f36ce73c74a23dce784150ca38fa5075a8e06109709cbb716903
f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
fc56f2f6d3eaf76e7106aebd644c3b166c61dcffce97b359c4275f54457bf9f2
fe8134c4457bd6ed11e97d3497a22ade6b253a2e882ca50fcf0a6d72701226fa