h13.haruyd.vip Open in urlscan Pro
2606:4700:3036::6815:67a Public Scan

Go To Rescan
Add Verdict Report

URL:
https://h13.haruyd.vip/
Submission: On November 22 via api (November 22nd 2023, 2:58:39 pm UTC) from US — Scanned from US

Summary HTTP 114 Redirects Links 3 Behaviour Indicators

Summary

This website contacted 25 IPs in 3 countries across 23 domains to perform 114 HTTP transactions. The main IP is 2606:4700:3036::6815:67a, located in United States and belongs to CLOUDFLARENET, US. The main domain is h13.haruyd.vip.
TLS certificate: Issued by GTS CA 1P5 on October 26th 2023. Valid for: 3 months.

This is the only time h13.haruyd.vip was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
49	2606:4700:303... 2606:4700:3036::6815:67a	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3	2607:f8b0:400... 2607:f8b0:4004:c08::61	15169 (GOOGLE) (GOOGLE)
1	2606:4700:20:... 2606:4700:20::681a:407	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2606:4700:303... 2606:4700:3036::ac43:9386	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3	2606:4700:21:... 2606:4700:21::8d65:780b	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2001:4860:480... 2001:4860:4802:38::178	15169 (GOOGLE) (GOOGLE)
1	13.224.214.27 13.224.214.27	16509 (AMAZON-02) (AMAZON-02)
3	3.141.240.42 3.141.240.42	16509 (AMAZON-02) (AMAZON-02)
1	2606:4700:303... 2606:4700:3030::ac43:9dc8	13335 (CLOUDFLAR...) (CLOUDFLARENET)
24	2607:f8b0:400... 2607:f8b0:4004:c09::84	15169 (GOOGLE) (GOOGLE)
2	13.224.214.114 13.224.214.114	16509 (AMAZON-02) (AMAZON-02)
1	2606:4700:20:... 2606:4700:20::681a:c3c	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2 2	141.94.170.77 141.94.170.77	16276 (OVH) (OVH)
1 3	23.219.8.236 23.219.8.236	16625 (AKAMAI-AS) (AKAMAI-AS)
1	18.238.4.90 18.238.4.90	16509 (AMAZON-02) (AMAZON-02)
4	23.205.106.83 23.205.106.83	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
2 2	35.71.131.137 35.71.131.137	16509 (AMAZON-02) (AMAZON-02)
3	3.130.50.49 3.130.50.49	16509 (AMAZON-02) (AMAZON-02)
3 3	35.244.154.8 35.244.154.8	15169 (GOOGLE) (GOOGLE)
1 1	107.178.254.65 107.178.254.65	15169 (GOOGLE) (GOOGLE)
1 2	2620:1ec:21::14 2620:1ec:21::14	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
2 2	50.16.174.192 50.16.174.192	14618 (AMAZON-AES) (AMAZON-AES)
1 2	34.117.77.79 34.117.77.79	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1	104.86.160.58 104.86.160.58	16625 (AKAMAI-AS) (AKAMAI-AS)
1	2606:4700:10:... 2606:4700:10::6816:4bab	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	104.18.34.83 104.18.34.83	13335 (CLOUDFLAR...) (CLOUDFLARENET)
5	67.202.105.32 67.202.105.32	32748 (STEADFAST) (STEADFAST)
1	3.215.27.95 3.215.27.95	14618 (AMAZON-AES) (AMAZON-AES)
1	67.202.105.31 67.202.105.31	32748 (STEADFAST) (STEADFAST)
114	25

49 2606:4700:3036::6815:67a (United States)

ASN13335 (CLOUDFLARENET, US)

h13.haruyd.vip	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2607:f8b0:4004:c08::61 (Ashburn, United States)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:20::681a:407 (United States)

ASN13335 (CLOUDFLARENET, US)

waust.at	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700:3036::ac43:9386 (United States)

ASN13335 (CLOUDFLARENET, US)

lamosta.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2606:4700:21::8d65:780b (United States)

ASN13335 (CLOUDFLARENET, US)

t.dtscout.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2001:4860:4802:38::178 (United States)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.224.214.27 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-224-214-27.phl50.r.cloudfront.net

get.s-onetag.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 3.141.240.42 (Columbus, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-141-240-42.us-east-2.compute.amazonaws.com

pd.sharethis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:3030::ac43:9dc8 (United States)

ASN13335 (CLOUDFLARENET, US)

dtsedge.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

24 2607:f8b0:4004:c09::84 (Ashburn, United States)

ASN15169 (GOOGLE, US)

blogger.googleusercontent.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 13.224.214.114 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-224-214-114.phl50.r.cloudfront.net

tags.crwdcntrl.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:20::681a:c3c (United States)

ASN13335 (CLOUDFLARENET, US)

t.dtscdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 141.94.170.77 (France) 2 redirects

ASN16276 (OVH, FR)
PTR: pikafka-eu-6.cloudy.ovh

pixel.onaudience.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 23.219.8.236 (Ashburn, United States) 1 redirects

ASN16625 (AKAMAI-AS, US)
PTR: a23-219-8-236.deploy.static.akamaitechnologies.com

tags.bluekai.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
stags.bluekai.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.238.4.90 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-238-4-90.phl51.r.cloudfront.net

onetag-geo.s-onetag.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 23.205.106.83 (Ashburn, United States)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a23-205-106-83.deploy.static.akamaitechnologies.com

t.sharethis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.71.131.137 (United States) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: a6370ebea231e0c9a.awsglobalaccelerator.com

match.adsrvr.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 3.130.50.49 (Columbus, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-130-50-49.us-east-2.compute.amazonaws.com

sync.sharethis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 35.244.154.8 (Kansas City, United States) 3 redirects

ASN15169 (GOOGLE, US)
PTR: 8.154.244.35.bc.googleusercontent.com

idsync.rlcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 107.178.254.65 (Kansas City, United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: 65.254.178.107.bc.googleusercontent.com

pippio.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2620:1ec:21::14 (United States) 1 redirects

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

px.ads.linkedin.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 50.16.174.192 (Ashburn, United States) 2 redirects

ASN14618 (AMAZON-AES, US)
PTR: ec2-50-16-174-192.compute-1.amazonaws.com

ps.eyeota.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 34.117.77.79 (Kansas City, United States) 1 redirects

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 79.77.117.34.bc.googleusercontent.com

ml314.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.86.160.58 (Miami, United States)

ASN16625 (AKAMAI-AS, US)
PTR: a104-86-160-58.deploy.static.akamaitechnologies.com

tags.bkrtx.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:10::6816:4bab (United States)

ASN13335 (CLOUDFLARENET, US)

whos.amung.us	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.18.34.83 (None, )

ASN13335 (CLOUDFLARENET, US)

cdn.tynt.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 67.202.105.32 (United States)

ASN32748 (STEADFAST, US)
PTR: ip32.67-202-105.static.steadfastdns.net

ic.tynt.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 3.215.27.95 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-215-27-95.compute-1.amazonaws.com

bcp.crwdcntrl.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 67.202.105.31 (United States)

ASN32748 (STEADFAST, US)
PTR: ip31.67-202-105.static.steadfastdns.net

de.tynt.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
49	haruyd.vip h13.haruyd.vip	372 KB
24	googleusercontent.com blogger.googleusercontent.com — Cisco Umbrella Rank: 12682	8 MB
10	sharethis.com pd.sharethis.com — Cisco Umbrella Rank: 13053 t.sharethis.com — Cisco Umbrella Rank: 6925 sync.sharethis.com — Cisco Umbrella Rank: 3042	17 KB
7	tynt.com cdn.tynt.com — Cisco Umbrella Rank: 12815 ic.tynt.com — Cisco Umbrella Rank: 5525 de.tynt.com — Cisco Umbrella Rank: 1605	10 KB
3	rlcdn.com 3 redirects idsync.rlcdn.com — Cisco Umbrella Rank: 415	1 KB
3	bluekai.com 1 redirects tags.bluekai.com — Cisco Umbrella Rank: 685 stags.bluekai.com — Cisco Umbrella Rank: 921	1 KB
3	crwdcntrl.net tags.crwdcntrl.net — Cisco Umbrella Rank: 976 bcp.crwdcntrl.net — Cisco Umbrella Rank: 887	20 KB
3	dtscout.com t.dtscout.com — Cisco Umbrella Rank: 13562	5 KB
3	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 35	250 KB
2	ml314.com 1 redirects ml314.com — Cisco Umbrella Rank: 1908	557 B
2	eyeota.net 2 redirects ps.eyeota.net — Cisco Umbrella Rank: 1148	1 KB
2	linkedin.com 1 redirects px.ads.linkedin.com — Cisco Umbrella Rank: 377	890 B
2	adsrvr.org 2 redirects match.adsrvr.org — Cisco Umbrella Rank: 353	672 B
2	onaudience.com 2 redirects pixel.onaudience.com — Cisco Umbrella Rank: 3239	726 B
2	s-onetag.com get.s-onetag.com — Cisco Umbrella Rank: 4376 onetag-geo.s-onetag.com — Cisco Umbrella Rank: 5421	12 KB
2	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 27	308 B
2	lamosta.com lamosta.com	5 KB
1	amung.us whos.amung.us — Cisco Umbrella Rank: 16137	184 B
1	bkrtx.com tags.bkrtx.com — Cisco Umbrella Rank: 5990	16 KB
1	pippio.com 1 redirects pippio.com — Cisco Umbrella Rank: 988	634 B
1	dtscdn.com t.dtscdn.com — Cisco Umbrella Rank: 14519	602 B
1	dtsedge.com dtsedge.com — Cisco Umbrella Rank: 54196	453 B
1	waust.at waust.at — Cisco Umbrella Rank: 39728	4 KB
114	23

	Domain	Requested by
49	h13.haruyd.vip	h13.haruyd.vip
24	blogger.googleusercontent.com	lamosta.com
5	ic.tynt.com
4	t.sharethis.com	pd.sharethis.com t.sharethis.com
3	idsync.rlcdn.com	3 redirects
3	sync.sharethis.com	h13.haruyd.vip
3	pd.sharethis.com	t.dtscout.com h13.haruyd.vip t.sharethis.com
3	t.dtscout.com	waust.at t.dtscout.com
3	www.googletagmanager.com	h13.haruyd.vip www.googletagmanager.com
2	ml314.com	1 redirects h13.haruyd.vip
2	ps.eyeota.net	2 redirects
2	px.ads.linkedin.com	1 redirects
2	match.adsrvr.org	2 redirects
2	tags.bluekai.com	1 redirects h13.haruyd.vip
2	pixel.onaudience.com	2 redirects
2	tags.crwdcntrl.net	t.dtscout.com tags.crwdcntrl.net
2	www.google-analytics.com	www.googletagmanager.com
2	lamosta.com	h13.haruyd.vip
1	de.tynt.com	cdn.tynt.com
1	bcp.crwdcntrl.net	tags.crwdcntrl.net
1	cdn.tynt.com	waust.at
1	whos.amung.us	waust.at
1	stags.bluekai.com	tags.bkrtx.com
1	tags.bkrtx.com	pd.sharethis.com
1	pippio.com	1 redirects
1	onetag-geo.s-onetag.com	get.s-onetag.com
1	t.dtscdn.com	t.dtscout.com
1	dtsedge.com	t.dtscout.com
1	get.s-onetag.com	t.dtscout.com
1	waust.at	h13.haruyd.vip
114	30

This site contains links to these domains. Also see Links.

Domain
tvusan.vip
jusotown.vip
kindtoon.net

Subject Issuer	Validity	Valid
haruyd.vip GTS CA 1P5	`2023-10-26` - `2024-01-24`	3 months	crt.sh
*.google-analytics.com GTS CA 1C3	`2023-10-23` - `2024-01-15`	3 months	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2023-06-04` - `2024-06-03`	a year	crt.sh
lamosta.com E1	`2023-09-25` - `2023-12-24`	3 months	crt.sh
dtscout.com GTS CA 1P5	`2023-11-20` - `2024-02-18`	3 months	crt.sh
*.s-onetag.com Amazon RSA 2048 M03	`2023-11-04` - `2024-12-01`	a year	crt.sh
sharethis.com Amazon RSA 2048 M02	`2023-05-22` - `2024-06-19`	a year	crt.sh
dtsedge.com GTS CA 1P5	`2023-09-27` - `2023-12-26`	3 months	crt.sh
*.googleusercontent.com GTS CA 1C3	`2023-10-23` - `2024-01-15`	3 months	crt.sh
*.crwdcntrl.net Amazon RSA 2048 M01	`2023-10-08` - `2024-11-05`	a year	crt.sh
dtscdn.com GTS CA 1P5	`2023-11-15` - `2024-02-13`	3 months	crt.sh
cert1-prod.aut.a24365.net R3	`2023-11-22` - `2024-02-20`	3 months	crt.sh
*.bkrtx.com DigiCert TLS RSA SHA256 2020 CA1	`2023-01-18` - `2024-01-17`	a year	crt.sh
odc-pixel-prod-01.oracle.com DigiCert TLS RSA SHA256 2020 CA1	`2023-02-07` - `2024-02-08`	a year	crt.sh
*.tynt.com Sectigo RSA Domain Validation Secure Server CA	`2023-09-05` - `2024-09-30`	a year	crt.sh

This page contains 8 frames:

Primary Page: https://h13.haruyd.vip/
Frame ID: BBDDCF06668D7630C2011035AC01F53A
Requests: 77 HTTP requests in this frame

Frame: https://lamosta.com/banner1.php?site=haruyadong
Frame ID: 0B232EF6FDB8EF9DF287939BEF0FDE23
Requests: 19 HTTP requests in this frame

Frame: https://lamosta.com/banner1_side.php?site=haruyadong
Frame ID: 234E60135B25FE0B40C89456B145BD26
Requests: 7 HTTP requests in this frame

Frame: https://t.dtscout.com/idg/?su=4C301700665113A625D00D58923DD680
Frame ID: C030A584AC8A671DB5A59CB4AC69CDB0
Requests: 1 HTTP requests in this frame

Frame: https://t.sharethis.com/a/t_.htm?ver=1.1258.23363&cid=c010&cls=C
Frame ID: 676E90EA83C1CF2FA28AEEE340331D90
Requests: 1 HTTP requests in this frame

Frame: https://t.sharethis.com/1.1258.23363/a/US/t_.js?cid=c010&cls=C
Frame ID: C832F5292C28E84C785980C8C3984C55
Requests: 7 HTTP requests in this frame

Frame: https://pd.sharethis.com/pd/test_oracle
Frame ID: 7A695E2BF3221E3680589BF22269C366
Requests: 2 HTTP requests in this frame

Frame: https://stags.bluekai.com/site/59574?ret=html&phint=id%3DZGcABmVeFxkAAAAIIdEwAw%3D%3D&phint=__bk_k%3D&phint=__bk_pr%3Dhttps%3A%2F%2Ft.sharethis.com%2Fa%2Ft_.htm%3Fver%3D1.1258.23363%26cid%3Dc010%26cls%3DC&phint=__bk_l%3Dhttps%3A%2F%2Ft.sharethis.com%2Fa%2Ft_.htm%3Fver%3D1.1258.23363%26cid%3Dc010%26cls%3DC&phint=__bk_v%3D3.1.10&limit=5&r=12159456
Frame ID: 14E0D694A99A6DB1A3C1D385CC1F1682
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

하루야동 - 무료 성인커뮤니티

Detected technologies

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtag/js

OWL Carousel (Widgets) Expand

Overall confidence: 100%
Detected patterns

<link [^>]*href="[^"]+owl\.carousel(?:\.min)?\.css
owl\.carousel.*\.js

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

jQuery UI (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery-ui.*\.js

Page Statistics

114
Requests

95 %
HTTPS

38 %
IPv6

23
Domains

30
Subdomains

25
IPs

3
Countries

8574 kB
Transfer

9634 kB
Size

36
Cookies

3 Outgoing links

These are links going to different origins than the main page.

URL: https://tvusan.vip/
Title: 다시보기

Search URL Search Domain Scan URL

URL: https://jusotown.vip/
Title: 19링크

Search URL Search Domain Scan URL

URL: https://kindtoon.net/
Title: 성인웹툰

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 88

https://pixel.onaudience.com/?partner=137085098&mapped=4C301700665113A625D00D58923DD680 HTTP 302
https://pixel.onaudience.com/?partner=109&icm&cver&gdpr=0&smartmap=1&redirect=tags.bluekai.com%2Fsite%2F33141%3F%26id%3D%25m HTTP 302
https://tags.bluekai.com/site/33141?&id=555144ee63f95089

Request Chain 95

https://match.adsrvr.org/track/cmf/generic?ttd_pid=1h1y1a7&ttd_tpi=1&gdpr=0&gdpr_consent= HTTP 302
https://match.adsrvr.org/track/cmb/generic?ttd_pid=1h1y1a7&ttd_tpi=1&gdpr=0&gdpr_consent= HTTP 302
https://sync.sharethis.com/ttd?uid=be680996-9c49-4418-ba1e-c046aefb5e5d&gdpr=0&gdpr_consent=

Request Chain 96

https://idsync.rlcdn.com/386076.gif?partner_uid=ZGcABmVeFxkAAAAIIdEwAw%3D%3D&gdpr=0&gdpr_consent= HTTP 307
https://idsync.rlcdn.com/1000.gif?memo=CJzIFxIjCh8IARCAVxoYWkdjQUJtVmVGeGtBQUFBSUlkRXdBdz09EAAaDQiZrviqBhIFCOgHEABCAEoA HTTP 307
https://pippio.com/api/sync?pid=5324&it=1&iv=51a79032b8ac5b84ffb92d7cb1e0cabdee2fca07d8566d72d0d7d8632c019ac9791426b5417dce21&_=2 HTTP 307
https://px.ads.linkedin.com/db_sync?pid=10339&puuid=51a79032b8ac5b84ffb92d7cb1e0cabdee2fca07d8566d72d0d7d8632c019ac9791426b5417dce21&rand=01456247 HTTP 302
https://px.ads.linkedin.com/db_sync?pid=10339&puuid=51a79032b8ac5b84ffb92d7cb1e0cabdee2fca07d8566d72d0d7d8632c019ac9791426b5417dce21&rand=01456247&expected_cookie=de825d8e-3a84-48ce-9399-55912553f94a

Request Chain 97

https://ps.eyeota.net/pixel?pid=1mpb5m0&t=gif&gdpr=0&gdpr_consent= HTTP 302
https://ps.eyeota.net/pixel/bounce/?pid=1mpb5m0&t=gif&gdpr=0&gdpr_consent= HTTP 302
https://sync.sharethis.com/eyeota?uid=2KuXwfnAq6IZLG6UPT64UXFj2w_tv6ytmMmtaocwioSY&gdpr=0&gdpr_consent=

Request Chain 98

https://ml314.com/utsync.ashx?eid=50131&et=13&cid=lr&fp=ZGcABmVeFxkAAAAIIdEwAw%3D%3D&gdpr=0&gdpr_consent=&return=https%3A%2F%2Fidsync.rlcdn.com%2F395886.gif%3Fpartner_uid%3D%5BPersonID%5D HTTP 302
https://idsync.rlcdn.com/395886.gif?partner_uid=3640118655701745715 HTTP 307
https://ml314.com/csync.ashx?fp=e42f64429565ad8df5db502ffd7451d2747d1e5b5cbfc88016d4e6796f44819df4cb09cee1a4f8eb&person_id=3640118655701745715&eid=50082

Request Chain 99

https://tags.bluekai.com/site/59574?id=ZGcABmVeFxkAAAAIIdEwAw%3D%3D&redir=https%3A%2F%2Fsync.sharethis.com%2Foracle%3Fuid%3D%24_BK_UUID%26BK_SWAP_DEST%3D5957 HTTP 302
https://sync.sharethis.com/oracle?uid=$_BK_UUID&BK_SWAP_DEST=5957

114 HTTP transactions
1 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request / Show response
h13.haruyd.vip/ 52 KB
8 KB 903ms
807ms Document
text/html 2606:4700:3036::6815:67a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://h13.haruyd.vip/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3036::6815:67a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PHP/7.0.33
Resource Hash: c8975ceaebfa05793569965b48944d77fa94cf06c08304ecc57ca5d3f96e5e30

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400
cache-control: no-store, no-cache, must-revalidate post-check=0, pre-check=0
cf-cache-status: DYNAMIC
cf-ray: 82a207eefcaa0a22-MIA
content-encoding: br
content-type: text/html; charset=UTF-8
date: Wed, 22 Nov 2023 14:58:31 GMT
expires: Mon, 26 Jul 1997 05:00:00 GMT
last-modified: Wed, 22 Nov 2023 14:58:31 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
pragma: no-cache
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=HVif7FV6ClC25cUvtZi%2BkO3YNhBmpRCDkXzxTjOS0hcbyUXqbC9QsnykeIjnwLDAtQ8Fl8NxDpdXD6dkUa9jzZMD19Q0IjLV2zM%2BsRqrjUDJRNouR9lcEHJp34ZvFj3BO0QYPFo6buBGXbRWfw%3D%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
x-powered-by: PHP/7.0.33

GET
H2 200 xe.min.css
h13.haruyd.vip/common/css/ 4 KB
2 KB 722ms
718ms Stylesheet
text/css 2606:4700:3036::6815:67a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://h13.haruyd.vip/common/css/xe.min.css?20211005143357
Requested by: Host: h13.haruyd.vip
URL: https://h13.haruyd.vip/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3036::6815:67a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: cfe91c9c9f03b1355a8d6fc696f8db8449a17210baddec965c5a67af7bc618b1

Request headers

accept-language: en-US,en;q=0.9
Referer: https://h13.haruyd.vip/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Wed, 22 Nov 2023 14:58:32 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Tue, 05 Oct 2021 05:33:57 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"615be3c5-11b8"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=QdSiqfiYqGgV1FA1KY7M%2F3qOAFEaURJMMnRUDIXROoDWwcwQFXbnJZnajjedw03VON0qJ3O65EQE7vMw9y%2FPFd6sslFKH%2FnFBTr0m3LlkBqEYd5iF81vKJ6Ri9U%2BRvRZLrYX8jbi62SvsBW4VA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=14400
cf-ray: 82a207f409ee0a22-MIA
alt-svc: h3=":443"; ma=86400

GET
H2 200 jquery-ui.min.css
h13.haruyd.vip/common/js/plugins/ui/ 31 KB
8 KB 763ms
759ms Stylesheet
text/css 2606:4700:3036::6815:67a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://h13.haruyd.vip/common/js/plugins/ui/jquery-ui.min.css?20211005143451
Requested by: Host: h13.haruyd.vip
URL: https://h13.haruyd.vip/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3036::6815:67a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ac1c8f94750b39b12327a5d0c56fdf946dabfb6d91e5d2a202879ff9a5d67e29

Request headers

accept-language: en-US,en;q=0.9
Referer: https://h13.haruyd.vip/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Wed, 22 Nov 2023 14:58:32 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Tue, 05 Oct 2021 05:34:51 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"615be3fb-7d4c"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=66qT9jPYKSfGj6Eub%2FZ3QEpYdBUZE%2FOpSpNKFGfuJ5qFkmixaVPCVlQD2HBSzOBl%2B3FgylvIPkQ2H7qcbh90Y4poFXEsqU9cMGg5RXWXNs7FzJn49C386OLnEUAg5T%2Bzszigh%2F1MkAVdKg1Mbw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=14400
cf-ray: 82a207f409f00a22-MIA
alt-svc: h3=":443"; ma=86400

GET
H2 200 xeicon.min.css
h13.haruyd.vip/common/xeicon/ 27 KB
6 KB 764ms
761ms Stylesheet
text/css 2606:4700:3036::6815:67a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://h13.haruyd.vip/common/xeicon/xeicon.min.css?20211005143422
Requested by: Host: h13.haruyd.vip
URL: https://h13.haruyd.vip/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3036::6815:67a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 61d4ed9f30fb61a9505d42ebc32b36c75cebc97e76eeaee994add782bb97f0dc

Request headers

accept-language: en-US,en;q=0.9
Referer: https://h13.haruyd.vip/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Wed, 22 Nov 2023 14:58:32 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Tue, 05 Oct 2021 05:34:22 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"615be3de-6b10"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=gJkDL4Fjc4lvgAapHs0EYZmAXQ5TfI2w5WKSyz2jJEOwsIGRnazuA85KWsUe3qjm41XZl3JxdFelgdtxtao%2B5D%2BvtBvLF1BI1lBD2V34Vq0jeH4w8BaXxC23qbHAczid9%2FwjtYK9Sj6sBbKQnA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=14400
cf-ray: 82a207f409f10a22-MIA
alt-svc: h3=":443"; ma=86400

GET
H2 200 default.css
h13.haruyd.vip/layouts/Door_cpB_limit/css/ 30 KB
8 KB 268ms
265ms Stylesheet
text/css 2606:4700:3036::6815:67a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://h13.haruyd.vip/layouts/Door_cpB_limit/css/default.css?20211005161436
Requested by: Host: h13.haruyd.vip
URL: https://h13.haruyd.vip/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3036::6815:67a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 52b43bba5de3d685f26371ff13c9ae049b271d6bae7387fc9818d34f78df3ce2

Request headers

accept-language: en-US,en;q=0.9
Referer: https://h13.haruyd.vip/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Wed, 22 Nov 2023 14:58:31 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Tue, 05 Oct 2021 07:14:36 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"615bfb5c-7697"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=VyXKNbkZqrEinajvut6pmhH1VnuKrb07l8fFBUV8L0WG90kHuuaeuxVnzN3ir6dLfVMDgM5ARf5CrGqIhDl35J76PZOssA6bAtJvUCyCOBrlusXZ06phYDzyZolNyCAHhNxoPtYp4eXcVcVCxg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=14400
cf-ray: 82a207f409f20a22-MIA
alt-svc: h3=":443"; ma=86400

GET
H2 200 owl.carousel.css
h13.haruyd.vip/layouts/Door_cpB_limit/css/ 4 KB
1 KB 748ms
745ms Stylesheet
text/css 2606:4700:3036::6815:67a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://h13.haruyd.vip/layouts/Door_cpB_limit/css/owl.carousel.css?20211005161436
Requested by: Host: h13.haruyd.vip
URL: https://h13.haruyd.vip/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3036::6815:67a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 475c8aab9734fadbe36b52ec10992ddddbb4ad0f3a438765d3bc8303ad337aaa

Request headers

accept-language: en-US,en;q=0.9
Referer: https://h13.haruyd.vip/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Wed, 22 Nov 2023 14:58:32 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Tue, 05 Oct 2021 07:14:36 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"615bfb5c-11f7"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=dNpVDHP%2BX2DhWnG2Sx4DwDykBlPxEtf03I4qx54Wx4dCl1YHcIJ%2BYzQXKjH3N836LtvbPD%2FNbxgREiUSWZpmxu5lMgfJ%2BrZxGqOQpPm1aA8mTMnJWZ3bSVq7yyGnt3NsXWMFha1PaRZz8qlPxA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=14400
cf-ray: 82a207f409f30a22-MIA
alt-svc: h3=":443"; ma=86400

GET
H2 200 style.css
h13.haruyd.vip/modules/editor/styles/ckeditor_light/ 845 B
616 B 720ms
717ms Stylesheet
text/css 2606:4700:3036::6815:67a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://h13.haruyd.vip/modules/editor/styles/ckeditor_light/style.css?20211005145252
Requested by: Host: h13.haruyd.vip
URL: https://h13.haruyd.vip/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3036::6815:67a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 11f43c0c73c1e07344fdde995323cd7acd1ba7c423811598a72cbca558ece3bf

Request headers

accept-language: en-US,en;q=0.9
Referer: https://h13.haruyd.vip/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Wed, 22 Nov 2023 14:58:32 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Tue, 05 Oct 2021 05:52:52 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"615be834-34d"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ejDdkAIKT6wJjxXoe3cj9gU8aAFf7Wzsa1kL54JKn6WYyuI0l%2BVCpKpJFYQ6AAjuQrgQRmxgbtSf1N0w0SGaprAcaZsGJEbhB40JFql2C23dSsAVrFwI2dVpAOnbZGF5NBu5I9oeDiu%2F%2FuHmYw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=14400
cf-ray: 82a207f409f60a22-MIA
alt-svc: h3=":443"; ma=86400

GET
H2 200 widget.css
h13.haruyd.vip/widgets/content/skins/Door_cpB/css/ 11 KB
3 KB 728ms
725ms Stylesheet
text/css 2606:4700:3036::6815:67a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://h13.haruyd.vip/widgets/content/skins/Door_cpB/css/widget.css?20211005161437
Requested by: Host: h13.haruyd.vip
URL: https://h13.haruyd.vip/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3036::6815:67a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 47108eb68fad07f3e1cdc5063815f3d71cafca9e478cd373eeab8b6447306ee0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://h13.haruyd.vip/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Wed, 22 Nov 2023 14:58:32 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Tue, 05 Oct 2021 07:14:37 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"615bfb5d-2b99"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=CnLpfkv6%2FI%2BmOojvH1JtxUaMQPiqv3m8A0YMl%2BFFpr9pTH5RaPA9e5lKBTznp7A2YlVcr0DeZ7zg5rSTuFITWEfHmicAJihyf2Y7QqtZGdRPQVD1uPq3lheYG%2Bv%2FyjEuMWQT0SkxYByUmQzlnQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=14400
cf-ray: 82a207f409f70a22-MIA
alt-svc: h3=":443"; ma=86400

GET
H2 200 normal.css
h13.haruyd.vip/widgets/tab_newest_document/skins/xe_official/css/ 2 KB
905 B 728ms
726ms Stylesheet
text/css 2606:4700:3036::6815:67a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://h13.haruyd.vip/widgets/tab_newest_document/skins/xe_official/css/normal.css?20211007152920
Requested by: Host: h13.haruyd.vip
URL: https://h13.haruyd.vip/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3036::6815:67a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c45b9d8453f4ffb816997fbfdaaf55de83af5fec145311d45ddf01d64c801c4e

Request headers

accept-language: en-US,en;q=0.9
Referer: https://h13.haruyd.vip/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Wed, 22 Nov 2023 14:58:32 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Thu, 07 Oct 2021 06:29:20 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"615e93c0-914"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=AfAYKR4E80oPxizEQ0pBWVCMxSIUTAfYDfrcQzrRurnypNWYLAC7Zz2BhLVE%2FN5EUJeKNnLFybldqFHip42c0S8LpgPA386cpNSwAg9f4haOEoKHt4g1tVEJD1qZT3o8oF4q%2FchhLRaoq8tUpA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=14400
cf-ray: 82a207f409f90a22-MIA
alt-svc: h3=":443"; ma=86400

GET
H2 200 jquery.min.js Show response
h13.haruyd.vip/common/js/ 89 KB
32 KB 977ms
975ms Script
application/javascript 2606:4700:3036::6815:67a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://h13.haruyd.vip/common/js/jquery.min.js?20211005143407
Requested by: Host: h13.haruyd.vip
URL: https://h13.haruyd.vip/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3036::6815:67a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: cf0b4baa89edf7f44bcfb453bb38970fb3ecd30e75011b8ca9f59cd676f1f7fb

Request headers

accept-language: en-US,en;q=0.9
Referer: https://h13.haruyd.vip/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Wed, 22 Nov 2023 14:58:32 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Tue, 05 Oct 2021 05:34:07 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"615be3cf-16292"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ifmQynEIDwErXEXUCywK%2BFAohTDo0xIyEEtV4g1AxHnEhBJ8PDAq8rO2cOO5lqfRbMNi%2Bj8Jx12REJvT3C75tm1Yw%2FBVKSsRG9mDDUDLUsIKptkbUfswGKMJsHGcejJgNUxpVVf1ZxIo%2BrSrKA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
cache-control: max-age=14400
cf-ray: 82a207f409fc0a22-MIA
alt-svc: h3=":443"; ma=86400

GET
H2 200 x.min.js Show response
h13.haruyd.vip/common/js/ 12 KB
4 KB 762ms
760ms Script
application/javascript 2606:4700:3036::6815:67a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://h13.haruyd.vip/common/js/x.min.js?20211005143409
Requested by: Host: h13.haruyd.vip
URL: https://h13.haruyd.vip/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3036::6815:67a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ad86b1e58bdff0f6bb6676d27f6cfe989448d23c6fd10bcc19d2be92b9f7926c

Request headers

accept-language: en-US,en;q=0.9
Referer: https://h13.haruyd.vip/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Wed, 22 Nov 2023 14:58:32 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Tue, 05 Oct 2021 05:34:09 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"615be3d1-31c5"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ydY4bjEvDZCcvpTUb4tf2UU0AU5ykgfH8kNpz9SIi%2Fpy%2BBgcQI1CvGQqI8OHi%2B9J4sk7g7MvJJAxyLFOkGk9RSS8f1t%2Frq5hyuxN9bs4vIpcBCDe39TRf3XFfOR9Kt2%2FpPqjrZ9B35Qy9DxsPw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
cache-control: max-age=14400
cf-ray: 82a207f409fd0a22-MIA
alt-svc: h3=":443"; ma=86400

GET
H2 200 xe.min.js Show response
h13.haruyd.vip/common/js/ 100 KB
35 KB 1023ms
1021ms Script
application/javascript 2606:4700:3036::6815:67a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://h13.haruyd.vip/common/js/xe.min.js?20211005143410
Requested by: Host: h13.haruyd.vip
URL: https://h13.haruyd.vip/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3036::6815:67a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 29aba1b2b8ca9bc47045928087c04183a22ade998f386b4712077b1c9900910e

Request headers

accept-language: en-US,en;q=0.9
Referer: https://h13.haruyd.vip/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Wed, 22 Nov 2023 14:58:32 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Tue, 05 Oct 2021 05:34:10 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"615be3d2-19121"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=NAWCpQI6x2KRmWaXdyaBfC8SsC7laijIQY3y8%2FfjiLvmPdkekwho%2BTxFoiYiD7LL9myDjzPOxlzPQ4lnZx1KpvACvEE0Lx2LHTysnwjk2CDIBKtssJ7efoCIivXr2NLBg7dII7sCetMGbpRl2A%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
cache-control: max-age=14400
cf-ray: 82a207f43a230a22-MIA
alt-svc: h3=":443"; ma=86400

GET
H2 200 scroll.js Show response
h13.haruyd.vip/layouts/Door_cpB_limit/js/ 370 B
494 B 975ms
973ms Script
application/javascript 2606:4700:3036::6815:67a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://h13.haruyd.vip/layouts/Door_cpB_limit/js/scroll.js?20211005161436
Requested by: Host: h13.haruyd.vip
URL: https://h13.haruyd.vip/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3036::6815:67a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: dfb7ffa882fde3a3ba6444313ff1cd3d9461e323f4754e17d96d3c5b8a617197

Request headers

accept-language: en-US,en;q=0.9
Referer: https://h13.haruyd.vip/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Wed, 22 Nov 2023 14:58:32 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Tue, 05 Oct 2021 07:14:36 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"615bfb5c-172"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=kGI1HWmZkcUQHzYmkoviuBpjpM9d9%2BOZREQFCWYR3vcUoJmxbinenh0AkuLkant%2BwcEj8nm8dyvRm0C%2FJH49K0x9SrmlkpTlRmGTSPT4c81T6rrKoOduvmoJVngumreSXc2UAWboY4I2r1gntw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
cache-control: max-age=14400
cf-ray: 82a207f43a240a22-MIA
alt-svc: h3=":443"; ma=86400

GET
H2 200 content_widget.js Show response
h13.haruyd.vip/widgets/content/skins/Door_cpB/js/ 2 KB
770 B 758ms
756ms Script
application/javascript 2606:4700:3036::6815:67a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://h13.haruyd.vip/widgets/content/skins/Door_cpB/js/content_widget.js?20211005161437
Requested by: Host: h13.haruyd.vip
URL: https://h13.haruyd.vip/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3036::6815:67a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e812c696e0559e67f9d26cf503091a323c716208a38602831e621cfd5a81b8ca

Request headers

accept-language: en-US,en;q=0.9
Referer: https://h13.haruyd.vip/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Wed, 22 Nov 2023 14:58:32 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Tue, 05 Oct 2021 07:14:37 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"615bfb5d-6ad"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Z%2F%2FdGpyr9Uwi7rfD%2B3jd1JBrumk9y99tx1wiPMR7tyii0r8iXtqaGwsE50NjVn2TOU1bJN9yp6VhaMNe5efbxn37Pg%2BkyGrLY6iDSJZque4z0nUiDEPfd3Am9mHcmIp6ShdG2dPd9JMZ7lLdUQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
cache-control: max-age=14400
cf-ray: 82a207f43a260a22-MIA
alt-svc: h3=":443"; ma=86400

GET
H2 200 tab.js Show response
h13.haruyd.vip/widgets/tab_newest_document/skins/xe_official/js/ 733 B
698 B 749ms
748ms Script
application/javascript 2606:4700:3036::6815:67a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://h13.haruyd.vip/widgets/tab_newest_document/skins/xe_official/js/tab.js?20211007152920
Requested by: Host: h13.haruyd.vip
URL: https://h13.haruyd.vip/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3036::6815:67a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e2dc83aaf6d46a227208ff62b74a16faa0d08a57da37fafca0e331013b7d33fc

Request headers

accept-language: en-US,en;q=0.9
Referer: https://h13.haruyd.vip/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Wed, 22 Nov 2023 14:58:32 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Thu, 07 Oct 2021 06:29:20 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"615e93c0-2dd"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=9aEtc7ERJ0GcJ4hSiQclZJNd9sCi8bFfOM5zOlQ0juU60aNTqbVb5WfqZUxQjLjWq3d5xcbbqo%2F34jWxep0S89UB8Cx8oT8jif7qTrW9hMkJk2wVYJbOjeT%2FraNizF7HHsq9PPp56FNsHQQeVQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
cache-control: max-age=14400
cf-ray: 82a207f43a280a22-MIA
alt-svc: h3=":443"; ma=86400

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 240 KB
84 KB 231ms
69ms Script
application/javascript 2607:f8b0:4004:c08::61
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-1G5H7W94B1

Requested by

Host: h13.haruyd.vip
URL: https://h13.haruyd.vip/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c08::61 Ashburn, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

31cff4881f5fa09832e14136505ca38422c458783e90d0e79d5b6637403d7dcd

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://h13.haruyd.vip/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Wed, 22 Nov 2023 14:58:32 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 85212
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Wed, 22 Nov 2023 14:58:32 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 240 KB
83 KB 308ms
146ms Script
application/javascript 2607:f8b0:4004:c08::61
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-J17DZK1R68

Requested by

Host: h13.haruyd.vip
URL: https://h13.haruyd.vip/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c08::61 Ashburn, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

61657e9384f4fa1048a5599fd6503195b583d7e9130f92d5a3d85b3dedbae62f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://h13.haruyd.vip/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Wed, 22 Nov 2023 14:58:32 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 85211
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Wed, 22 Nov 2023 14:58:32 GMT

GET
H2 200 99b983892094b5c6d2fc3736e15da7d1.png
h13.haruyd.vip/files/attach/images/149/ 3 KB
3 KB 974ms
972ms Image
image/png 2606:4700:3036::6815:67a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://h13.haruyd.vip/files/attach/images/149/99b983892094b5c6d2fc3736e15da7d1.png
Requested by: Host: h13.haruyd.vip
URL: https://h13.haruyd.vip/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3036::6815:67a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 86c03efd332164ec6963da8bb0725f6b42f7d910a41dc8ac3b1d60f46277819e

Request headers

accept-language: en-US,en;q=0.9
Referer: https://h13.haruyd.vip/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Wed, 22 Nov 2023 14:58:32 GMT
cf-cache-status: HIT
last-modified: Fri, 08 Oct 2021 00:57:13 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "615f9769-a2b"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ZU306%2FYc0eXl0KqdOyZjs87y74Yfcr76nxZX1gRGCuMJqMWyT9eRIYl2FVPxUUh0eY%2BMSzwvtrZutoPAzasxUtVD8oX8RoiX%2BfJ0ilzolksjepMopOYhK73%2BjuK4HFnKu%2Bu6T2p1rxO2wEu8Rg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 82a207f43a2b0a22-MIA
alt-svc: h3=":443"; ma=86400
content-length: 2603

GET
H2 200 empty.gif
h13.haruyd.vip/layouts/Door_cpB_limit/img/ 43 B
369 B 746ms
745ms Image
image/gif 2606:4700:3036::6815:67a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://h13.haruyd.vip/layouts/Door_cpB_limit/img/empty.gif
Requested by: Host: h13.haruyd.vip
URL: https://h13.haruyd.vip/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3036::6815:67a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6c7e95865723058f0f9d0fc0332949965b113fa01053a9aec5633a79da62ccc8

Request headers

accept-language: en-US,en;q=0.9
Referer: https://h13.haruyd.vip/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Wed, 22 Nov 2023 14:58:32 GMT
cf-cache-status: HIT
last-modified: Tue, 05 Oct 2021 07:14:36 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "615bfb5c-2b"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=FjheHe7ay0aEsLUE%2BWSnui7jUICMcaLX1SJQOsGhUKm6F%2Fqa%2FW%2BU9d8MsxZoFfAzuhBQEhDhni4cwEmbU9qbGJBKJg%2FsjcfLHHP9KPvz3jm2G5pCYHh7xK6uUkdPNfNmWfx09amDPRCsSg3CBQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 82a207f43a2c0a22-MIA
alt-svc: h3=":443"; ma=86400
content-length: 43

GET
H3 200 f74f7404cb924d8e16ff80ed06b018e5.png
h13.haruyd.vip/files/attach/images/149/ 2 KB
3 KB 955ms
954ms Image
image/png 2606:4700:3036::6815:67a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://h13.haruyd.vip/files/attach/images/149/f74f7404cb924d8e16ff80ed06b018e5.png
Requested by: Host: h13.haruyd.vip
URL: https://h13.haruyd.vip/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3036::6815:67a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 9697a0aff637e7e394bbdd1a9a4d98ad8f7511f4f08f085c49cd450e9aab4ac5

Request headers

accept-language: en-US,en;q=0.9
Referer: https://h13.haruyd.vip/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Wed, 22 Nov 2023 14:58:33 GMT
cf-cache-status: HIT
last-modified: Fri, 08 Oct 2021 01:02:06 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "615f988e-966"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=8a4b1MZnMdM%2BRKiP%2F6Vqp8BxtGTSJuZrJZMtyqnI0PZymDgOr5kGPCGhMfJKrjigqjrT8rQFVmIxMJxkgy8eZrammXkG0oH1Xp4AamBtpLWEQvarNVLAiOK8AaZEkFH5D2%2B2fTt40pbpYbHi1A%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 82a207f9fa4b5c64-MIA
alt-svc: h3=":443"; ma=86400
content-length: 2406

GET
H3 200 menu.png
h13.haruyd.vip/layouts/Door_cpB_limit/img/ 1 KB
1 KB 723ms
723ms Image
image/png 2606:4700:3036::6815:67a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://h13.haruyd.vip/layouts/Door_cpB_limit/img/menu.png
Requested by: Host: h13.haruyd.vip
URL: https://h13.haruyd.vip/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3036::6815:67a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4ef6fd189ffb6e8aeec5d40a0698b32b273395910081f1ff1d9d482a373a80b5

Request headers

accept-language: en-US,en;q=0.9
Referer: https://h13.haruyd.vip/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Wed, 22 Nov 2023 14:58:33 GMT
cf-cache-status: HIT
last-modified: Tue, 05 Oct 2021 07:14:36 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "615bfb5c-416"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=5bTLyNhVoj592YLoGV5O9m537mAF2grJevoOg53HJd69y%2BSBvyFMEv5IH3eoO%2FtsSNDu3mV49F%2F67jtUpnTAY3wq0GGFxaHp9X3GV8uUXkEi1K0tkrAJc9TsVA6sw19GtVEA3nrFACoqsG3eVA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 82a207fa2ac45c64-MIA
alt-svc: h3=":443"; ma=86400
content-length: 1046

GET
H3 200 b_search.png
h13.haruyd.vip/layouts/Door_cpB_limit/img/ 2 KB
2 KB 726ms
723ms Image
image/png 2606:4700:3036::6815:67a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://h13.haruyd.vip/layouts/Door_cpB_limit/img/b_search.png
Requested by: Host: h13.haruyd.vip
URL: https://h13.haruyd.vip/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3036::6815:67a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 89c106cc47f5e28199fa57c0c2f952a5989ce47aa0f08dd2c85a6bf265f82845

Request headers

accept-language: en-US,en;q=0.9
Referer: https://h13.haruyd.vip/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Wed, 22 Nov 2023 14:58:33 GMT
cf-cache-status: HIT
last-modified: Tue, 05 Oct 2021 07:14:36 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "615bfb5c-6aa"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=B59T1iLrCWy2P2CndTJ7OXVdljo%2FAPhLRYUph%2F6H5EMyCpJIcnbpVB8GI8D9w%2BFiz3GOocwWf7loiyvTeUM%2BceO4fZ9D%2FY4ZZNrugH03FmU7Gcvhbx9MbrQKAYbgRdXRQfZu6N4fy2m4lZyNIQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 82a207faabdc5c64-MIA
alt-svc: h3=":443"; ma=86400
content-length: 1706

GET
H3 200 100x100.crop.jpg
h13.haruyd.vip/files/thumbnails/080/151/ 8 KB
8 KB 776ms
773ms Image
image/jpeg 2606:4700:3036::6815:67a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://h13.haruyd.vip/files/thumbnails/080/151/100x100.crop.jpg?20231122181133
Requested by: Host: h13.haruyd.vip
URL: https://h13.haruyd.vip/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3036::6815:67a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 240f1943506b007989847f857167e55f87867e393ff754fc820fbac0ef3caf58

Request headers

accept-language: en-US,en;q=0.9
Referer: https://h13.haruyd.vip/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Wed, 22 Nov 2023 14:58:33 GMT
cf-cache-status: HIT
last-modified: Wed, 22 Nov 2023 09:11:33 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "655dc5c5-1fd4"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2FNIidv2a2CPTriWQpYMSQw6KZYKeCOgEuYQiUh0hkDUUNbtICnqDaV3eXJFlJtQ9h%2Bqx6WmQ2wCEQSS8%2FlmIfkbxvo0yFLM4pfOXIKsTTEP5Tx88FxGvyHSeeYRTEo66%2B10PiFafYUdrcptbwg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 82a207faabde5c64-MIA
alt-svc: h3=":443"; ma=86400
content-length: 8148

GET
H3 200 new.gif
h13.haruyd.vip/modules/document/tpl/icons// 126 B
583 B 762ms
760ms Image
image/gif 2606:4700:3036::6815:67a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://h13.haruyd.vip/modules/document/tpl/icons//new.gif
Requested by: Host: h13.haruyd.vip
URL: https://h13.haruyd.vip/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3036::6815:67a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: fa233a6e1c0a313e30da8a36c1d0636d08fe0d7d920b684bae9781496a5d6a70

Request headers

accept-language: en-US,en;q=0.9
Referer: https://h13.haruyd.vip/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Wed, 22 Nov 2023 14:58:33 GMT
cf-cache-status: HIT
last-modified: Tue, 05 Oct 2021 05:52:24 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "615be818-7e"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=eXvFZKyaQORMmgm%2BhgH9VpoUUu5cQLAWjK7qm1UWfW0LCv4x3zV5cjO8cM2zv5bRCCx7bc3rcUnbNC8iolUaYexebo%2F7%2FmU2K3mHtfC56NQZ4WyhiSF6zm6WbUpz8MvejC6utn9s8Se1uC7AVw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 82a207faabe05c64-MIA
alt-svc: h3=":443"; ma=86400
content-length: 126

GET
H3 200 100x100.crop.jpg
h13.haruyd.vip/files/thumbnails/075/151/ 11 KB
11 KB 725ms
722ms Image
image/jpeg 2606:4700:3036::6815:67a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://h13.haruyd.vip/files/thumbnails/075/151/100x100.crop.jpg?20231122181134
Requested by: Host: h13.haruyd.vip
URL: https://h13.haruyd.vip/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3036::6815:67a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 739d1610c844b4188e560115724b9f86b2fba779de283b76e7c0eec1917bc48e

Request headers

accept-language: en-US,en;q=0.9
Referer: https://h13.haruyd.vip/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Wed, 22 Nov 2023 14:58:33 GMT
cf-cache-status: HIT
last-modified: Wed, 22 Nov 2023 09:11:34 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "655dc5c6-2b6e"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=iDwadiKaG03lZrfSsHiKzHF3Th1Jr7iyTKof7CwR5heWfmPO1KjZbBsTH%2FYk0Zm8z%2F5hW5ngSxRR7GnwoFn9erZhtNpBXWJhfCsISVOkZiMtLwY52J5USmJF68woc3i%2Fl%2Fmfw8B5N%2BH8ARydbQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 82a207faabe15c64-MIA
alt-svc: h3=":443"; ma=86400
content-length: 11118

GET
H3 200 100x100.crop.jpg
h13.haruyd.vip/files/thumbnails/967/150/ 15 KB
15 KB 779ms
776ms Image
image/jpeg 2606:4700:3036::6815:67a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://h13.haruyd.vip/files/thumbnails/967/150/100x100.crop.jpg?20231121135840
Requested by: Host: h13.haruyd.vip
URL: https://h13.haruyd.vip/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3036::6815:67a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 9ebf0d1b5e7d1d135f7a016eef7bbc3d00a978020168b15d6f020b60b490b928

Request headers

accept-language: en-US,en;q=0.9
Referer: https://h13.haruyd.vip/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Wed, 22 Nov 2023 14:58:33 GMT
cf-cache-status: HIT
last-modified: Tue, 21 Nov 2023 04:58:40 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "655c3900-3b59"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=7%2BJJZhwgvvgbizRlJNfcmVe1rw3YJBnK%2Fj7s5D6xClCWfxwYm1s%2FSQfG6EE7hIwWmuwh7cGltsMF6WvKTnFP6QlUFZpzIhqATESDUbWwmNoVNaHhxPkryXmWOw5RHO%2BiZ2keDi%2FJluQkAw%2BhDA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 82a207faabe35c64-MIA
alt-svc: h3=":443"; ma=86400
content-length: 15193

GET
H3 200 100x100.crop.jpg
h13.haruyd.vip/files/thumbnails/972/150/ 8 KB
8 KB 244ms
241ms Image
image/jpeg 2606:4700:3036::6815:67a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://h13.haruyd.vip/files/thumbnails/972/150/100x100.crop.jpg?20231121135840
Requested by: Host: h13.haruyd.vip
URL: https://h13.haruyd.vip/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3036::6815:67a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4eac51ec3996dcd4f8607159dd1c6368cf881b0c293a4ba1e5e83a47646b4392

Request headers

accept-language: en-US,en;q=0.9
Referer: https://h13.haruyd.vip/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Wed, 22 Nov 2023 14:58:32 GMT
cf-cache-status: HIT
last-modified: Tue, 21 Nov 2023 04:58:40 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "655c3900-1e9d"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=VvpW6LV2F%2FhYKpgy5G6OO0PdIOwStinBV1E%2B%2Bzwk0e7B8PpoyxWUfk8Mx4ZtNgmaG7279zRsHBnpoGBPWoccawQgLw5sVa%2BuPFSlxnApVpH6%2FPE3AJ1cAFAE8C2or85UNEuurFmgJ5z6WiUnKA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 82a207faabe45c64-MIA
alt-svc: h3=":443"; ma=86400
content-length: 7837

GET
H3 200 100x100.crop.jpg
h13.haruyd.vip/files/thumbnails/065/151/ 9 KB
10 KB 763ms
761ms Image
image/jpeg 2606:4700:3036::6815:67a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://h13.haruyd.vip/files/thumbnails/065/151/100x100.crop.jpg?20231122181134
Requested by: Host: h13.haruyd.vip
URL: https://h13.haruyd.vip/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3036::6815:67a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ad0c6d3ae66d21e0f6260783b2a59f457feef81c1dd14e41053b8fdb2aaf3244

Request headers

accept-language: en-US,en;q=0.9
Referer: https://h13.haruyd.vip/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Wed, 22 Nov 2023 14:58:33 GMT
cf-cache-status: HIT
last-modified: Wed, 22 Nov 2023 09:11:34 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "655dc5c6-2485"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=PUv3k%2Fh4%2BE7cyMQ93pgNt%2FrNuYz0kKVEOYI1%2F6Tcbzy9446PHvRGfrYp3X6XwhjJUvj6DvB1MDBgfYdB5AQzonN13JNEGntWkB%2F7G6cyfdjKWZFbEc0XXbrdz0Y%2ByBXgydn73PqeaH0Eli0beA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 82a207faabe65c64-MIA
alt-svc: h3=":443"; ma=86400
content-length: 9349

GET
H3 200 100x100.crop.jpg
h13.haruyd.vip/files/thumbnails/718/150/ 12 KB
12 KB 771ms
769ms Image
image/jpeg 2606:4700:3036::6815:67a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://h13.haruyd.vip/files/thumbnails/718/150/100x100.crop.jpg?20231118203636
Requested by: Host: h13.haruyd.vip
URL: https://h13.haruyd.vip/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3036::6815:67a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 251c625f225116889669b9b443bf613113315aebb6deb76914a04474fdf8739e

Request headers

accept-language: en-US,en;q=0.9
Referer: https://h13.haruyd.vip/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Wed, 22 Nov 2023 14:58:33 GMT
cf-cache-status: HIT
last-modified: Sat, 18 Nov 2023 11:36:36 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "6558a1c4-2e45"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=cPWWR4BTBgnzBzJ6DudEgor5%2FHgNoovVr9my7kbWaNElEU2cWVdIXgTdMbMkLEZkmFps0vOgLjfy%2B3E8nmFJ%2BqyMSJ8qM8A6rn33FCvjxptP1w4SmcFmEq66Kc8O9rpXGogWB09MrYAgIPiVHA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 82a207faabe75c64-MIA
alt-svc: h3=":443"; ma=86400
content-length: 11845

GET
H3 200 file.gif
h13.haruyd.vip/modules/document/tpl/icons// 183 B
644 B 746ms
744ms Image
image/gif 2606:4700:3036::6815:67a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://h13.haruyd.vip/modules/document/tpl/icons//file.gif
Requested by: Host: h13.haruyd.vip
URL: https://h13.haruyd.vip/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3036::6815:67a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 1a54a83d135f5286df8694967f2c9b7f9a6f403aefe4edd4f3c77979995f756f

Request headers

accept-language: en-US,en;q=0.9
Referer: https://h13.haruyd.vip/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Wed, 22 Nov 2023 14:58:33 GMT
cf-cache-status: HIT
last-modified: Tue, 05 Oct 2021 05:52:23 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "615be817-b7"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=5YXiMpL%2BFg6kjeEdMH0%2Bpz8VoKtWNIoUaTaTMKJfST2OvLlSuXtf4e0dL9LEzahQ3cFj3stTNmLo5VNkTQIPPiTN4lW7pm3dCae4i8rU%2Fe8FcSqkpZJKIaYeP2y27%2BbEvtDH0GTKnSIVYqqLlw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 82a207faabe85c64-MIA
alt-svc: h3=":443"; ma=86400
content-length: 183

GET
H3 200 b3d0d7f58fdcd3026042b535880d37a2.png
h13.haruyd.vip/files/attach/images/149/ 3 KB
3 KB 797ms
795ms Image
image/png 2606:4700:3036::6815:67a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://h13.haruyd.vip/files/attach/images/149/b3d0d7f58fdcd3026042b535880d37a2.png
Requested by: Host: h13.haruyd.vip
URL: https://h13.haruyd.vip/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3036::6815:67a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 9a28e3dca0a120d1acf7f1fbd766c77e4e8bb00602fafe4fcbb938cac297607e

Request headers

accept-language: en-US,en;q=0.9
Referer: https://h13.haruyd.vip/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Wed, 22 Nov 2023 14:58:33 GMT
cf-cache-status: HIT
last-modified: Fri, 08 Oct 2021 02:01:12 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "615fa668-a49"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=3R2eOPzAb031SpZi2hUOpXbDS62sbzCUSTwF1eJeJbBwghUAh%2BrSt6EzDfSNOaW6Rrt0vsWKli8SE5pzCPKan%2BMz3DNgXVDe35SRzi%2BTFKK3wzF6nE6xyBF3LVHBo2KvTPCpn%2FzECmMTWbNS9w%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 82a207faabea5c64-MIA
alt-svc: h3=":443"; ma=86400
content-length: 2633

GET
H2 200 s.js Show response
waust.at/ 8 KB
4 KB 206ms
47ms Script
application/x-javascript 2606:4700:20::681a:407
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://waust.at/s.js
Requested by: Host: h13.haruyd.vip
URL: https://h13.haruyd.vip/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:407 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2052a227c361a7e99ea70f5bdcf54cd9e6c6b493dd4d20b73b376d94ce0dc0d1

Request headers

accept-language: en-US,en;q=0.9
Referer: https://h13.haruyd.vip/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Wed, 22 Nov 2023 14:58:32 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Thu, 12 Jan 2023 17:19:17 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 3370
etag: W/"63c04115-2170"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=1BoTIgf2RTkOPbQF%2FjDVMXjh%2FM2ue13r7RlJenHe%2B7bWNnWFDuVP%2FYik%2FYcBtjE6p%2BDLoXNUs5yVk72kg2ypz0xdC%2Firmxyla8oU4akieTfcdTNK%2BDX4TTN44f9H%2Fk1CHP5JTey5"}],"group":"cf-nel","max_age":604800}
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: max-age=86400
cf-ray: 82a207fbacc1228d-MIA
expires: Thu, 23 Nov 2023 14:02:22 GMT

GET
H3 200 email-decode.min.js Show response
h13.haruyd.vip/cdn-cgi/scripts/5c5dd728/cloudflare-static/ 1 KB
1 KB 29ms
28ms Script
application/javascript 2606:4700:3036::6815:67a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://h13.haruyd.vip/cdn-cgi/scripts/5c5dd728/cloudflare-static/email-decode.min.js

Requested by

Host: h13.haruyd.vip
URL: https://h13.haruyd.vip/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3036::6815:67a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2595496fe48df6fcf9b1bc57c29a744c121eb4dd11566466bc13d2e52e6bbcc8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

accept-language: en-US,en;q=0.9
Referer: https://h13.haruyd.vip/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Wed, 22 Nov 2023 14:58:32 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Thu, 16 Nov 2023 21:55:48 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"65568fe4-4d7"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=FGTqNyoGgXMew0A3aaajT5PfCtMPvIA9JNLWAbfNFkl866ykJwjhfeYRAVQcwMLA0C83z9zMJvEDumD2JeSaD5lRuB%2FKQLZN5AzMN%2BP6xd%2BRZhuTlTq2ZKfdIf9zp49Jp4fQTGPK9w%2BJUvvokw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
x-frame-options: DENY
cache-control: max-age=172800, public
cf-ray: 82a207fa9bc35c64-MIA
expires: Fri, 24 Nov 2023 14:58:32 GMT

GET
H3 200 autolink.js Show response
h13.haruyd.vip/addons/autolink/ 2 KB
2 KB 748ms
744ms Script
application/javascript 2606:4700:3036::6815:67a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://h13.haruyd.vip/addons/autolink/autolink.js?20211005142815
Requested by: Host: h13.haruyd.vip
URL: https://h13.haruyd.vip/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3036::6815:67a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 55bc954384a2e66cb5f5df0cd443cd3cbeff69b529c69a99a7b67fe32c37b1c9

Request headers

accept-language: en-US,en;q=0.9
Referer: https://h13.haruyd.vip/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Wed, 22 Nov 2023 14:58:33 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Tue, 05 Oct 2021 05:28:15 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"615be26f-97c"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=SkR6XUwyzNSDkLvRkdwyd7Y24u8B2ryIRZL5roGdszYHbgi7yrqLw5Pm6%2FZcFGDjNti6guVPAnsQXAntr6CeM0swwwG%2BFstntgJs8QWvNrdlLHlZBZY2coKN2y2Ha4QfBR6VZewUrXkcy4ME9Q%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
cache-control: max-age=14400
cf-ray: 82a207faabcc5c64-MIA
alt-svc: h3=":443"; ma=86400

GET
H3 200 jquery-ui.min.js Show response
h13.haruyd.vip/common/js/plugins/ui/ 248 KB
68 KB 1250ms
1247ms Script
application/javascript 2606:4700:3036::6815:67a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://h13.haruyd.vip/common/js/plugins/ui/jquery-ui.min.js?20211005143451
Requested by: Host: h13.haruyd.vip
URL: https://h13.haruyd.vip/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3036::6815:67a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 28ce75d953678c4942df47a11707a15e3c756021cf89090e3e6aa7ad6b6971c3

Request headers

accept-language: en-US,en;q=0.9
Referer: https://h13.haruyd.vip/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Wed, 22 Nov 2023 14:58:33 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Tue, 05 Oct 2021 05:34:51 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"615be3fb-3dee5"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=5yktlc4pJR%2F8x5ctJXMbJoI62KoCAfKrK4KZxUmXvysRZSe26fk7FZDxrvSfM8Rh%2BCqGN%2BhhLg%2FoXoZy66Nf8IQIgtc6R1zBgpKkRkI7AT0%2Bk7rcJBaJnXS%2BSag%2Fq%2Fe1%2FJrhA7oN9bmMFKUJgQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
cache-control: max-age=14400
cf-ray: 82a207faabce5c64-MIA
alt-svc: h3=":443"; ma=86400

GET
H3 200 jquery.ui.datepicker-ko.js Show response
h13.haruyd.vip/common/js/plugins/ui/ 911 B
994 B 748ms
745ms Script
application/javascript 2606:4700:3036::6815:67a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://h13.haruyd.vip/common/js/plugins/ui/jquery.ui.datepicker-ko.js?20211005143451
Requested by: Host: h13.haruyd.vip
URL: https://h13.haruyd.vip/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3036::6815:67a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0b9ee770f950e4f220deb9541b385c3f376f109e7875c311ce9ccd98f92b0233

Request headers

accept-language: en-US,en;q=0.9
Referer: https://h13.haruyd.vip/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Wed, 22 Nov 2023 14:58:33 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Tue, 05 Oct 2021 05:34:51 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"615be3fb-38f"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=DMFMa9BI%2FgSjwqCwQCw6f3gPAH4mbNhltUR6OlVYvRnTRhtSfAkX2qpRMag4qXbUUuzcr8dluMB1AkklbY3uVSVfufCdo5wu38jMyHu2ilNmaSIYyZi3nRq%2FbdoFzeAM9yKwcYcfJ8Hg0r7Yhw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
cache-control: max-age=14400
cf-ray: 82a207faabcf5c64-MIA
alt-svc: h3=":443"; ma=86400

GET
H3 200 resize_image.min.js Show response
h13.haruyd.vip/addons/resize_image/js/ 4 KB
2 KB 721ms
718ms Script
application/javascript 2606:4700:3036::6815:67a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://h13.haruyd.vip/addons/resize_image/js/resize_image.min.js?20211005142907
Requested by: Host: h13.haruyd.vip
URL: https://h13.haruyd.vip/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3036::6815:67a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 44fa8cbfb7ef581e4acd1f4bd6cede01a0bda644b0e7779b7940d3d0c05b4834

Request headers

accept-language: en-US,en;q=0.9
Referer: https://h13.haruyd.vip/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Wed, 22 Nov 2023 14:58:33 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Tue, 05 Oct 2021 05:29:07 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"615be2a3-eaf"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=LXLYZDuHEgYzW9pIBTzEgm3LXBI9C%2FOoalVu%2ByKam9ARnrkomyb3ffP4CDpW1xCWhWlgTFZhQzbiXXrDeDBR0y0Y6aHA8xEFOjf%2Bi7%2FyUVqnBSbK4HTn5Tov0snQSB6aGoxsbrx%2FpOpMM95GFw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
cache-control: max-age=14400
cf-ray: 82a207faabd35c64-MIA
alt-svc: h3=":443"; ma=86400

GET
H3 200 xe_official.js Show response
h13.haruyd.vip/layouts/Door_cpB_limit/js/ 7 KB
2 KB 226ms
223ms Script
application/javascript 2606:4700:3036::6815:67a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://h13.haruyd.vip/layouts/Door_cpB_limit/js/xe_official.js?20211005161436
Requested by: Host: h13.haruyd.vip
URL: https://h13.haruyd.vip/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3036::6815:67a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a573f6d56b2208084961a919fc6d4bb4f0e64ad937c93b72dd050d43da8035bf

Request headers

accept-language: en-US,en;q=0.9
Referer: https://h13.haruyd.vip/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Wed, 22 Nov 2023 14:58:32 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Tue, 05 Oct 2021 07:14:36 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"615bfb5c-1c12"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=85GXTxLqU2KC0Q4SHA7NXEAXW36Kcncs%2BiMUe5aLH%2FUVrT0WLpnokrwdjX7HJAVMLQReorqXRTG94EQ1BdrSg1VRaxbbAhhzkSFUrk9hu68Aq9TmMjWjVH2ZZ9sFhhOGOfKQlQs0BhfRDzYz%2BQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
cache-control: max-age=14400
cf-ray: 82a207faabd55c64-MIA
alt-svc: h3=":443"; ma=86400

GET
H3 200 jquery.scrollUp.min.js Show response
h13.haruyd.vip/layouts/Door_cpB_limit/js/ 1 KB
1 KB 764ms
761ms Script
application/javascript 2606:4700:3036::6815:67a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://h13.haruyd.vip/layouts/Door_cpB_limit/js/jquery.scrollUp.min.js?20211005161436
Requested by: Host: h13.haruyd.vip
URL: https://h13.haruyd.vip/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3036::6815:67a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 70a6fb30d4c6b6e39ca823cccb0aa23ad5c2f9275c1183b1054b68bd6e4f1a4f

Request headers

accept-language: en-US,en;q=0.9
Referer: https://h13.haruyd.vip/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Wed, 22 Nov 2023 14:58:33 GMT
content-encoding: br
cf-cache-status: REVALIDATED
last-modified: Tue, 05 Oct 2021 07:14:36 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"615bfb5c-59e"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=SxYZv43xCNSg2sUVxu0r%2FDFM0QSacCZ7Iq1CXCTpqpBjhLg60FdaX6xYfA4%2BRKmfMrhF8bBEuw4qwntkD4ltQF6sOlEGwUk9QMGlNz%2BnTI%2BqufgzmuqVvBBbyeLPBNBCiXxKni6XLXM4tRdUIA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
cache-control: max-age=14400
cf-ray: 82a207faabd85c64-MIA
alt-svc: h3=":443"; ma=86400

GET
H3 200 owl.carousel.min.js Show response
h13.haruyd.vip/layouts/Door_cpB_limit/js/ 39 KB
11 KB 789ms
786ms Script
application/javascript 2606:4700:3036::6815:67a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://h13.haruyd.vip/layouts/Door_cpB_limit/js/owl.carousel.min.js?20211005161436
Requested by: Host: h13.haruyd.vip
URL: https://h13.haruyd.vip/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3036::6815:67a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 83553d22ccd56e5576d544f6ba93475c712b3c02d312893eea2acc16de5fcf91

Request headers

accept-language: en-US,en;q=0.9
Referer: https://h13.haruyd.vip/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Wed, 22 Nov 2023 14:58:33 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Tue, 05 Oct 2021 07:14:36 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"615bfb5c-9dd1"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Y%2FR8OhuDvcJEdMMTm4iFHl3zTE9hUR9YXX0FPSO3FBNcShO%2BLuX9ZG3lTInWRy0gwlkdObKQRW3jEFfOeLOKi%2BT0HSeXcLNNq2%2BSmggiBB0ICjWAwxwFyGbCLN4yC7zLabBCWxLBL1y%2BfHu4sA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
cache-control: max-age=14400
cf-ray: 82a207faabda5c64-MIA
alt-svc: h3=":443"; ma=86400

GET
H2 200 banner1.php Show response
lamosta.com/ Frame 0B23 9 KB
4 KB 300ms
227ms Document
text/html 2606:4700:3036::ac43:9386
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://lamosta.com/banner1.php?site=haruyadong
Requested by: Host: h13.haruyd.vip
URL: https://h13.haruyd.vip/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3036::ac43:9386 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PHP/7.0.33
Resource Hash: 77e8377769c060070b2a5f05da33962b7653f775609cb177491d6e77978ba769

Request headers

Referer: https://h13.haruyd.vip/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 82a207fc0ba5961a-MIA
content-encoding: br
content-type: text/html; charset=UTF-8
date: Wed, 22 Nov 2023 14:58:33 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=qbeKaZLM%2F7gbBqTjew6V5zeYUAFdRMQEnhxgynL5DrRlsEvSN3u3w9OmVG6qetWu%2B4r8hCkseP7bvQhboELsu7OERtybuM3YsE6sEPr9hoLL9FR3eDxPnLMutQLKVc6v1F1KVrJZrkN7bA%3D%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
x-powered-by: PHP/7.0.33

GET
H2 200 banner1_side.php Show response
lamosta.com/ Frame 234E 3 KB
2 KB 285ms
213ms Document
text/html 2606:4700:3036::ac43:9386
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://lamosta.com/banner1_side.php?site=haruyadong
Requested by: Host: h13.haruyd.vip
URL: https://h13.haruyd.vip/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3036::ac43:9386 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PHP/7.0.33
Resource Hash: 338d906f758dd4c983424a7c2400d8189d21331a857a999bc1d9f46aac9db0ac

Request headers

Referer: https://h13.haruyd.vip/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 82a207fc0ba2961a-MIA
content-encoding: br
content-type: text/html; charset=UTF-8
date: Wed, 22 Nov 2023 14:58:33 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=wP3sxe%2Fg9hOmiP5UY2EV511Y28pCkfovGv81eV8sRXe8g2LzWevEtIxXRPwKigv5GmGNwqT35fw3NyOkn%2FSKZEtK7dPNyJ7rpv%2FkRH2q%2F9nIRRdeWCdWRnMXcIod4T1H1IeGDg6c2u%2BTlg%3D%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
x-powered-by: PHP/7.0.33

GET
H3 200 bg_account.png
h13.haruyd.vip/layouts/Door_cpB_limit/img/ 936 B
1 KB 229ms
229ms Image
image/png 2606:4700:3036::6815:67a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://h13.haruyd.vip/layouts/Door_cpB_limit/img/bg_account.png
Requested by: Host: h13.haruyd.vip
URL: https://h13.haruyd.vip/layouts/Door_cpB_limit/css/default.css?20211005161436
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3036::6815:67a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b1bbdb22a64fff07fc7523e7048ba386e0ecfdec535cefb21290c36d44bdab43

Request headers

accept-language: en-US,en;q=0.9
Referer: https://h13.haruyd.vip/layouts/Door_cpB_limit/css/default.css?20211005161436
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Wed, 22 Nov 2023 14:58:32 GMT
cf-cache-status: HIT
last-modified: Tue, 05 Oct 2021 07:14:36 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "615bfb5c-3a8"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=6dAs9DlBUIge3oF%2BmmLldnVh9gTE6fPP1edrocjmqvv%2BmIAsI3qptvIxH4M7PNBZbtd%2B8lLNDrHTh33m96kQJd5SuPkGpbXIHXVkG5J4l%2FP4rqNpPi0dq%2FMtWP%2FBwy%2BA9Se%2BY8ycoQ4wNfRegA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 82a207faabed5c64-MIA
alt-svc: h3=":443"; ma=86400
content-length: 936

GET
H3 200 top_li.png
h13.haruyd.vip/layouts/Door_cpB_limit/img/ 933 B
1 KB 742ms
742ms Image
image/png 2606:4700:3036::6815:67a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://h13.haruyd.vip/layouts/Door_cpB_limit/img/top_li.png
Requested by: Host: h13.haruyd.vip
URL: https://h13.haruyd.vip/layouts/Door_cpB_limit/css/default.css?20211005161436
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3036::6815:67a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b5bf3e8035d35911f9393b62a873897463a7180c01077cf16445d0d423651d75

Request headers

accept-language: en-US,en;q=0.9
Referer: https://h13.haruyd.vip/layouts/Door_cpB_limit/css/default.css?20211005161436
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Wed, 22 Nov 2023 14:58:33 GMT
cf-cache-status: HIT
last-modified: Tue, 05 Oct 2021 07:14:36 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "615bfb5c-3a5"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=gILbuK8VGpsslX8ETnzQA8yPp1OnJaUw2TeklS%2Fh6%2F34ZX5fdecnTKE9nyj1gvPKhBYJAH43Eb19yo1c5vBXEKR6kuCdAvJw3fhAa6zaK2NMVm5UJ9EkqJdixjej0bqViR%2Fk0dOqADMIFOfCZw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 82a207faabf05c64-MIA
alt-svc: h3=":443"; ma=86400
content-length: 933

GET
H3 200 all_menu.png
h13.haruyd.vip/layouts/Door_cpB_limit/img/ 2 KB
2 KB 233ms
232ms Image
image/png 2606:4700:3036::6815:67a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://h13.haruyd.vip/layouts/Door_cpB_limit/img/all_menu.png
Requested by: Host: h13.haruyd.vip
URL: https://h13.haruyd.vip/layouts/Door_cpB_limit/css/default.css?20211005161436
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3036::6815:67a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: fcf8d278f91f8bf55965083472f630b3ff4a679bfad090352f58729c9a0645ab

Request headers

accept-language: en-US,en;q=0.9
Referer: https://h13.haruyd.vip/layouts/Door_cpB_limit/css/default.css?20211005161436
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Wed, 22 Nov 2023 14:58:32 GMT
cf-cache-status: HIT
last-modified: Tue, 05 Oct 2021 07:14:36 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "615bfb5c-666"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=9LKKgpUD%2BnWFZ4as6lyRYGOfiMRQpBfaGKNOEgDsQTqxforUzqRtt2ixS9dAJQ29ki6OZ2VeFrrJDieGfiDlyAyeJXu3nc51%2B2eMUk%2FUez8LzS3zLib%2FVONIr9tnK8zsOouaBfyf1cwirdp3gA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 82a207faabf15c64-MIA
alt-svc: h3=":443"; ma=86400
content-length: 1638

GET
H3 200 bg_search.png
h13.haruyd.vip/layouts/Door_cpB_limit/img/ 1 KB
2 KB 747ms
746ms Image
image/png 2606:4700:3036::6815:67a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://h13.haruyd.vip/layouts/Door_cpB_limit/img/bg_search.png
Requested by: Host: h13.haruyd.vip
URL: https://h13.haruyd.vip/layouts/Door_cpB_limit/css/default.css?20211005161436
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3036::6815:67a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f7882c061727942e8105a570af4f2a091b64c61590be2184c993e99a721d9758

Request headers

accept-language: en-US,en;q=0.9
Referer: https://h13.haruyd.vip/layouts/Door_cpB_limit/css/default.css?20211005161436
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Wed, 22 Nov 2023 14:58:33 GMT
cf-cache-status: HIT
last-modified: Tue, 05 Oct 2021 07:14:36 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "615bfb5c-5af"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=fG7cAf3elO3HvA2AJ4CxJO41qd0AuEQ4LmewOPxNlIhd74tDpl1aiYOZljDNM6Q1%2FOE8OFCG4cNvSN0YhIFiyN2H7FMvD71nQHnL3ks7p6%2ByttqsToypWFTdpR3Wgk3zXpy2mRPqyR0Vad4aJw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 82a207faabf35c64-MIA
alt-svc: h3=":443"; ma=86400
content-length: 1455

GET
H3 200 bg_menuB.png
h13.haruyd.vip/layouts/Door_cpB_limit/img/ 939 B
1 KB 746ms
746ms Image
image/png 2606:4700:3036::6815:67a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://h13.haruyd.vip/layouts/Door_cpB_limit/img/bg_menuB.png
Requested by: Host: h13.haruyd.vip
URL: https://h13.haruyd.vip/layouts/Door_cpB_limit/css/default.css?20211005161436
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3036::6815:67a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 01bc09e5e7a191610e162b11657838453a98054190d188059c45b1dd2188a214

Request headers

accept-language: en-US,en;q=0.9
Referer: https://h13.haruyd.vip/layouts/Door_cpB_limit/css/default.css?20211005161436
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Wed, 22 Nov 2023 14:58:33 GMT
cf-cache-status: HIT
last-modified: Tue, 05 Oct 2021 07:14:36 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "615bfb5c-3ab"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=MXYIpf2YBJwrcl2QoSJppzMxrQoWPRdXLMPPyTsywS4ByLvnF2edfqX1PLScoDRY%2Bzh3MRh4cWYvU19O%2FBfVUwj0APzisXK%2FKruO3tfPSW9jGk1OrkCLcfMKIOf%2Fisc%2FjpUwCNoJwkoyghxJ%2Fw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 82a207faabf65c64-MIA
alt-svc: h3=":443"; ma=86400
content-length: 939

GET
H3 200 arrow.gif
h13.haruyd.vip/widgets/content/skins/Door_cpB/img/ 1 KB
2 KB 219ms
219ms Image
image/gif 2606:4700:3036::6815:67a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://h13.haruyd.vip/widgets/content/skins/Door_cpB/img/arrow.gif
Requested by: Host: h13.haruyd.vip
URL: https://h13.haruyd.vip/widgets/content/skins/Door_cpB/css/widget.css?20211005161437
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3036::6815:67a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6cfcf182e023b667e9d056a4b3ea48c214ae25c13700d3aff40bcdeba4829923

Request headers

accept-language: en-US,en;q=0.9
Referer: https://h13.haruyd.vip/widgets/content/skins/Door_cpB/css/widget.css?20211005161437
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Wed, 22 Nov 2023 14:58:32 GMT
cf-cache-status: HIT
last-modified: Tue, 05 Oct 2021 07:14:37 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "615bfb5d-44d"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ZlLCOvXiPoPM2WOZnQFXF3Duz9h02d1wugCb9YjFOws2vHuP2fCq1gQ3J22FQt1vc1PpSftZavzpIgAslF8Pli3j1689hJJN4IK9BP6mVwvlgnnaS6bVdJ2TYWtxiemP6H8wdMZ9fRAu6YGTUA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 82a207faabf85c64-MIA
alt-svc: h3=":443"; ma=86400
content-length: 1101

GET
H3 200 new.png
h13.haruyd.vip/widgets/content/skins/Door_cpB/img/ 981 B
1 KB 745ms
745ms Image
image/png 2606:4700:3036::6815:67a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://h13.haruyd.vip/widgets/content/skins/Door_cpB/img/new.png
Requested by: Host: h13.haruyd.vip
URL: https://h13.haruyd.vip/widgets/content/skins/Door_cpB/css/widget.css?20211005161437
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3036::6815:67a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 363378239ffe46b0a34723e8a43836f81375a54020240faf51113298d2dd69b8

Request headers

accept-language: en-US,en;q=0.9
Referer: https://h13.haruyd.vip/widgets/content/skins/Door_cpB/css/widget.css?20211005161437
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Wed, 22 Nov 2023 14:58:33 GMT
cf-cache-status: HIT
last-modified: Tue, 05 Oct 2021 07:14:37 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "615bfb5d-3d5"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=LdAWViOy2TWwJGcZmRThY3cvK9rKNfmoSADXe9czstrTfKYaKb3eI%2FRPxQAZ0z2mzXjj8xO0esMSluyXHjAJXHWf0RPTQBEb95%2BcOF8vDggT%2BgfcH4XKPt276ldLtgije8XxwrXygrku7IMkvQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 82a207faabf95c64-MIA
alt-svc: h3=":443"; ma=86400
content-length: 981

GET
H3 200 bullet.gif
h13.haruyd.vip/widgets/tab_newest_document/skins/xe_official/images/normal/ 44 B
503 B 213ms
213ms Image
image/gif 2606:4700:3036::6815:67a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://h13.haruyd.vip/widgets/tab_newest_document/skins/xe_official/images/normal/bullet.gif
Requested by: Host: h13.haruyd.vip
URL: https://h13.haruyd.vip/widgets/tab_newest_document/skins/xe_official/css/normal.css?20211007152920
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3036::6815:67a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5516b59d698f952e9e6f3bf95f8549a20431ccf97fa293275c512a1225ae89e1

Request headers

accept-language: en-US,en;q=0.9
Referer: https://h13.haruyd.vip/widgets/tab_newest_document/skins/xe_official/css/normal.css?20211007152920
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Wed, 22 Nov 2023 14:58:32 GMT
cf-cache-status: HIT
last-modified: Thu, 07 Oct 2021 06:29:20 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "615e93c0-2c"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ZXRPQxISJFZw2GBuT6DsfBKN9hh1fDp7nb6o1GR6duVROEwaGpFQKjqgVNBycIpgg5iZAAuGExgKNaDlV%2B%2FaL8CAekrnpZUYWqGGmZxLyX9WPTM1G%2B5gWf9x32qtn3HEWG5KpMLDxsqSziHTvQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 82a207faabfb5c64-MIA
alt-svc: h3=":443"; ma=86400
content-length: 44

GET
H3 200 top_li.gif
h13.haruyd.vip/layouts/Door_cpB_limit/img/ 1 KB
2 KB 744ms
744ms Image
image/gif 2606:4700:3036::6815:67a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://h13.haruyd.vip/layouts/Door_cpB_limit/img/top_li.gif
Requested by: Host: h13.haruyd.vip
URL: https://h13.haruyd.vip/layouts/Door_cpB_limit/css/default.css?20211005161436
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3036::6815:67a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: dbd0f2537c1f2a5f5d087e37b1e200e4c2c6a9dca869e4195ed4b8774381a863

Request headers

accept-language: en-US,en;q=0.9
Referer: https://h13.haruyd.vip/layouts/Door_cpB_limit/css/default.css?20211005161436
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Wed, 22 Nov 2023 14:58:33 GMT
cf-cache-status: HIT
last-modified: Tue, 05 Oct 2021 07:14:36 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "615bfb5c-448"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=8P1ioqh56pR%2FLtBE3UXuhGkLaZ%2F%2FRIpA0U8Hu37zq%2FCGBPDoKyVGEsTc914u0Rnbl0yDkc%2BF%2FeH9ftm0m0mgZk8I9%2BsywLkOiG6ja%2BcZa3uRmrHBox08YvRdiVD7b1HGohnbw%2FLJHLMJCZg2QQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 82a207faabff5c64-MIA
alt-svc: h3=":443"; ma=86400
content-length: 1096

GET
H3 200 bg_select.gif
h13.haruyd.vip/layouts/Door_cpB_limit/img/ 1 KB
2 KB 744ms
744ms Image
image/gif 2606:4700:3036::6815:67a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://h13.haruyd.vip/layouts/Door_cpB_limit/img/bg_select.gif
Requested by: Host: h13.haruyd.vip
URL: https://h13.haruyd.vip/layouts/Door_cpB_limit/css/default.css?20211005161436
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3036::6815:67a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a5bb7e3567fc9063f54e3f158e5ed216c87e4217dbc5c53553fce6c00767c8d7

Request headers

accept-language: en-US,en;q=0.9
Referer: https://h13.haruyd.vip/layouts/Door_cpB_limit/css/default.css?20211005161436
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Wed, 22 Nov 2023 14:58:33 GMT
cf-cache-status: HIT
last-modified: Tue, 05 Oct 2021 07:14:36 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "615bfb5c-51a"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ncctMIpRVhfzeDV%2Bmhp4QW1NLw1LZpV1yKRzYm92shGbg1CH8QU%2FZtBLSKuvU4MpT6pUY2BxJuuMOctV%2BYDYf1RAoBRcFsiJ3513eswegzC3V%2FyjO0l1LUogl0PSfd5Dyu%2BJuBPsYUE21K0zUw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 82a207faac015c64-MIA
alt-svc: h3=":443"; ma=86400
content-length: 1306

GET
H3 200 xeicon.woff2
h13.haruyd.vip/common/xeicon/fonts/ 78 KB
78 KB 932ms
932ms Font
font/woff2 2606:4700:3036::6815:67a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://h13.haruyd.vip/common/xeicon/fonts/xeicon.woff2?v=1.0.4
Requested by: Host: h13.haruyd.vip
URL: https://h13.haruyd.vip/common/xeicon/xeicon.min.css?20211005143422
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3036::6815:67a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: aed972f348736612525583c3dd43095d763b9e661284c8d611f01aa63398899f

Request headers

Referer: https://h13.haruyd.vip/common/xeicon/xeicon.min.css?20211005143422
Origin: https://h13.haruyd.vip
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Wed, 22 Nov 2023 14:58:33 GMT
cf-cache-status: REVALIDATED
last-modified: Tue, 05 Oct 2021 05:34:28 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "615be3e4-13684"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=aTKmEA1gg7yiMxDVrEc7aO7uuuBQ32%2F%2FQ70KyiOxXZmMXG8JGPqLQrvqT3kXVflZZSWUC0QjGMY3cURexz9y9vCHnbMYjX7OGei7%2BcXujnxJ9exNuypC5ssZgXhLl4XTjbdhOj9wHL3LsRmNUQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: font/woff2
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 82a207faac045c64-MIA
alt-svc: h3=":443"; ma=86400
content-length: 79492

GET
H3 200 close.png
h13.haruyd.vip/layouts/Door_cpB_limit/img/ 1 KB
2 KB 785ms
783ms Image
image/png 2606:4700:3036::6815:67a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://h13.haruyd.vip/layouts/Door_cpB_limit/img/close.png
Requested by: Host: h13.haruyd.vip
URL: https://h13.haruyd.vip/layouts/Door_cpB_limit/css/default.css?20211005161436
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3036::6815:67a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4cd3b8f5f7b4e5eb7dc79dc2fbd8b6179d9aac7f866e579cca4151034369063d

Request headers

accept-language: en-US,en;q=0.9
Referer: https://h13.haruyd.vip/layouts/Door_cpB_limit/css/default.css?20211005161436
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Wed, 22 Nov 2023 14:58:33 GMT
cf-cache-status: REVALIDATED
last-modified: Tue, 05 Oct 2021 07:14:36 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "615bfb5c-540"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=mYNEkgT6au9wC7%2Beo0yWsl56YM%2FIgAgbgBD%2F971EnGSOzfLRQkufpCbP0vzFIIt0FJS%2BjPIOe0xAiGvLmdix%2FDlNXo292EcpZfEOI3%2Farhy2N1bZ3HWR7s4F5p9DAJb3uP6PHGRXID8hbzLJ2g%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 82a207fbadac5c64-MIA
alt-svc: h3=":443"; ma=86400
content-length: 1344

GET
H2 200 / Show response
t.dtscout.com/i/ 7 KB
4 KB 187ms
122ms Script
application/javascript 2606:4700:21::8d65:780b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://t.dtscout.com/i/?l=https%3A%2F%2Fh13.haruyd.vip%2F&j=
Requested by: Host: waust.at
URL: https://waust.at/s.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:21::8d65:780b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 537b84f5c05346dca1ef2230104ff850be0477d00d44c9fdbdac39512c95a497

Request headers

accept-language: en-US,en;q=0.9
Referer: https://h13.haruyd.vip/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Wed, 22 Nov 2023 14:58:33 GMT
x-t: 0.226
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Ehfie%2FEgjbkaQVBrGaBEOMbs9qJ1K2Zeg6YtcOnbZcu890bIOS2%2BoemSq0DnC%2BYB8eGcva0UKh5jqthG%2FRrHbQ55N34Nx19fn3z9UgPVvhKpwW7KroL8SXyDkXIkd9W22ogIbegNwXedaKc%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: no-cache
x-s: mtl3
cf-ray: 82a207fc685fda93-MIA
expires: Wed, 22 Nov 2023 14:58:32 GMT

POST
H2 204 collect
www.google-analytics.com/g/ 0
254 B 107ms
39ms Ping
text/plain 2001:4860:4802:38::178
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://www.google-analytics.com/g/collect?v=2&tid=G-1G5H7W94B1&gtm=45je3b81v876364719&_p=1700665112723&gcd=11l1l1l1l1&dma=0&cid=1185986563.1700665113&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=1&sid=1700665113&sct=1&seg=0&dl=https%3A%2F%2Fh13.haruyd.vip%2F&dt=%ED%95%98%EB%A3%A8%EC%95%BC%EB%8F%99%20-%20%EB%AC%B4%EB%A3%8C%20%EC%84%B1%EC%9D%B8%EC%BB%A4%EB%AE%A4%EB%8B%88%ED%8B%B0&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1&tfd=2374
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-1G5H7W94B1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:38::178 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://h13.haruyd.vip/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 22 Nov 2023 14:58:33 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://h13.haruyd.vip
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 240 KB
83 KB 71ms
70ms Script
application/javascript 2607:f8b0:4004:c08::61
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-J17DZK1R68&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-1G5H7W94B1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c08::61 Ashburn, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

b1db0908a7b721682731a7c4d08a0184a2211b5d1bae859098b30602951ac464

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://h13.haruyd.vip/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Wed, 22 Nov 2023 14:58:33 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 85210
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Wed, 22 Nov 2023 14:58:33 GMT

POST
H2 204 collect
www.google-analytics.com/g/ 0
54 B 80ms
40ms Ping
text/plain 2001:4860:4802:38::178
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://www.google-analytics.com/g/collect?v=2&tid=G-J17DZK1R68&gtm=45je3b81v874199983&_p=1700665112723&gcd=11l1l1l1l1&dma=0&cid=1185986563.1700665113&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=1&sid=1700665113&sct=1&seg=0&dl=https%3A%2F%2Fh13.haruyd.vip%2F&dt=%ED%95%98%EB%A3%A8%EC%95%BC%EB%8F%99%20-%20%EB%AC%B4%EB%A3%8C%20%EC%84%B1%EC%9D%B8%EC%BB%A4%EB%AE%A4%EB%8B%88%ED%8B%B0&en=page_view&_fv=1&_ss=1&_ee=1&tfd=2401
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-J17DZK1R68
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:38::178 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://h13.haruyd.vip/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 22 Nov 2023 14:58:33 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://h13.haruyd.vip
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 / Show response
t.dtscout.com/idg/ Frame C030 1 KB
762 B 129ms
129ms Document
text/html 2606:4700:21::8d65:780b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://t.dtscout.com/idg/?su=4C301700665113A625D00D58923DD680
Requested by: Host: t.dtscout.com
URL: https://t.dtscout.com/i/?l=https%3A%2F%2Fh13.haruyd.vip%2F&j=
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:21::8d65:780b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 9df03994b49cfe95ae1c8a64f45d95760f95eb23b7b86b809c75473b6aa5a6ce

Request headers

Referer: https://h13.haruyd.vip/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

cache-control: no-cache
cf-cache-status: DYNAMIC
cf-ray: 82a207fd69b6da93-MIA
content-encoding: br
content-type: text/html; charset=UTF-8
date: Wed, 22 Nov 2023 14:58:33 GMT
expires: Wed, 22 Nov 2023 14:58:32 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=6P0JvY73gLSjznYrIobIfv2E2iI%2FN9a2BoaQ1LpR1klNTJy5rR1%2FZyzeEtPH5nL%2B1Q4mipNBMLdz1vtJ%2Fwl5rH6jI%2BQI0AwzoGjLcBOpU9gANOhae%2B9cmOp5znvn6%2FkivwqCg2bY%2Blhfwm8%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare

GET
H2 200 tag.min.js Show response
get.s-onetag.com/f0c84061-4182-4398-8e37-5ff5b5698a6f/ 33 KB
11 KB 184ms
62ms Script
text/javascript 13.224.214.27
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://get.s-onetag.com/f0c84061-4182-4398-8e37-5ff5b5698a6f/tag.min.js
Requested by: Host: t.dtscout.com
URL: https://t.dtscout.com/i/?l=https%3A%2F%2Fh13.haruyd.vip%2F&j=
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.214.27 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-214-27.phl50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 2be5bc681ba2488b5b366e183923c008835985f5cd45b5f3be3075d6454366d2

Request headers

accept-language: en-US,en;q=0.9
Referer: https://h13.haruyd.vip/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

x-amz-version-id: qTL9I3PoQ0vLKAyf8R1sGpcCe8sbM7th
content-encoding: gzip
via: 1.1 39a169e5169cc741a7c793f95d144134.cloudfront.net (CloudFront)
date: Wed, 22 Nov 2023 10:26:14 GMT
last-modified: Thu, 01 Jun 2023 19:57:33 GMT
server: AmazonS3
x-amz-cf-pop: PHL50-C1
age: 16344
x-amz-server-side-encryption: AES256
etag: W/"b338879bf41a826d9e1b316528a8409d"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/javascript
cache-control: max-age=86400
x-amz-cf-id: xV3K-k1IE-co8SgI3Pq_HkhZed4TWiTIGdzzCjJHnQzt0BujGH4SBQ==

GET
H/1.1 200
OK dtscout Show response
pd.sharethis.com/pd/ 2 KB
3 KB 254ms
60ms Script
application/javascript 3.141.240.42
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://pd.sharethis.com/pd/dtscout

Requested by

Host: t.dtscout.com
URL: https://t.dtscout.com/i/?l=https%3A%2F%2Fh13.haruyd.vip%2F&j=

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

3.141.240.42 Columbus, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-3-141-240-42.us-east-2.compute.amazonaws.com

Software

Resource Hash

c32c979160ae6bda6a5ba3be927b81fbf95812dc00915b31013c24ed619e823b

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains;

Request headers

accept-language: en-US,en;q=0.9
Referer: https://h13.haruyd.vip/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Date: Wed, 22 Nov 2023 14:58:33 GMT
Strict-Transport-Security: max-age=63072000; includeSubDomains;
Connection: keep-alive
X-Robots-Tag: noindex, nofollow
Content-Length: 2444
Content-Type: application/javascript

GET
H2 200 / Show response
t.dtscout.com/pv/ 51 B
348 B 111ms
110ms Script
application/javascript 2606:4700:21::8d65:780b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://t.dtscout.com/pv/?_a=v&_h=h13.haruyd.vip&_ss=5djiwgp6mm&_pv=1&_ls=0&_u1=1&_u3=1&_cc=us&_pl=d&_cbid=3mq9&_cb=_dtspv.c
Requested by: Host: t.dtscout.com
URL: https://t.dtscout.com/i/?l=https%3A%2F%2Fh13.haruyd.vip%2F&j=
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:21::8d65:780b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 936a2ad83c68f2b01debb6d6cadd3eb0bb947c30eb34980e94842add13b66421

Request headers

accept-language: en-US,en;q=0.9
Referer: https://h13.haruyd.vip/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Wed, 22 Nov 2023 14:58:33 GMT
x-t: 0.138
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=zuD4KTGxsptMiD9DKPdKuEHib2B%2FkowOiMg0KSQbhohZSv4QjNrjoT4RV2%2FIy5W%2FWZghdMsxSQTPHDwa%2FEZsYUb1t2dHd98CD5EPSczVYX5RQS9Xj%2Bm9VI8vDhp%2BjS9dB3wZ71Q99ejjP2w%3D"}],"group":"cf-nel","max_age":604800}
x-c: 0
content-type: application/javascript
cache-control: no-cache
cf-ray: 82a207fd69b4da93-MIA
expires: Wed, 22 Nov 2023 14:58:32 GMT

GET
H2 200 / Show response
dtsedge.com/ping/ 0
453 B 152ms
78ms Script
application/javascript 2606:4700:3030::ac43:9dc8
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://dtsedge.com/ping/?t=0&d=h13.haruyd.vip
Requested by: Host: t.dtscout.com
URL: https://t.dtscout.com/i/?l=https%3A%2F%2Fh13.haruyd.vip%2F&j=
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3030::ac43:9dc8 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://h13.haruyd.vip/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Wed, 22 Nov 2023 14:58:33 GMT
x-t: 0.53
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ArTdd%2BZPaTl8n%2F%2BKG4fwib%2B1IvHTtx7LEjMZO4LIhT7bkySSaic%2Bl12YLXHYRvzvDTXKEBekf0a3eXjbvhWirs2rzImkesrn%2Bde%2BPIcZvocruJgmh%2FioX5ZuwGLAFNsJwFtSmi50XfhWVg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cf-ray: 82a207fddbeb4c33-MIA
alt-svc: h3=":443"; ma=86400

GET
H2 200 9f1aab4ef94dad10a13ee353d2a50bae.gif
blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEgAcNL_TiOTEgyXBDL9UhloJwnFRk4JDugIx1aTNYKxawfJsykkmLLO_RvPRKDNGvCs7KBfur_ugB6kOCAmS2dCyANYWyJ-FsUnF3nIdZOX4fj8lN0CaHitiUju3c4fbowxhebQu6GOkOC0-V0S... Frame 234E 526 KB
526 KB 580ms
469ms Image
image/gif 2607:f8b0:4004:c09::84
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEgAcNL_TiOTEgyXBDL9UhloJwnFRk4JDugIx1aTNYKxawfJsykkmLLO_RvPRKDNGvCs7KBfur_ugB6kOCAmS2dCyANYWyJ-FsUnF3nIdZOX4fj8lN0CaHitiUju3c4fbowxhebQu6GOkOC0-V0S5mqbzwIwq6ajxvhV7AVuL5urVxvoFEbzL1Q3_SMo/s320/9f1aab4ef94dad10a13ee353d2a50bae.gif

Requested by

Host: lamosta.com
URL: https://lamosta.com/banner1_side.php?site=haruyadong

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c09::84 Ashburn, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

6d7e1de38454cb9c0ce4a1a057138b90fc06fa668655415ca1ac4f55753bc366

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://lamosta.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Wed, 22 Nov 2023 14:58:33 GMT
x-content-type-options: nosniff
server: fife
etag: "v48"
vary: Origin
content-type: image/gif
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="9f1aab4ef94dad10a13ee353d2a50bae.gif"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 538367
x-xss-protection: 0
expires: Thu, 23 Nov 2023 14:58:33 GMT

GET
H2 200 logo-logo2.png
blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEjHArF-MDfWzRUuaJLf7sSSHoa1OJlWdFgJsBfl6kCJTd8gv_tJRRJ0Wg4Uu_qhCLMnXkf0Ub88OufPNgkbgkUYlwuEOEk-91gxHs8rZ_Ov3Q1QtA-Gy71H4bYjksYpLzl0qM7uUM7mCOs1nS3j... Frame 234E 4 KB
4 KB 695ms
585ms Image
image/png 2607:f8b0:4004:c09::84
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEjHArF-MDfWzRUuaJLf7sSSHoa1OJlWdFgJsBfl6kCJTd8gv_tJRRJ0Wg4Uu_qhCLMnXkf0Ub88OufPNgkbgkUYlwuEOEk-91gxHs8rZ_Ov3Q1QtA-Gy71H4bYjksYpLzl0qM7uUM7mCOs1nS3jPstDMicNGZyNZxUJO3li-C21-UdYkoj12TTi0K7J/s320/logo-logo2.png

Requested by

Host: lamosta.com
URL: https://lamosta.com/banner1_side.php?site=haruyadong

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c09::84 Ashburn, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

d556aca5fe37f603193157fc5a7b33e89035106850a92d2a7e7d4f32103b1e61

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://lamosta.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Wed, 22 Nov 2023 14:58:33 GMT
x-content-type-options: nosniff
server: fife
etag: "v185"
vary: Origin
content-type: image/png
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="logo-logo2.png"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 3619
x-xss-protection: 0
expires: Thu, 23 Nov 2023 14:58:33 GMT

GET
H2 200 a2a9e529a335482e2d99dfc6bbd19366.gif
blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEhbgK4DJ1WlnWIzAq66h44VKwBeSaH48uTdjhKEXvb7FKhx8ffbz6zoytyU33Pnry4kptQBNQ3AgSVetf1xpEiBKnouAOdDrn3d8QZiuh3j9Dx1UImXZptdhcw9lBjpjrYCkQrwiJYYmHmnlvbP... Frame 234E 467 KB
468 KB 694ms
584ms Image
image/gif 2607:f8b0:4004:c09::84
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEhbgK4DJ1WlnWIzAq66h44VKwBeSaH48uTdjhKEXvb7FKhx8ffbz6zoytyU33Pnry4kptQBNQ3AgSVetf1xpEiBKnouAOdDrn3d8QZiuh3j9Dx1UImXZptdhcw9lBjpjrYCkQrwiJYYmHmnlvbPJJZUgeCOpPJGOYKCPO3wUfMZe9Qs8t5alvuzeg1d/s320/a2a9e529a335482e2d99dfc6bbd19366.gif

Requested by

Host: lamosta.com
URL: https://lamosta.com/banner1_side.php?site=haruyadong

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c09::84 Ashburn, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

232e69cab1fd32cb4632bbb0a9fd7b42e0571ff5b8f0c8875d9ada207a94dda4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://lamosta.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Wed, 22 Nov 2023 14:58:33 GMT
x-content-type-options: nosniff
server: fife
etag: "v61"
vary: Origin
content-type: image/gif
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="a2a9e529a335482e2d99dfc6bbd19366.gif"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 478614
x-xss-protection: 0
expires: Thu, 23 Nov 2023 14:58:33 GMT

GET
H2 200 6e6f5009ab2a6843718a12f38728bd33.gif
blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEg16GyrSNoSlkHmgOGYvyH5e4aul5L3AoXU6kqC6wy26l4U_mzl3-u8dNaT8MsrLNVEDXZwj1_tAGWrkRLlL9MeocOBeErtiZi4T96Kn2MuuNGCJ9sf2kED4amdRGnrgmpEB4fk05EqczkviPbm... Frame 234E 224 KB
224 KB 694ms
585ms Image
image/gif 2607:f8b0:4004:c09::84
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEg16GyrSNoSlkHmgOGYvyH5e4aul5L3AoXU6kqC6wy26l4U_mzl3-u8dNaT8MsrLNVEDXZwj1_tAGWrkRLlL9MeocOBeErtiZi4T96Kn2MuuNGCJ9sf2kED4amdRGnrgmpEB4fk05EqczkviPbm_aFCcNVlZPKhKcVKeG1XwrNsS6_AXKiozm0iEAud/s320/6e6f5009ab2a6843718a12f38728bd33.gif

Requested by

Host: lamosta.com
URL: https://lamosta.com/banner1_side.php?site=haruyadong

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c09::84 Ashburn, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

9d4f4efea8b7f80695d75a3aed6887b5a8807a7cffbbe26f26ebde23f7af6a82

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://lamosta.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Wed, 22 Nov 2023 14:58:33 GMT
x-content-type-options: nosniff
server: fife
etag: "v65"
vary: Origin
content-type: image/gif
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="6e6f5009ab2a6843718a12f38728bd33.gif"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 228882
x-xss-protection: 0
expires: Thu, 23 Nov 2023 14:58:33 GMT

GET
H2 200 96719ab3f0d2c49310f7dafd8a46a214.gif
blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEgXOJwVsl-bkl_b-qHmCBD-UBssTwnbr2CSEVESgtfV0Pfeoj_htNIU80xorviULLR_eNDUoYdEy5yrLBB2UMKOd5fGGFbSDwAdl-wk_cTU8LxxCrO5jfA4zfmR7Hk9zpnYJtGfwjnWt8Tx7wxM... Frame 234E 380 KB
380 KB 695ms
586ms Image
image/gif 2607:f8b0:4004:c09::84
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEgXOJwVsl-bkl_b-qHmCBD-UBssTwnbr2CSEVESgtfV0Pfeoj_htNIU80xorviULLR_eNDUoYdEy5yrLBB2UMKOd5fGGFbSDwAdl-wk_cTU8LxxCrO5jfA4zfmR7Hk9zpnYJtGfwjnWt8Tx7wxMOtsiutxmATG92jBKLWysan4eP8pEcQDYkeqlW65y/s320/96719ab3f0d2c49310f7dafd8a46a214.gif

Requested by

Host: lamosta.com
URL: https://lamosta.com/banner1_side.php?site=haruyadong

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c09::84 Ashburn, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

f5a6a1032a4096378c138954fd2e6941a2dcd4b4cdaeddc5185db3a1655d35c1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://lamosta.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Wed, 22 Nov 2023 14:58:33 GMT
x-content-type-options: nosniff
server: fife
etag: "v67"
vary: Origin
content-type: image/gif
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="96719ab3f0d2c49310f7dafd8a46a214.gif"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 389008
x-xss-protection: 0
expires: Thu, 23 Nov 2023 14:58:33 GMT

GET
H2 200 cda3f3265effee8cc129f8ea6983bd36.gif
blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEhummHm5Yb4hZo_GpgL2HnGNz44-uAuPBlUuWFN4mNZr8mzBejQy-zmI41ptgGXd8Ej9new0ARhALOtU6SGfdNQ1VwjBnxtDctlApS6jK0ZjnIjR8eb-QzP5GJUUCyJWh_0QDE4RSKXqVfZOPda... Frame 234E 2 KB
2 KB 514ms
405ms Image
image/gif 2607:f8b0:4004:c09::84
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEhummHm5Yb4hZo_GpgL2HnGNz44-uAuPBlUuWFN4mNZr8mzBejQy-zmI41ptgGXd8Ej9new0ARhALOtU6SGfdNQ1VwjBnxtDctlApS6jK0ZjnIjR8eb-QzP5GJUUCyJWh_0QDE4RSKXqVfZOPdajg5fX_O_X6TFR0HulznPmwVhrFaCK-CF1rmpyErW/s320/cda3f3265effee8cc129f8ea6983bd36.gif

Requested by

Host: lamosta.com
URL: https://lamosta.com/banner1_side.php?site=haruyadong

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c09::84 Ashburn, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

e2928f1dc55ab3a40d0007474e8281ddb3c7ff0f3ad1b0482cca50fd2f9fa889

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://lamosta.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Wed, 22 Nov 2023 14:58:33 GMT
x-content-type-options: nosniff
server: fife
etag: "v4d"
vary: Origin
content-type: image/gif
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="cda3f3265effee8cc129f8ea6983bd36.gif"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1547
x-xss-protection: 0
expires: Thu, 23 Nov 2023 14:58:33 GMT

GET
H2 200 300x100.gif
blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEgSmNDXAA_tyrjIkijsHkmxBMGJTkx54V06eEaR8mJKFaoXZKrW8byC-tpNSWvmffsGMc4YipmMFBIdVNW7hMNfqQe4Wc5NJPIfbSSSDV5i_iZ8_fAQ7aGToD8Vkpivqk8VBc7HOMEqkP7b2e66... Frame 0B23 930 KB
930 KB 505ms
408ms Image
image/gif 2607:f8b0:4004:c09::84
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEgSmNDXAA_tyrjIkijsHkmxBMGJTkx54V06eEaR8mJKFaoXZKrW8byC-tpNSWvmffsGMc4YipmMFBIdVNW7hMNfqQe4Wc5NJPIfbSSSDV5i_iZ8_fAQ7aGToD8Vkpivqk8VBc7HOMEqkP7b2e66GoHZLhyHxbUzcK-i6LFyZew10YPydUWi2j-aaG3j9u4/s320/300x100.gif

Requested by

Host: lamosta.com
URL: https://lamosta.com/banner1.php?site=haruyadong

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c09::84 Ashburn, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

1e388c7761514731a36e1ab9a7e8aa5c49df471b0e9c0f65d15a8148d4851e5c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://lamosta.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Wed, 22 Nov 2023 14:58:33 GMT
x-content-type-options: nosniff
server: fife
etag: "v2e3"
vary: Origin
content-type: image/gif
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="300x100.gif"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 952199
x-xss-protection: 0
expires: Thu, 23 Nov 2023 14:58:33 GMT

GET
H2 200 300x100.gif
blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEhGIMs9sR-Rl62JBoVjRbTrvnRnIK90WlzxixmudkplQVp0wO4EhCI9zSZ8Y_lRaqW4ZoNLLxfmueoffn0lsCoIcFij4VDl1BWC3PivYyTuncY0m4k3TG8lnddf3SmsAph3yS2oQd7bliVZi0j9... Frame 0B23 2 MB
2 MB 574ms
478ms Image
image/gif 2607:f8b0:4004:c09::84
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEhGIMs9sR-Rl62JBoVjRbTrvnRnIK90WlzxixmudkplQVp0wO4EhCI9zSZ8Y_lRaqW4ZoNLLxfmueoffn0lsCoIcFij4VDl1BWC3PivYyTuncY0m4k3TG8lnddf3SmsAph3yS2oQd7bliVZi0j9RRAHmNjXUcJ0U2lzZ7JOwYN61-ohSwgDhj9wGyP_y2E/s320/300x100.gif

Requested by

Host: lamosta.com
URL: https://lamosta.com/banner1.php?site=haruyadong

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c09::84 Ashburn, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

64fd1204c189930ef8a54e09de921f8f046872971b0e0b7b329d0c42c4919818

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://lamosta.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Wed, 22 Nov 2023 14:58:33 GMT
x-content-type-options: nosniff
server: fife
etag: "v2f1"
vary: Origin
content-type: image/gif
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="300x100.gif"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1763844
x-xss-protection: 0
expires: Thu, 23 Nov 2023 14:58:33 GMT

GET
H2 200 300x100.gif
blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEi6l1jmqzkm8jnQIxYsM6l5rioUk4r5TN2DtVnTpkfiJF-Xrz5ch3LnMAjW3Ecy9Z16shvFcRaIi1cw_PKa31cIDpguxjPvSuoXI5clbYY6wqKEjs2sxs26GtACwQPSQWzTWOObq8W6Y1B6Xqgb... Frame 0B23 260 KB
260 KB 553ms
458ms Image
image/gif 2607:f8b0:4004:c09::84
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEi6l1jmqzkm8jnQIxYsM6l5rioUk4r5TN2DtVnTpkfiJF-Xrz5ch3LnMAjW3Ecy9Z16shvFcRaIi1cw_PKa31cIDpguxjPvSuoXI5clbYY6wqKEjs2sxs26GtACwQPSQWzTWOObq8W6Y1B6XqgbMf20PIPLBYd15nU0wbDs5aHd3gNp9XUwTRQTfQhG/s320/300x100.gif

Requested by

Host: lamosta.com
URL: https://lamosta.com/banner1.php?site=haruyadong

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c09::84 Ashburn, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

77c8c428b25816ab921ae06cd4aadc4a6a39d2c994769e3ee3cf9a90bf763622

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://lamosta.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Wed, 22 Nov 2023 14:58:33 GMT
x-content-type-options: nosniff
server: fife
etag: "v26d"
vary: Origin
content-type: image/gif
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="300x100.gif"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 265813
x-xss-protection: 0
expires: Thu, 23 Nov 2023 14:58:33 GMT

GET
H2 200 %EC%84%B1%EC%9D%B8.jpg
blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEiYriGnsSj9mWHGK97oshj_Qv-Y75zVn1e6hMVBoRyIAlmRUhfKX7lgUW5ggIu3KQ9lPMVPnnqGdYMU3kRpqERfxu4QS8QpkYOp1CyoHjngTcbrlweRi4HpLvT_JR8UBKeZGKw6yCwWw7evT3Ao... Frame 0B23 17 KB
17 KB 595ms
501ms Image
image/jpeg 2607:f8b0:4004:c09::84
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEiYriGnsSj9mWHGK97oshj_Qv-Y75zVn1e6hMVBoRyIAlmRUhfKX7lgUW5ggIu3KQ9lPMVPnnqGdYMU3kRpqERfxu4QS8QpkYOp1CyoHjngTcbrlweRi4HpLvT_JR8UBKeZGKw6yCwWw7evT3Aod1eC4Cuaq2WWTTMPLisx502E9gqvRLHD2U2Woa0kF5I/s320/%EC%84%B1%EC%9D%B8.jpg

Requested by

Host: lamosta.com
URL: https://lamosta.com/banner1.php?site=haruyadong

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c09::84 Ashburn, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

be25727312aacf5afac204a449cc3ceee5fcc34704f79e8705e54271e80ac81b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://lamosta.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Wed, 22 Nov 2023 14:58:33 GMT
x-content-type-options: nosniff
server: fife
etag: "v302"
vary: Origin
content-type: image/jpeg
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="__.jpg";filename*=UTF-8''%EC%84%B1%EC%9D%B8.jpg
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 17355
x-xss-protection: 0
expires: Thu, 23 Nov 2023 14:58:33 GMT

GET
H2 200 1230%20300%20100.gif
blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEgHySUydSppGSoo0gUS1DLXpiISTT3RmXwKSsprVDDe6a32_pTgYwLRX0gimw9sSZYCpGNrkkGPrRnIRSi1YkJLGAHEzbwm0qhfvHzTb-NovOAKKBY8v6D52dci4CNOsO1F4_z5eyw1EMk_OX1R... Frame 0B23 301 KB
302 KB 559ms
465ms Image
image/gif 2607:f8b0:4004:c09::84
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEgHySUydSppGSoo0gUS1DLXpiISTT3RmXwKSsprVDDe6a32_pTgYwLRX0gimw9sSZYCpGNrkkGPrRnIRSi1YkJLGAHEzbwm0qhfvHzTb-NovOAKKBY8v6D52dci4CNOsO1F4_z5eyw1EMk_OX1RnBONK9uDKwlGln0oJY-RaCLOrh9DZt3KljN38CWjGk4/s320/1230%20300%20100.gif

Requested by

Host: lamosta.com
URL: https://lamosta.com/banner1.php?site=haruyadong

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c09::84 Ashburn, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

1155765092453feba4ad64a2bf06cb65ea11a5614312d915b183d25331b83914

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://lamosta.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Wed, 22 Nov 2023 14:58:33 GMT
x-content-type-options: nosniff
server: fife
etag: "v2f4"
vary: Origin
content-type: image/gif
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="1230 300 100.gif"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 308472
x-xss-protection: 0
expires: Thu, 23 Nov 2023 14:58:33 GMT

GET
H2 200 powerslot.gif
blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEgfawHo_476Mrpv3UINqiYFVk-xrmKeNxqWT4MlJDPd2u0lr0Hb76cZM_3sgDvM24nBsCGChbYzwGRM7bwIA-IsvOKAVKKNBNhdVDffilSzfylfR39KIDhcw5y_VBwA8c1ZhKYtUfThpaDGbFYd... Frame 0B23 324 KB
324 KB 672ms
578ms Image
image/gif 2607:f8b0:4004:c09::84
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEgfawHo_476Mrpv3UINqiYFVk-xrmKeNxqWT4MlJDPd2u0lr0Hb76cZM_3sgDvM24nBsCGChbYzwGRM7bwIA-IsvOKAVKKNBNhdVDffilSzfylfR39KIDhcw5y_VBwA8c1ZhKYtUfThpaDGbFYd6-ZP67Zos1cHs3bEeUKwqcjXaG6WpL_2a_5LQsfA/s320/powerslot.gif

Requested by

Host: lamosta.com
URL: https://lamosta.com/banner1.php?site=haruyadong

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c09::84 Ashburn, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

84e26b45724a987d0a20ad03724e1362c201537df60affbea16d9cfde26801cb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://lamosta.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Wed, 22 Nov 2023 14:58:33 GMT
x-content-type-options: nosniff
server: fife
etag: "v293"
vary: Origin
content-type: image/gif
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="powerslot.gif"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 331931
x-xss-protection: 0
expires: Thu, 23 Nov 2023 14:58:33 GMT

GET
H2 200 35b71b4338dcde818df7e26ae46b94bc.gif
blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEh0o6DhkURvPHBdy0pxPbpUy10fAwu4FrRGhzSnIjqHqtrtWkYmYypWeT0GAgECv4l46WX66U4zDbttAFiHVaXFI5NxrPNs5v1R6-fa2luu_QfzqFUM14QTNsdpjw_lI9RmNqiPxt_CXD_8DGEh... Frame 0B23 369 KB
370 KB 291ms
210ms Image
image/gif 2607:f8b0:4004:c09::84
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEh0o6DhkURvPHBdy0pxPbpUy10fAwu4FrRGhzSnIjqHqtrtWkYmYypWeT0GAgECv4l46WX66U4zDbttAFiHVaXFI5NxrPNs5v1R6-fa2luu_QfzqFUM14QTNsdpjw_lI9RmNqiPxt_CXD_8DGEhG54a4nQap7xtFZp07n3jSrBKsX0JPHnIYh7JTowW/s320/35b71b4338dcde818df7e26ae46b94bc.gif

Requested by

Host: lamosta.com
URL: https://lamosta.com/banner1.php?site=haruyadong

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c09::84 Ashburn, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

8a1b584da96c880bab24c262675518a0561fbedbf0f82a47da70b5011e0d9bc8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://lamosta.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Wed, 22 Nov 2023 14:58:33 GMT
x-content-type-options: nosniff
server: fife
etag: "v30"
vary: Origin
content-type: image/gif
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="35b71b4338dcde818df7e26ae46b94bc.gif"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 378329
x-xss-protection: 0
expires: Thu, 23 Nov 2023 14:58:33 GMT

GET
H2 200 4391fa3a303ded038cbd0a8758e7e3b4.gif
blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEjG8vzT3ctFOoZuAhMtLZ9q6nxotHa1RpbHLdEBFI63leBfNXwKLl2YrJiSnTtpMH4JTgEuAuRy3UrMaFOCAe3LUPetvUnGxvtitj62mmLpQaNAmjuIXU_AjX4LutDEB27usDfnXHM--7ceqvsC... Frame 0B23 135 KB
135 KB 607ms
526ms Image
image/gif 2607:f8b0:4004:c09::84
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEjG8vzT3ctFOoZuAhMtLZ9q6nxotHa1RpbHLdEBFI63leBfNXwKLl2YrJiSnTtpMH4JTgEuAuRy3UrMaFOCAe3LUPetvUnGxvtitj62mmLpQaNAmjuIXU_AjX4LutDEB27usDfnXHM--7ceqvsCriCUPL97yWXm_QEqdvT65j3PFSkxnYwjLOXsY47F/s320/4391fa3a303ded038cbd0a8758e7e3b4.gif

Requested by

Host: lamosta.com
URL: https://lamosta.com/banner1.php?site=haruyadong

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c09::84 Ashburn, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

93420135323b71e1fab7a208ae18008c7a2d41db2bcfb48fd5af48e8e49d49e5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://lamosta.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Wed, 22 Nov 2023 14:58:33 GMT
x-content-type-options: nosniff
server: fife
etag: "v5d"
vary: Origin
content-type: image/gif
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="4391fa3a303ded038cbd0a8758e7e3b4.gif"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 138158
x-xss-protection: 0
expires: Thu, 23 Nov 2023 14:58:33 GMT

GET
H2 200 300_100%20%EC%BD%94%EB%93%9C%208888.gif
blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEjxjamoeFXlIzZkN5JCmgFofC_5g35S994zSpu4w-ozBjOIwiWr0FX3JB5E0qjBSksp9hhGCfL4uXR3xoYgZn5P4bJ4tC-eOEVL2R3wMdqoPldvi9UYoHhQPlpOGgme-X_rgjvIY9eeFSSq9fnB... Frame 0B23 504 KB
504 KB 517ms
435ms Image
image/gif 2607:f8b0:4004:c09::84
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEjxjamoeFXlIzZkN5JCmgFofC_5g35S994zSpu4w-ozBjOIwiWr0FX3JB5E0qjBSksp9hhGCfL4uXR3xoYgZn5P4bJ4tC-eOEVL2R3wMdqoPldvi9UYoHhQPlpOGgme-X_rgjvIY9eeFSSq9fnBaLpBhWCom9G05YfiOkxI5r2-WFyvkLyGwoQckrHe3_s/s320/300_100%20%EC%BD%94%EB%93%9C%208888.gif

Requested by

Host: lamosta.com
URL: https://lamosta.com/banner1.php?site=haruyadong

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c09::84 Ashburn, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

4942ae5a42e277024bbff166b9cdfaa46ea53a6444c479751c945290b33fd40b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://lamosta.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Wed, 22 Nov 2023 14:58:33 GMT
x-content-type-options: nosniff
server: fife
etag: "v2ef"
vary: Origin
content-type: image/gif
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="300_100 __ 8888.gif";filename*=UTF-8''300_100%20%EC%BD%94%EB%93%9C%208888.gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 516147
x-xss-protection: 0
expires: Thu, 23 Nov 2023 14:58:33 GMT

GET
H2 200 300X100-5677.gif
blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEjsh_XVH7B_wTjypCw6R6yRbzjNdi3MDawWZpYoACG7-PFPiU4pANWwsvI1gAks-P3HW4wR2n-WJbg8PPQHi_4GELJjbGkgXkSr7UJyFAkBVbjY_xf7KBW3RaFuXTigZxZcCNH_J65oTWOhb9Ot... Frame 0B23 271 KB
272 KB 583ms
502ms Image
image/gif 2607:f8b0:4004:c09::84
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEjsh_XVH7B_wTjypCw6R6yRbzjNdi3MDawWZpYoACG7-PFPiU4pANWwsvI1gAks-P3HW4wR2n-WJbg8PPQHi_4GELJjbGkgXkSr7UJyFAkBVbjY_xf7KBW3RaFuXTigZxZcCNH_J65oTWOhb9OtKMoSBW8uDUkiDSgVUkzlmf5_t-v5wp5ZsGrbKCtN/s320/300X100-5677.gif

Requested by

Host: lamosta.com
URL: https://lamosta.com/banner1.php?site=haruyadong

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c09::84 Ashburn, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

9ab1cfdfcb9bcb9c7cb6c67ecda9dcfc4557722c901f7332d73997d0bf38811e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://lamosta.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Wed, 22 Nov 2023 14:58:33 GMT
x-content-type-options: nosniff
server: fife
etag: "v137"
vary: Origin
content-type: image/gif
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="300X100-5677.gif"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 277946
x-xss-protection: 0
expires: Thu, 23 Nov 2023 14:58:33 GMT

GET
H2 200 300x100-3382-124.gif
blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEjcA_AbyL2L7AV96xXL_oURVv2i5ZQaxPN7IHFtreQoz_DVqZ-zjbBnIaQ1RP_YNnBe3nctciiRr3gTC7mfufUut0T3htQCmS2Z6D17IffhGS7XcOy_WkquiQNU8FNef0E_BTslIxnuEzn0kXCI... Frame 0B23 31 KB
32 KB 546ms
463ms Image
image/gif 2607:f8b0:4004:c09::84
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEjcA_AbyL2L7AV96xXL_oURVv2i5ZQaxPN7IHFtreQoz_DVqZ-zjbBnIaQ1RP_YNnBe3nctciiRr3gTC7mfufUut0T3htQCmS2Z6D17IffhGS7XcOy_WkquiQNU8FNef0E_BTslIxnuEzn0kXCIoaPKbKyXk4YrXtyf6zODOfD_ORnGwstC-53EfU2f/s320/300x100-3382-124.gif

Requested by

Host: lamosta.com
URL: https://lamosta.com/banner1.php?site=haruyadong

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c09::84 Ashburn, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

f7cccc2fa3a8bbdfa914533543ca4f8d87ce2ef32f72609c40e7badc56a3d12a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://lamosta.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Wed, 22 Nov 2023 14:58:33 GMT
x-content-type-options: nosniff
server: fife
etag: "v219"
vary: Origin
content-type: image/gif
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="300x100-3382-124.gif"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 32252
x-xss-protection: 0
expires: Thu, 23 Nov 2023 14:58:33 GMT

GET
H2 200 300x100-%EC%BD%94%EB%93%9C-TVU.gif
blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEjgatW-ksZ2nk6cr2nEbvUE2_okm9CnPbvGglJCoU7kmdvK4M22TfJnp2XJymqF1dIcoOBnCxZe5YYGJYpNLPKv8bgGy20gWM5mLAk3_EniVY5amDThnA9DLQoyA9DDdZhdqTMWdcTHuWn8KJ3D... Frame 0B23 213 KB
214 KB 659ms
578ms Image
image/gif 2607:f8b0:4004:c09::84
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEjgatW-ksZ2nk6cr2nEbvUE2_okm9CnPbvGglJCoU7kmdvK4M22TfJnp2XJymqF1dIcoOBnCxZe5YYGJYpNLPKv8bgGy20gWM5mLAk3_EniVY5amDThnA9DLQoyA9DDdZhdqTMWdcTHuWn8KJ3D3VPnhTG6csNYIt-EETpHZ6ft-eM6y4ZCu3_cLwr6ftU/s320/300x100-%EC%BD%94%EB%93%9C-TVU.gif

Requested by

Host: lamosta.com
URL: https://lamosta.com/banner1.php?site=haruyadong

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c09::84 Ashburn, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

ff4e92561c7b35e571a58abe964d8692ece9dc22cbd2a763beb9744983567eee

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://lamosta.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Wed, 22 Nov 2023 14:58:33 GMT
x-content-type-options: nosniff
server: fife
etag: "v2fd"
vary: Origin
content-type: image/gif
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="300x100-__-TVU.gif";filename*=UTF-8''300x100-%EC%BD%94%EB%93%9C-TVU.gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 218371
x-xss-protection: 0
expires: Thu, 23 Nov 2023 14:58:33 GMT

GET
H2 200 a8c9306c96024521c2e9fc30fa13f366.gif
blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEjikrfE9a5bDuxZPOahpHVLea3jpMc-yNGrz0GpyhbD7xMGTDhaZN5yin94ThQ6i1zxflLkpXDrsrbQiRZuR39_lwAJXNh5_UUxeRjeF5sfl9Jq_snhHk6ZXsNUBuU2QxBEZYJFilO2AROwwung... Frame 0B23 123 KB
123 KB 555ms
474ms Image
image/gif 2607:f8b0:4004:c09::84
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEjikrfE9a5bDuxZPOahpHVLea3jpMc-yNGrz0GpyhbD7xMGTDhaZN5yin94ThQ6i1zxflLkpXDrsrbQiRZuR39_lwAJXNh5_UUxeRjeF5sfl9Jq_snhHk6ZXsNUBuU2QxBEZYJFilO2AROwwung0ft8RAVjtzxkxCY7wEW5cWPwmxbUmHcUaWnZcIEG/s320/a8c9306c96024521c2e9fc30fa13f366.gif

Requested by

Host: lamosta.com
URL: https://lamosta.com/banner1.php?site=haruyadong

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c09::84 Ashburn, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

3cc98b5c92e83f0eb1000872f79fc6044d517e90530f4ee1e95874ea69a97d31

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://lamosta.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Wed, 22 Nov 2023 14:58:33 GMT
x-content-type-options: nosniff
server: fife
etag: "v37"
vary: Origin
content-type: image/gif
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="a8c9306c96024521c2e9fc30fa13f366.gif"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 125654
x-xss-protection: 0
expires: Thu, 23 Nov 2023 14:58:33 GMT

GET
H2 200 300x100-5858.gif
blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEi6L6iPf7ZA098doKTA7qkf8Z_NSDXYd9Jwk-nUmPnxZCv58tQyRyYr1d98olcoBaGxhPuj5a8IZHLSbkUX5zeP-9Ry4AdIS0lxxGEd3T1pEshg7T_jAiEPRzo5kyFOc44M3mqnIUogDrHkkLtB... Frame 0B23 512 KB
513 KB 564ms
482ms Image
image/gif 2607:f8b0:4004:c09::84
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEi6L6iPf7ZA098doKTA7qkf8Z_NSDXYd9Jwk-nUmPnxZCv58tQyRyYr1d98olcoBaGxhPuj5a8IZHLSbkUX5zeP-9Ry4AdIS0lxxGEd3T1pEshg7T_jAiEPRzo5kyFOc44M3mqnIUogDrHkkLtBHdbGOb5Q8U996rgs4guISUa_JhGegSJvbrikc5-8/s320/300x100-5858.gif

Requested by

Host: lamosta.com
URL: https://lamosta.com/banner1.php?site=haruyadong

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c09::84 Ashburn, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

5f459486bb11ff7f772676fa6e53244888f2243b0b8b31b23eb5253db605a77e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://lamosta.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Wed, 22 Nov 2023 14:58:33 GMT
x-content-type-options: nosniff
server: fife
etag: "vaf"
vary: Origin
content-type: image/gif
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="300x100-5858.gif"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 524618
x-xss-protection: 0
expires: Thu, 23 Nov 2023 14:58:33 GMT

GET
H2 200 300x100-5882.gif
blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEj7KcT08sioa_JWuBbJsLhiBV2LgVI9stuFNh_PGSSSoibXNLgcjxx4Z-fZKtI5u2rO6NwZXKGn04OkbnX2F5juuQ5_5723djTJC2riuYeAgrRfU_moEA4rMINlm8ccaJsqyi-F_TcKMUubCUoz... Frame 0B23 234 KB
234 KB 664ms
583ms Image
image/gif 2607:f8b0:4004:c09::84
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEj7KcT08sioa_JWuBbJsLhiBV2LgVI9stuFNh_PGSSSoibXNLgcjxx4Z-fZKtI5u2rO6NwZXKGn04OkbnX2F5juuQ5_5723djTJC2riuYeAgrRfU_moEA4rMINlm8ccaJsqyi-F_TcKMUubCUoz39nz7SJiGdYgPtnp6g8c_jzhKY-YcBqMzfFoE3M1/s320/300x100-5882.gif

Requested by

Host: lamosta.com
URL: https://lamosta.com/banner1.php?site=haruyadong

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c09::84 Ashburn, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

dff8e5618e6d72c53a64c660af480ea7dab14ab27491487cd34f6a12e80bca89

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://lamosta.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Wed, 22 Nov 2023 14:58:33 GMT
x-content-type-options: nosniff
server: fife
etag: "v115"
vary: Origin
content-type: image/gif
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="300x100-5882.gif"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 239570
x-xss-protection: 0
expires: Thu, 23 Nov 2023 14:58:33 GMT

GET
H2 200 300x100.gif
blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEgpQBOtFJMdBzBeO6svUJBjTFjjH-irk9bb_nvDSyPVVXjnvSeYv_Dn_mcdBVXippcJIj6d59MybbXmnc8cs0BUh9oujYEO6_XTZqCsVhiS5v1pD4vXI0R0v8fUk0A9IFwS8Utf7PgYftPdWlTY... Frame 0B23 249 KB
249 KB 500ms
418ms Image
image/gif 2607:f8b0:4004:c09::84
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEgpQBOtFJMdBzBeO6svUJBjTFjjH-irk9bb_nvDSyPVVXjnvSeYv_Dn_mcdBVXippcJIj6d59MybbXmnc8cs0BUh9oujYEO6_XTZqCsVhiS5v1pD4vXI0R0v8fUk0A9IFwS8Utf7PgYftPdWlTYHs27wwyZEkBECeQMV0vjetjMQRo_-a8Vu-njSdixPTU/s320/300x100.gif

Requested by

Host: lamosta.com
URL: https://lamosta.com/banner1.php?site=haruyadong

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c09::84 Ashburn, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

08cff6617d381a5be6fa4ebe95a27dfd1e4c832af0b6e66553fab24033aee06d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://lamosta.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Wed, 22 Nov 2023 14:58:33 GMT
x-content-type-options: nosniff
server: fife
etag: "v2b4"
vary: Origin
content-type: image/gif
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="300x100.gif"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 255134
x-xss-protection: 0
expires: Thu, 23 Nov 2023 14:58:33 GMT

GET
H2 200 300-100.gif
blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEjnFcrKDX7OoBjvTQ-J4LqAyz5Fo77U3EEJJsB2lp-q5eb8feStCFrk5xvd14zmAi3CbkYrE4lGg8Csuasdz2IheXuztkLs4JHYRuLGs6pLtNgk-P-izpwCKzUGjgZACFx1CZR_r9cNGdBrcvV6... Frame 0B23 46 KB
46 KB 510ms
428ms Image
image/gif 2607:f8b0:4004:c09::84
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEjnFcrKDX7OoBjvTQ-J4LqAyz5Fo77U3EEJJsB2lp-q5eb8feStCFrk5xvd14zmAi3CbkYrE4lGg8Csuasdz2IheXuztkLs4JHYRuLGs6pLtNgk-P-izpwCKzUGjgZACFx1CZR_r9cNGdBrcvV6L1j0zv_LVSZPvcpRDp7g-sJGlol-rvadR4yMNNB6xKg/s320/300-100.gif

Requested by

Host: lamosta.com
URL: https://lamosta.com/banner1.php?site=haruyadong

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c09::84 Ashburn, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

fc597e0c19ae557bacda9d94c2daffb4fd66fdc96b63162698a6acbbba697434

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://lamosta.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Wed, 22 Nov 2023 14:58:33 GMT
x-content-type-options: nosniff
server: fife
etag: "v306"
vary: Origin
content-type: image/gif
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="300-100.gif"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 46692
x-xss-protection: 0
expires: Thu, 23 Nov 2023 14:58:33 GMT

GET
H2 200 abde941e002338b825a205db714427e5.png
blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEiKrPLcVXI16cwN3Nyms17pN0uwoKMwvwBK6SYpeKMfvT1Se18YL5QVc99x_xyUhynfCYHZSeOePg6w93w3RiDZ_MLO9mSXD767ufswH0iYaki9LlhQAs7ktMHxRT6H4JfaMLzui0w_j9bxy02d... Frame 0B23 10 KB
10 KB 489ms
406ms Image
image/png 2607:f8b0:4004:c09::84
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEiKrPLcVXI16cwN3Nyms17pN0uwoKMwvwBK6SYpeKMfvT1Se18YL5QVc99x_xyUhynfCYHZSeOePg6w93w3RiDZ_MLO9mSXD767ufswH0iYaki9LlhQAs7ktMHxRT6H4JfaMLzui0w_j9bxy02d4xabrtXWknnFWGu781snz6sqLgFMd6Ez8ddWRmsP/w945-h600-p-k-no-nu/abde941e002338b825a205db714427e5.png

Requested by

Host: lamosta.com
URL: https://lamosta.com/banner1.php?site=haruyadong

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c09::84 Ashburn, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

c68ecb68aff954decdb697db5b615bb7ccf4e2c4d1840fa0276640d8dd63ce19

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://lamosta.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Wed, 22 Nov 2023 14:58:33 GMT
x-content-type-options: nosniff
server: fife
etag: "v28"
vary: Origin
content-type: image/png
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="abde941e002338b825a205db714427e5.png"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 10169
x-xss-protection: 0
expires: Thu, 23 Nov 2023 14:58:33 GMT

GET
H2 200 lt.min.js Show response
tags.crwdcntrl.net/lt/c/3825/ 58 KB
18 KB 187ms
66ms Script
text/javascript 13.224.214.114
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.crwdcntrl.net/lt/c/3825/lt.min.js
Requested by: Host: t.dtscout.com
URL: https://t.dtscout.com/i/?l=https%3A%2F%2Fh13.haruyd.vip%2F&j=
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.214.114 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-214-114.phl50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 398949c9055a4ab08ff4bd5edf007a19b6bec6973ef581837a212b202f760414

Request headers

accept-language: en-US,en;q=0.9
Referer: https://h13.haruyd.vip/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Wed, 22 Nov 2023 07:39:02 GMT
content-encoding: gzip
via: 1.1 64aebd154b6045af00c94ad9d2ff49f2.cloudfront.net (CloudFront)
last-modified: Wed, 06 Sep 2023 14:23:53 GMT
server: AmazonS3
x-amz-cf-pop: PHL50-C1
age: 27377
x-amz-server-side-encryption: AES256
etag: W/"eb52f900499b46d1088df97dad487c73"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/javascript
cache-control: public, max-age=86400
x-amz-cf-id: -9HC7WWURL0ty0ajZLdT6asOHIC0dsxqv2pNeSG3vGsNBwcS3A2eDQ==

GET
H2 200 / Show response
t.dtscdn.com/widget/ 0
602 B 147ms
80ms Script
application/javascript 2606:4700:20::681a:c3c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://t.dtscdn.com/widget/?d=4C301700665113A625D00D58923DD680&nid=0&p=836148727&t=600&s=1600x1200x24&u=https%3A%2F%2Fh13.haruyd.vip%2F&r=
Requested by: Host: t.dtscout.com
URL: https://t.dtscout.com/i/?l=https%3A%2F%2Fh13.haruyd.vip%2F&j=
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:c3c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://h13.haruyd.vip/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Wed, 22 Nov 2023 14:58:33 GMT
x-t: 1.53
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=fFXDcUXO%2FZ1klTM%2F750b2iImAE63whtfvp1FIiyoZsLN2NgOgDaIIS7YEK0Z9InufdWspeBQcxLScUX0qzlIucnvaes%2BI%2BBiSb%2Blzti9mq%2BzwpBFXWRaE2tDNC0U9rECXm9YkM%2FYUK2vUQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=UTF-8
cache-control: no-cache
x-server: web4.ny1.dtscdn.com
cf-ray: 82a207febfdadb01-MIA
expires: Wed, 22 Nov 2023 15:02:13 GMT

GET
H2

200

33141
tags.bluekai.com/site/
Redirect Chain

https://pixel.onaudience.com/?partner=137085098&mapped=4C301700665113A625D00D58923DD680
https://pixel.onaudience.com/?partner=109&icm&cver&gdpr=0&smartmap=1&redirect=tags.bluekai.com%2Fsite%2F33141%3F%26id%3D%25m
https://tags.bluekai.com/site/33141?&id=555144ee63f95089

62 B
429 B

157ms
129ms

Image
image/gif

23.219.8.236
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tags.bluekai.com/site/33141?&id=555144ee63f95089
Requested by: Host: h13.haruyd.vip
URL: https://h13.haruyd.vip/
Protocol: H2
Server: 23.219.8.236 Ashburn, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-219-8-236.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 0af3aae90b7de9fdceee2ab421378ea2f54c74be81ef43fc6c1790a032755d80

Request headers

accept-language: en-US,en;q=0.9
Referer: https://h13.haruyd.vip/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV", policyref="http://tags.bluekai.com/w3c/p3p.xml"
date: Wed, 22 Nov 2023 14:58:34 GMT
content-length: 62
content-type: image/gif

Redirect headers

location: https://tags.bluekai.com/site/33141?&id=555144ee63f95089
content-length: 0

GET
H2 200 / Show response
onetag-geo.s-onetag.com/ 555 B
961 B 223ms
86ms Fetch
application/json 18.238.4.90
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://onetag-geo.s-onetag.com/
Requested by: Host: get.s-onetag.com
URL: https://get.s-onetag.com/f0c84061-4182-4398-8e37-5ff5b5698a6f/tag.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.238.4.90 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-238-4-90.phl51.r.cloudfront.net
Software: /
Resource Hash: ff990708f1742064fb848a81f53edab5672739625bb6b0ebe08ceadd7f913c7d

Request headers

accept-language: en-US,en;q=0.9
Referer: https://h13.haruyd.vip/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Wed, 22 Nov 2023 14:58:33 GMT
via: 1.1 eb8674b99d3dfcc6867fb20af353442a.cloudfront.net (CloudFront), 1.1 f300b5f0c0ff51593fb31953294424c0.cloudfront.net (CloudFront)
x-amz-cf-pop: IAD12-P4, PHL51-P1
x-amzn-requestid: e0abc300-b78e-4501-a752-810275e7e4c2
x-cache: Miss from cloudfront
content-type: application/json
access-control-allow-origin: *
cache-control: max-age=86400
x-amz-apigw-id: OziMCH-tiYcEEiw=
content-length: 555
x-amz-cf-id: Fc8a709aYLIdwFps-urAzFhfaJN8_rw64E7aYuRiM33CtvH3Fv8dTQ==

GET
H/1.1 200
OK t.dhj Show response
t.sharethis.com/1/d/ 2 KB
2 KB 216ms
55ms Script
application/javascript 23.205.106.83
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://t.sharethis.com/1/d/t.dhj?cid=c010&cls=C&rnd=0.16478517576601326&stid=ZGcABmVeFxkAAAAIIdEwAw%3D%3D

Requested by

Host: pd.sharethis.com
URL: https://pd.sharethis.com/pd/dtscout

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

23.205.106.83 Ashburn, United States, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a23-205-106-83.deploy.static.akamaitechnologies.com

Software

Resource Hash

cd2835bec13ba8e1426bbf51d0f23c56cd1b1ed9ebf4345895c4698a038a320c

Security Headers

Name	Value
Strict-Transport-Security	max-age=2628000 ; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer: https://h13.haruyd.vip/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Date: Wed, 22 Nov 2023 14:58:33 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Strict-Transport-Security: max-age=2628000 ; includeSubDomains
Content-Type: application/javascript
Cache-Control: private, max-age=3600
Connection: keep-alive
X-Robots-Tag: noindex, nofollow
Content-Length: 1364
Expires: Wed, 22 Nov 2023 15:58:33 GMT

GET
H/1.1 200
OK dtscout
pd.sharethis.com/pd/ 42 B
265 B 61ms
61ms Image
image/gif 3.141.240.42
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pd.sharethis.com/pd/dtscout?_t_=px&url=https%3A%2F%2Fh13.haruyd.vip%2F&event_source=dtscout&rnd=0.16478517576601326&exptid=ZGcABmVeFxkAAAAIIdEwAw%3D%3D&fcmp=false

Requested by

Host: h13.haruyd.vip
URL: https://h13.haruyd.vip/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

3.141.240.42 Columbus, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-3-141-240-42.us-east-2.compute.amazonaws.com

Software

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains;

Request headers

accept-language: en-US,en;q=0.9
Referer: https://h13.haruyd.vip/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Date: Wed, 22 Nov 2023 14:58:33 GMT
Strict-Transport-Security: max-age=63072000; includeSubDomains;
Connection: keep-alive
X-Robots-Tag: noindex, nofollow
Content-Length: 42
Content-Type: image/gif

GET
H/1.1 200
OK t_.htm Show response
t.sharethis.com/a/ Frame 676E 2 KB
1 KB 51ms
51ms Document
text/html 23.205.106.83
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://t.sharethis.com/a/t_.htm?ver=1.1258.23363&cid=c010&cls=C

Requested by

Host: t.sharethis.com
URL: https://t.sharethis.com/1/d/t.dhj?cid=c010&cls=C&rnd=0.16478517576601326&stid=ZGcABmVeFxkAAAAIIdEwAw%3D%3D

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

23.205.106.83 Ashburn, United States, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a23-205-106-83.deploy.static.akamaitechnologies.com

Software

Resource Hash

ec73870a124df2d105249652c84da8f949bf73bcd5ca8ad6deca84b4fbd2e9d0

Security Headers

Name	Value
Strict-Transport-Security	max-age=2628000 ; includeSubDomains

Request headers

Referer: https://h13.haruyd.vip/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

Cache-Control: max-age=604800
Connection: keep-alive
Content-Encoding: gzip
Content-Length: 1160
Content-Type: text/html
Date: Wed, 22 Nov 2023 14:58:33 GMT
Expires: Wed, 29 Nov 2023 14:58:33 GMT
Strict-Transport-Security: max-age=2628000 ; includeSubDomains
X-Robots-Tag: noindex, nofollow

GET
H/1.1 200
OK t_.js Show response
t.sharethis.com/1.1258.23363/a/US/ Frame C832 19 KB
9 KB 55ms
55ms Script
text/javascript 23.205.106.83
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://t.sharethis.com/1.1258.23363/a/US/t_.js?cid=c010&cls=C

Requested by

Host: t.sharethis.com
URL: https://t.sharethis.com/a/t_.htm?ver=1.1258.23363&cid=c010&cls=C

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

23.205.106.83 Ashburn, United States, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a23-205-106-83.deploy.static.akamaitechnologies.com

Software

Resource Hash

8ff9e191df831efb966ff2d3cee87f2a51f1256c9bf0eeb0ef8b52262532f36d

Security Headers

Name	Value
Strict-Transport-Security	max-age=2628000 ; includeSubDomains

Request headers

accept-language: en-US,en;q=0.9
Referer: https://t.sharethis.com/a/t_.htm?ver=1.1258.23363&cid=c010&cls=C
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Date: Wed, 22 Nov 2023 14:58:33 GMT
Content-Encoding: gzip
Strict-Transport-Security: max-age=2628000 ; includeSubDomains
Content-Type: text/javascript
Cache-Control: max-age=604800
Connection: keep-alive
X-Robots-Tag: noindex, nofollow
Content-Length: 8732
Expires: Wed, 29 Nov 2023 14:58:33 GMT

GET
H/1.1 200
OK test_oracle Show response
pd.sharethis.com/pd/ Frame 7A69 438 B
675 B 61ms
61ms Script
application/javascript 3.141.240.42
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://pd.sharethis.com/pd/test_oracle

Requested by

Host: t.sharethis.com
URL: https://t.sharethis.com/a/t_.htm?ver=1.1258.23363&cid=c010&cls=C

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

3.141.240.42 Columbus, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-3-141-240-42.us-east-2.compute.amazonaws.com

Software

Resource Hash

e5ef21431d51cba40b5b5ba854c5751bcf99fe8aee9e7cb83acd7d238a5b3142

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains;

Request headers

accept-language: en-US,en;q=0.9
Referer: https://t.sharethis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Date: Wed, 22 Nov 2023 14:58:33 GMT
Strict-Transport-Security: max-age=63072000; includeSubDomains;
Connection: keep-alive
X-Robots-Tag: noindex, nofollow
Content-Length: 438
Content-Type: application/javascript

GET
H/1.1

200
OK

ttd
sync.sharethis.com/ Frame C832
Redirect Chain

https://match.adsrvr.org/track/cmf/generic?ttd_pid=1h1y1a7&ttd_tpi=1&gdpr=0&gdpr_consent=
https://match.adsrvr.org/track/cmb/generic?ttd_pid=1h1y1a7&ttd_tpi=1&gdpr=0&gdpr_consent=
https://sync.sharethis.com/ttd?uid=be680996-9c49-4418-ba1e-c046aefb5e5d&gdpr=0&gdpr_consent=

42 B
297 B

249ms
61ms

Image
image/gif

3.130.50.49
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://sync.sharethis.com/ttd?uid=be680996-9c49-4418-ba1e-c046aefb5e5d&gdpr=0&gdpr_consent=

Requested by

Host: h13.haruyd.vip
URL: https://h13.haruyd.vip/

Protocol

HTTP/1.1

Server

3.130.50.49 Columbus, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-3-130-50-49.us-east-2.compute.amazonaws.com

Software

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains;

Request headers

accept-language: en-US,en;q=0.9
Referer: https://t.sharethis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Date: Wed, 22 Nov 2023 14:58:34 GMT
Strict-Transport-Security: max-age=63072000; includeSubDomains;
Connection: keep-alive
Stid: ZGcABmVeFxkAAAAIIdEwAw==
X-Robots-Tag: noindex, nofollow
Content-Length: 42
Content-Type: image/gif

Redirect headers

location: https://sync.sharethis.com/ttd?uid=be680996-9c49-4418-ba1e-c046aefb5e5d&gdpr=0&gdpr_consent=
date: Wed, 22 Nov 2023 14:58:33 GMT
server: Kestrel
content-length: 215

GET
H2

200

db_sync
px.ads.linkedin.com/ Frame C832
Redirect Chain

https://idsync.rlcdn.com/386076.gif?partner_uid=ZGcABmVeFxkAAAAIIdEwAw%3D%3D&gdpr=0&gdpr_consent=
https://idsync.rlcdn.com/1000.gif?memo=CJzIFxIjCh8IARCAVxoYWkdjQUJtVmVGeGtBQUFBSUlkRXdBdz09EAAaDQiZrviqBhIFCOgHEABCAEoA
https://pippio.com/api/sync?pid=5324&it=1&iv=51a79032b8ac5b84ffb92d7cb1e0cabdee2fca07d8566d72d0d7d8632c019ac9791426b5417dce21&_=2
https://px.ads.linkedin.com/db_sync?pid=10339&puuid=51a79032b8ac5b84ffb92d7cb1e0cabdee2fca07d8566d72d0d7d8632c019ac9791426b5417dce21&rand=01456247
https://px.ads.linkedin.com/db_sync?pid=10339&puuid=51a79032b8ac5b84ffb92d7cb1e0cabdee2fca07d8566d72d0d7d8632c019ac9791426b5417dce21&rand=01456247&expected_cookie=de825d8e-3a84-48ce-9399-55912553f94a

0
142 B

73ms
73ms

Image
text/plain

2620:1ec:21::14
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.ads.linkedin.com/db_sync?pid=10339&puuid=51a79032b8ac5b84ffb92d7cb1e0cabdee2fca07d8566d72d0d7d8632c019ac9791426b5417dce21&rand=01456247&expected_cookie=de825d8e-3a84-48ce-9399-55912553f94a
Protocol: H2
Server: 2620:1ec:21::14 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://t.sharethis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Wed, 22 Nov 2023 14:58:33 GMT
x-li-pop: afd-prod-lva1-x
x-msedge-ref: Ref A: 64FCD06316BC4059AFDCE585FA559802 Ref B: MIAEDGE1521 Ref C: 2023-11-22T14:58:34Z
linkedin-action: 1
x-cache: CONFIG_NOCACHE
x-li-fabric: prod-lva1
x-li-proto: http/2
content-length: 0
x-li-uuid: AAYKvvQFpw/PzMbowRrKYw==

Redirect headers

date: Wed, 22 Nov 2023 14:58:33 GMT
x-li-pop: afd-prod-lva1-x
x-msedge-ref: Ref A: D406F4E8712D47F3B8903F1BFB0B32B9 Ref B: MIAEDGE1521 Ref C: 2023-11-22T14:58:34Z
linkedin-action: 1
x-cache: CONFIG_NOCACHE
x-li-fabric: prod-lva1
location: /db_sync?pid=10339&puuid=51a79032b8ac5b84ffb92d7cb1e0cabdee2fca07d8566d72d0d7d8632c019ac9791426b5417dce21&rand=01456247&expected_cookie=de825d8e-3a84-48ce-9399-55912553f94a
x-li-proto: http/2
content-length: 0
x-li-uuid: AAYKvvQD2cFm+WV2ht9BEg==

GET
H/1.1

200
OK

eyeota
sync.sharethis.com/ Frame C832
Redirect Chain

https://ps.eyeota.net/pixel?pid=1mpb5m0&t=gif&gdpr=0&gdpr_consent=
https://ps.eyeota.net/pixel/bounce/?pid=1mpb5m0&t=gif&gdpr=0&gdpr_consent=
https://sync.sharethis.com/eyeota?uid=2KuXwfnAq6IZLG6UPT64UXFj2w_tv6ytmMmtaocwioSY&gdpr=0&gdpr_consent=

42 B
297 B

236ms
60ms

Image
image/gif

3.130.50.49
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://sync.sharethis.com/eyeota?uid=2KuXwfnAq6IZLG6UPT64UXFj2w_tv6ytmMmtaocwioSY&gdpr=0&gdpr_consent=

Requested by

Host: h13.haruyd.vip
URL: https://h13.haruyd.vip/

Protocol

HTTP/1.1

Server

3.130.50.49 Columbus, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-3-130-50-49.us-east-2.compute.amazonaws.com

Software

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains;

Request headers

accept-language: en-US,en;q=0.9
Referer: https://t.sharethis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Date: Wed, 22 Nov 2023 14:58:34 GMT
Strict-Transport-Security: max-age=63072000; includeSubDomains;
Connection: keep-alive
Stid: ZGcABmVeFxkAAAAIIdEwAw==
X-Robots-Tag: noindex, nofollow
Content-Length: 42
Content-Type: image/gif

Redirect headers

Location: https://sync.sharethis.com/eyeota?uid=2KuXwfnAq6IZLG6UPT64UXFj2w_tv6ytmMmtaocwioSY&gdpr=0&gdpr_consent=
Date: Wed, 22 Nov 2023 14:58:34 GMT
Content-Length: 0
P3P: CP="CURa ADMa DEVa TAIo PSAo PSDo OUR SAMo BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR", policyref="http://ps.eyeota.net/w3c/p3p.xml"

GET
H2

200

csync.ashx
ml314.com/ Frame C832
Redirect Chain

https://ml314.com/utsync.ashx?eid=50131&et=13&cid=lr&fp=ZGcABmVeFxkAAAAIIdEwAw%3D%3D&gdpr=0&gdpr_consent=&return=https%3A%2F%2Fidsync.rlcdn.com%2F395886.gif%3Fpartner_uid%3D%5BPersonID%5D
https://idsync.rlcdn.com/395886.gif?partner_uid=3640118655701745715
https://ml314.com/csync.ashx?fp=e42f64429565ad8df5db502ffd7451d2747d1e5b5cbfc88016d4e6796f44819df4cb09cee1a4f8eb&person_id=3640118655701745715&eid=50082

43 B
125 B

83ms
83ms

Image
image/gif

34.117.77.79
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ml314.com/csync.ashx?fp=e42f64429565ad8df5db502ffd7451d2747d1e5b5cbfc88016d4e6796f44819df4cb09cee1a4f8eb&person_id=3640118655701745715&eid=50082
Requested by: Host: h13.haruyd.vip
URL: https://h13.haruyd.vip/
Protocol: H2
Server: 34.117.77.79 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 79.77.117.34.bc.googleusercontent.com
Software: Google Frontend /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: en-US,en;q=0.9
Referer: https://t.sharethis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

expires: Thu, 23 Nov 2023 14:58:34 GMT
date: Wed, 22 Nov 2023 14:58:34 GMT
via: 1.1 google, 1.1 google
server: Google Frontend
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-type: image/gif

Redirect headers

date: Wed, 22 Nov 2023 14:58:33 GMT
via: 1.1 google
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location: https://ml314.com/csync.ashx?fp=e42f64429565ad8df5db502ffd7451d2747d1e5b5cbfc88016d4e6796f44819df4cb09cee1a4f8eb&person_id=3640118655701745715&eid=50082
cache-control: no-cache, no-store
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H/1.1

200
OK

oracle
sync.sharethis.com/ Frame C832
Redirect Chain

https://tags.bluekai.com/site/59574?id=ZGcABmVeFxkAAAAIIdEwAw%3D%3D&redir=https%3A%2F%2Fsync.sharethis.com%2Foracle%3Fuid%3D%24_BK_UUID%26BK_SWAP_DEST%3D5957
https://sync.sharethis.com/oracle?uid=$_BK_UUID&BK_SWAP_DEST=5957

42 B
297 B

239ms
60ms

Image
image/gif

3.130.50.49
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://sync.sharethis.com/oracle?uid=$_BK_UUID&BK_SWAP_DEST=5957

Requested by

Host: h13.haruyd.vip
URL: https://h13.haruyd.vip/

Protocol

HTTP/1.1

Server

3.130.50.49 Columbus, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-3-130-50-49.us-east-2.compute.amazonaws.com

Software

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains;

Request headers

accept-language: en-US,en;q=0.9
Referer: https://t.sharethis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Date: Wed, 22 Nov 2023 14:58:34 GMT
Strict-Transport-Security: max-age=63072000; includeSubDomains;
Connection: keep-alive
Stid: ZGcABmVeFxkAAAAIIdEwAw==
X-Robots-Tag: noindex, nofollow
Content-Length: 42
Content-Type: image/gif

Redirect headers

location: https://sync.sharethis.com/oracle?uid=$_BK_UUID&BK_SWAP_DEST=5957
date: Wed, 22 Nov 2023 14:58:34 GMT
content-length: 0
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV", policyref="http://tags.bluekai.com/w3c/p3p.xml"

GET
H2 200 bk-coretag.js Show response
tags.bkrtx.com/js/ Frame 7A69 51 KB
16 KB 110ms
39ms Script
application/javascript 104.86.160.58
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://tags.bkrtx.com/js/bk-coretag.js

Requested by

Host: pd.sharethis.com
URL: https://pd.sharethis.com/pd/test_oracle

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

104.86.160.58 Miami, United States, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-86-160-58.deploy.static.akamaitechnologies.com

Software

nginx/1.15.8 /

Resource Hash

88cd43c3f5453f7b4db2cbe884b47db3c8317860a2ce6e9b2bc934ff4b8e32eb

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

accept-language: en-US,en;q=0.9
Referer: https://t.sharethis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

strict-transport-security: max-age=15724800; includeSubDomains
content-encoding: gzip
date: Wed, 22 Nov 2023 14:58:33 GMT
last-modified: Fri, 21 May 2021 19:14:21 GMT
server: nginx/1.15.8
x-akamai-ew-subworker: 8096267
etag: W/"60a8068d-cbc2"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=604800
content-length: 16078
expires: Wed, 29 Nov 2023 14:58:33 GMT

GET
H2 200 59574 Show response
stags.bluekai.com/site/ Frame 14E0 62 B
576 B 225ms
219ms Document
image/gif 23.219.8.236
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://stags.bluekai.com/site/59574?ret=html&phint=id%3DZGcABmVeFxkAAAAIIdEwAw%3D%3D&phint=__bk_k%3D&phint=__bk_pr%3Dhttps%3A%2F%2Ft.sharethis.com%2Fa%2Ft_.htm%3Fver%3D1.1258.23363%26cid%3Dc010%26cls%3DC&phint=__bk_l%3Dhttps%3A%2F%2Ft.sharethis.com%2Fa%2Ft_.htm%3Fver%3D1.1258.23363%26cid%3Dc010%26cls%3DC&phint=__bk_v%3D3.1.10&limit=5&r=12159456
Requested by: Host: tags.bkrtx.com
URL: https://tags.bkrtx.com/js/bk-coretag.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.219.8.236 Ashburn, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-219-8-236.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 0af3aae90b7de9fdceee2ab421378ea2f54c74be81ef43fc6c1790a032755d80

Request headers

Referer: https://t.sharethis.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

content-length: 62
content-type: image/gif
date: Wed, 22 Nov 2023 14:58:34 GMT
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV", policyref="http://tags.bluekai.com/w3c/p3p.xml"

GET
H2 200 / Show response
whos.amung.us/pingjs/ 30 B
184 B 138ms
71ms Script
text/javascript 2606:4700:10::6816:4bab
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://whos.amung.us/pingjs/?k=5fyevrod18&t=%ED%95%98%EB%A3%A8%EC%95%BC%EB%8F%99%20-%20%EB%AC%B4%EB%A3%8C%20%EC%84%B1%EC%9D%B8%EC%BB%A4%EB%AE%A4%EB%8B%88%ED%8B%B0&c=s&x=https%3A%2F%2Fh13.haruyd.vip%2F&y=&a=0&d=3.26&v=27&r=5321
Requested by: Host: waust.at
URL: https://waust.at/s.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:4bab , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 142535a725b2e60cd6f1e808a7d561faacb16b55bedc37d543a0c721e8274316

Request headers

accept-language: en-US,en;q=0.9
Referer: https://h13.haruyd.vip/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Wed, 22 Nov 2023 14:58:34 GMT
content-encoding: gzip
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 82a20803383d74ac-MIA
content-type: text/javascript;charset=UTF-8

GET
H2 200 tc.js Show response
cdn.tynt.com/ 26 KB
9 KB 106ms
39ms Script
application/javascript 104.18.34.83
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.tynt.com/tc.js
Requested by: Host: waust.at
URL: https://waust.at/s.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.18.34.83 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: df92371a548b99f90afb3caeb15fdd106cbb37809b0f3f9db3db055e581ac28a

Request headers

accept-language: en-US,en;q=0.9
Referer: https://h13.haruyd.vip/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Wed, 22 Nov 2023 14:58:34 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Thu, 05 Oct 2023 15:09:06 GMT
server: cloudflare
age: 182497
etag: W/"651ed192-66a6"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=259200
cf-ray: 82a208041f758d9d-MIA
expires: Sat, 25 Nov 2023 14:58:34 GMT

GET
DATA 200
OK truncated
/ 439 B
0 Image
image/gif

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: f6d82f567d08ec91a1b6ef0d4abf21be7a2d3dbc0a41c122584ea3536755b3ac

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Content-Type: image/gif

GET
H2 200 optimus_rules.json Show response
tags.crwdcntrl.net/lt/c/3825/ 4 KB
1 KB 228ms
110ms XHR
application/json 13.224.214.114
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.crwdcntrl.net/lt/c/3825/optimus_rules.json
Requested by: Host: tags.crwdcntrl.net
URL: https://tags.crwdcntrl.net/lt/c/3825/lt.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.214.114 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-214-114.phl50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 08b479c3eeb1cb4d44354e6bf17322cd7acd38ae9a33ee5956898447ed43fab6

Request headers

Referer: https://h13.haruyd.vip/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

date: Wed, 22 Nov 2023 14:58:35 GMT
content-encoding: gzip
via: 1.1 675b284655681c433b27b85b9911e050.cloudfront.net (CloudFront)
last-modified: Wed, 06 Sep 2023 14:23:53 GMT
server: AmazonS3
x-amz-cf-pop: PHL50-C1
etag: W/"f16e89fd08a708a6bd2e69be50fd30ab"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding,Origin,Access-Control-Request-Headers,Access-Control-Request-Method
access-control-allow-methods: GET
content-type: application/json
access-control-allow-origin: *
x-cache: Miss from cloudfront
cache-control: public, max-age=86400
x-amz-cf-id: ODQC8qb1asDObwyVMQUngapKNVkau-IjjPxY_AinwovV_wsROJpnhw==

GET
H2 204 p
ic.tynt.com/b/ 0
228 B 188ms
62ms Image
text/plain 67.202.105.32
STEADFAST

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ic.tynt.com/b/p?id=w!5fyevrod18&lm=0&ts=1700665114333&dn=TC&iso=0&pu=https%3A%2F%2Fh13.haruyd.vip%2F&t=%ED%95%98%EB%A3%A8%EC%95%BC%EB%8F%99%20-%20%EB%AC%B4%EB%A3%8C%20%EC%84%B1%EC%9D%B8%EC%BB%A4%EB%AE%A4%EB%8B%88%ED%8B%B0&chmob=0
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 67.202.105.32 , United States, ASN32748 (STEADFAST, US),
Reverse DNS: ip32.67-202-105.static.steadfastdns.net
Software: nginx/1.16.1 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://h13.haruyd.vip/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

expires: "Sat, 26 Jul 1997 05:00:00 GMT"
date: Wed, 22 Nov 2023 14:58:34 GMT
cache-control: "no-store, no-cache, must-revalidate, post-check=0, pre-check=0, false"
server: nginx/1.16.1
p3p: CP="NOI DSP COR NID PSA PSD OUR IND UNI COM NAV INT DEM STA"

POST
H2 200 data Show response
bcp.crwdcntrl.net/6/ 60 B
333 B 182ms
56ms XHR
application/json 3.215.27.95
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://bcp.crwdcntrl.net/6/data
Requested by: Host: tags.crwdcntrl.net
URL: https://tags.crwdcntrl.net/lt/c/3825/lt.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.215.27.95 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-215-27-95.compute-1.amazonaws.com
Software: Jetty(9.4.38.v20210224) /
Resource Hash: a9395c92b76f49dc29bef7bb3bb1f2b800f28801f05949a5881a28c1a96739f9

Request headers

Referer: https://h13.haruyd.vip/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Wed, 22 Nov 2023 14:58:34 GMT
server: Jetty(9.4.38.v20210224)
content-type: application/json;charset=utf-8
p3p: CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin: https://h13.haruyd.vip
cache-control: no-cache
x-server: 10.40.5.17
access-control-allow-credentials: true
content-length: 60
expires: 0

GET
H2 204 p
ic.tynt.com/b/ 0
227 B 60ms
60ms Image
text/plain 67.202.105.32
STEADFAST

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ic.tynt.com/b/p?id=w!5fyevrod18&lm=0&ts=1700665114333&dn=TC&iso=0&pu=https%3A%2F%2Fh13.haruyd.vip%2F&t=%ED%95%98%EB%A3%A8%EC%95%BC%EB%8F%99%20-%20%EB%AC%B4%EB%A3%8C%20%EC%84%B1%EC%9D%B8%EC%BB%A4%EB%AE%A4%EB%8B%88%ED%8B%B0
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 67.202.105.32 , United States, ASN32748 (STEADFAST, US),
Reverse DNS: ip32.67-202-105.static.steadfastdns.net
Software: nginx/1.16.1 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://h13.haruyd.vip/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

expires: "Sat, 26 Jul 1997 05:00:00 GMT"
date: Wed, 22 Nov 2023 14:58:34 GMT
cache-control: "no-store, no-cache, must-revalidate, post-check=0, pre-check=0, false"
server: nginx/1.16.1
p3p: CP="NOI DSP COR NID PSA PSD OUR IND UNI COM NAV INT DEM STA"

GET
H2 200 v2 Show response
de.tynt.com/deb/ 4 B
327 B 189ms
61ms Script
application/javascript 67.202.105.31
STEADFAST

General

Check archive.org

Show headers Download Go to

Full URL: https://de.tynt.com/deb/v2?id=w!5fyevrod18&dn=TC&cc=1&chmob=0&r=&pu=https%3A%2F%2Fh13.haruyd.vip%2F
Requested by: Host: cdn.tynt.com
URL: https://cdn.tynt.com/tc.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 67.202.105.31 , United States, ASN32748 (STEADFAST, US),
Reverse DNS: ip31.67-202-105.static.steadfastdns.net
Software: /
Resource Hash: d21021784cda31eeae5c8295e047a14bda6ed5a9b5963fca9e7ceb398a9c9179

Request headers

accept-language: en-US,en;q=0.9
Referer: https://h13.haruyd.vip/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

p3p: CP="NOI DSP COR NID PSA PSD OUR IND UNI COM NAV INT DEM STA"
date: Wed, 22 Nov 2023 14:58:33 GMT
cache-control: max-age=86400
content-type: application/javascript
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Model, Sec-CH-UA-Full-Version-List, Sec-CH-UA, Sec-CH-UA-Mobile
content-length: 4
expires: Thu, 23 Nov 2023 14:58:34 GMT

GET
H2 204 p
ic.tynt.com/b/ 0
227 B 61ms
61ms Image
text/plain 67.202.105.32
STEADFAST

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ic.tynt.com/b/p?id=w!5fyevrod18&lm=0&ts=1700665114333&dn=TC&iso=0&pu=https%3A%2F%2Fh13.haruyd.vip%2F
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 67.202.105.32 , United States, ASN32748 (STEADFAST, US),
Reverse DNS: ip32.67-202-105.static.steadfastdns.net
Software: nginx/1.16.1 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://h13.haruyd.vip/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

expires: "Sat, 26 Jul 1997 05:00:00 GMT"
date: Wed, 22 Nov 2023 14:58:34 GMT
cache-control: "no-store, no-cache, must-revalidate, post-check=0, pre-check=0, false"
server: nginx/1.16.1
p3p: CP="NOI DSP COR NID PSA PSD OUR IND UNI COM NAV INT DEM STA"

GET
H2 204 p
ic.tynt.com/b/ 0
227 B 61ms
60ms Image
text/plain 67.202.105.32
STEADFAST

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ic.tynt.com/b/p?id=w!5fyevrod18&lm=0&ts=1700665114333&dn=TC&iso=0&pu=https%3A%2F%2Fh13.haruyd.vip%2F
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 67.202.105.32 , United States, ASN32748 (STEADFAST, US),
Reverse DNS: ip32.67-202-105.static.steadfastdns.net
Software: nginx/1.16.1 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://h13.haruyd.vip/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

expires: "Sat, 26 Jul 1997 05:00:00 GMT"
date: Wed, 22 Nov 2023 14:58:34 GMT
cache-control: "no-store, no-cache, must-revalidate, post-check=0, pre-check=0, false"
server: nginx/1.16.1
p3p: CP="NOI DSP COR NID PSA PSD OUR IND UNI COM NAV INT DEM STA"

GET
H2 204 p
ic.tynt.com/b/ 0
227 B 60ms
60ms Image
text/plain 67.202.105.32
STEADFAST

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ic.tynt.com/b/p?id=w!5fyevrod18&lm=0&ts=1700665114333&dn=TC&iso=0&pu=https%3A%2F%2Fh13.haruyd.vip%2F
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 67.202.105.32 , United States, ASN32748 (STEADFAST, US),
Reverse DNS: ip32.67-202-105.static.steadfastdns.net
Software: nginx/1.16.1 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://h13.haruyd.vip/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

expires: "Sat, 26 Jul 1997 05:00:00 GMT"
date: Wed, 22 Nov 2023 14:58:34 GMT
cache-control: "no-store, no-cache, must-revalidate, post-check=0, pre-check=0, false"
server: nginx/1.16.1
p3p: CP="NOI DSP COR NID PSA PSD OUR IND UNI COM NAV INT DEM STA"

GET
H/1.1 204
No Content a.gif
t.sharethis.com/d/ Frame C832 0
289 B 52ms
51ms Image
text/plain 23.205.106.83
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://t.sharethis.com/d/a.gif?cid=c010&cls=C&stid=ZGcABmVeFxkAAAAIIdEwAw%253D%253D&tt=t.dhj&dhjLcy=1700665113638&lbl=pxcel&flbl=pxcel&ll=d&ver=1.1258.23363&ell=d&cck=__stid&dmn=h13.haruyd.vip&pn=%2F&qs=na&rdn=h13.haruyd.vip&rpn=%2F&rqs=na&cc=US&cont=NA&evid=vyji3vYA8hdvYNg-h7H-&urls=!1!472!b-13j,!0!608!b-13l,!1!534!b-14s,!1!0!b-14t,!1!345!b-150,!1!499!b-16f&rnd=1700665116787&cid=c010&version=1.1258.23363&cc=US&cont=NA&cls=C&repeat=0&htmLcy=58

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

23.205.106.83 Ashburn, United States, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a23-205-106-83.deploy.static.akamaitechnologies.com

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=2628000 ; includeSubDomains

Request headers

accept-language: en-US,en;q=0.9
Referer: https://t.sharethis.com/a/t_.htm?ver=1.1258.23363&cid=c010&cls=C
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 22 Nov 2023 14:58:36 GMT
Cache-Control: max-age=0, no-cache, no-store
Strict-Transport-Security: max-age=2628000 ; includeSubDomains
Connection: keep-alive
X-Robots-Tag: noindex, nofollow
Expires: Wed, 22 Nov 2023 14:58:36 GMT

Verdicts & Comments Add Verdict or Comment

377 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

36 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
h13.haruyd.vip/	1969-12-31 23:59:59	Name: PHPSESSID Value: ts9sg86d50qpl2ied9hfcefq25
h13.haruyd.vip/	1969-12-31 23:59:59	Name: mobile Value: false
h13.haruyd.vip/	1969-12-31 23:59:59	Name: user-agent Value: 1b7de7e82db1163ab7a1342e5def95a8
.haruyd.vip/	1970-01-21 02:00:25	Name: _ga_1G5H7W94B1 Value: GS1.1.1700665113.1.0.1700665113.0.0.0
.haruyd.vip/	1970-01-21 02:00:25	Name: _ga Value: GA1.1.1185986563.1700665113
.dtscout.com/	1970-01-20 16:24:30	Name: m Value: 1
.dtscout.com/	1970-01-20 16:24:28	Name: st Value: 1
.dtscout.com/	1970-01-20 16:24:39	Name: oa Value: 1
.dtscout.com/	1970-01-20 18:48:25	Name: df Value: 1700665113
.dtscout.com/	1970-01-20 18:32:34	Name: l Value: 4C301700665113A625D00D58923DD680
.haruyd.vip/	1970-01-21 02:00:25	Name: _ga_J17DZK1R68 Value: GS1.1.1700665113.1.0.1700665113.0.0.0
.haruyd.vip/	1970-01-20 18:29:41	Name: __dtsu Value: 4C301700665113A625D00D58923DD680
.sharethis.com/	1970-01-21 01:11:27	Name: __stid Value: ZGcABmVeFxkAAAAIIdEwAw==
.sharethis.com/	1970-01-21 01:11:27	Name: __stidv Value: 2
.dtscdn.com/	1970-01-20 20:42:10	Name: uid Value: 4C301700665113A625D00D58923DD680
.haruyd.vip/	1970-01-20 16:24:25	Name: lotame_domain_check Value: haruyd.vip
.onaudience.com/	1970-01-21 01:10:01	Name: cookie Value: 94d0732d18740af5
.onaudience.com/	1970-01-20 16:25:51	Name: done_redirects109 Value: 1
.t.sharethis.com/	1970-01-20 16:44:34	Name: pxcelPage_default_c010_C Value: 1_0_1700665113787
.rlcdn.com/	1970-01-21 01:10:01	Name: rlas3 Value: m9zkVhXZYKfhttKl3Ie4mMwgyYEd9tw05cZ3PGim1gY=
.ml314.com/	1970-01-21 01:11:27	Name: pi Value: 3640118655701745715
.adsrvr.org/	1970-01-21 01:11:27	Name: TDID Value: be680996-9c49-4418-ba1e-c046aefb5e5d
.adsrvr.org/	1970-01-21 01:11:27	Name: TDCPM Value: CAEYBSABKAIyCwiE78asx921PBAFOAE.
.rlcdn.com/	1970-01-20 17:50:49	Name: pxrc Value: CJmu+KoGEgUI204QAA==
.eyeota.net/	1970-01-21 01:11:27	Name: mako_uid Value: 18bf78a3d84-61080000010a5e98
.eyeota.net/	1970-01-20 16:24:25	Name: SERVERID Value: 24216~DM
.pippio.com/	1970-01-21 01:10:01	Name: did Value: eY_5XtOH5GSA8fp3
.pippio.com/	1970-01-21 01:10:01	Name: didts Value: 1700665114
.pippio.com/	1970-01-20 17:50:49	Name: nnls Value:
.pippio.com/	1970-01-20 17:50:49	Name: pxrc Value: CJqu+KoGEgYIgr0rEAA=
.bluekai.com/	1970-01-20 20:46:29	Name: bku Value: +rQ99OGUUZVumc9j
.bluekai.com/	1970-01-20 20:46:29	Name: bkpa Value: KJ0XMAamhu9DHP4pmrxUl34S9EWGRgGOO68/ouuxQMqy6goXDIw9r/9dwe4l8+hnuhxrzoHlNTzSuWD3r5+iIiYPaAep2rnNRlAB2ZFPVr+oVoTw4x9SxwwqzI825KLdli3QiDHq92xQn9Cng1V8OG3o142jxBM8EOtnP9e+cLTJjNp/K0RxOyxhIJXEFr42YqAOZ3Kdt7yE0y8GAccsI0b7AAMJgiGrrO0FzFQK9s1KRx/=
.linkedin.com/	1970-01-20 18:34:01	Name: li_sugr Value: de825d8e-3a84-48ce-9399-55912553f94a
.linkedin.com/	1970-01-21 01:10:01	Name: bcookie Value: "v=2&b9a5ac2c-0e63-4195-88c9-8cc2bfe65eb4"
.linkedin.com/	1970-01-20 16:25:51	Name: lidc Value: "b=VGST04:s=V:r=V:a=V:p=V:g=3063:u=1:x=1:i=1700665114:t=1700751514:v=2:sig=AQGCRN6cQaiwYV-s0vBLSsGvYw1swOPy"
.t.sharethis.com/	1969-12-31 23:59:59	Name: pxcelBcnLcy Value: 53

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

bcp.crwdcntrl.net
blogger.googleusercontent.com
cdn.tynt.com
de.tynt.com
dtsedge.com
get.s-onetag.com
h13.haruyd.vip
ic.tynt.com
idsync.rlcdn.com
lamosta.com
match.adsrvr.org
ml314.com
onetag-geo.s-onetag.com
pd.sharethis.com
pippio.com
pixel.onaudience.com
ps.eyeota.net
px.ads.linkedin.com
stags.bluekai.com
sync.sharethis.com
t.dtscdn.com
t.dtscout.com
t.sharethis.com
tags.bkrtx.com
tags.bluekai.com
tags.crwdcntrl.net
waust.at
whos.amung.us
www.google-analytics.com
www.googletagmanager.com
104.18.34.83
104.86.160.58
107.178.254.65
13.224.214.114
13.224.214.27
141.94.170.77
18.238.4.90
2001:4860:4802:38::178
23.205.106.83
23.219.8.236
2606:4700:10::6816:4bab
2606:4700:20::681a:407
2606:4700:20::681a:c3c
2606:4700:21::8d65:780b
2606:4700:3030::ac43:9dc8
2606:4700:3036::6815:67a
2606:4700:3036::ac43:9386
2607:f8b0:4004:c08::61
2607:f8b0:4004:c09::84
2620:1ec:21::14
3.130.50.49
3.141.240.42
3.215.27.95
34.117.77.79
35.244.154.8
35.71.131.137
50.16.174.192
67.202.105.31
67.202.105.32
01bc09e5e7a191610e162b11657838453a98054190d188059c45b1dd2188a214
08b479c3eeb1cb4d44354e6bf17322cd7acd38ae9a33ee5956898447ed43fab6
08cff6617d381a5be6fa4ebe95a27dfd1e4c832af0b6e66553fab24033aee06d
0af3aae90b7de9fdceee2ab421378ea2f54c74be81ef43fc6c1790a032755d80
0b9ee770f950e4f220deb9541b385c3f376f109e7875c311ce9ccd98f92b0233
1155765092453feba4ad64a2bf06cb65ea11a5614312d915b183d25331b83914
11f43c0c73c1e07344fdde995323cd7acd1ba7c423811598a72cbca558ece3bf
142535a725b2e60cd6f1e808a7d561faacb16b55bedc37d543a0c721e8274316
1a54a83d135f5286df8694967f2c9b7f9a6f403aefe4edd4f3c77979995f756f
1e388c7761514731a36e1ab9a7e8aa5c49df471b0e9c0f65d15a8148d4851e5c
2052a227c361a7e99ea70f5bdcf54cd9e6c6b493dd4d20b73b376d94ce0dc0d1
232e69cab1fd32cb4632bbb0a9fd7b42e0571ff5b8f0c8875d9ada207a94dda4
240f1943506b007989847f857167e55f87867e393ff754fc820fbac0ef3caf58
251c625f225116889669b9b443bf613113315aebb6deb76914a04474fdf8739e
2595496fe48df6fcf9b1bc57c29a744c121eb4dd11566466bc13d2e52e6bbcc8
28ce75d953678c4942df47a11707a15e3c756021cf89090e3e6aa7ad6b6971c3
29aba1b2b8ca9bc47045928087c04183a22ade998f386b4712077b1c9900910e
2be5bc681ba2488b5b366e183923c008835985f5cd45b5f3be3075d6454366d2
31cff4881f5fa09832e14136505ca38422c458783e90d0e79d5b6637403d7dcd
338d906f758dd4c983424a7c2400d8189d21331a857a999bc1d9f46aac9db0ac
363378239ffe46b0a34723e8a43836f81375a54020240faf51113298d2dd69b8
398949c9055a4ab08ff4bd5edf007a19b6bec6973ef581837a212b202f760414
3cc98b5c92e83f0eb1000872f79fc6044d517e90530f4ee1e95874ea69a97d31
44fa8cbfb7ef581e4acd1f4bd6cede01a0bda644b0e7779b7940d3d0c05b4834
47108eb68fad07f3e1cdc5063815f3d71cafca9e478cd373eeab8b6447306ee0
475c8aab9734fadbe36b52ec10992ddddbb4ad0f3a438765d3bc8303ad337aaa
4942ae5a42e277024bbff166b9cdfaa46ea53a6444c479751c945290b33fd40b
4cd3b8f5f7b4e5eb7dc79dc2fbd8b6179d9aac7f866e579cca4151034369063d
4eac51ec3996dcd4f8607159dd1c6368cf881b0c293a4ba1e5e83a47646b4392
4ef6fd189ffb6e8aeec5d40a0698b32b273395910081f1ff1d9d482a373a80b5
52b43bba5de3d685f26371ff13c9ae049b271d6bae7387fc9818d34f78df3ce2
537b84f5c05346dca1ef2230104ff850be0477d00d44c9fdbdac39512c95a497
5516b59d698f952e9e6f3bf95f8549a20431ccf97fa293275c512a1225ae89e1
55bc954384a2e66cb5f5df0cd443cd3cbeff69b529c69a99a7b67fe32c37b1c9
5f459486bb11ff7f772676fa6e53244888f2243b0b8b31b23eb5253db605a77e
61657e9384f4fa1048a5599fd6503195b583d7e9130f92d5a3d85b3dedbae62f
61d4ed9f30fb61a9505d42ebc32b36c75cebc97e76eeaee994add782bb97f0dc
64fd1204c189930ef8a54e09de921f8f046872971b0e0b7b329d0c42c4919818
6c7e95865723058f0f9d0fc0332949965b113fa01053a9aec5633a79da62ccc8
6cfcf182e023b667e9d056a4b3ea48c214ae25c13700d3aff40bcdeba4829923
6d7e1de38454cb9c0ce4a1a057138b90fc06fa668655415ca1ac4f55753bc366
70a6fb30d4c6b6e39ca823cccb0aa23ad5c2f9275c1183b1054b68bd6e4f1a4f
739d1610c844b4188e560115724b9f86b2fba779de283b76e7c0eec1917bc48e
77c8c428b25816ab921ae06cd4aadc4a6a39d2c994769e3ee3cf9a90bf763622
77e8377769c060070b2a5f05da33962b7653f775609cb177491d6e77978ba769
83553d22ccd56e5576d544f6ba93475c712b3c02d312893eea2acc16de5fcf91
84e26b45724a987d0a20ad03724e1362c201537df60affbea16d9cfde26801cb
86c03efd332164ec6963da8bb0725f6b42f7d910a41dc8ac3b1d60f46277819e
88cd43c3f5453f7b4db2cbe884b47db3c8317860a2ce6e9b2bc934ff4b8e32eb
89c106cc47f5e28199fa57c0c2f952a5989ce47aa0f08dd2c85a6bf265f82845
8a1b584da96c880bab24c262675518a0561fbedbf0f82a47da70b5011e0d9bc8
8ff9e191df831efb966ff2d3cee87f2a51f1256c9bf0eeb0ef8b52262532f36d
93420135323b71e1fab7a208ae18008c7a2d41db2bcfb48fd5af48e8e49d49e5
936a2ad83c68f2b01debb6d6cadd3eb0bb947c30eb34980e94842add13b66421
9697a0aff637e7e394bbdd1a9a4d98ad8f7511f4f08f085c49cd450e9aab4ac5
9a28e3dca0a120d1acf7f1fbd766c77e4e8bb00602fafe4fcbb938cac297607e
9ab1cfdfcb9bcb9c7cb6c67ecda9dcfc4557722c901f7332d73997d0bf38811e
9d4f4efea8b7f80695d75a3aed6887b5a8807a7cffbbe26f26ebde23f7af6a82
9df03994b49cfe95ae1c8a64f45d95760f95eb23b7b86b809c75473b6aa5a6ce
9ebf0d1b5e7d1d135f7a016eef7bbc3d00a978020168b15d6f020b60b490b928
a573f6d56b2208084961a919fc6d4bb4f0e64ad937c93b72dd050d43da8035bf
a5bb7e3567fc9063f54e3f158e5ed216c87e4217dbc5c53553fce6c00767c8d7
a9395c92b76f49dc29bef7bb3bb1f2b800f28801f05949a5881a28c1a96739f9
ac1c8f94750b39b12327a5d0c56fdf946dabfb6d91e5d2a202879ff9a5d67e29
ad0c6d3ae66d21e0f6260783b2a59f457feef81c1dd14e41053b8fdb2aaf3244
ad86b1e58bdff0f6bb6676d27f6cfe989448d23c6fd10bcc19d2be92b9f7926c
aed972f348736612525583c3dd43095d763b9e661284c8d611f01aa63398899f
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b1bbdb22a64fff07fc7523e7048ba386e0ecfdec535cefb21290c36d44bdab43
b1db0908a7b721682731a7c4d08a0184a2211b5d1bae859098b30602951ac464
b5bf3e8035d35911f9393b62a873897463a7180c01077cf16445d0d423651d75
be25727312aacf5afac204a449cc3ceee5fcc34704f79e8705e54271e80ac81b
c32c979160ae6bda6a5ba3be927b81fbf95812dc00915b31013c24ed619e823b
c45b9d8453f4ffb816997fbfdaaf55de83af5fec145311d45ddf01d64c801c4e
c68ecb68aff954decdb697db5b615bb7ccf4e2c4d1840fa0276640d8dd63ce19
c8975ceaebfa05793569965b48944d77fa94cf06c08304ecc57ca5d3f96e5e30
cd2835bec13ba8e1426bbf51d0f23c56cd1b1ed9ebf4345895c4698a038a320c
cf0b4baa89edf7f44bcfb453bb38970fb3ecd30e75011b8ca9f59cd676f1f7fb
cfe91c9c9f03b1355a8d6fc696f8db8449a17210baddec965c5a67af7bc618b1
d21021784cda31eeae5c8295e047a14bda6ed5a9b5963fca9e7ceb398a9c9179
d556aca5fe37f603193157fc5a7b33e89035106850a92d2a7e7d4f32103b1e61
dbd0f2537c1f2a5f5d087e37b1e200e4c2c6a9dca869e4195ed4b8774381a863
df92371a548b99f90afb3caeb15fdd106cbb37809b0f3f9db3db055e581ac28a
dfb7ffa882fde3a3ba6444313ff1cd3d9461e323f4754e17d96d3c5b8a617197
dff8e5618e6d72c53a64c660af480ea7dab14ab27491487cd34f6a12e80bca89
e2928f1dc55ab3a40d0007474e8281ddb3c7ff0f3ad1b0482cca50fd2f9fa889
e2dc83aaf6d46a227208ff62b74a16faa0d08a57da37fafca0e331013b7d33fc
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e5ef21431d51cba40b5b5ba854c5751bcf99fe8aee9e7cb83acd7d238a5b3142
e812c696e0559e67f9d26cf503091a323c716208a38602831e621cfd5a81b8ca
ec73870a124df2d105249652c84da8f949bf73bcd5ca8ad6deca84b4fbd2e9d0
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f5a6a1032a4096378c138954fd2e6941a2dcd4b4cdaeddc5185db3a1655d35c1
f6d82f567d08ec91a1b6ef0d4abf21be7a2d3dbc0a41c122584ea3536755b3ac
f7882c061727942e8105a570af4f2a091b64c61590be2184c993e99a721d9758
f7cccc2fa3a8bbdfa914533543ca4f8d87ce2ef32f72609c40e7badc56a3d12a
fa233a6e1c0a313e30da8a36c1d0636d08fe0d7d920b684bae9781496a5d6a70
fc597e0c19ae557bacda9d94c2daffb4fd66fdc96b63162698a6acbbba697434
fcf8d278f91f8bf55965083472f630b3ff4a679bfad090352f58729c9a0645ab
ff4e92561c7b35e571a58abe964d8692ece9dc22cbd2a763beb9744983567eee
ff990708f1742064fb848a81f53edab5672739625bb6b0ebe08ceadd7f913c7d

h13.haruyd.vip Open in urlscan Pro 2606:4700:3036::6815:67a Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

114 Requests

95 %HTTPS

38 %IPv6

23 Domains

30 Subdomains

25 IPs

3 Countries

8574 kBTransfer

9634 kBSize

36 Cookies

3 Outgoing links

Redirected requests

114 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 1 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

h13.haruyd.vip Open in urlscan Pro
2606:4700:3036::6815:67a Public Scan

Screenshot
Live screenshot

Full Image

114
Requests

95 %
HTTPS

38 %
IPv6

23
Domains

30
Subdomains

25
IPs

3
Countries

8574 kB
Transfer

9634 kB
Size

36
Cookies

114 HTTP transactions
1 data transactions