urlscan.io logo urlscan.io
SecurityTrails logo

go299.el3bha.net Open in urlscan Pro
2606:4700:3036::6815:4e6a  Public Scan

Go To Rescan Add Verdict Report
URL: https://go299.el3bha.net/19844/
Submission Tags: falconsandbox
Submission: On November 26 via api from US — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 15 IPs in 2 countries across 14 domains to perform 82 HTTP transactions. The main IP is 2606:4700:3036::6815:4e6a, located in United States and belongs to CLOUDFLARENET, US. The main domain is go299.el3bha.net.
TLS certificate: Issued by WE1 on October 4th 2024. Valid for: 3 months.
This is the only time go299.el3bha.net was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

46    2606:4700:3036::6815:4e6a (United States)

ASN13335 (CLOUDFLARENET, US)
go299.el3bha.net
3    2a00:1450:4001:806::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
2    2a00:1450:4001:829::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
securepubads.g.doubleclick.net
3    2a00:1450:4001:80b::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
5    23.36.162.219 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1 Akamai International B.V., NL)
PTR: a23-36-162-219.deploy.static.akamaitechnologies.com
analytics.tiktok.com
3    69.192.161.85 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a69-192-161-85.deploy.static.akamaitechnologies.com
amplify.outbrain.com
wave.outbrain.com
4    2001:4860:4802:34::36 (United States)

ASN15169 (GOOGLE, US)
region1.google-analytics.com
1    2606:4700::6812:bcf (United States)

ASN13335 (CLOUDFLARENET, US)
maxcdn.bootstrapcdn.com
4    2a00:1450:4001:802::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fundingchoicesmessages.google.com
2    70.42.32.127 (United States)

ASN22075 (AS-OUTBRAIN, US)
PTR: ny.outbrain.com
tr.outbrain.com
2    2a03:2880:f083:9:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)
connect.facebook.net
2    2a00:1450:4001:812::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
1    2a03:2880:f176:84:face:b00c:0:25de (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)
www.facebook.com
1    2a00:1450:4001:810::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
lh3.googleusercontent.com
Apex Domain
Subdomains		 Transfer
46 el3bha.net
go299.el3bha.net
673 KB
5 outbrain.com
amplify.outbrain.com — Cisco Umbrella Rank: 3405
wave.outbrain.com — Cisco Umbrella Rank: 4277
tr.outbrain.com — Cisco Umbrella Rank: 3357
11 KB
5 tiktok.com
analytics.tiktok.com — Cisco Umbrella Rank: 799
139 KB
4 google.com
fundingchoicesmessages.google.com — Cisco Umbrella Rank: 695
130 KB
4 google-analytics.com
region1.google-analytics.com — Cisco Umbrella Rank: 3353
3 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 29
7 KB
3 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 39
323 KB
2 gstatic.com
fonts.gstatic.com
84 KB
2 facebook.net
connect.facebook.net — Cisco Umbrella Rank: 192
75 KB
2 doubleclick.net
securepubads.g.doubleclick.net — Cisco Umbrella Rank: 218
185 KB
1 googleusercontent.com
lh3.googleusercontent.com — Cisco Umbrella Rank: 45
3 KB
1 facebook.com
www.facebook.com — Cisco Umbrella Rank: 120
1 bootstrapcdn.com
maxcdn.bootstrapcdn.com — Cisco Umbrella Rank: 1255
6 KB
0 el3bha.com Failed
el3bha.com Failed
82 14
Domain Requested by
46 go299.el3bha.net 2 redirects go299.el3bha.net
5 analytics.tiktok.com go299.el3bha.net
analytics.tiktok.com
4 fundingchoicesmessages.google.com securepubads.g.doubleclick.net
4 region1.google-analytics.com www.googletagmanager.com
3 fonts.googleapis.com go299.el3bha.net
3 www.googletagmanager.com go299.el3bha.net
www.googletagmanager.com
2 fonts.gstatic.com fonts.googleapis.com
go299.el3bha.net
2 connect.facebook.net go299.el3bha.net
connect.facebook.net
2 tr.outbrain.com amplify.outbrain.com
2 amplify.outbrain.com go299.el3bha.net
amplify.outbrain.com
2 securepubads.g.doubleclick.net go299.el3bha.net
securepubads.g.doubleclick.net
1 lh3.googleusercontent.com go299.el3bha.net
1 www.facebook.com connect.facebook.net
1 wave.outbrain.com amplify.outbrain.com
1 maxcdn.bootstrapcdn.com go299.el3bha.net
0 el3bha.com Failed go299.el3bha.net
82 16

This site contains links to these domains. Also see Links.

Domain
www.facebook.com
twitter.com
Subject Issuer Validity Valid
el3bha.net
WE1		 2024-10-04 -
2025-01-02		 3 months crt.sh
*.google-analytics.com
WR2		 2024-10-21 -
2025-01-13		 3 months crt.sh
*.g.doubleclick.net
WR2		 2024-10-21 -
2025-01-13		 3 months crt.sh
upload.video.google.com
WR2		 2024-10-21 -
2025-01-13		 3 months crt.sh
*.tiktok.com
RapidSSL TLS ECC CA G1		 2024-07-15 -
2025-07-15		 a year crt.sh
*.outbrain.com
DigiCert TLS RSA SHA256 2020 CA1		 2023-12-14 -
2024-12-14		 a year crt.sh
bootstrapcdn.com
WE1		 2024-11-18 -
2025-02-16		 3 months crt.sh
*.google.com
WR2		 2024-10-21 -
2025-01-13		 3 months crt.sh
*.facebook.com
DigiCert SHA2 High Assurance Server CA		 2024-09-04 -
2024-12-03		 3 months crt.sh
*.gstatic.com
WR2		 2024-10-21 -
2025-01-13		 3 months crt.sh
*.googleusercontent.com
WR2		 2024-10-21 -
2025-01-13		 3 months crt.sh

This page contains 2 frames:

Primary Page: https://go299.el3bha.net/19844/
Frame ID: D33F1E53AE4FA560796FD0EB8D6FAB99
Requests: 80 HTTP requests in this frame

Frame: https://go299.el3bha.net/cdn-cgi/challenge-platform/h/g/scripts/jsd/e4025c85ea63/main.js
Frame ID: AED225AF104A56ECE216AABDE930E465
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

ماهي فرص حصولك على سيارة BMW XM 2023 الجديدة؟؟ هل أنت مؤهل لذلك!! - العبها

Page URL History Show full URLs

  1. https://go299.el3bha.net/19844 HTTP 301
    https://go299.el3bha.net/19844/ Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • /wp-(?:content|includes)/
Overall confidence: 100%
Detected patterns
  • <!-- This site is optimized with the Yoast (?:WordPress )?SEO plugin v([\d.]+) -
Overall confidence: 100%
Detected patterns
  • //connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js
Overall confidence: 100%
Detected patterns
  • (?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
Overall confidence: 100%
Detected patterns
Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com
Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtag/js
Overall confidence: 100%
Detected patterns
  • underscore.*\.js(?:\?ver=([\d.]+))?
Overall confidence: 100%
Detected patterns
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?
Overall confidence: 100%
Detected patterns
  • jquery[.-]migrate(?:-([\d.]+))?(?:\.min)?\.js(?:\?ver=([\d.]+))?

Page Statistics

82
Requests

93 %
HTTPS

79 %
IPv6

14
Domains

16
Subdomains

15
IPs

2
Countries

1635 kB
Transfer

4934 kB
Size

9
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://go299.el3bha.net/19844 HTTP 301
    https://go299.el3bha.net/19844/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 65
  • https://go299.el3bha.net/cdn-cgi/challenge-platform/scripts/jsd/main.js HTTP 302
  • https://go299.el3bha.net/cdn-cgi/challenge-platform/h/g/scripts/jsd/e4025c85ea63/main.js

82 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
go299.el3bha.net/19844/
Redirect Chain
  • https://go299.el3bha.net/19844
  • https://go299.el3bha.net/19844/
187 KB
35 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://go299.el3bha.net/19844/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3036::6815:4e6a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
769e3a2adeae5db36a17585ab10e0548aad47230f2e5e90f2897219b37437f47

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

alt-svc
h3=":443"; ma=86400
cache-control
no-store, no-cache, must-revalidate
cf-cache-status
DYNAMIC
cf-edge-cache
cache,platform=wordpress
cf-ray
8e89d5846b67f14f-ORD
content-encoding
zstd
content-type
text/html; charset=UTF-8
date
Tue, 26 Nov 2024 12:20:43 GMT
expires
Thu, 19 Nov 1981 08:52:00 GMT
link
<https://go299.el3bha.net/wp-json/>; rel="https://api.w.org/", <https://go299.el3bha.net/wp-json/wp/v2/posts/19844>; rel="alternate"; type="application/json", <https://go299.el3bha.net/?p=19844>; rel=shortlink
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="CUR ADM OUR NOR STA NID"
pragma
no-cache
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Cb1j42FGILrHEA2m9oHAL%2BbIL4Oe%2BwdYehmgt%2ByFpaIsLQhppd5CUkhp6mUgP0iFdQdjdwhdGR2Jo28mQ0px31uRKfAz4U0Y10iLBk8e%2Fb0bRTvbJuia4UHWc0%2FGt8sKU0c6zMRpos8Uvc3MD2Rs"}],"group":"cf-nel","max_age":604800}
server
cloudflare
server-timing
cfL4;desc="?proto=QUIC&rtt=111784&sent=12&recv=9&lost=0&retrans=0&sent_bytes=4168&recv_bytes=4431&delivery_rate=213&cwnd=12000&unsent_bytes=0&cid=5a707dd8ed19fd2b&ts=1241&x=1" cfHdrFlush;dur=0
vary
Accept-Encoding
x-microcachable
0
x-pingback
https://go299.el3bha.net/xmlrpc.php

Redirect headers

alt-svc
h3=":443"; ma=86400
cache-control
no-store, no-cache, must-revalidate
cf-cache-status
DYNAMIC
cf-edge-cache
cache,platform=wordpress
cf-ray
8e89d581fabc5d8d-FRA
content-type
text/html; charset=UTF-8
date
Tue, 26 Nov 2024 12:20:42 GMT
expires
Thu, 19 Nov 1981 08:52:00 GMT
location
https://go299.el3bha.net/19844/
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="CUR ADM OUR NOR STA NID"
pragma
no-cache
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=isj2Zr8K%2Fsly4gLu8Xq3ufoAJLU90KDIZgGk%2F3AgPj5Hi%2B3i4T%2F6pSXsoGiFhkrhG2%2BydUsmDXl5ijJIKSPzVqavzMyF7%2FZlAchNXaFAZg13QKADinYhKf5o4%2F7Z0PNg7J%2FGLTF2wt1SfgP752%2B0"}],"group":"cf-nel","max_age":604800}
server
cloudflare
server-timing
cfL4;desc="?proto=TCP&rtt=5821&sent=8&recv=12&lost=0&retrans=0&sent_bytes=3945&recv_bytes=2295&delivery_rate=683127&cwnd=252&unsent_bytes=0&cid=92f2df4e4f694cd5&ts=340&x=0"
vary
Accept-Encoding
x-pingback
https://go299.el3bha.net/xmlrpc.php
x-proxy-cache
MISS
x-redirect-by
WordPress
js
www.googletagmanager.com/gtag/ 		326 KB
109 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-1091S15PKM
Requested by
Host: go299.el3bha.net
URL: https://go299.el3bha.net/19844/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:806::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
efbc8898c1a98ff59db9c743c720413045e9b8bc6d5b8dda052c06d87c470bfb
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://go299.el3bha.net/

Response headers

content-encoding
br
report-to
{"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcycc:838:0"}],}
expires
Tue, 26 Nov 2024 12:20:43 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Tue, 26 Nov 2024 12:20:43 GMT
content-type
application/javascript; charset=UTF-8
vary
Accept-Encoding
access-control-allow-headers
Cache-Control
strict-transport-security
max-age=31536000; includeSubDomains
cache-control
private, max-age=900
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
content-security-policy-report-only
script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcycc:838:0
access-control-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to=coop_reporting
content-length
110662
x-xss-protection
0
server
Google Tag Manager
gpt.js
securepubads.g.doubleclick.net/tag/js/ 		107 KB
33 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/tag/js/gpt.js
Requested by
Host: go299.el3bha.net
URL: https://go299.el3bha.net/19844/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
6d5a56833f4384023ecf9e40bd4299137ba1baf8be521e390de596af8d1412fc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://go299.el3bha.net/

Response headers

content-encoding
br
etag
237 / 20053 / m202411180101 / config-hash: 2173145291705866055
x-content-type-options
nosniff
expires
Tue, 26 Nov 2024 12:20:43 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
date
Tue, 26 Nov 2024 12:20:43 GMT
content-type
text/javascript; charset=UTF-8
vary
Accept-Encoding
content-disposition
attachment; filename="f.txt"
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
access-control-allow-origin
*
content-length
33363
x-xss-protection
0
server
cafe
css2
fonts.googleapis.com/ 		2 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css2?family=Roboto:wght@100&display=swap
Requested by
Host: go299.el3bha.net
URL: https://go299.el3bha.net/19844/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80b::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
a930f42eb98adae433c7c534e10a4069a363addb81526a28f2788e5b95e81627
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://go299.el3bha.net/

Response headers

content-encoding
gzip
x-content-type-options
nosniff
expires
Tue, 26 Nov 2024 12:20:43 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Tue, 26 Nov 2024 12:20:43 GMT
content-type
text/css; charset=utf-8
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
last-modified
Tue, 26 Nov 2024 12:06:38 GMT
x-frame-options
SAMEORIGIN
strict-transport-security
max-age=31536000
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
cross-origin-opener-policy
same-origin-allow-popups
cross-origin-resource-policy
cross-origin
access-control-allow-origin
*
x-xss-protection
0
server
ESF
style-rtl.min.css
go299.el3bha.net/wp-includes/css/dist/block-library/ 		111 KB
20 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://go299.el3bha.net/wp-includes/css/dist/block-library/style-rtl.min.css?ver=6.5.3
Requested by
Host: go299.el3bha.net
URL: https://go299.el3bha.net/19844/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3036::6815:4e6a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4c2e92c45a2c2768dc59e9e9d62582bcf44d2326a2b16072d9619a60af6a398a

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://go299.el3bha.net/19844/

Response headers

nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding
gzip
cf-cache-status
BYPASS
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=1HBI%2Byts%2BuWQj030SPbhI2e2anQXIk1pMuCJKfWdWGd01uocVNtjjIrJFGDt3mXD2gLTMVz8D6Wb4SxmDg7FlmRBhzP8l%2B0Ie5rOnsJH3UJsAOYP8Il6nXWOmQbo75U5m8quag7SzAgTcLYz6B1P"}],"group":"cf-nel","max_age":604800}
cf-ray
8e89d58b6997f14f-ORD
x-microcachable
0
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=118756&sent=71&recv=53&lost=0&retrans=0&sent_bytes=67591&recv_bytes=15717&delivery_rate=21308&cwnd=26400&unsent_bytes=0&cid=5a707dd8ed19fd2b&ts=1882&x=1", cfHdrFlush;dur=22
p3p
policyref="/w3c/p3p.xml", CP="CUR ADM OUR NOR STA NID"
date
Tue, 26 Nov 2024 12:20:43 GMT
content-type
text/css
last-modified
Mon, 20 May 2024 19:28:33 GMT
vary
Accept-Encoding
server
cloudflare
be.css
go299.el3bha.net/wp-content/themes/betheme/css/ 		444 KB
101 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://go299.el3bha.net/wp-content/themes/betheme/css/be.css?ver=27.3.7
Requested by
Host: go299.el3bha.net
URL: https://go299.el3bha.net/19844/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3036::6815:4e6a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1282fe26117f3d0b5e1400906252e58a2ff379edf099b04eeed5015100ca395

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://go299.el3bha.net/19844/

Response headers

nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding
gzip
cf-cache-status
BYPASS
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=2ltNu5ZqYkZLXGxwRpRu%2Bk5qzhHl6aN3Lsrlq8bpaLiaWq4AeoFzaO6aIQjgu9VqYkKWI4fDleIxWA%2BhGIya8SnIV9m5s%2BqKyQaJl637f42PkFjEm2tDaTsXOV3jZLkXjXKvOnEU2BomgycKX47A"}],"group":"cf-nel","max_age":604800}
cf-ray
8e89d58b699af14f-ORD
x-microcachable
0
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=118756&sent=71&recv=53&lost=0&retrans=0&sent_bytes=67591&recv_bytes=15717&delivery_rate=21308&cwnd=26400&unsent_bytes=0&cid=5a707dd8ed19fd2b&ts=1890&x=1", cfHdrFlush;dur=96
p3p
policyref="/w3c/p3p.xml", CP="CUR ADM OUR NOR STA NID"
date
Tue, 26 Nov 2024 12:20:43 GMT
content-type
text/css
last-modified
Sun, 03 Mar 2024 04:37:39 GMT
vary
Accept-Encoding
server
cloudflare
animations.min.css
go299.el3bha.net/wp-content/themes/betheme/assets/animations/ 		58 KB
8 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://go299.el3bha.net/wp-content/themes/betheme/assets/animations/animations.min.css?ver=27.3.7
Requested by
Host: go299.el3bha.net
URL: https://go299.el3bha.net/19844/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3036::6815:4e6a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
622a07604bb0030ba7094f0f1dcb5d1e9080164fd6ba4071a73452802378b55b

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://go299.el3bha.net/19844/

Response headers

nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding
gzip
cf-cache-status
BYPASS
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Z3zherUENsoHASuKhDPypkWPsHSyvNdt%2BFOzOca%2FLnMgUJCI0rNS2wyA4TFyXy%2FM7kHyZM6K34ht%2FQzLIh3NirT7jSSCEDIo1A%2Fy8iM%2B9E2BRpTclMR3L5IhRr%2Bh3kiYdKpGAbsolLQfLngD5img"}],"group":"cf-nel","max_age":604800}
cf-ray
8e89d58b699cf14f-ORD
x-microcachable
0
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=118756&sent=71&recv=53&lost=0&retrans=0&sent_bytes=67591&recv_bytes=15717&delivery_rate=21308&cwnd=26400&unsent_bytes=0&cid=5a707dd8ed19fd2b&ts=1886&x=1", cfHdrFlush;dur=100
p3p
policyref="/w3c/p3p.xml", CP="CUR ADM OUR NOR STA NID"
date
Tue, 26 Nov 2024 12:20:43 GMT
content-type
text/css
last-modified
Sun, 03 Mar 2024 04:37:39 GMT
vary
Accept-Encoding
server
cloudflare
fontawesome.css
go299.el3bha.net/wp-content/themes/betheme/fonts/fontawesome/ 		59 KB
15 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://go299.el3bha.net/wp-content/themes/betheme/fonts/fontawesome/fontawesome.css?ver=27.3.7
Requested by
Host: go299.el3bha.net
URL: https://go299.el3bha.net/19844/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3036::6815:4e6a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6a8f55d140604ca7fed7724ee5d45c06d445673636211543d30959c317a98a4b

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://go299.el3bha.net/19844/

Response headers

nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding
gzip
cf-cache-status
BYPASS
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=ZRy0B24iT5eQVftWNFoSoDcISfMyFl2UogkQf%2BwGsBErb2IXfHGrSM3yngEWcy%2F4c%2F7mbOfNXEq4CJQQwNwrY4SqQL%2FRUwWxsyBfX0VGj6dFhFDnXG1Vqa25pfzV8qVL8TVgGHP9AdN9lUYUo28X"}],"group":"cf-nel","max_age":604800}
cf-ray
8e89d58b699df14f-ORD
x-microcachable
0
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=118756&sent=64&recv=53&lost=0&retrans=0&sent_bytes=59995&recv_bytes=15717&delivery_rate=21308&cwnd=26400&unsent_bytes=0&cid=5a707dd8ed19fd2b&ts=1879&x=1", cfHdrFlush;dur=0
p3p
policyref="/w3c/p3p.xml", CP="CUR ADM OUR NOR STA NID"
date
Tue, 26 Nov 2024 12:20:43 GMT
content-type
text/css
last-modified
Sun, 03 Mar 2024 04:37:40 GMT
vary
Accept-Encoding
server
cloudflare
responsive.css
go299.el3bha.net/wp-content/themes/betheme/css/ 		67 KB
16 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://go299.el3bha.net/wp-content/themes/betheme/css/responsive.css?ver=27.3.7
Requested by
Host: go299.el3bha.net
URL: https://go299.el3bha.net/19844/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3036::6815:4e6a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ed09efc83f03083f0dda91f59d0e735fab9d9ddb15e46cb3b24fc51a5628e13b

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://go299.el3bha.net/19844/

Response headers

nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding
gzip
cf-cache-status
BYPASS
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=GQJJgGyutaA%2FkLDlwA0tNLQ7R08eKvQqa3h03fm7issPtTMV6tPkZPUMkGknhYd177SCXkdDia0fp7XYEEd9z5miBorFDKOeFpFoN55fBT25xw3pDOrh%2FGDNj3QNCwlT%2FuXnihMQ5Zedy5CrHxFf"}],"group":"cf-nel","max_age":604800}
cf-ray
8e89d58b699ff14f-ORD
x-microcachable
0
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=118756&sent=49&recv=53&lost=0&retrans=0&sent_bytes=42957&recv_bytes=15717&delivery_rate=21308&cwnd=26400&unsent_bytes=0&cid=5a707dd8ed19fd2b&ts=1874&x=1", cfHdrFlush;dur=0
p3p
policyref="/w3c/p3p.xml", CP="CUR ADM OUR NOR STA NID"
date
Tue, 26 Nov 2024 12:20:43 GMT
content-type
text/css
last-modified
Sun, 03 Mar 2024 04:37:39 GMT
vary
Accept-Encoding
server
cloudflare
mfn-local-fonts.css
go299.el3bha.net/wp-content/uploads/betheme/fonts/ 		22 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://go299.el3bha.net/wp-content/uploads/betheme/fonts/mfn-local-fonts.css?ver=1
Requested by
Host: go299.el3bha.net
URL: https://go299.el3bha.net/19844/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3036::6815:4e6a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a5ba2dd3630bf796d66a885c869a1a3f75e22153105d65743e4caa2295df0e7e

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://go299.el3bha.net/19844/

Response headers

nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding
gzip
cf-cache-status
BYPASS
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=huVe50ngk6y4eWb9k6G5bVF0dq2J9My7OgP%2Fim7gzj76MN7Altp08kovntCwWiTh2zzr%2Fdjg7ddMQhVpSOvwklkc%2BXhF629YuyJ0chCXrNe7mBwQeRD%2BrPBkTrrP12UDqdkrx5o5DyzHl%2FZ4F3bb"}],"group":"cf-nel","max_age":604800}
cf-ray
8e89d58b69a0f14f-ORD
x-microcachable
0
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=118756&sent=47&recv=53&lost=0&retrans=0&sent_bytes=41191&recv_bytes=15717&delivery_rate=21308&cwnd=26400&unsent_bytes=0&cid=5a707dd8ed19fd2b&ts=1786&x=1", cfHdrFlush;dur=0
p3p
policyref="/w3c/p3p.xml", CP="CUR ADM OUR NOR STA NID"
date
Tue, 26 Nov 2024 12:20:43 GMT
content-type
text/css
last-modified
Mon, 30 Oct 2023 15:03:39 GMT
vary
Accept-Encoding
server
cloudflare
events.js
analytics.tiktok.com/i18n/pixel/ 		6 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://analytics.tiktok.com/i18n/pixel/events.js?sdkid=CLQ7GHBC77UFQEIN53DG&lib=ttq
Requested by
Host: go299.el3bha.net
URL: https://go299.el3bha.net/19844/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.36.162.219 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1 Akamai International B.V., NL),
Reverse DNS
a23-36-162-219.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
21dd15fa546db98f4903340e37ff6ef7919033475eb3bb3173a7349b3abe7f21

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://go299.el3bha.net/

Response headers

content-encoding
gzip
x-cache-remote
TCP_MISS from a23-218-223-73.deploy.akamaitechnologies.com (AkamaiGHost/11.7.1-5d2a058efeda81c5505a169a6e16c38e) (-)
expires
Tue, 26 Nov 2024 12:20:44 GMT
server-timing
cdn-cache; desc=MISS, edge; dur=133, origin; dur=7, inner; dur=3
x-cache
TCP_MISS from a23-206-213-208.deploy.akamaitechnologies.com (AkamaiGHost/11.7.1-5d2a058efeda81c5505a169a6e16c38e) (-)
date
Tue, 26 Nov 2024 12:20:44 GMT
content-type
application/javascript; charset=UTF-8
vary
Accept-Encoding
x-akamai-request-id
385f35e8.495c783b
x-tt-trace-host
01071338e576d3120912a2d25762897a4e47a9e8447199f9f14a9bcc417b821d44bad8831b8c69eddc6d211bc2eee4ce6c7f685b63afc3fced97d1baf44127eceb47ad5047dbf4891c71f0650a515a0c1b06db60a5d6d11a9348833a3d441f45cd88623507f64be30100ee6866f60d8d92
x-origin-response-time
7,23.218.223.73
cache-control
max-age=0, no-cache, no-store
pragma
no-cache
x-tt-trace-tag
id=16;cdn-cache=miss;type=dyn
x-tt-trace-id
00-24112612204444634AF1068D344100A0-17375A636EE8E6D8-00
content-length
1982
x-parent-response-time
134,23.206.213.208
x-tt-logid
2024112612204444634AF1068D344100A0
server
nginx
obtp.js
amplify.outbrain.com/cp/ 		31 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://amplify.outbrain.com/cp/obtp.js
Requested by
Host: go299.el3bha.net
URL: https://go299.el3bha.net/19844/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
69.192.161.85 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a69-192-161-85.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
e37dcb6f734d00d75a25fbf066e04283dbc5167fef68c8bff5e0977b83a3f3ad

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://go299.el3bha.net/

Response headers

Cache-Control
max-age=1200
Content-Encoding
gzip
ETag
"6d3071e7937674c226546116c276cfec:1731942406.457597"
Connection
keep-alive
Expires
Tue, 26 Nov 2024 12:40:44 GMT
Accept-Ranges
bytes
X-CC
DE
Content-Length
9328
X-RG
EU
Date
Tue, 26 Nov 2024 12:20:44 GMT
Content-Type
application/x-javascript
Last-Modified
Mon, 18 Nov 2024 08:29:07 GMT
Server
AkamaiNetStorage
Vary
Accept-Encoding
pubads_impl.js
securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202411180101/ 		492 KB
152 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202411180101/pubads_impl.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
b95fe6fcb4925330bf629fda90a1362a336b4a8b87bf9573d87927d78c186062
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://go299.el3bha.net/

Response headers

content-encoding
br
etag
1421939719645060458
age
56455
x-content-type-options
nosniff
expires
Tue, 25 Nov 2025 20:39:49 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
date
Mon, 25 Nov 2024 20:39:49 GMT
content-disposition
attachment; filename="f.txt"
content-type
text/javascript; charset=UTF-8
vary
Accept-Encoding
cache-control
public, immutable, max-age=31536000
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
access-control-allow-origin
*
content-length
155913
x-xss-protection
0
server
cafe
13c54cf9-5915-4906-bae5-6d8fd83c8095
https://go299.el3bha.net/ Frame 		0
0
jquery.min.js
go299.el3bha.net/wp-includes/js/jquery/ 		86 KB
35 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://go299.el3bha.net/wp-includes/js/jquery/jquery.min.js?ver=3.7.1
Requested by
Host: go299.el3bha.net
URL: https://go299.el3bha.net/19844/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3036::6815:4e6a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
cb6f2d32c49d1c2b25e9ffc9aaafa3f83075346c01bcd4ae6eb187392a4292cf

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://go299.el3bha.net/19844/

Response headers

nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding
gzip
cf-cache-status
BYPASS
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=H1TqOjqzJjZxFGimwvpGYWzttKOSCqYBlTepNXlK7M7id4Ou%2BgT6svYs63w89LcOL5z5ePAmIsPFwltkYfmOws2CtXbSpHTSqXXiK8yAfmJzCrt8cSvRzIna5GqfdSyLUFv9DHegWGIRyYfOLf7%2F"}],"group":"cf-nel","max_age":604800}
cf-ray
8e89d58c3b48f14f-ORD
x-microcachable
0
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=116181&sent=108&recv=65&lost=0&retrans=0&sent_bytes=105991&recv_bytes=16234&delivery_rate=91508&cwnd=38400&unsent_bytes=0&cid=5a707dd8ed19fd2b&ts=2002&x=1", cfHdrFlush;dur=21
p3p
policyref="/w3c/p3p.xml", CP="CUR ADM OUR NOR STA NID"
date
Tue, 26 Nov 2024 12:20:43 GMT
content-type
text/javascript
last-modified
Sat, 25 Nov 2023 04:54:50 GMT
vary
Accept-Encoding
server
cloudflare
jquery-migrate.min.js
go299.el3bha.net/wp-includes/js/jquery/ 		13 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://go299.el3bha.net/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.4.1
Requested by
Host: go299.el3bha.net
URL: https://go299.el3bha.net/19844/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3036::6815:4e6a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5274f11e6fb32ae0cf2dfb9f8043272865c397a7c4223b4cfa7d50ea52fbde89

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://go299.el3bha.net/19844/

Response headers

nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding
gzip
cf-cache-status
BYPASS
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=6av1XPn91FvLGnRLs2aT3YcR5oHRugxeUjTuCkd1dQLkc8EPv%2Fj%2FNPyVYWoCAVjOf%2FAOj6FesBWELv86XOOzZ39N8pwmH4vEsYZFckmjwPpClApNLjJbhT%2B%2F%2B8e2JMhl19%2F0cJk2oFkJOzmsRHhK"}],"group":"cf-nel","max_age":604800}
cf-ray
8e89d58c3b4df14f-ORD
x-microcachable
0
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=118626&sent=74&recv=54&lost=0&retrans=0&sent_bytes=70557&recv_bytes=15760&delivery_rate=6121&cwnd=27600&unsent_bytes=0&cid=5a707dd8ed19fd2b&ts=1959&x=1", cfHdrFlush;dur=27
p3p
policyref="/w3c/p3p.xml", CP="CUR ADM OUR NOR STA NID"
date
Tue, 26 Nov 2024 12:20:43 GMT
content-type
text/javascript
last-modified
Tue, 03 Oct 2023 12:13:43 GMT
vary
Accept-Encoding
server
cloudflare
rtl.css
go299.el3bha.net/wp-content/themes/betheme/ 		39 KB
11 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://go299.el3bha.net/wp-content/themes/betheme/rtl.css
Requested by
Host: go299.el3bha.net
URL: https://go299.el3bha.net/19844/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3036::6815:4e6a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d82c5b2c91d57b9a336052e3c2fd98dde1db753b8e346dbe6d63bfed718623df

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://go299.el3bha.net/19844/

Response headers

nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding
gzip
cf-cache-status
BYPASS
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=WmF2KAWLxSPCL6duVeQyhlWkjXibnZd1O3JieHXJSC85KzbwC0KMJp0QxvY027iODGcp%2BDKmW0FD7Ls1cDN6H8Nl%2B21E0tEE9OgcUaP6AMukthIb4vtoRiBEXF93n5apr3ANSc3KhFrx7bluOmCm"}],"group":"cf-nel","max_age":604800}
cf-ray
8e89d58c3b4ef14f-ORD
x-microcachable
0
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=116181&sent=108&recv=65&lost=0&retrans=0&sent_bytes=105991&recv_bytes=16234&delivery_rate=91508&cwnd=38400&unsent_bytes=0&cid=5a707dd8ed19fd2b&ts=2020&x=1", cfHdrFlush;dur=81
p3p
policyref="/w3c/p3p.xml", CP="CUR ADM OUR NOR STA NID"
date
Tue, 26 Nov 2024 12:20:43 GMT
content-type
text/css
last-modified
Sun, 03 Mar 2024 04:37:39 GMT
vary
Accept-Encoding
server
cloudflare
js
www.googletagmanager.com/gtag/ 		323 KB
107 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-PR8HK8LQ3K
Requested by
Host: go299.el3bha.net
URL: https://go299.el3bha.net/19844/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:806::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
51849e455712e83395a4fe1312ccd398987d5c022966a911d361d835fd6875be
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://go299.el3bha.net/

Response headers

content-encoding
br
report-to
{"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcycc:838:0"}],}
expires
Tue, 26 Nov 2024 12:20:44 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Tue, 26 Nov 2024 12:20:44 GMT
content-type
application/javascript; charset=UTF-8
vary
Accept-Encoding
access-control-allow-headers
Cache-Control
strict-transport-security
max-age=31536000; includeSubDomains
cache-control
private, max-age=900
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
content-security-policy-report-only
script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcycc:838:0
access-control-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to=coop_reporting
content-length
109715
x-xss-protection
0
server
Google Tag Manager
front-style.css
go299.el3bha.net/wp-content/plugins/wp-viral-quiz/css/ 		15 KB
5 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://go299.el3bha.net/wp-content/plugins/wp-viral-quiz/css/front-style.css
Requested by
Host: go299.el3bha.net
URL: https://go299.el3bha.net/19844/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3036::6815:4e6a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d2d852bce9546577be319e014d18cfd262cbdf88ea4857871ec1c190283da89a

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://go299.el3bha.net/19844/

Response headers

nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding
gzip
cf-cache-status
BYPASS
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=JYsgDTEY0zHbrvaooIvcnE23De1HAX4bcXuUCNn%2B8ki8jjMaYKOUF9V09UNZlNA%2ByhSqdAam6TzmAjWRZQQxPX54DEhgoGngh0hN1MNACz7%2BaSsbXzcDiz6U3IOhFKQeIOwqr1I%2FqwRvslC339zK"}],"group":"cf-nel","max_age":604800}
cf-ray
8e89d58c3b51f14f-ORD
x-microcachable
0
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=118626&sent=74&recv=54&lost=0&retrans=0&sent_bytes=70557&recv_bytes=15760&delivery_rate=6121&cwnd=27600&unsent_bytes=0&cid=5a707dd8ed19fd2b&ts=1919&x=1", cfHdrFlush;dur=67
p3p
policyref="/w3c/p3p.xml", CP="CUR ADM OUR NOR STA NID"
date
Tue, 26 Nov 2024 12:20:43 GMT
content-type
text/css
last-modified
Fri, 27 Oct 2023 18:30:53 GMT
vary
Accept-Encoding
server
cloudflare
buzzfeed.css
go299.el3bha.net/wp-content/plugins/wp-viral-quiz/css/skins/ 		4 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://go299.el3bha.net/wp-content/plugins/wp-viral-quiz/css/skins/buzzfeed.css
Requested by
Host: go299.el3bha.net
URL: https://go299.el3bha.net/19844/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3036::6815:4e6a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d6f6bbdd9c055416b75d740007aa90137d7a6e3f116030040dc7b5ae9c7f21fa

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://go299.el3bha.net/19844/

Response headers

nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding
gzip
cf-cache-status
BYPASS
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=vTaLobIJkincWp0qvXLNgZT3PEekql3Uc%2BMnu2IaflIm7kZhMW9f4CwKs47jLM%2FIbAQ03zHVzaQubrPPnr2%2FXBndDHaDHbAByWN015TJEYoPNx6j5vv3LZ9KQw3DI5eLDpTKr3SHlkvhDmHmNDUF"}],"group":"cf-nel","max_age":604800}
cf-ray
8e89d58c3b52f14f-ORD
x-microcachable
0
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=118626&sent=74&recv=54&lost=0&retrans=0&sent_bytes=70557&recv_bytes=15760&delivery_rate=6121&cwnd=27600&unsent_bytes=0&cid=5a707dd8ed19fd2b&ts=1947&x=1", cfHdrFlush;dur=39
p3p
policyref="/w3c/p3p.xml", CP="CUR ADM OUR NOR STA NID"
date
Tue, 26 Nov 2024 12:20:43 GMT
content-type
text/css
last-modified
Fri, 27 Oct 2023 18:30:53 GMT
vary
Accept-Encoding
server
cloudflare
core.min.js
go299.el3bha.net/wp-includes/js/jquery/ui/ 		21 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://go299.el3bha.net/wp-includes/js/jquery/ui/core.min.js?ver=1.13.2
Requested by
Host: go299.el3bha.net
URL: https://go299.el3bha.net/19844/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3036::6815:4e6a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ca7dce2391845e8aec7da135f33fabd10f74eed28a532ac66fd01f761fcfb42f

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://go299.el3bha.net/19844/

Response headers

nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding
gzip
cf-cache-status
BYPASS
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=lPe4RP9EmCgvtJ3WTkVTfojIJHvE7aZG6SmTUQZAjap0oOGUC4EDeetXlaC%2BJBnGLfTv54y%2BSk%2FpCPs%2FZbpnZX80X5qcC95%2Fo6%2BgNjHyydvxE93Op3FUO4HSkfUcFMyO6kKlQAFW9L7UfSfoC52U"}],"group":"cf-nel","max_age":604800}
cf-ray
8e89d58c3b53f14f-ORD
x-microcachable
0
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=118626&sent=74&recv=54&lost=0&retrans=0&sent_bytes=70557&recv_bytes=15760&delivery_rate=6121&cwnd=27600&unsent_bytes=0&cid=5a707dd8ed19fd2b&ts=1954&x=1", cfHdrFlush;dur=32
p3p
policyref="/w3c/p3p.xml", CP="CUR ADM OUR NOR STA NID"
date
Tue, 26 Nov 2024 12:20:43 GMT
content-type
text/javascript
last-modified
Fri, 31 Mar 2023 19:33:55 GMT
vary
Accept-Encoding
server
cloudflare
tabs.min.js
go299.el3bha.net/wp-includes/js/jquery/ui/ 		12 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://go299.el3bha.net/wp-includes/js/jquery/ui/tabs.min.js?ver=1.13.2
Requested by
Host: go299.el3bha.net
URL: https://go299.el3bha.net/19844/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3036::6815:4e6a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6a0d53f68e013dac42a52a5264c5d28a12a06b6bc7cc1d63bc2d385558bd2dd7

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://go299.el3bha.net/19844/

Response headers

nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding
gzip
cf-cache-status
BYPASS
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=xsoqUiJvBxW0QzSWau39C00Vi5yzMGpZ1nyFbu0Kl2%2Bz7S00K%2F9Qn5ghJVxlyY7ViCZYC5ewWvM6rP%2Bq0VKeOVrAMgylS4T3smdGWVowoUwGCRjgISYStR21RpYT2dQWfwerB8EvW35%2BS7VMSHYh"}],"group":"cf-nel","max_age":604800}
cf-ray
8e89d58c3b54f14f-ORD
x-microcachable
0
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=118626&sent=74&recv=54&lost=0&retrans=0&sent_bytes=70557&recv_bytes=15760&delivery_rate=6121&cwnd=27600&unsent_bytes=0&cid=5a707dd8ed19fd2b&ts=1950&x=1", cfHdrFlush;dur=36
p3p
policyref="/w3c/p3p.xml", CP="CUR ADM OUR NOR STA NID"
date
Tue, 26 Nov 2024 12:20:43 GMT
content-type
text/javascript
last-modified
Tue, 08 Nov 2022 14:24:27 GMT
vary
Accept-Encoding
server
cloudflare
debouncedresize.min.js
go299.el3bha.net/wp-content/themes/betheme/js/plugins/ 		472 B
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://go299.el3bha.net/wp-content/themes/betheme/js/plugins/debouncedresize.min.js?ver=27.3.7
Requested by
Host: go299.el3bha.net
URL: https://go299.el3bha.net/19844/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3036::6815:4e6a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7c5a0e187e68ccbf13dafd079e2c46c7917cc60b6959e5a881da324958f34d92

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://go299.el3bha.net/19844/

Response headers

nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding
zstd
cf-cache-status
BYPASS
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=akqwY9rS%2BJkp1h22r6VpDIRMPyz9y7RRRV5TNW6PHO79PQgpnAkG5OgP4WUN67Q6JKNnwPNS7m1maKM4dxxW4Dxm24s2K1nygdHIJi16HkHSTiZQOXuxfRbgrac050jJb4%2FilciZFSrZfUGcRLCa"}],"group":"cf-nel","max_age":604800}
cf-ray
8e89d58c3b55f14f-ORD
x-microcachable
0
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=118626&sent=74&recv=54&lost=0&retrans=0&sent_bytes=70557&recv_bytes=15760&delivery_rate=6121&cwnd=27600&unsent_bytes=0&cid=5a707dd8ed19fd2b&ts=1923&x=1", cfHdrFlush;dur=63
p3p
policyref="/w3c/p3p.xml", CP="CUR ADM OUR NOR STA NID"
date
Tue, 26 Nov 2024 12:20:43 GMT
content-type
text/javascript
last-modified
Sun, 03 Mar 2024 04:37:40 GMT
vary
Accept-Encoding
server
cloudflare
magnificpopup.min.js
go299.el3bha.net/wp-content/themes/betheme/js/plugins/ 		20 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://go299.el3bha.net/wp-content/themes/betheme/js/plugins/magnificpopup.min.js?ver=27.3.7
Requested by
Host: go299.el3bha.net
URL: https://go299.el3bha.net/19844/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3036::6815:4e6a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
82705acbecdd84306ce33e08f576eca6a688896895e6e48d1c36a4071fcba14e

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://go299.el3bha.net/19844/

Response headers

nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding
gzip
cf-cache-status
BYPASS
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=uhBcIXmYjtNYbdRvVBRNUstv5YQXEUvcMsUlYkZDA5nneh1tW7VpP%2F4Gh20%2BiOxasOJMRW1yyrqJ7NrMnxRIfjiMybvVN3cXFS0iKleJdj0PusyhblbnSmAv7ZPWTXUy6yrN%2BvO1MOncFSX3iyDB"}],"group":"cf-nel","max_age":604800}
cf-ray
8e89d58c3b56f14f-ORD
x-microcachable
0
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=118626&sent=74&recv=54&lost=0&retrans=0&sent_bytes=70557&recv_bytes=15760&delivery_rate=6121&cwnd=27600&unsent_bytes=0&cid=5a707dd8ed19fd2b&ts=1952&x=1", cfHdrFlush;dur=34
p3p
policyref="/w3c/p3p.xml", CP="CUR ADM OUR NOR STA NID"
date
Tue, 26 Nov 2024 12:20:43 GMT
content-type
text/javascript
last-modified
Sun, 03 Mar 2024 04:37:40 GMT
vary
Accept-Encoding
server
cloudflare
menu.js
go299.el3bha.net/wp-content/themes/betheme/js/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://go299.el3bha.net/wp-content/themes/betheme/js/menu.js?ver=27.3.7
Requested by
Host: go299.el3bha.net
URL: https://go299.el3bha.net/19844/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3036::6815:4e6a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e31562bbd4b9f377eec9662b440b0c1262ff73f7e85c3a6e3639635e4516013f

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://go299.el3bha.net/19844/

Response headers

nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding
gzip
cf-cache-status
BYPASS
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=ugHfyml8OFPov6KwB%2BB2M2s5szwtwfOXN7ZdicwXqHhK%2FxlAcHZoTuhEU%2FX93On1OZ%2BufIyhEjHy7GjZvKOJRWPZ8IqkLkqLdgin2RyLmXJJmMoCLBcqXz2M%2FQTuflwYdGv7T610v25wqTlP4%2BGV"}],"group":"cf-nel","max_age":604800}
cf-ray
8e89d58c3b57f14f-ORD
x-microcachable
0
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=118626&sent=74&recv=54&lost=0&retrans=0&sent_bytes=70557&recv_bytes=15760&delivery_rate=6121&cwnd=27600&unsent_bytes=0&cid=5a707dd8ed19fd2b&ts=1950&x=1", cfHdrFlush;dur=36
p3p
policyref="/w3c/p3p.xml", CP="CUR ADM OUR NOR STA NID"
date
Tue, 26 Nov 2024 12:20:43 GMT
content-type
text/javascript
last-modified
Sun, 03 Mar 2024 04:37:40 GMT
vary
Accept-Encoding
server
cloudflare
visible.min.js
go299.el3bha.net/wp-content/themes/betheme/js/plugins/ 		608 B
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://go299.el3bha.net/wp-content/themes/betheme/js/plugins/visible.min.js?ver=27.3.7
Requested by
Host: go299.el3bha.net
URL: https://go299.el3bha.net/19844/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3036::6815:4e6a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8ecf312a51fd23a6d2258191745ab900d7f393a4633515e0df6305cde42b1a3a

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://go299.el3bha.net/19844/

Response headers

nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding
zstd
cf-cache-status
BYPASS
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=byixn2LSnl92vQKMoo%2BmxfaUfT%2FFdJoS0e8eu0SUQ60w3FotqIefFnoHDI8e4%2FtphTnqcUtmXSkL8jWxMwrplY0LuOrX4eeV68Z3SbYeJEDaB9vS9wsNMPbw0FOiZbchzSpHhU4a97YVSi1Ec2eB"}],"group":"cf-nel","max_age":604800}
cf-ray
8e89d58c3b58f14f-ORD
x-microcachable
0
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=118626&sent=74&recv=54&lost=0&retrans=0&sent_bytes=70557&recv_bytes=15760&delivery_rate=6121&cwnd=27600&unsent_bytes=0&cid=5a707dd8ed19fd2b&ts=1909&x=1", cfHdrFlush;dur=77
p3p
policyref="/w3c/p3p.xml", CP="CUR ADM OUR NOR STA NID"
date
Tue, 26 Nov 2024 12:20:43 GMT
content-type
text/javascript
last-modified
Sun, 03 Mar 2024 04:37:40 GMT
vary
Accept-Encoding
server
cloudflare
animations.min.js
go299.el3bha.net/wp-content/themes/betheme/assets/animations/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://go299.el3bha.net/wp-content/themes/betheme/assets/animations/animations.min.js?ver=27.3.7
Requested by
Host: go299.el3bha.net
URL: https://go299.el3bha.net/19844/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3036::6815:4e6a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
aeae8ba7d9c8ee997a8ddb5f5ec82381ed7851b750e4d1f466a1f19fad7a8462

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://go299.el3bha.net/19844/

Response headers

nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding
gzip
cf-cache-status
BYPASS
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=paY34VqI1vNeRERi8mOR8vXjuPPi%2Bv2JbpiatzR5X9900rt%2F4uuiKQkmetX5I8shUpGocvbpouBbjCXNf9G4eFhUgPaJ%2BAkE8Ach6ZiE0ya2Zz%2BuiaUXzMGJKk2Qebmq5Vd2Erv7X6hxljSt2lFU"}],"group":"cf-nel","max_age":604800}
cf-ray
8e89d58c3b5af14f-ORD
x-microcachable
0
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=118626&sent=74&recv=54&lost=0&retrans=0&sent_bytes=70557&recv_bytes=15760&delivery_rate=6121&cwnd=27600&unsent_bytes=0&cid=5a707dd8ed19fd2b&ts=1907&x=1", cfHdrFlush;dur=79
p3p
policyref="/w3c/p3p.xml", CP="CUR ADM OUR NOR STA NID"
date
Tue, 26 Nov 2024 12:20:43 GMT
content-type
text/javascript
last-modified
Sun, 03 Mar 2024 04:37:39 GMT
vary
Accept-Encoding
server
cloudflare
stickysidebar.min.js
go299.el3bha.net/wp-content/themes/betheme/js/plugins/ 		12 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://go299.el3bha.net/wp-content/themes/betheme/js/plugins/stickysidebar.min.js?ver=27.3.7
Requested by
Host: go299.el3bha.net
URL: https://go299.el3bha.net/19844/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3036::6815:4e6a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5667b095b36ff6e6ac5365fd5d517bd3d0b6cdbf32d36daf479c5334ba655760

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://go299.el3bha.net/19844/

Response headers

nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding
gzip
cf-cache-status
BYPASS
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=%2FwCSVU6vtB3q4FgGkA%2Fjl3vyJrD9a%2FJhwtYLWJCoTR%2FZCxli9E9ihwUhaAMujJBk%2F2vdiR%2FZQN058zKoTXCg2gbN2wm0MfPfDqDwa%2BflWt%2Bw1yPOf7XyDNFCiJKX5MW2eSRcLLFXcqO9jJguRBxZ"}],"group":"cf-nel","max_age":604800}
cf-ray
8e89d58c3b5bf14f-ORD
x-microcachable
0
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=118626&sent=74&recv=54&lost=0&retrans=0&sent_bytes=70557&recv_bytes=15760&delivery_rate=6121&cwnd=27600&unsent_bytes=0&cid=5a707dd8ed19fd2b&ts=1948&x=1", cfHdrFlush;dur=38
p3p
policyref="/w3c/p3p.xml", CP="CUR ADM OUR NOR STA NID"
date
Tue, 26 Nov 2024 12:20:43 GMT
content-type
text/javascript
last-modified
Sun, 03 Mar 2024 04:37:40 GMT
vary
Accept-Encoding
server
cloudflare
enllax.min.js
go299.el3bha.net/wp-content/themes/betheme/js/plugins/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://go299.el3bha.net/wp-content/themes/betheme/js/plugins/enllax.min.js?ver=27.3.7
Requested by
Host: go299.el3bha.net
URL: https://go299.el3bha.net/19844/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3036::6815:4e6a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c24a7908e8bccfb36947de91ab342f33f1c966b31f50ed1fb83d9d8b3d579a1f

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://go299.el3bha.net/19844/

Response headers

nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding
gzip
cf-cache-status
BYPASS
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=XR1Lwfb1TYteBK%2FU0R0Nys5hOf5lKvxJojz0GGUZCEp71ClqOONNr4DSNIOkJZMLBkh66p29uOSJRwWcnNPxoynnhLfZhVRC0L4%2FHHtYdTeRgXb1M968ilH0uhFeIOTJQD6SEgzpB0RoUJlbKnIa"}],"group":"cf-nel","max_age":604800}
cf-ray
8e89d58c3b5df14f-ORD
x-microcachable
0
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=118626&sent=74&recv=54&lost=0&retrans=0&sent_bytes=70557&recv_bytes=15760&delivery_rate=6121&cwnd=27600&unsent_bytes=0&cid=5a707dd8ed19fd2b&ts=1914&x=1", cfHdrFlush;dur=72
p3p
policyref="/w3c/p3p.xml", CP="CUR ADM OUR NOR STA NID"
date
Tue, 26 Nov 2024 12:20:43 GMT
content-type
text/javascript
last-modified
Sun, 03 Mar 2024 04:37:40 GMT
vary
Accept-Encoding
server
cloudflare
translate3d.js
go299.el3bha.net/wp-content/themes/betheme/js/parallax/ 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://go299.el3bha.net/wp-content/themes/betheme/js/parallax/translate3d.js?ver=27.3.7
Requested by
Host: go299.el3bha.net
URL: https://go299.el3bha.net/19844/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3036::6815:4e6a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
19906e9585e0f90c005878ee2c63fcd8d1ed933a0ef6bea16bb1a2226b075b40

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://go299.el3bha.net/19844/

Response headers

nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding
gzip
cf-cache-status
BYPASS
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=GJBo6nubrweqwhrHrTjDB20jRx%2B9fLPNk280YoldooY%2BCYP86ak000X%2FVqsdHIbi1tZVaELlGqV30QITEe6kvjY2DaNs2t2GW8oSHIbFV9W2304PUs3Kvq43W0qfE%2Fs8Li%2FW7TgHHnrMnLnlkYaf"}],"group":"cf-nel","max_age":604800}
cf-ray
8e89d58c3b60f14f-ORD
x-microcachable
0
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=118626&sent=74&recv=54&lost=0&retrans=0&sent_bytes=70557&recv_bytes=15760&delivery_rate=6121&cwnd=27600&unsent_bytes=0&cid=5a707dd8ed19fd2b&ts=1921&x=1", cfHdrFlush;dur=65
p3p
policyref="/w3c/p3p.xml", CP="CUR ADM OUR NOR STA NID"
date
Tue, 26 Nov 2024 12:20:43 GMT
content-type
text/javascript
last-modified
Sun, 03 Mar 2024 04:37:40 GMT
vary
Accept-Encoding
server
cloudflare
underscore.min.js
go299.el3bha.net/wp-includes/js/ 		18 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://go299.el3bha.net/wp-includes/js/underscore.min.js?ver=1.13.4
Requested by
Host: go299.el3bha.net
URL: https://go299.el3bha.net/19844/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3036::6815:4e6a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
726b820e44f6ab90ad991d30a4bf26d3a5d71493cbcd1fb1efd0d14e89b9df2a

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://go299.el3bha.net/19844/

Response headers

nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding
gzip
cf-cache-status
BYPASS
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=ZNv0cQ%2FmKKkXObTtfRhNjQZ5uYCUecmyyTOVK7eR9XLNHeGnLIpPBRNKU%2Br9KnvnE4HiRhA%2Bopt3X%2F8lv4BCy982HZ%2Fmaz7hH05RWIrnQHCrjiRiW2V%2Bhr67XQ3MOtp7OkYTDIfBA0YRXGHCjlFh"}],"group":"cf-nel","max_age":604800}
cf-ray
8e89d58c3b61f14f-ORD
x-microcachable
0
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=120209&sent=112&recv=66&lost=0&retrans=0&sent_bytes=110791&recv_bytes=16278&delivery_rate=104431&cwnd=40800&unsent_bytes=0&cid=5a707dd8ed19fd2b&ts=2055&x=1", cfHdrFlush;dur=46
p3p
policyref="/w3c/p3p.xml", CP="CUR ADM OUR NOR STA NID"
date
Tue, 26 Nov 2024 12:20:44 GMT
content-type
text/javascript
last-modified
Tue, 08 Nov 2022 14:24:27 GMT
vary
Accept-Encoding
server
cloudflare
live-search.js
go299.el3bha.net/wp-content/themes/betheme/js/ 		16 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://go299.el3bha.net/wp-content/themes/betheme/js/live-search.js?ver=27.3.7
Requested by
Host: go299.el3bha.net
URL: https://go299.el3bha.net/19844/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3036::6815:4e6a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
719b9b9c28377d72aab747feebdd89fb6cc1b926d3f91cc70f522474c28761c0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://go299.el3bha.net/19844/

Response headers

nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding
gzip
cf-cache-status
BYPASS
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=MzxOTcO77Vtwj8YdmrOBmll4pEkvfqNDz7ondWBJ7MiDMndKtbXKJFzZo9yyQQh8qtH0%2FJRa6vnoxm9%2BTmX%2FhAsdib%2F0CzSgEoqtqZS18eCijvvId7dvd%2BYmycUErPIvgxauepkYmgbUopY5K4OI"}],"group":"cf-nel","max_age":604800}
cf-ray
8e89d58c3b63f14f-ORD
x-microcachable
0
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=118626&sent=74&recv=54&lost=0&retrans=0&sent_bytes=70557&recv_bytes=15760&delivery_rate=6121&cwnd=27600&unsent_bytes=0&cid=5a707dd8ed19fd2b&ts=1934&x=1", cfHdrFlush;dur=52
p3p
policyref="/w3c/p3p.xml", CP="CUR ADM OUR NOR STA NID"
date
Tue, 26 Nov 2024 12:20:43 GMT
content-type
text/javascript
last-modified
Sun, 03 Mar 2024 04:37:40 GMT
vary
Accept-Encoding
server
cloudflare
scripts.js
go299.el3bha.net/wp-content/themes/betheme/js/ 		146 KB
38 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://go299.el3bha.net/wp-content/themes/betheme/js/scripts.js?ver=27.3.7
Requested by
Host: go299.el3bha.net
URL: https://go299.el3bha.net/19844/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3036::6815:4e6a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e0e7c195a16b405d8edcc080ad188475ba10ae12b2ea4139c569727da864923d

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://go299.el3bha.net/19844/

Response headers

nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding
gzip
cf-cache-status
BYPASS
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=U2oPWodoqVmirOToPqNsWiJLojl334b6bwag7tkN0qIBbdGS5SBS5TcdavbNR2k2X6Bqy2Q%2BpfP8sT7k3GhhyXvchXnTup9Z2RCy5udYa5cmtkt3phswzRM2AGUsnW9qC9y7AtRJWwe4ePn%2Byzxa"}],"group":"cf-nel","max_age":604800}
cf-ray
8e89d58c3b65f14f-ORD
x-microcachable
0
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=120209&sent=112&recv=66&lost=0&retrans=0&sent_bytes=110791&recv_bytes=16278&delivery_rate=104431&cwnd=40800&unsent_bytes=0&cid=5a707dd8ed19fd2b&ts=2030&x=1", cfHdrFlush;dur=71
p3p
policyref="/w3c/p3p.xml", CP="CUR ADM OUR NOR STA NID"
date
Tue, 26 Nov 2024 12:20:43 GMT
content-type
text/javascript
last-modified
Sun, 03 Mar 2024 04:37:40 GMT
vary
Accept-Encoding
server
cloudflare
comment-reply.min.js
go299.el3bha.net/wp-includes/js/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://go299.el3bha.net/wp-includes/js/comment-reply.min.js?ver=6.5.3
Requested by
Host: go299.el3bha.net
URL: https://go299.el3bha.net/19844/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3036::6815:4e6a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e174a58a503ab84b3d1b9de12fd3895788204485170f1289e445f7b5b98ec789

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://go299.el3bha.net/19844/

Response headers

nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding
gzip
cf-cache-status
BYPASS
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=3lkzH4ZdlBGs0XpebCQzLrOnQKKIQGRQisY8LPUqg6UHxMdBtzYtyvZu1Y4EqAODHMTA%2BtcZNFe%2BZkQoQ5Lz5aSMqVbX1NVc1AifE7Pqzu2yFIU4h2KIsSGr5PDVrvg9H4YskSCXTslMMjyvDv2o"}],"group":"cf-nel","max_age":604800}
cf-ray
8e89d5913cc5f14f-ORD
x-microcachable
0
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=115002&sent=365&recv=116&lost=0&retrans=0&sent_bytes=388104&recv_bytes=19776&delivery_rate=1205107&cwnd=196800&unsent_bytes=0&cid=5a707dd8ed19fd2b&ts=2725&x=1", cfHdrFlush;dur=0
p3p
policyref="/w3c/p3p.xml", CP="CUR ADM OUR NOR STA NID"
date
Tue, 26 Nov 2024 12:20:44 GMT
content-type
text/javascript
last-modified
Wed, 06 Jul 2022 00:13:38 GMT
vary
Accept-Encoding
server
cloudflare
smush-lazy-load.min.js
go299.el3bha.net/wp-content/plugins/wp-smush-pro/app/assets/js/ 		8 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://go299.el3bha.net/wp-content/plugins/wp-smush-pro/app/assets/js/smush-lazy-load.min.js?ver=3.12.6
Requested by
Host: go299.el3bha.net
URL: https://go299.el3bha.net/19844/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3036::6815:4e6a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f65784e5e7332dc1e4bbeacbec70fdeef4a1bea84f16ce2ee144999719d195ce

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://go299.el3bha.net/19844/

Response headers

nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding
gzip
cf-cache-status
BYPASS
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=wfdhh%2Fw1kkSbzO2CGpYBSGZYaDZg%2Bog1Kj9ni94IUST7uqbcK%2BuOZsiON7pPRKgadIGEFAO7f%2BCXwcKsWIYgoMmlXGJlzKzYcd0e1VTINP6HmJp34NgaNVrdWJNwfzNSBDOvf0j1ys1mgm%2BocMkL"}],"group":"cf-nel","max_age":604800}
cf-ray
8e89d58c3b66f14f-ORD
x-microcachable
0
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=118626&sent=74&recv=54&lost=0&retrans=0&sent_bytes=70557&recv_bytes=15760&delivery_rate=6121&cwnd=27600&unsent_bytes=0&cid=5a707dd8ed19fd2b&ts=1960&x=1", cfHdrFlush;dur=26
p3p
policyref="/w3c/p3p.xml", CP="CUR ADM OUR NOR STA NID"
date
Tue, 26 Nov 2024 12:20:43 GMT
content-type
text/javascript
last-modified
Sun, 12 Mar 2023 15:00:31 GMT
vary
Accept-Encoding
server
cloudflare
main.js
go299.el3bha.net/wp-content/plugins/wp-viral-quiz-analytics/js/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://go299.el3bha.net/wp-content/plugins/wp-viral-quiz-analytics/js/main.js?ver=1.0.0
Requested by
Host: go299.el3bha.net
URL: https://go299.el3bha.net/19844/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3036::6815:4e6a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0cb8072bdbc2801316a4b70b624257bb9e0e102a7048ea143b091916b4e2334e

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://go299.el3bha.net/19844/

Response headers

nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding
gzip
cf-cache-status
BYPASS
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=vY8Q9oZyMmT3EdjkkYo7H69KlUQ%2B0Zd3aAmEUFSo%2FhVt1lsB%2BMnjFXZDXz2gtxVdX7BWCGhsPZscWvKLm%2FHqb2yCT4cEy8c7eJmadY0HElWInJJYXNkK6oHN7AlrCQwnNIqBarUzmGLJCWT8MSSa"}],"group":"cf-nel","max_age":604800}
cf-ray
8e89d58c3b68f14f-ORD
x-microcachable
0
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=118626&sent=74&recv=54&lost=0&retrans=0&sent_bytes=70557&recv_bytes=15760&delivery_rate=6121&cwnd=27600&unsent_bytes=0&cid=5a707dd8ed19fd2b&ts=1915&x=1", cfHdrFlush;dur=71
p3p
policyref="/w3c/p3p.xml", CP="CUR ADM OUR NOR STA NID"
date
Tue, 26 Nov 2024 12:20:43 GMT
content-type
text/javascript
last-modified
Sun, 01 May 2016 18:00:12 GMT
vary
Accept-Encoding
server
cloudflare
wpvq-front.js
go299.el3bha.net/wp-content/plugins/wp-viral-quiz/js/ 		40 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://go299.el3bha.net/wp-content/plugins/wp-viral-quiz/js/wpvq-front.js?ver=1.0%27%20DONOTMINIFYJS%20data-cfasync=%27false
Requested by
Host: go299.el3bha.net
URL: https://go299.el3bha.net/19844/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3036::6815:4e6a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d6709a95c1cb2c457ee25381bf020aeb3c015e0fbf071a4f48add12618124dc0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://go299.el3bha.net/19844/

Response headers

nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding
gzip
cf-cache-status
BYPASS
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=BznK63rs0RB%2F3IZneB5gyXRTZWdzK5AYw5NwY5Fc6e4kbAS4HM8hYi2fHfCqIrjI7mM5IJq%2FLfpRjwUrgHV8dSEuQ6OO%2FhEPn6kpzr4%2FDrColys2AWPvN93vLPw5VORBnemdwkMyLEtp0YxVaFdu"}],"group":"cf-nel","max_age":604800}
cf-ray
8e89d58c3b6af14f-ORD
x-microcachable
0
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=116181&sent=108&recv=65&lost=0&retrans=0&sent_bytes=105991&recv_bytes=16234&delivery_rate=91508&cwnd=38400&unsent_bytes=0&cid=5a707dd8ed19fd2b&ts=2011&x=1", cfHdrFlush;dur=90
p3p
policyref="/w3c/p3p.xml", CP="CUR ADM OUR NOR STA NID"
date
Tue, 26 Nov 2024 12:20:43 GMT
content-type
text/javascript
last-modified
Fri, 27 Oct 2023 18:30:53 GMT
vary
Accept-Encoding
server
cloudflare
wpvq-facebook-api.js
go299.el3bha.net/wp-content/plugins/wp-viral-quiz/js/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://go299.el3bha.net/wp-content/plugins/wp-viral-quiz/js/wpvq-facebook-api.js?ver=1.0%27%20DONOTMINIFYJS%20data-cfasync=%27false
Requested by
Host: go299.el3bha.net
URL: https://go299.el3bha.net/19844/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3036::6815:4e6a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
778168a9e434374dfc88d55d4aa6c7c25e03e23756af0ec9db1a438800ab389c

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://go299.el3bha.net/19844/

Response headers

nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding
gzip
cf-cache-status
BYPASS
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=p64345CxbFD0j5f0jHRIM8cS%2FV%2F2eWmNTRD%2BZnis518ZUHnTxCk1sHGkl6k6hSA%2FekoUqalmqS%2B5VtCv4Thusc2t9nvFrmb63iOkr4OaKeP4YY4itaFMM634Bjaq2ILtn0Zw0eLhnEOrKwi1xfxR"}],"group":"cf-nel","max_age":604800}
cf-ray
8e89d58c3b6bf14f-ORD
x-microcachable
0
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=118626&sent=74&recv=54&lost=0&retrans=0&sent_bytes=70557&recv_bytes=15760&delivery_rate=6121&cwnd=27600&unsent_bytes=0&cid=5a707dd8ed19fd2b&ts=1947&x=1", cfHdrFlush;dur=39
p3p
policyref="/w3c/p3p.xml", CP="CUR ADM OUR NOR STA NID"
date
Tue, 26 Nov 2024 12:20:43 GMT
content-type
text/javascript
last-modified
Fri, 27 Oct 2023 18:30:53 GMT
vary
Accept-Encoding
server
cloudflare
collect
region1.google-analytics.com/g/ 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://region1.google-analytics.com/g/collect?v=2&tid=G-1091S15PKM&gtm=45je4bk0v9170184955za200&_p=1732623643362&gcd=13l3l3l2l1l1&npa=1&dma_cps=syphamo&dma=1&tag_exp=101899377~101925629~102067555~102067808~102077855~102081485&cid=1041121296.1732623644&ul=de-de&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&are=1&frm=0&pscdl=noapi&_s=1&sid=1732623643&sct=1&seg=0&dl=https%3A%2F%2Fgo299.el3bha.net%2F19844%2F&dt=%D9%85%D8%A7%D9%87%D9%8A%20%D9%81%D8%B1%D8%B5%20%D8%AD%D8%B5%D9%88%D9%84%D9%83%20%D8%B9%D9%84%D9%89%20%D8%B3%D9%8A%D8%A7%D8%B1%D8%A9%20BMW%20XM%202023%20%D8%A7%D9%84%D8%AC%D8%AF%D9%8A%D8%AF%D8%A9%D8%9F%D8%9F%20%D9%87%D9%84%20%D8%A3%D9%86%D8%AA%20%D9%85%D8%A4%D9%87%D9%84%20%D9%84%D8%B0%D9%84%D9%83!!%20-%20%D8%A7%D9%84%D8%B9%D8%A8%D9%87%D8%A7&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1&tfd=1729
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-1091S15PKM
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://go299.el3bha.net/

Response headers

cache-control
no-cache, no-store, must-revalidate
pragma
no-cache
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
content-security-policy-report-only
script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsggc:86:0
report-to
{"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsggc:86:0"}],}
expires
Fri, 01 Jan 1990 00:00:00 GMT
access-control-allow-origin
https://go299.el3bha.net
cross-origin-opener-policy-report-only
same-origin; report-to=coop_reporting
content-length
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Tue, 26 Nov 2024 12:20:43 GMT
content-type
text/plain
server
Golfe2
imageedit_5_7127475093-scaled.webp
el3bha.com/wp-content/uploads/2023/11/ 		0
0
js
www.googletagmanager.com/gtag/ 		323 KB
107 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-PR8HK8LQ3K&l=dataLayer&cx=c&gtm=45je4bk0v9170184955za200
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-1091S15PKM
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:806::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
ae3ea696bdb1354e341a7eba83c205e7287fd6cb50e8715e710b21a7ecfa722d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://go299.el3bha.net/

Response headers

content-encoding
br
report-to
{"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcycc:838:0"}],}
expires
Tue, 26 Nov 2024 12:20:44 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Tue, 26 Nov 2024 12:20:44 GMT
content-type
application/javascript; charset=UTF-8
vary
Accept-Encoding
access-control-allow-headers
Cache-Control
strict-transport-security
max-age=31536000; includeSubDomains
cache-control
private, max-age=900
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
content-security-policy-report-only
script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcycc:838:0
access-control-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to=coop_reporting
content-length
109716
x-xss-protection
0
server
Google Tag Manager
truncated
/ 		37 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer

Response headers

Content-Type
image/gif
Almarai-Regular.ttf
el3bha.com/wp-content/uploads/2023/10/ 		0
0
Roboto-400-latin.woff2
go299.el3bha.net/wp-content/uploads/betheme/fonts/Roboto/ 		15 KB
16 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://go299.el3bha.net/wp-content/uploads/betheme/fonts/Roboto/Roboto-400-latin.woff2
Requested by
Host: go299.el3bha.net
URL: https://go299.el3bha.net/wp-content/uploads/betheme/fonts/mfn-local-fonts.css?ver=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3036::6815:4e6a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin
https://go299.el3bha.net
Referer
https://go299.el3bha.net/wp-content/uploads/betheme/fonts/mfn-local-fonts.css?ver=1

Response headers

nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-cache-status
BYPASS
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=bZ1lMtSidPN2kC6jiIuV40I2Wkv5Vq5N3D7OtRvgNSpb5BfCJ1XB2YsDtXEH86mSUx6N%2FtyoiLN25j%2FlBYkZH9rV9eFE63wIWAcvIPh1HDoi1myC%2BIpvNHW9tBZsYzX%2BYpQeOWj2OV67IFmYxlX%2B"}],"group":"cf-nel","max_age":604800}
cf-ray
8e89d5917d45f14f-ORD
x-microcachable
0
accept-ranges
bytes
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=115002&sent=381&recv=116&lost=0&retrans=0&sent_bytes=406496&recv_bytes=19776&delivery_rate=1205107&cwnd=196800&unsent_bytes=0&cid=5a707dd8ed19fd2b&ts=2842&x=1", cfHdrFlush;dur=0
content-length
15744
p3p
policyref="/w3c/p3p.xml", CP="CUR ADM OUR NOR STA NID"
date
Tue, 26 Nov 2024 12:20:44 GMT
content-type
font/woff2
last-modified
Mon, 30 Oct 2023 15:03:37 GMT
vary
Accept-Encoding
server
cloudflare
Cairo-400-latin.woff2
go299.el3bha.net/wp-content/uploads/betheme/fonts/Cairo/ 		15 KB
15 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://go299.el3bha.net/wp-content/uploads/betheme/fonts/Cairo/Cairo-400-latin.woff2
Requested by
Host: go299.el3bha.net
URL: https://go299.el3bha.net/wp-content/uploads/betheme/fonts/mfn-local-fonts.css?ver=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3036::6815:4e6a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
cc8b30e9bfe6a385b5619c0d0a34b8f562e02ee4c09ab0637eed496ca3944fcb

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin
https://go299.el3bha.net
Referer
https://go299.el3bha.net/wp-content/uploads/betheme/fonts/mfn-local-fonts.css?ver=1

Response headers

nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-cache-status
BYPASS
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=B4vmJZg%2F6fat1B95IKU02aqPUDnnRWIzyE0PBFKQb8jl4SPvOps8EPvUW1O0etYiXcQeLpY3L2t1To7%2F39zCT0OMT2mMrIwkl03OrhxVtFMDNICo%2BryjIZfK%2F6G2qaSACsVzTfi3xFShmf8kWoUy"}],"group":"cf-nel","max_age":604800}
cf-ray
8e89d5917d48f14f-ORD
x-microcachable
0
accept-ranges
bytes
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=115002&sent=367&recv=116&lost=0&retrans=0&sent_bytes=390328&recv_bytes=19776&delivery_rate=1205107&cwnd=196800&unsent_bytes=0&cid=5a707dd8ed19fd2b&ts=2838&x=1", cfHdrFlush;dur=0
content-length
15040
p3p
policyref="/w3c/p3p.xml", CP="CUR ADM OUR NOR STA NID"
date
Tue, 26 Nov 2024 12:20:44 GMT
content-type
font/woff2
last-modified
Mon, 30 Oct 2023 15:03:35 GMT
vary
Accept-Encoding
server
cloudflare
font-awesome.min.css
maxcdn.bootstrapcdn.com/font-awesome/4.3.0/css/ 		23 KB
6 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://maxcdn.bootstrapcdn.com/font-awesome/4.3.0/css/font-awesome.min.css
Requested by
Host: go299.el3bha.net
URL: https://go299.el3bha.net/wp-content/plugins/wp-viral-quiz/css/front-style.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6812:bcf , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
541ac58217a8ade1a5e292a65a0661dc9db7a49ae13654943817a4fbc6761afd
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://go299.el3bha.net/

Response headers

cdn-status
200
content-encoding
br
cf-cache-status
HIT
etag
"04425bbdc6243fc6e54bf8984fe50330"
age
1724545
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=86400
date
Tue, 26 Nov 2024 12:20:44 GMT
last-modified
Mon, 25 Jan 2021 22:04:54 GMT
content-type
text/css; charset=utf-8
vary
Accept-Encoding
cdn-cache
HIT
cdn-cachedat
11/03/2024 23:18:59
cdn-requestpullcode
200
strict-transport-security
max-age=31536000; includeSubDomains; preload
cache-control
public, max-age=31919000
cdn-requestpullsuccess
True
timing-allow-origin
*
cdn-requesttime
0
cdn-uid
b1941f61-b576-4f40-80de-5677acb38f74
cdn-requestid
36319f079b05c26e1524bbf7ec051dc9
cross-origin-resource-policy
cross-origin
cdn-pullzone
252412
cdn-proxyver
1.06
cf-ray
8e89d5930e2ad20e-FRA
access-control-allow-origin
*
cdn-edgestorageid
1068
server
cloudflare
cdn-requestcountrycode
US
collect
region1.google-analytics.com/g/ 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://region1.google-analytics.com/g/collect?v=2&tid=G-PR8HK8LQ3K&gtm=45je4bk0v9195997277za200zb9170184955&_p=1732623643362&gcd=13l3l3l2l1l1&npa=1&dma_cps=syphamo&dma=1&tag_exp=101925629~102067555~102067808~102077855~102081485&cid=1041121296.1732623644&ul=de-de&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&are=1&frm=0&pscdl=noapi&_s=1&sid=1732623644&sct=1&seg=0&dl=https%3A%2F%2Fgo299.el3bha.net%2F19844%2F&dt=%D9%85%D8%A7%D9%87%D9%8A%20%D9%81%D8%B1%D8%B5%20%D8%AD%D8%B5%D9%88%D9%84%D9%83%20%D8%B9%D9%84%D9%89%20%D8%B3%D9%8A%D8%A7%D8%B1%D8%A9%20BMW%20XM%202023%20%D8%A7%D9%84%D8%AC%D8%AF%D9%8A%D8%AF%D8%A9%D8%9F%D8%9F%20%D9%87%D9%84%20%D8%A3%D9%86%D8%AA%20%D9%85%D8%A4%D9%87%D9%84%20%D9%84%D8%B0%D9%84%D9%83!!%20-%20%D8%A7%D9%84%D8%B9%D8%A8%D9%87%D8%A7&en=page_view&_fv=1&_ss=1&_ee=1&tfd=2831
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-PR8HK8LQ3K&l=dataLayer&cx=c&gtm=45je4bk0v9170184955za200
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://go299.el3bha.net/

Response headers

cache-control
no-cache, no-store, must-revalidate
pragma
no-cache
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
content-security-policy-report-only
script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsggc:86:0
report-to
{"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsggc:86:0"}],}
expires
Fri, 01 Jan 1990 00:00:00 GMT
access-control-allow-origin
https://go299.el3bha.net
cross-origin-opener-policy-report-only
same-origin; report-to=coop_reporting
content-length
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Tue, 26 Nov 2024 12:20:44 GMT
content-type
text/plain
server
Golfe2
23005507456
fundingchoicesmessages.google.com/i/ 		196 KB
65 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://fundingchoicesmessages.google.com/i/23005507456?ers=3
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202411180101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:802::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
be859ce7673a543581e530596e363cb3914b2532899159183615580302aaf41a
Security Headers
Name Value
Content-Security-Policy require-trusted-types-for 'script';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport, script-src 'report-sample' 'nonce-s_ZcaarWH12slF-gQIYrOQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingWebSwitchboardHttp/cspreport/allowlist
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://go299.el3bha.net/

Response headers

content-encoding
gzip
x-content-type-options
nosniff
expires
Mon, 01 Jan 1990 00:00:00 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Tue, 26 Nov 2024 12:20:44 GMT
content-type
application/javascript; charset=utf-8
x-frame-options
SAMEORIGIN
reporting-endpoints
default="/_/ContributorServingWebSwitchboardHttp/web-reports?context=eJzjytDikmJw1pBikPj6kkkLiJ3SZ7CGAHHrzXOs04E46d951hIgNlS4xOoMxI5Fl1g9gVi15xKrORDfX3eJ9TkQzzh_mXUBEBdJXGFtAeLbTVdYHwMxw9crrBxALMTDMefXtF1sAg13ryxhVtJIyi-MT87PKynKTCotyS9KS05LLU4tKkstijcyMDIxNDS01DMwjC8wAABHbkIG"
content-security-policy
require-trusted-types-for 'script';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport, script-src 'report-sample' 'nonce-s_ZcaarWH12slF-gQIYrOQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingWebSwitchboardHttp/cspreport/allowlist
cache-control
no-cache, no-store, max-age=0, must-revalidate
timing-allow-origin
*
cross-origin-opener-policy
same-origin
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-resource-policy
cross-origin
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factors=*, ch-ua-platform=*, ch-ua-platform-version=*
x-xss-protection
0
server
ESF
00ab9b849381d71f8327b3e6061f82618b
wave.outbrain.com/mtWavesBundler/handler/ 		2 B
516 B 		Script
General
Check archive.org
Download Go to
Full URL
https://wave.outbrain.com/mtWavesBundler/handler/00ab9b849381d71f8327b3e6061f82618b
Requested by
Host: amplify.outbrain.com
URL: https://amplify.outbrain.com/cp/obtp.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
69.192.161.85 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a69-192-161-85.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://go299.el3bha.net/

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
Cache-Control
max-age=60
ob-sent-time
1732597947021
Content-Encoding
gzip
ETag
W/"2-vyGp6PvFo4RvsFtPoIWeCReyIC8"
Connection
keep-alive
Expires
Tue, 26 Nov 2024 12:21:44 GMT
Access-Control-Allow-Origin
*
X-CC
DE
Content-Length
22
X-RG
EU
Date
Tue, 26 Nov 2024 12:20:44 GMT
Content-Type
text/html; charset=utf-8
Vary
Accept-Encoding
x-traceid
5b5a6360d19c6ea55473daea37562e79
topics
amplify.outbrain.com/ 		26 B
301 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://amplify.outbrain.com/topics
Requested by
Host: amplify.outbrain.com
URL: https://amplify.outbrain.com/cp/obtp.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
69.192.161.85 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a69-192-161-85.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
6d0291f90718dc0537f65dc6a4f68d8e75f0a8a3a0b62836d9cf41350ecaf552

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://go299.el3bha.net/

Response headers

Cache-Control
max-age=1200
Connection
keep-alive
Observe-Browsing-Topics
?1
Expires
Tue, 26 Nov 2024 12:40:44 GMT
Access-Control-Allow-Origin
*
X-CC
DE
Content-Length
26
X-RG
EU
Date
Tue, 26 Nov 2024 12:20:44 GMT
Content-Type
text/html
unifiedPixel
tr.outbrain.com/ 		53 B
321 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://tr.outbrain.com/unifiedPixel?au=false&bust=010519650050643858&referrer=&cht=gtm&marketerId=00ab9b849381d71f8327b3e6061f82618b&name=PAGE_VIEW&dl=https%3A%2F%2Fgo299.el3bha.net%2F19844%2F&g=0&zone=all&obApiVersion=1.1&obtpVersion=2.0.5
Requested by
Host: amplify.outbrain.com
URL: https://amplify.outbrain.com/cp/obtp.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
70.42.32.127 , United States, ASN22075 (AS-OUTBRAIN, US),
Reverse DNS
ny.outbrain.com
Software
/
Resource Hash
b51f3497b0a65f1e1e87e75f5e7e823d871c23bcf76a5ee4101783c8f939e553
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://go299.el3bha.net/

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
cache-control
no-cache
content-length
54
content-encoding
br
date
Tue, 26 Nov 2024 12:20:45 GMT
content-type
image/gif;
x-traceid
b51f2db1d9be30ec9ce10bebcd8533ab
cachedClickId
tr.outbrain.com/ 		35 B
293 B 		Script
General
Check archive.org
Download Go to
Full URL
https://tr.outbrain.com/cachedClickId?marketerId=00ab9b849381d71f8327b3e6061f82618b
Requested by
Host: amplify.outbrain.com
URL: https://amplify.outbrain.com/cp/obtp.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
70.42.32.127 , United States, ASN22075 (AS-OUTBRAIN, US),
Reverse DNS
ny.outbrain.com
Software
/
Resource Hash
1d348f9f803c95305f63def9d75fd50e79e54a375e1a4a888edbbea366845580
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://go299.el3bha.net/

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
content-length
39
content-encoding
br
date
Tue, 26 Nov 2024 12:20:45 GMT
content-type
application/javascript
x-traceid
1cca100a1d3a819b3719e5b33c4148cd
css
fonts.googleapis.com/ 		3 KB
699 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Montserrat:400,700
Requested by
Host: go299.el3bha.net
URL: https://go299.el3bha.net/wp-content/plugins/wp-viral-quiz/css/skins/buzzfeed.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80b::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
593cb6a99ee681518baa0300381b64e7831df168d763b0d756643372674b5cee
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://go299.el3bha.net/

Response headers

content-encoding
gzip
x-content-type-options
nosniff
expires
Tue, 26 Nov 2024 12:20:44 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Tue, 26 Nov 2024 12:20:44 GMT
content-type
text/css; charset=utf-8
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
last-modified
Tue, 26 Nov 2024 10:26:16 GMT
x-frame-options
SAMEORIGIN
strict-transport-security
max-age=31536000
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
cross-origin-opener-policy
same-origin-allow-popups
cross-origin-resource-policy
cross-origin
access-control-allow-origin
*
x-xss-protection
0
server
ESF
main.MWQ3ODVjY2ZhMA.js
analytics.tiktok.com/i18n/pixel/static/ 		344 KB
96 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://analytics.tiktok.com/i18n/pixel/static/main.MWQ3ODVjY2ZhMA.js
Requested by
Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/events.js?sdkid=CLQ7GHBC77UFQEIN53DG&lib=ttq
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.36.162.219 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1 Akamai International B.V., NL),
Reverse DNS
a23-36-162-219.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
4f9fab1dba389fa19212a3c7cf89445cee3f9b26ffc4ff940f4f83668d11e44f

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://go299.el3bha.net/

Response headers

x-cache
TCP_MEM_HIT from a23-206-213-208.deploy.akamaitechnologies.com (AkamaiGHost/11.7.1-5d2a058efeda81c5505a169a6e16c38e) (-)
vary
Accept-Encoding
cache-control
public, max-age=31536000, immutable
content-encoding
gzip
x-tt-trace-tag
id=16;cdn-cache=hit;type=static
server-timing
cdn-cache; desc=HIT, edge; dur=0, origin; dur=0, inner; dur=2
x-tt-trace-id
00-2411191226451D0098E3A04FF318163B-5F19FE086AC6E5B6-00
content-length
97534
date
Tue, 26 Nov 2024 12:20:44 GMT
content-type
application/javascript; charset=UTF-8
x-tt-logid
202411191226451D0098E3A04FF318163B
server
nginx
x-akamai-request-id
495c7bae
x-tt-trace-host
0109a05a27afdb73ff5dc211b37353bd4ec7352d753d5cb1ef940162fc9d4ef207bfcda8c85d997880209d88c63012b9ec895a4c0e95073d7f252fd38ba97ed563bf1cadfff98793c8428c9ea2d425da05bd80335f5bbfda550ebc3eec84f46d84
sdk.js
connect.facebook.net/en_US/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/en_US/sdk.js
Requested by
Host: go299.el3bha.net
URL: https://go299.el3bha.net/19844/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f083:9:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
a6a6ff73819821675867880bdaad33f3242df12f28b568113281d780571215c3
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://go299.el3bha.net/

Response headers

content-md5
ZeErNRxS3LdrjM3hfFs4zA==
access-control-expose-headers
X-FB-Content-MD5
content-encoding
gzip
etag
"9058617c4c537d6082e26a7ba75d810c"
report-to
{"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
x-content-type-options
nosniff
expires
Tue, 26 Nov 2024 12:25:27 GMT
alt-svc
h3=":443"; ma=86400
date
Tue, 26 Nov 2024 12:20:44 GMT
content-type
application/x-javascript; charset=utf-8
vary
Accept-Encoding
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
priority
u=3,i
x-frame-options
DENY
strict-transport-security
max-age=31536000; preload; includeSubDomains
reporting-endpoints
coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
x-fb-content-md5
cba775deffb8f6403c46c7b1a93ff2e9
cache-control
public,max-age=1200,stale-while-revalidate=3600
timing-allow-origin
*
cross-origin-opener-policy
same-origin-allow-popups
x-fb-connection-quality
EXCELLENT; q=0.9, rtt=6, rtx=0, c=23, mss=1232, tbw=4470, tp=9, tpl=0, uplat=0, ullat=-1
x-fb-debug
uS5Z1A0yN/H43j1YhSaDFW/B4ioO+cs/x7hAkCvymoqU1uhAHHjQ28w4jENkPTmUapkHxexcpP5mSvTFnU1TCA==
cross-origin-resource-policy
cross-origin
permissions-policy
accelerometer=(), attribution-reporting=(), autoplay=(), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
document-policy
force-load-at-top
access-control-allow-origin
*
content-length
1687
origin-agent-cluster
?1
buzzfeed-checkbox-ok.jpg
go299.el3bha.net/wp-content/plugins/wp-viral-quiz/css/skins/ 		722 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://go299.el3bha.net/wp-content/plugins/wp-viral-quiz/css/skins/buzzfeed-checkbox-ok.jpg
Requested by
Host: go299.el3bha.net
URL: https://go299.el3bha.net/wp-content/plugins/wp-viral-quiz/css/skins/buzzfeed.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3036::6815:4e6a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
620b085556c43e1f6f05f57fc797c57c07447c20f9a04b2bb0c027113424f86c

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://go299.el3bha.net/wp-content/plugins/wp-viral-quiz/css/skins/buzzfeed.css

Response headers

nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-cache-status
BYPASS
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=gFJjOKZnRiQQr6F6khYK9Go4pNbz%2BCimIPU3fn8UOxFm8k4na8xPskb%2BOuAMYyqYMygXDPVr8TbFxAUQID06PcIcHbNb4znAfqBuE3z%2F%2F5bcqYcLZleB3VttevOdUQ6Oq5DdZxOzddtPhHMiO3J1"}],"group":"cf-nel","max_age":604800}
cf-ray
8e89d594abeff14f-ORD
x-microcachable
0
accept-ranges
bytes
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=114440&sent=412&recv=131&lost=0&retrans=0&sent_bytes=432322&recv_bytes=25651&delivery_rate=4785&cwnd=196800&unsent_bytes=0&cid=5a707dd8ed19fd2b&ts=3259&x=1", cfHdrFlush;dur=0
content-length
722
p3p
policyref="/w3c/p3p.xml", CP="CUR ADM OUR NOR STA NID"
date
Tue, 26 Nov 2024 12:20:45 GMT
content-type
image/jpeg
last-modified
Fri, 27 Oct 2023 18:30:53 GMT
vary
Accept-Encoding
server
cloudflare
big-loader.gif
go299.el3bha.net/wp-content/plugins/wp-viral-quiz/views/img/ 		16 KB
17 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://go299.el3bha.net/wp-content/plugins/wp-viral-quiz/views/img/big-loader.gif
Requested by
Host: go299.el3bha.net
URL: https://go299.el3bha.net/wp-content/plugins/wp-viral-quiz/css/front-style.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3036::6815:4e6a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1602cf0b6289b43c9b5ee278ca5dfc638d4df14dff297f0ea9bc729e34177aa9

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://go299.el3bha.net/wp-content/plugins/wp-viral-quiz/css/front-style.css

Response headers

nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-cache-status
BYPASS
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=AuN1Q4KN09sYaUBOQnNU2QV877n1pDwuls8btZo5r9PfNxb%2BwRXhV3EUKRofMqh0cjdaysiHyMQndgbsFRwb%2BnqeacnXqzkB4pKkt%2B%2BzIPBqQ9t0ZiZRAHscgPtPYajMSJAEOPb8zGYbZXFnW1zS"}],"group":"cf-nel","max_age":604800}
cf-ray
8e89d594abf2f14f-ORD
x-microcachable
0
accept-ranges
bytes
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=114440&sent=416&recv=131&lost=0&retrans=0&sent_bytes=435232&recv_bytes=25651&delivery_rate=4785&cwnd=196800&unsent_bytes=0&cid=5a707dd8ed19fd2b&ts=3352&x=1", cfHdrFlush;dur=0
content-length
16508
p3p
policyref="/w3c/p3p.xml", CP="CUR ADM OUR NOR STA NID"
date
Tue, 26 Nov 2024 12:20:45 GMT
content-type
image/gif
last-modified
Fri, 27 Oct 2023 18:30:53 GMT
vary
Accept-Encoding
server
cloudflare
loader.gif
go299.el3bha.net/wp-content/plugins/wp-viral-quiz/views/img/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://go299.el3bha.net/wp-content/plugins/wp-viral-quiz/views/img/loader.gif
Requested by
Host: go299.el3bha.net
URL: https://go299.el3bha.net/wp-content/plugins/wp-viral-quiz/css/front-style.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3036::6815:4e6a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e85051680f0ff9a856ae1a0c6ae38c4df0bc4af5df795185bee71ed57d161c13

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://go299.el3bha.net/wp-content/plugins/wp-viral-quiz/css/front-style.css

Response headers

nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-cache-status
BYPASS
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=7yjWJkSwgp%2BcwKVjP0ZYTnIMKM47LdquQBX%2BLPkiZYlbQ9IpOPUxm2XmDLiBLXt5Q3LuMuJHcD2ptlJPi2JemcMjswraiRTqzfdw7cU7Gxk3FWTSARAmUUDnvS23xN3pVTKac5PVTZ%2BjOQ4J66E4"}],"group":"cf-nel","max_age":604800}
cf-ray
8e89d594abf3f14f-ORD
x-microcachable
0
accept-ranges
bytes
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=114440&sent=409&recv=131&lost=0&retrans=0&sent_bytes=428845&recv_bytes=25651&delivery_rate=4785&cwnd=196800&unsent_bytes=0&cid=5a707dd8ed19fd2b&ts=3252&x=1", cfHdrFlush;dur=0
content-length
2637
p3p
policyref="/w3c/p3p.xml", CP="CUR ADM OUR NOR STA NID"
date
Tue, 26 Nov 2024 12:20:45 GMT
content-type
image/gif
last-modified
Fri, 27 Oct 2023 18:30:53 GMT
vary
Accept-Encoding
server
cloudflare
icons.woff2
go299.el3bha.net/wp-content/themes/betheme/fonts/mfn/ 		70 KB
71 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://go299.el3bha.net/wp-content/themes/betheme/fonts/mfn/icons.woff2?11083851
Requested by
Host: go299.el3bha.net
URL: https://go299.el3bha.net/wp-content/themes/betheme/css/be.css?ver=27.3.7
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3036::6815:4e6a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c0fa90ca6e7303bfcf6bfa7d412e8fc370c8c9b5188a6700a902be3ecc9e9456

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin
https://go299.el3bha.net
Referer
https://go299.el3bha.net/wp-content/themes/betheme/css/be.css?ver=27.3.7

Response headers

nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-cache-status
BYPASS
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=k32D5zp81jDptzswNaHqt%2FISCZs%2F0pbIoYu1HaA%2FCCobcwRYnpfQCbY7rVH8gUb73rJdVo28ipN9tcjUSslJQ0lS6qTG%2FKJQHZRFqP3%2B2%2Fs%2FX2%2FVRz%2B1bYDp93AzC5KGJV%2FDqfGogSyrdsU%2Fc18B"}],"group":"cf-nel","max_age":604800}
cf-ray
8e89d594bc28f14f-ORD
x-microcachable
0
accept-ranges
bytes
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=114440&sent=445&recv=131&lost=0&retrans=0&sent_bytes=469340&recv_bytes=25651&delivery_rate=4785&cwnd=196800&unsent_bytes=0&cid=5a707dd8ed19fd2b&ts=3360&x=1", cfHdrFlush;dur=0
content-length
72136
p3p
policyref="/w3c/p3p.xml", CP="CUR ADM OUR NOR STA NID"
date
Tue, 26 Nov 2024 12:20:45 GMT
content-type
font/woff2
last-modified
Sun, 03 Mar 2024 04:37:40 GMT
vary
Accept-Encoding
server
cloudflare
JTUSjIg1_i6t8kCHKm459Wlhyw.woff2
fonts.gstatic.com/s/montserrat/v29/ 		37 KB
37 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/montserrat/v29/JTUSjIg1_i6t8kCHKm459Wlhyw.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Montserrat:400,700
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
fdc9964050bfa24c27a3c76c6791b3674292a5f352cbc83d7a4dc49595bc3fb1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin
https://go299.el3bha.net
Referer
https://fonts.googleapis.com/

Response headers

age
445794
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
x-content-type-options
nosniff
expires
Fri, 21 Nov 2025 08:30:50 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Thu, 21 Nov 2024 08:30:50 GMT
last-modified
Wed, 06 Nov 2024 17:30:37 GMT
content-type
font/woff2
cache-control
public, max-age=31536000
timing-allow-origin
*
cross-origin-opener-policy
same-origin; report-to="apps-themes"
cross-origin-resource-policy
cross-origin
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
accept-ranges
bytes
access-control-allow-origin
*
content-length
37828
x-xss-protection
0
server
sffe
Cairo-700-latin.woff2
go299.el3bha.net/wp-content/uploads/betheme/fonts/Cairo/ 		15 KB
16 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://go299.el3bha.net/wp-content/uploads/betheme/fonts/Cairo/Cairo-700-latin.woff2
Requested by
Host: go299.el3bha.net
URL: https://go299.el3bha.net/wp-content/uploads/betheme/fonts/mfn-local-fonts.css?ver=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3036::6815:4e6a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2fdd535e5cf84aa96b0329bea21f6f060400a4fc699aba9fc3c651a63caa3d03

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin
https://go299.el3bha.net
Referer
https://go299.el3bha.net/wp-content/uploads/betheme/fonts/mfn-local-fonts.css?ver=1

Response headers

nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-cache-status
BYPASS
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Yq3MrT2OmYoL1PlPdIWB%2FYel7JUhnCvfvODoA3rTFwCNSFo2jf6xY6OHZp9fISLIEDeFFfYbGpYgVfvVDTpoef0eWHJN92Lne9ZV%2FjtDcswt1CScv%2B%2BlBuSAX1xsbVpw39CBsYr5uDxdLzb4QeP4"}],"group":"cf-nel","max_age":604800}
cf-ray
8e89d594bc2bf14f-ORD
x-microcachable
0
accept-ranges
bytes
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=114440&sent=431&recv=131&lost=0&retrans=0&sent_bytes=452885&recv_bytes=25651&delivery_rate=4785&cwnd=196800&unsent_bytes=0&cid=5a707dd8ed19fd2b&ts=3357&x=1", cfHdrFlush;dur=0
content-length
15328
p3p
policyref="/w3c/p3p.xml", CP="CUR ADM OUR NOR STA NID"
date
Tue, 26 Nov 2024 12:20:45 GMT
content-type
font/woff2
last-modified
Mon, 30 Oct 2023 15:03:36 GMT
vary
Accept-Encoding
server
cloudflare
sdk.js
connect.facebook.net/en_US/ 		248 KB
73 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/en_US/sdk.js?hash=1aac8725cd2106503d3213275b4e0b09
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/sdk.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f083:9:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
32265156798c43795caaf90cb83b52116c7f52c0b1ba264de805583304350e2a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin
https://go299.el3bha.net
Referer
https://go299.el3bha.net/

Response headers

content-md5
alp3kfPTzAAVKo8bE+ntIA==
access-control-expose-headers
X-FB-Content-MD5
content-encoding
gzip
etag
"c3863f6d82390cde60997a53daf8b8aa"
report-to
{"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
x-content-type-options
nosniff
expires
Wed, 26 Nov 2025 11:51:39 GMT
alt-svc
h3=":443"; ma=86400
date
Tue, 26 Nov 2024 12:20:44 GMT
content-type
application/x-javascript; charset=utf-8
vary
Accept-Encoding
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
priority
u=3,i
x-frame-options
DENY
strict-transport-security
max-age=31536000; preload; includeSubDomains
reporting-endpoints
coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
x-fb-content-md5
72df50d3fbcd7d6e3e7bc1765ad4ff85
cache-control
public,max-age=31536000,stale-while-revalidate=3600,immutable
timing-allow-origin
*
cross-origin-opener-policy
same-origin-allow-popups
x-fb-connection-quality
UNKNOWN; q=-1, rtt=-1, rtx=0, c=20, mss=1232, tbw=1826, tp=5, tpl=0, uplat=0, ullat=-1
x-fb-debug
KYeGyigY5tDj9i5HP86S2dOMnd87R7DF+1hTGnga+XbDxMKLft3Rv+unQqB6MOJkHUJsJBb/7tf40kW5051pLw==
cross-origin-resource-policy
cross-origin
permissions-policy
accelerometer=(), attribution-reporting=(), autoplay=(), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
document-policy
force-load-at-top
access-control-allow-origin
*
content-length
75124
origin-agent-cluster
?1
70b34a8a-7704-4b5d-a869-372c6d184d16-removebg-preview.png
el3bha.com/wp-content/uploads/2023/11/ 		0
0
ezgif.com-gif-maker-2022-09-21T104835.170-1024x576.jpg
go299.el3bha.net/wp-content/uploads/2023/02/ 		71 KB
71 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://go299.el3bha.net/wp-content/uploads/2023/02/ezgif.com-gif-maker-2022-09-21T104835.170-1024x576.jpg
Requested by
Host: go299.el3bha.net
URL: https://go299.el3bha.net/19844/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3036::6815:4e6a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
914115799172192d3f53b4f4f14a99d3bcef91644ef92cc2d4157bab51c88f43

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://go299.el3bha.net/19844/

Response headers

nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-cache-status
BYPASS
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=9h3dkYLCO2vAE7xqD2%2BQW9ZoAWxYkoVHi%2B7jnlzYJ4icqpW4WKf4vM6cswBUpjUY5xRTz3f3L8Sy5I7Gyo6S%2FC1DPEmSHcbWekwmA319fTYyOu%2F1wcMAaSzrIi2r%2BCN2GU2rANyjV63NWeNqMq2W"}],"group":"cf-nel","max_age":604800}
cf-ray
8e89d594fc9bf14f-ORD
x-microcachable
0
accept-ranges
bytes
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=114441&sent=478&recv=133&lost=0&retrans=0&sent_bytes=508230&recv_bytes=25740&delivery_rate=66723&cwnd=196800&unsent_bytes=0&cid=5a707dd8ed19fd2b&ts=3421&x=1", cfHdrFlush;dur=0
content-length
72385
p3p
policyref="/w3c/p3p.xml", CP="CUR ADM OUR NOR STA NID"
date
Tue, 26 Nov 2024 12:20:45 GMT
content-type
image/jpeg
last-modified
Tue, 14 Feb 2023 15:54:13 GMT
vary
Accept-Encoding
server
cloudflare
buzzfeed-checkbox-no.jpg
go299.el3bha.net/wp-content/plugins/wp-viral-quiz/css/skins/ 		554 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://go299.el3bha.net/wp-content/plugins/wp-viral-quiz/css/skins/buzzfeed-checkbox-no.jpg
Requested by
Host: go299.el3bha.net
URL: https://go299.el3bha.net/wp-content/plugins/wp-viral-quiz/css/skins/buzzfeed.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3036::6815:4e6a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6b757a1583dca37f84cee6142e46d36f85e0471501eed8bbff769dce71961258

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://go299.el3bha.net/wp-content/plugins/wp-viral-quiz/css/skins/buzzfeed.css

Response headers

nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-cache-status
BYPASS
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=aSTSvahy6DJFI2bgJM2K663Y6MTY5NrCupzpdSa9znHbVnlWPMQ%2FQhX9ZLgOi0Ra1npZ15MZew7V%2BVexszpx1FviBQLd2F7Dmdv1fRRVVW8L8BWacbpkdT0V3u8j%2B21XAOQ6r0ku%2FbEY3Os%2BFwk%2F"}],"group":"cf-nel","max_age":604800}
cf-ray
8e89d5950caaf14f-ORD
x-microcachable
0
accept-ranges
bytes
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=114440&sent=414&recv=131&lost=0&retrans=0&sent_bytes=433859&recv_bytes=25651&delivery_rate=4785&cwnd=196800&unsent_bytes=0&cid=5a707dd8ed19fd2b&ts=3338&x=1", cfHdrFlush;dur=0
content-length
554
p3p
policyref="/w3c/p3p.xml", CP="CUR ADM OUR NOR STA NID"
date
Tue, 26 Nov 2024 12:20:45 GMT
content-type
image/jpeg
last-modified
Fri, 27 Oct 2023 18:30:53 GMT
vary
Accept-Encoding
server
cloudflare
wp-emoji-release.min.js
go299.el3bha.net/wp-includes/js/ 		18 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://go299.el3bha.net/wp-includes/js/wp-emoji-release.min.js?ver=6.5.3
Requested by
Host: go299.el3bha.net
URL: https://go299.el3bha.net/19844/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3036::6815:4e6a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4e6ce5444c7f396cef0eb1fa3611034151e485dd06fbe5573a5583e1eebc98c3

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://go299.el3bha.net/19844/

Response headers

nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding
gzip
cf-cache-status
BYPASS
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=7RBtiRhLT5LhCnIqo9aFzQ8n2sTgh13JOPKpfqcQLJv4SzZJbSbvY0ygOuy5%2FhUYHUrx3%2F13ArE0cuQYN1UWSfWqkNwwxNd%2BbwzTcfTl28z7X9vi9pbfMi45MYasjEatXQYNUY1TqiY8d0YOQR19"}],"group":"cf-nel","max_age":604800}
cf-ray
8e89d5956d77f14f-ORD
x-microcachable
0
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=114361&sent=472&recv=132&lost=0&retrans=0&sent_bytes=501450&recv_bytes=25695&delivery_rate=64376&cwnd=196800&unsent_bytes=0&cid=5a707dd8ed19fd2b&ts=3393&x=1", cfHdrFlush;dur=0
p3p
policyref="/w3c/p3p.xml", CP="CUR ADM OUR NOR STA NID"
date
Tue, 26 Nov 2024 12:20:45 GMT
content-type
text/javascript
last-modified
Mon, 20 May 2024 19:28:33 GMT
vary
Accept-Encoding
server
cloudflare
main.js
go299.el3bha.net/cdn-cgi/challenge-platform/h/g/scripts/jsd/e4025c85ea63/ Frame AED2
Redirect Chain
  • https://go299.el3bha.net/cdn-cgi/challenge-platform/scripts/jsd/main.js
  • https://go299.el3bha.net/cdn-cgi/challenge-platform/h/g/scripts/jsd/e4025c85ea63/main.js?
8 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://go299.el3bha.net/cdn-cgi/challenge-platform/h/g/scripts/jsd/e4025c85ea63/main.js?
Requested by
Host: go299.el3bha.net
URL: https://go299.el3bha.net/19844/
Protocol
H3
Server
2606:4700:3036::6815:4e6a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b2f4b930e0c86b81cda5eb2ce29ac9bde2126e8c61aed112d6d5b818d4c3a1f1
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer

Response headers

cache-control
max-age=14400, stale-if-error=10800, stale-while-revalidate=10800, public
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding
zstd
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=4UcdypExzvIGQKGpFxwSFtSOmLclyUfDcokgtresNcN9qyfU6J%2BVmJBKmsmoOYsm9c2oRGd9sGbv5IEsiW41pQQcL1QL0Rw8DMbJtSWIE9xehn%2Fi5wfLqrQUPV4JOb%2Fu%2F9j49puRQdc69tjkTFtr"}],"group":"cf-nel","max_age":604800}
x-content-type-options
nosniff
cf-ray
8e89d5965f54f14f-ORD
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=114440&sent=405&recv=131&lost=0&retrans=0&sent_bytes=424277&recv_bytes=25651&delivery_rate=4785&cwnd=196800&unsent_bytes=0&cid=5a707dd8ed19fd2b&ts=3234&x=1", cfHdrFlush;dur=0
date
Tue, 26 Nov 2024 12:20:45 GMT
content-type
application/javascript; charset=UTF-8
vary
Accept-Encoding
server
cloudflare

Redirect headers

cache-control
max-age=300, stale-if-error=10800, stale-while-revalidate=10800, public
location
/cdn-cgi/challenge-platform/h/g/scripts/jsd/e4025c85ea63/main.js?
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=BepPK203VF1xpHd34m8ps%2FM1Iph2Y7S0XZdY%2FRhxJDFDOY1bP%2F5yh2RMygGussSjWqbcaqTV5eZ3T9E22Zwbv2anKUoPXbZQkDWLOUQwsLuV9ciR8MzE1eTmYi436pjdqgBBI66zmESR0qiYoYA2"}],"group":"cf-nel","max_age":604800}
cf-ray
8e89d5957d87f14f-ORD
access-control-allow-origin
*
alt-svc
h3=":443"; ma=86400
content-length
0
server-timing
cfL4;desc="?proto=QUIC&rtt=114822&sent=403&recv=129&lost=0&retrans=0&sent_bytes=423569&recv_bytes=25140&delivery_rate=241&cwnd=196800&unsent_bytes=0&cid=5a707dd8ed19fd2b&ts=3092&x=1", cfHdrFlush;dur=0
date
Tue, 26 Nov 2024 12:20:45 GMT
vary
Accept-Encoding
server
cloudflare
bmw-x7-update-11-scaled.webp
go299.el3bha.net/wp-content/uploads/2023/02/ 		76 KB
77 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://go299.el3bha.net/wp-content/uploads/2023/02/bmw-x7-update-11-scaled.webp
Requested by
Host: go299.el3bha.net
URL: https://go299.el3bha.net/19844/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3036::6815:4e6a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a81b6095cba358aa3727190a47aa357d1b840688e0d71e827df808d7c3f16fea

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://go299.el3bha.net/19844/

Response headers

nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-cache-status
BYPASS
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=P0eoElz9bn0tSsJPrKfWjvvMvvCY7CCaNfeSnv286BpWT%2F8UiOT0z5iVf0aBiEljwXlDClmMCDjLpfxWSZKltiXm2E%2BSrqt1Ncu%2BfpRQUP9Arv92etgdyM0i9PD5ArpXyInpkiNCruRoFHP8JL8u"}],"group":"cf-nel","max_age":604800}
cf-ray
8e89d5957d8cf14f-ORD
x-microcachable
0
accept-ranges
bytes
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=113627&sent=577&recv=142&lost=0&retrans=0&sent_bytes=625562&recv_bytes=26142&delivery_rate=514553&cwnd=196800&unsent_bytes=0&cid=5a707dd8ed19fd2b&ts=3555&x=1", cfHdrFlush;dur=0
content-length
77622
p3p
policyref="/w3c/p3p.xml", CP="CUR ADM OUR NOR STA NID"
date
Tue, 26 Nov 2024 12:20:45 GMT
content-type
image/webp
last-modified
Tue, 14 Feb 2023 15:54:30 GMT
vary
Accept-Encoding
server
cloudflare
AGSKWxXde1FlSR0Ca1IwK9JmQL7jk1th_4qPOvVob1WpriL-inh_ZuDQpZ0sPDn3BM4XeuCSmtNMQMxvjqstU-BOImA9t7Fb4T8RyRg8tTP0ePXYMeqwuGPLOu0PuL7Vzq8Js2-gP8RMnw==
fundingchoicesmessages.google.com/f/ 		433 KB
65 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://fundingchoicesmessages.google.com/f/AGSKWxXde1FlSR0Ca1IwK9JmQL7jk1th_4qPOvVob1WpriL-inh_ZuDQpZ0sPDn3BM4XeuCSmtNMQMxvjqstU-BOImA9t7Fb4T8RyRg8tTP0ePXYMeqwuGPLOu0PuL7Vzq8Js2-gP8RMnw==?fccs=W251bGwsbnVsbCxudWxsLG51bGwsbnVsbCxudWxsLFsxNzMyNjIzNjQ1LDUzMDAwMDAwXSxudWxsLG51bGwsbnVsbCxbbnVsbCxbN11dLCJodHRwczovL2dvMjk5LmVsM2JoYS5uZXQvMTk4NDQvIixudWxsLFtbOCwiOXo1a2RkdEtmVW8iXSxbOSwiZGUiXSxbMTksIjEiXSxbMTcsIlswXSJdXV0
Requested by
Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.de.9z5kddtKfUo.es5.O/am=DgY/d=1/rs=AJlcJMzkBJsxAS-0H2Lb7ZgEnnlVKdGwnA/m=kernel_loader,loader_js_executable
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:802::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
b68d8257d6f9b3e1e071423b2f3b1351d6a0afb4963a711d2c2174b1b3ac1995
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-3lPPUWcvUY5GzThAFJgTBQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingWebSwitchboardHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://go299.el3bha.net/

Response headers

content-encoding
gzip
x-content-type-options
nosniff
expires
Mon, 01 Jan 1990 00:00:00 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Tue, 26 Nov 2024 12:20:45 GMT
content-type
application/javascript; charset=utf-8
x-frame-options
SAMEORIGIN
reporting-endpoints
default="/_/ContributorServingWebSwitchboardHttp/web-reports?context=eJzjytDikmLw1ZBikPj6kkkLiJ3SZ7CGAHHrzXOs04E46d951hIgNlS4xOoMxI5Fl1g9gVi15xKrORDfX3eJ9TkQzzh_mXUBEBdJXGFtAeLbTVdYHwMxw9crrBxALMTNMffXtF1sAjcuzbRS0kjKL4xPzs8rKcpMKi3JL0pLTkstTi0qSy2KNzIwMjE0NLTUMzCMLzAAAAs3QbU"
content-security-policy
script-src 'report-sample' 'nonce-3lPPUWcvUY5GzThAFJgTBQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingWebSwitchboardHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport
cache-control
no-cache, no-store, max-age=0, must-revalidate
timing-allow-origin
*
cross-origin-opener-policy
same-origin
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-resource-policy
cross-origin
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factors=*, ch-ua-platform=*, ch-ua-platform-version=*
x-xss-protection
0
server
ESF
status
www.facebook.com/x/oauth/ 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://www.facebook.com/x/oauth/status?client_id=740673693856678&input_token&origin=1&redirect_uri=https%3A%2F%2Fgo299.el3bha.net%2F19844%2F&sdk=joey&wants_cookie_data=true
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/sdk.js?hash=1aac8725cd2106503d3213275b4e0b09
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f176:84:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; preload
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://go299.el3bha.net/

Response headers

access-control-expose-headers
fb-s
report-to
{"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown&brsid=7441561892705421405"}]}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
x-content-type-options
nosniff
expires
Sat, 01 Jan 2000 00:00:00 GMT
alt-svc
h3=":443"; ma=86400
date
Tue, 26 Nov 2024 12:20:45 GMT
content-type
text/plain; charset=UTF-8
x-fb-debug
FBJ50W4ZLd3niaUlyjP5Me+VJ8CgHBRjM7xV7BSnuyLRjNS3uqpmlnsQQwunQNUDVY1xBduZ+5u5yekG0U+Yxg==
priority
u=1,i
strict-transport-security
max-age=15552000; preload
reporting-endpoints
default="https://www.facebook.com/ajax/browser_error_reports/?device_level=unknown&brsid=7441561892705421405", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
cache-control
private, no-cache, no-store, must-revalidate
x-fb-connection-quality
EXCELLENT; q=0.9, rtt=6, rtx=0, c=23, mss=1232, tbw=4495, tp=10, tpl=0, uplat=48, ullat=0
pragma
no-cache
fb-s
unknown
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
permissions-policy
accelerometer=(), attribution-reporting=(self), autoplay=(), bluetooth=(), browsing-topics=(self), camera=(self), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(self), clipboard-write=(self), compute-pressure=(), display-capture=(self), encrypted-media=(self), fullscreen=(self), gamepad=*, geolocation=(self), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(self), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(self), midi=(), otp-credentials=(), payment=(), picture-in-picture=(self), private-state-token-issuance=(), publickey-credentials-get=(self), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), unload=(self), window-management=(), xr-spatial-tracking=(self);report-to="permissions_policy"
document-policy
force-load-at-top
access-control-allow-origin
https://go299.el3bha.net
content-length
0
origin-agent-cluster
?1
css
fonts.googleapis.com/ 		114 KB
6 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Archivo:400,500|Arimo:400,500|Bitter:400,500|EB+Garamond:400,500|Lato|Libre+Baskervill|Libre+Franklin:400,500|Lora:400,500|Google+Sans_old:regular,medium:400,500|Material+Icons|Google+Symbols|Merriweather|Montserrat:400,500|Mukta:400,500|Muli:400,500|Nunito:400,500|Open+Sans:400,500,600|Open+Sans+Condensed:400,600|Oswald:500|Playfair+Display:400,500|Poppins:400,500|Raleway:400,500|Roboto_old:400,500|Roboto+Condensed:400,500|Roboto+Slab:400,500|Slabo+27px|Source+Sans+Pro|Ubuntu:400,500|Volkhov&display=swap
Requested by
Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.de.9z5kddtKfUo.es5.O/d=1/exm=kernel_loader,loader_js_executable/ed=1/rs=AJlcJMwoTkmuAYzSfsxE5qTRUdN2LGVksA/m=web_iab_tcf_v2_wall_executable
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
41fd5a9efea51b6c6345afd1c34a99c4ad7f2f0407171bdf4de08e10a050355f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://go299.el3bha.net/

Response headers

content-encoding
gzip
x-content-type-options
nosniff
expires
Tue, 26 Nov 2024 12:20:45 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Tue, 26 Nov 2024 12:20:45 GMT
content-type
text/css; charset=utf-8
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
last-modified
Tue, 26 Nov 2024 12:20:45 GMT
x-frame-options
SAMEORIGIN
strict-transport-security
max-age=31536000
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
cross-origin-opener-policy
same-origin-allow-popups
cross-origin-resource-policy
cross-origin
access-control-allow-origin
*
x-xss-protection
0
server
ESF
qNZ8NiNH_Ox6X7EV44ycBGeieBsHREKic8qb_crlW5vf8I3Eb5Tf2lLk0Ks9y-vI6bfJp1xzzu11z5PkOAB02HqCGjBOA756WlrJ9EdRh-y2iKj2i9nj-w=h60
lh3.googleusercontent.com/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://lh3.googleusercontent.com/qNZ8NiNH_Ox6X7EV44ycBGeieBsHREKic8qb_crlW5vf8I3Eb5Tf2lLk0Ks9y-vI6bfJp1xzzu11z5PkOAB02HqCGjBOA756WlrJ9EdRh-y2iKj2i9nj-w=h60
Requested by
Host: go299.el3bha.net
URL: https://go299.el3bha.net/19844/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
fife /
Resource Hash
668b037638193f94f39ffb01d3beaa2ad97989a0eebd424dbb2a01be9a78b1dd
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://go299.el3bha.net/

Response headers

access-control-expose-headers
Content-Length
etag
"v1"
age
4039
x-content-type-options
nosniff
expires
Wed, 27 Nov 2024 11:13:26 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Tue, 26 Nov 2024 11:13:26 GMT
content-disposition
inline;filename="unnamed.png"
content-type
image/png
vary
Origin
cache-control
public, max-age=86400, no-transform
timing-allow-origin
*
access-control-allow-origin
*
content-length
3163
x-xss-protection
0
server
fife
memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
fonts.gstatic.com/s/opensans/v40/ 		47 KB
47 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/opensans/v40/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
Requested by
Host: go299.el3bha.net
URL: https://go299.el3bha.net/19844/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
3c4d6a1421c7ddb7e404521fe8c4cd5be5af446d7689cd880be26612eaad3cfa
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin
https://go299.el3bha.net
Referer
https://go299.el3bha.net/

Response headers

age
51682
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
x-content-type-options
nosniff
expires
Tue, 25 Nov 2025 21:59:23 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Mon, 25 Nov 2024 21:59:23 GMT
last-modified
Thu, 14 Dec 2023 02:08:40 GMT
content-type
font/woff2
cache-control
public, max-age=31536000
timing-allow-origin
*
cross-origin-opener-policy
same-origin; report-to="apps-themes"
cross-origin-resource-policy
cross-origin
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
accept-ranges
bytes
access-control-allow-origin
*
content-length
48236
x-xss-protection
0
server
sffe
AGSKWxWkMCAmWpXizHMlk0RkpNTuEu9Nra-TqTyNaZF6z9749Ukz_mGycJjGHafG8ErLZe1t_0UkhvjwyQcNONhyVxK-_IVvD_z2o2rQDSLK4KeYcgAJ5m-7ynz2MEZccC9s_Uj_ZOymUA==
fundingchoicesmessages.google.com/el/ 		0
28 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://fundingchoicesmessages.google.com/el/AGSKWxWkMCAmWpXizHMlk0RkpNTuEu9Nra-TqTyNaZF6z9749Ukz_mGycJjGHafG8ErLZe1t_0UkhvjwyQcNONhyVxK-_IVvD_z2o2rQDSLK4KeYcgAJ5m-7ynz2MEZccC9s_Uj_ZOymUA==
Requested by
Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.de.9z5kddtKfUo.es5.O/am=DgY/d=1/rs=AJlcJMzkBJsxAS-0H2Lb7ZgEnnlVKdGwnA/m=kernel_loader,loader_js_executable
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:802::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-Af8OYhIBM9EIphFvapO68A' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Content-Type
text/plain
Referer
https://go299.el3bha.net/

Response headers

access-control-max-age
86400
access-control-allow-methods
POST, GET, OPTIONS
x-content-type-options
nosniff
expires
Mon, 01 Jan 1990 00:00:00 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Tue, 26 Nov 2024 12:20:45 GMT
content-type
text/html; charset=utf-8
x-frame-options
SAMEORIGIN
reporting-endpoints
default="/_/ContributorLoggingHttp/web-reports?context=eJzjktDikmJw1pBicEqfwRoCxAxfr7ByALEQD8fcX9N2sQnc6F24h1HJJSm_MD45P68kNa9ENzGlWBfELspMKi3JL0Jhp5aBVOTkp6dn5qXHGxkYmRgaGlrqGZjGFxgAABr_Jj0"
content-security-policy
script-src 'report-sample' 'nonce-Af8OYhIBM9EIphFvapO68A' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
cache-control
no-cache, no-store, max-age=0, must-revalidate
cross-origin-opener-policy
same-origin
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
access-control-allow-credentials
true
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factors=*, ch-ua-platform=*, ch-ua-platform-version=*
access-control-allow-origin
https://go299.el3bha.net
content-length
0
x-xss-protection
0
server
ESF
AGSKWxWkMCAmWpXizHMlk0RkpNTuEu9Nra-TqTyNaZF6z9749Ukz_mGycJjGHafG8ErLZe1t_0UkhvjwyQcNONhyVxK-_IVvD_z2o2rQDSLK4KeYcgAJ5m-7ynz2MEZccC9s_Uj_ZOymUA==
fundingchoicesmessages.google.com/el/ 		0
28 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://fundingchoicesmessages.google.com/el/AGSKWxWkMCAmWpXizHMlk0RkpNTuEu9Nra-TqTyNaZF6z9749Ukz_mGycJjGHafG8ErLZe1t_0UkhvjwyQcNONhyVxK-_IVvD_z2o2rQDSLK4KeYcgAJ5m-7ynz2MEZccC9s_Uj_ZOymUA==
Requested by
Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.de.9z5kddtKfUo.es5.O/am=DgY/d=1/rs=AJlcJMzkBJsxAS-0H2Lb7ZgEnnlVKdGwnA/m=kernel_loader,loader_js_executable
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:802::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-D1BMlRDgncLUa3_o0SszYA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Content-Type
text/plain
Referer
https://go299.el3bha.net/

Response headers

access-control-max-age
86400
access-control-allow-methods
POST, GET, OPTIONS
x-content-type-options
nosniff
expires
Mon, 01 Jan 1990 00:00:00 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Tue, 26 Nov 2024 12:20:45 GMT
content-type
text/html; charset=utf-8
x-frame-options
SAMEORIGIN
reporting-endpoints
default="/_/ContributorLoggingHttp/web-reports?context=eJzjktDikmJw1pBicEqfwRoCxAxfr7ByALEQD8fcX9N2sQk0LN-wh1HJJSm_MD45P68kNa9ENzGlWBfELspMKi3JL0Jhp5aBVOTkp6dn5qXHGxkYmRgaGlrqGZjGFxgAAA0CJg4"
content-security-policy
script-src 'report-sample' 'nonce-D1BMlRDgncLUa3_o0SszYA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
cache-control
no-cache, no-store, max-age=0, must-revalidate
cross-origin-opener-policy
same-origin
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
access-control-allow-credentials
true
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factors=*, ch-ua-platform=*, ch-ua-platform-version=*
access-control-allow-origin
https://go299.el3bha.net
content-length
0
x-xss-protection
0
server
ESF
identify_45dd5971.js
analytics.tiktok.com/i18n/pixel/static/ 		146 KB
39 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://analytics.tiktok.com/i18n/pixel/static/identify_45dd5971.js
Requested by
Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/static/main.MWQ3ODVjY2ZhMA.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.36.162.219 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1 Akamai International B.V., NL),
Reverse DNS
a23-36-162-219.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
2adcf9fd70c1c834f4b13d732b66f4900cec9a6bbdc587b85dbc68cdd9a34be4

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://go299.el3bha.net/

Response headers

x-cache
TCP_HIT from a23-206-213-208.deploy.akamaitechnologies.com (AkamaiGHost/11.7.1-5d2a058efeda81c5505a169a6e16c38e) (-)
vary
Accept-Encoding
cache-control
public, max-age=31536000, immutable
content-encoding
gzip
x-tt-trace-tag
id=16;cdn-cache=hit;type=static
server-timing
cdn-cache; desc=HIT, edge; dur=0, origin; dur=0, inner; dur=4
x-tt-trace-id
00-2411150502435C04946703D4111013E1-2649AB6A07F09C6A-00
content-length
39458
date
Tue, 26 Nov 2024 12:20:45 GMT
content-type
application/javascript; charset=UTF-8
x-tt-logid
202411150502435C04946703D4111013E1
server
nginx
x-akamai-request-id
495c817c
x-tt-trace-host
012250f769b68e8b62aadc66d48d555072e4078548392c303d871c5140b2e710d68784e87243e84c8668a99a6ea7a1e2e25a552a9760418ccb4f62b6169d8c21898032dfa18d787665fb1d41d45a878b85caa95dce50373be8a2a1f499407c3b9a
pixel
analytics.tiktok.com/api/v2/ 		0
879 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://analytics.tiktok.com/api/v2/pixel
Requested by
Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/static/main.MWQ3ODVjY2ZhMA.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.36.162.219 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1 Akamai International B.V., NL),
Reverse DNS
a23-36-162-219.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Content-Type
text/plain;charset=UTF-8
Referer
https://go299.el3bha.net/

Response headers

x-cache-remote
TCP_MISS from a23-48-249-134.deploy.akamaitechnologies.com (AkamaiGHost/11.7.1-5d2a058efeda81c5505a169a6e16c38e) (-)
access-control-allow-methods
GET,POST,PUT,PATCH,DELETE,HEAD,OPTIONS,UPDATE
expires
Tue, 26 Nov 2024 12:20:45 GMT
server-timing
cdn-cache; desc=MISS, edge; dur=105, origin; dur=100, inner; dur=96
x-cache
TCP_MISS from a23-206-213-208.deploy.akamaitechnologies.com (AkamaiGHost/11.7.1-5d2a058efeda81c5505a169a6e16c38e) (-)
date
Tue, 26 Nov 2024 12:20:45 GMT
x-akamai-request-id
73e24cf.495c817d
access-control-allow-headers
Authorization,*
x-tt-trace-host
01071338e576d3120912a2d25762897a4e47a9e8447199f9f14a9bcc417b821d444b065dc19b10c56fc918491fc2d0af4d4391cb3516d5cc48a83358c026ab4ffa6aa8eb6f3b7c185d23f0e92a8526e4bef3d4926e3312e9b6ddccf68856fc93b5250cb15f9af0f1b28f7034ac76566a07
x-origin-response-time
101,23.48.249.134
cache-control
max-age=0, no-cache, no-store
pragma
no-cache
x-tt-trace-tag
id=16;cdn-cache=miss;type=dyn
access-control-allow-origin
*
x-tt-trace-id
00-2411261220452C3CF8055A6EDD2DDFBA-25FBACAE3702F495-00
content-length
0
x-parent-response-time
193,23.206.213.208
x-tt-logid
202411261220452C3CF8055A6EDD2DDFBA
server
nginx
8e89d5846b67f14f
go299.el3bha.net/cdn-cgi/challenge-platform/h/g/jsd/r/ Frame AED2 		0
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://go299.el3bha.net/cdn-cgi/challenge-platform/h/g/jsd/r/8e89d5846b67f14f
Requested by
Host: go299.el3bha.net
URL: https://go299.el3bha.net/cdn-cgi/challenge-platform/scripts/jsd/main.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3036::6815:4e6a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Content-Type
application/json
Referer

Response headers

nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=OR%2FIDU1f%2F5tqXNz65eRdYkJwFBgOKFavgfiS4S4rgqln1Fmu5lBN7DO41sKzEygZojvZd28brDPaHvVF3P7zMEl%2BjneRGVs%2BiffmKDREWXFRCy6gGmj9cw6SDcqwKtdgDBrQWnjPR4WeOvdXjjzr"}],"group":"cf-nel","max_age":604800}
cf-ray
8e89d5993d22f14f-ORD
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=113506&sent=653&recv=172&lost=0&retrans=0&sent_bytes=705969&recv_bytes=44247&delivery_rate=1178130&cwnd=196800&unsent_bytes=0&cid=5a707dd8ed19fd2b&ts=3707&x=1", cfHdrFlush;dur=0
content-length
0
date
Tue, 26 Nov 2024 12:20:45 GMT
content-type
text/plain; charset=UTF-8
server
cloudflare
act
analytics.tiktok.com/api/v2/pixel/ 		0
721 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://analytics.tiktok.com/api/v2/pixel/act
Requested by
Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/static/main.MWQ3ODVjY2ZhMA.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.36.162.219 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1 Akamai International B.V., NL),
Reverse DNS
a23-36-162-219.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Content-Type
text/plain;charset=UTF-8
Referer
https://go299.el3bha.net/

Response headers

access-control-allow-methods
GET,POST,PUT,PATCH,DELETE,HEAD,OPTIONS,UPDATE
expires
Tue, 26 Nov 2024 12:20:46 GMT
server-timing
inner; dur=48, cdn-cache; desc=MISS, edge; dur=14, origin; dur=383
x-cache
TCP_MISS from a23-206-213-208.deploy.akamaitechnologies.com (AkamaiGHost/11.7.1-5d2a058efeda81c5505a169a6e16c38e) (-)
date
Tue, 26 Nov 2024 12:20:46 GMT
x-akamai-request-id
495c83a3
access-control-allow-headers
Authorization,*
x-tt-trace-host
01071338e576d3120912a2d25762897a4e47a9e8447199f9f14a9bcc417b821d4456c05a7e4c38182ec601da47463e6afe4395181245abc312fbcdd3e6c9b411f0ae1017dd6ae6080470fc0337ebca2d9f4169ed07f883c54e74e6a6212c755b5c
x-origin-response-time
383,23.206.213.208
cache-control
max-age=0, no-cache, no-store
pragma
no-cache
x-tt-trace-tag
id=16;cdn-cache=miss;type=dyn
access-control-allow-origin
*
x-tt-trace-id
00-241126122045F5BF779E3DD5F7246BC2-6E9276FF4842CAEB-00
content-length
0
x-tt-logid
20241126122045F5BF779E3DD5F7246BC2
server
nginx
70b34a8a-7704-4b5d-a869-372c6d184d16-removebg-preview.png
el3bha.com/wp-content/uploads/2023/11/ 		0
0
cropped-70b34a8a-7704-4b5d-a869-372c6d184d16-removebg-preview-1-32x32.png
go299.el3bha.net/wp-content/uploads/2023/11/ 		505 B
1 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://go299.el3bha.net/wp-content/uploads/2023/11/cropped-70b34a8a-7704-4b5d-a869-372c6d184d16-removebg-preview-1-32x32.png
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3036::6815:4e6a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7d7457b61f6d09fe4845d9e0c6571bd547ad6dcdba0e4d03a558380a6da3b09f

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://go299.el3bha.net/19844/

Response headers

nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-cache-status
BYPASS
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=7kom%2FhlafoIUqxuSQVNXEQkixNnBNlrvF5CnZ4HZ8kdJHzLMH4Q9yxoXMOaM4bWnrF05%2BFVFo0nJgrWgJ%2B%2BZchnQm1cVegJ88HYYyMAuxqpjRLcs7kvgINnkl421DYk1vTLzTkEbkxrvKEmOJxyj"}],"group":"cf-nel","max_age":604800}
cf-ray
8e89d59a5f61f14f-ORD
x-microcachable
0
accept-ranges
bytes
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=113442&sent=655&recv=174&lost=0&retrans=0&sent_bytes=707147&recv_bytes=45306&delivery_rate=7450&cwnd=196800&unsent_bytes=0&cid=5a707dd8ed19fd2b&ts=4184&x=1", cfHdrFlush;dur=0
content-length
505
p3p
policyref="/w3c/p3p.xml", CP="CUR ADM OUR NOR STA NID"
date
Tue, 26 Nov 2024 12:20:46 GMT
content-type
image/png
last-modified
Mon, 06 Nov 2023 18:01:32 GMT
vary
Accept-Encoding
server
cloudflare
collect
region1.google-analytics.com/g/ 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://region1.google-analytics.com/g/collect?v=2&tid=G-1091S15PKM&gtm=45je4bk0v9170184955za200&_p=1732623643362&gcd=13l3l3l2l1l1&npa=1&dma_cps=syphamo&dma=1&tag_exp=101899377~101925629~102067555~102067808~102077855~102081485&cid=1041121296.1732623644&ul=de-de&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&are=1&frm=0&pscdl=noapi&_eu=AEA&_s=2&sid=1732623643&sct=1&seg=0&dl=https%3A%2F%2Fgo299.el3bha.net%2F19844%2F&dt=%D9%85%D8%A7%D9%87%D9%8A%20%D9%81%D8%B1%D8%B5%20%D8%AD%D8%B5%D9%88%D9%84%D9%83%20%D8%B9%D9%84%D9%89%20%D8%B3%D9%8A%D8%A7%D8%B1%D8%A9%20BMW%20XM%202023%20%D8%A7%D9%84%D8%AC%D8%AF%D9%8A%D8%AF%D8%A9%D8%9F%D8%9F%20%D9%87%D9%84%20%D8%A3%D9%86%D8%AA%20%D9%85%D8%A4%D9%87%D9%84%20%D9%84%D8%B0%D9%84%D9%83!!%20-%20%D8%A7%D9%84%D8%B9%D8%A8%D9%87%D8%A7&en=scroll&epn.percent_scrolled=90&_et=9&tfd=6752
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-1091S15PKM
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://go299.el3bha.net/

Response headers

cache-control
no-cache, no-store, must-revalidate
pragma
no-cache
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
content-security-policy-report-only
script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsggc:86:0
report-to
{"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsggc:86:0"}],}
expires
Fri, 01 Jan 1990 00:00:00 GMT
access-control-allow-origin
https://go299.el3bha.net
cross-origin-opener-policy-report-only
same-origin; report-to=coop_reporting
content-length
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Tue, 26 Nov 2024 12:20:48 GMT
content-type
text/plain
server
Golfe2
collect
region1.google-analytics.com/g/ 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://region1.google-analytics.com/g/collect?v=2&tid=G-PR8HK8LQ3K&gtm=45je4bk0v9195997277za200zb9170184955&_p=1732623643362&gcd=13l3l3l2l1l1&npa=1&dma_cps=syphamo&dma=1&tag_exp=101925629~102067555~102067808~102077855~102081485&cid=1041121296.1732623644&ul=de-de&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&are=1&frm=0&pscdl=noapi&_eu=AEA&_s=2&sid=1732623644&sct=1&seg=0&dl=https%3A%2F%2Fgo299.el3bha.net%2F19844%2F&dt=%D9%85%D8%A7%D9%87%D9%8A%20%D9%81%D8%B1%D8%B5%20%D8%AD%D8%B5%D9%88%D9%84%D9%83%20%D8%B9%D9%84%D9%89%20%D8%B3%D9%8A%D8%A7%D8%B1%D8%A9%20BMW%20XM%202023%20%D8%A7%D9%84%D8%AC%D8%AF%D9%8A%D8%AF%D8%A9%D8%9F%D8%9F%20%D9%87%D9%84%20%D8%A3%D9%86%D8%AA%20%D9%85%D8%A4%D9%87%D9%84%20%D9%84%D8%B0%D9%84%D9%83!!%20-%20%D8%A7%D9%84%D8%B9%D8%A8%D9%87%D8%A7&en=scroll&epn.percent_scrolled=90&_et=9&tfd=7862
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-PR8HK8LQ3K&l=dataLayer&cx=c&gtm=45je4bk0v9170184955za200
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://go299.el3bha.net/

Response headers

cache-control
no-cache, no-store, must-revalidate
pragma
no-cache
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
content-security-policy-report-only
script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsggc:86:0
report-to
{"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsggc:86:0"}],}
expires
Fri, 01 Jan 1990 00:00:00 GMT
access-control-allow-origin
https://go299.el3bha.net
cross-origin-opener-policy-report-only
same-origin; report-to=coop_reporting
content-length
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Tue, 26 Nov 2024 12:20:49 GMT
content-type
text/plain
server
Golfe2

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
go299.el3bha.net
URL
blob:https://go299.el3bha.net/13c54cf9-5915-4906-bae5-6d8fd83c8095
Domain
el3bha.com
URL
https://el3bha.com/wp-content/uploads/2023/11/imageedit_5_7127475093-scaled.webp
Domain
el3bha.com
URL
https://el3bha.com/wp-content/uploads/2023/10/Almarai-Regular.ttf
Domain
el3bha.com
URL
https://el3bha.com/wp-content/uploads/2023/11/70b34a8a-7704-4b5d-a869-372c6d184d16-removebg-preview.png
Domain
el3bha.com
URL
https://el3bha.com/wp-content/uploads/2023/11/70b34a8a-7704-4b5d-a869-372c6d184d16-removebg-preview.png

Verdicts & Comments Add Verdict or Comment

97 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| 4 function| gtag object| dataLayer string| TiktokAnalyticsObject object| ttq function| obApi object| googletag object| ggeac object| google_tag_data object| google_js_reporting_queue object| _wpemojiSettings object| google_tag_manager function| onYouTubeIframeAPIReady object| gaGlobal function| jQuery object| google_reactive_ads_global_state function| apiObj boolean| wpvq_facebook_new_API boolean| wpvq_front_quiz string| quizName number| quizId number| totalCountQuestions string| wpvq_type number| wpvq_multiplePersonalities boolean| wpvq_refresh_page boolean| wpvq_force_continue_button number| wpvq_scroll_speed boolean| wpvq_autoscroll_next_var string| wpvq_progressbar_content number| wpvq_wait_trivia_page string| i18n_wpvq_needEmailAlert string| i18n_wpvq_needNicknameAlert boolean| wpvq_checkMailFormat string| wpvq_local_caption string| wpvq_share_url string| wpvq_site_url string| wpvq_facebook_caption string| wpvq_facebook_description string| wpvq_refresh_url function| animateElement function| randomClass function| animateOnce function| animateInfinite function| animateEnd string| triggerClasses object| classesArray number| classAmount object| StickySidebar object| mfnSetup function| _ object| Mfn_livesearch object| mfn_livesearch_categories object| mfn function| queryLoopMasonry function| msnryGalleryInit object| FB object| lazySizes object| wpvq_analytics_vars function| wpvq_hook_beforeResults function| wpvq_test_ga function| wpvq_test_gaq string| ajaxurl string| wpvq_imgdir string| wpvq_i18n_loading_label function| PopupFeed function| openDialogFB string| wpvq_dont_use_FBAPI string| wpvq_API_already_loaded string| wpvq_facebookAppID string| wpvq_forceFacebookShare object| addComment object| __buffer object| default_ContributorServingResponseClientJs object| _F_toggles object| __googlefc string| __fcInvoked string| __fcexpdef string| ZmI5OWQ0MmE1ZWRiYmI5YWxvYWRlcl9qcw== string| ZmI5OWQ0MmE1ZWRiYmI5YWNhY2hlZF9qcw== object| googlefc object| __fcInternalApiManager boolean| __fcInternalApiPostMessageReady object| __tcfapiEventListeners function| __tcfapi object| __tcfapiManager boolean| __tcfapiPostMessageReady object| JSBridge object| Native2JSBridge object| ToutiaoJSBridge function| TiktokJelly object| _jelly_sdks object| twemoji object| wp

9 Cookies

Domain/Path Name / Value
go299.el3bha.net/ Name: PHPSESSID
Value: 355738144bf929e3c6cb49de508f1a45
.el3bha.net/ Name: _ga
Value: GA1.1.1041121296.1732623644
.el3bha.net/ Name: _ga_1091S15PKM
Value: GS1.1.1732623643.1.0.1732623643.0.0.0
.el3bha.net/ Name: _ga_PR8HK8LQ3K
Value: GS1.1.1732623644.1.0.1732623644.0.0.0
.tiktok.com/ Name: _ttp
Value: 2pO4AUYMPokdEd3QQHTHtWgrKNI
go299.el3bha.net/ Name: dicbo_id
Value: %7B%22dicbo_fetch%22%3A1732623645074%7D
.el3bha.net/ Name: _tt_enable_cookie
Value: 1
.el3bha.net/ Name: _ttp
Value: KsD7v9ITXh3hqmGRlUUooCkt2lZ.tt.1
.el3bha.net/ Name: cf_clearance
Value: mC5drIlJDAIgggYCD00LH6C3KXMzV35oqNL2V7pShhA-1732623645-1.2.1.1-ggn9NV83VtBFiAmJRHXyYkaLMxbgKJ9McMrdlYtqcvOXZY29edX1rMCv0wZhYmsYWrNDW4Ag2bDjr6eRkbqOlA20XHSXj6.Bf6at40UrY.Zi3ERVWI.1PqQ5F_nWtt3NpvsulWc2wSecnKlnvtQM58RIY1n7FOQLE8xet927W5IDXGUF7eoAJ.qwXXNYJFk61lOdOKl8jJlImq40mmhSsjPIMiDSkWky3O8b7v1DF.KMAtHhBwFtUmuxno_EoBOAwybBj3EQk5oNU2Xf_K8TR2OooitSIxzeeVKUw1TlZF2jRvtxuW9KQZ.Xk.RXnpzIbzZI17ZP81I32k2KyXiqLNjmlKiAJkW4UbkcZwH786XM661rYfg_nvKG.U7eq0rt

5 Console Messages

Source Level URL
Text
network error URL: https://el3bha.com/wp-content/uploads/2023/11/imageedit_5_7127475093-scaled.webp#22625
Message:
Failed to load resource: net::ERR_BLOCKED_BY_RESPONSE.NotSameOrigin
javascript error URL: https://go299.el3bha.net/19844/(Line 461)
Message:
Access to font at 'https://el3bha.com/wp-content/uploads/2023/10/Almarai-Regular.ttf#22594' from origin 'https://go299.el3bha.net' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network error URL: https://el3bha.com/wp-content/uploads/2023/10/Almarai-Regular.ttf#22594
Message:
Failed to load resource: net::ERR_FAILED
network error URL: https://el3bha.com/wp-content/uploads/2023/11/70b34a8a-7704-4b5d-a869-372c6d184d16-removebg-preview.png#22622
Message:
Failed to load resource: net::ERR_BLOCKED_BY_RESPONSE.NotSameOrigin
network error URL: https://el3bha.com/wp-content/uploads/2023/11/70b34a8a-7704-4b5d-a869-372c6d184d16-removebg-preview.png#22622
Message:
Failed to load resource: net::ERR_BLOCKED_BY_RESPONSE.NotSameOrigin

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

amplify.outbrain.com
analytics.tiktok.com
connect.facebook.net
el3bha.com
fonts.googleapis.com
fonts.gstatic.com
fundingchoicesmessages.google.com
go299.el3bha.net
lh3.googleusercontent.com
maxcdn.bootstrapcdn.com
region1.google-analytics.com
securepubads.g.doubleclick.net
tr.outbrain.com
wave.outbrain.com
www.facebook.com
www.googletagmanager.com
el3bha.com
go299.el3bha.net
2001:4860:4802:34::36
23.36.162.219
2606:4700:3036::6815:4e6a
2606:4700::6812:bcf
2a00:1450:4001:802::200e
2a00:1450:4001:806::2008
2a00:1450:4001:80b::200a
2a00:1450:4001:810::2001
2a00:1450:4001:812::2003
2a00:1450:4001:829::2002
2a03:2880:f083:9:face:b00c:0:3
2a03:2880:f176:84:face:b00c:0:25de
69.192.161.85
70.42.32.127
0cb8072bdbc2801316a4b70b624257bb9e0e102a7048ea143b091916b4e2334e
1602cf0b6289b43c9b5ee278ca5dfc638d4df14dff297f0ea9bc729e34177aa9
19906e9585e0f90c005878ee2c63fcd8d1ed933a0ef6bea16bb1a2226b075b40
1d348f9f803c95305f63def9d75fd50e79e54a375e1a4a888edbbea366845580
21dd15fa546db98f4903340e37ff6ef7919033475eb3bb3173a7349b3abe7f21
2adcf9fd70c1c834f4b13d732b66f4900cec9a6bbdc587b85dbc68cdd9a34be4
2fdd535e5cf84aa96b0329bea21f6f060400a4fc699aba9fc3c651a63caa3d03
32265156798c43795caaf90cb83b52116c7f52c0b1ba264de805583304350e2a
3c4d6a1421c7ddb7e404521fe8c4cd5be5af446d7689cd880be26612eaad3cfa
41fd5a9efea51b6c6345afd1c34a99c4ad7f2f0407171bdf4de08e10a050355f
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
4c2e92c45a2c2768dc59e9e9d62582bcf44d2326a2b16072d9619a60af6a398a
4e6ce5444c7f396cef0eb1fa3611034151e485dd06fbe5573a5583e1eebc98c3
4f9fab1dba389fa19212a3c7cf89445cee3f9b26ffc4ff940f4f83668d11e44f
51849e455712e83395a4fe1312ccd398987d5c022966a911d361d835fd6875be
5274f11e6fb32ae0cf2dfb9f8043272865c397a7c4223b4cfa7d50ea52fbde89
541ac58217a8ade1a5e292a65a0661dc9db7a49ae13654943817a4fbc6761afd
5667b095b36ff6e6ac5365fd5d517bd3d0b6cdbf32d36daf479c5334ba655760
593cb6a99ee681518baa0300381b64e7831df168d763b0d756643372674b5cee
620b085556c43e1f6f05f57fc797c57c07447c20f9a04b2bb0c027113424f86c
622a07604bb0030ba7094f0f1dcb5d1e9080164fd6ba4071a73452802378b55b
668b037638193f94f39ffb01d3beaa2ad97989a0eebd424dbb2a01be9a78b1dd
6a0d53f68e013dac42a52a5264c5d28a12a06b6bc7cc1d63bc2d385558bd2dd7
6a8f55d140604ca7fed7724ee5d45c06d445673636211543d30959c317a98a4b
6b757a1583dca37f84cee6142e46d36f85e0471501eed8bbff769dce71961258
6d0291f90718dc0537f65dc6a4f68d8e75f0a8a3a0b62836d9cf41350ecaf552
6d5a56833f4384023ecf9e40bd4299137ba1baf8be521e390de596af8d1412fc
719b9b9c28377d72aab747feebdd89fb6cc1b926d3f91cc70f522474c28761c0
726b820e44f6ab90ad991d30a4bf26d3a5d71493cbcd1fb1efd0d14e89b9df2a
769e3a2adeae5db36a17585ab10e0548aad47230f2e5e90f2897219b37437f47
778168a9e434374dfc88d55d4aa6c7c25e03e23756af0ec9db1a438800ab389c
7c5a0e187e68ccbf13dafd079e2c46c7917cc60b6959e5a881da324958f34d92
7d7457b61f6d09fe4845d9e0c6571bd547ad6dcdba0e4d03a558380a6da3b09f
82705acbecdd84306ce33e08f576eca6a688896895e6e48d1c36a4071fcba14e
8ecf312a51fd23a6d2258191745ab900d7f393a4633515e0df6305cde42b1a3a
914115799172192d3f53b4f4f14a99d3bcef91644ef92cc2d4157bab51c88f43
a5ba2dd3630bf796d66a885c869a1a3f75e22153105d65743e4caa2295df0e7e
a6a6ff73819821675867880bdaad33f3242df12f28b568113281d780571215c3
a81b6095cba358aa3727190a47aa357d1b840688e0d71e827df808d7c3f16fea
a930f42eb98adae433c7c534e10a4069a363addb81526a28f2788e5b95e81627
ae3ea696bdb1354e341a7eba83c205e7287fd6cb50e8715e710b21a7ecfa722d
aeae8ba7d9c8ee997a8ddb5f5ec82381ed7851b750e4d1f466a1f19fad7a8462
b1282fe26117f3d0b5e1400906252e58a2ff379edf099b04eeed5015100ca395
b2f4b930e0c86b81cda5eb2ce29ac9bde2126e8c61aed112d6d5b818d4c3a1f1
b51f3497b0a65f1e1e87e75f5e7e823d871c23bcf76a5ee4101783c8f939e553
b68d8257d6f9b3e1e071423b2f3b1351d6a0afb4963a711d2c2174b1b3ac1995
b95fe6fcb4925330bf629fda90a1362a336b4a8b87bf9573d87927d78c186062
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96
be859ce7673a543581e530596e363cb3914b2532899159183615580302aaf41a
c0fa90ca6e7303bfcf6bfa7d412e8fc370c8c9b5188a6700a902be3ecc9e9456
c24a7908e8bccfb36947de91ab342f33f1c966b31f50ed1fb83d9d8b3d579a1f
ca7dce2391845e8aec7da135f33fabd10f74eed28a532ac66fd01f761fcfb42f
cb6f2d32c49d1c2b25e9ffc9aaafa3f83075346c01bcd4ae6eb187392a4292cf
cc8b30e9bfe6a385b5619c0d0a34b8f562e02ee4c09ab0637eed496ca3944fcb
d2d852bce9546577be319e014d18cfd262cbdf88ea4857871ec1c190283da89a
d6709a95c1cb2c457ee25381bf020aeb3c015e0fbf071a4f48add12618124dc0
d6f6bbdd9c055416b75d740007aa90137d7a6e3f116030040dc7b5ae9c7f21fa
d82c5b2c91d57b9a336052e3c2fd98dde1db753b8e346dbe6d63bfed718623df
e0e7c195a16b405d8edcc080ad188475ba10ae12b2ea4139c569727da864923d
e174a58a503ab84b3d1b9de12fd3895788204485170f1289e445f7b5b98ec789
e31562bbd4b9f377eec9662b440b0c1262ff73f7e85c3a6e3639635e4516013f
e37dcb6f734d00d75a25fbf066e04283dbc5167fef68c8bff5e0977b83a3f3ad
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e85051680f0ff9a856ae1a0c6ae38c4df0bc4af5df795185bee71ed57d161c13
ed09efc83f03083f0dda91f59d0e735fab9d9ddb15e46cb3b24fc51a5628e13b
efbc8898c1a98ff59db9c743c720413045e9b8bc6d5b8dda052c06d87c470bfb
f65784e5e7332dc1e4bbeacbec70fdeef4a1bea84f16ce2ee144999719d195ce
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
fdc9964050bfa24c27a3c76c6791b3674292a5f352cbc83d7a4dc49595bc3fb1