weirdorconfusing.com Open in urlscan Pro
18.192.231.252 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://weirdorconfusing.com/
Effective URL:
https://weirdorconfusing.com/
Submission: On February 01 via api (February 1st 2024, 4:16:06 pm UTC) from US — Scanned from DE

Summary HTTP 96 Redirects Links 15 Behaviour Indicators

Summary

This website contacted 22 IPs in 3 countries across 17 domains to perform 96 HTTP transactions. The main IP is 18.192.231.252, located in Frankfurt am Main, Germany and belongs to AMAZON-02, US. The main domain is weirdorconfusing.com. The Cisco Umbrella rank of the primary domain is 690139.
TLS certificate: Issued by R3 on January 19th 2024. Valid for: 3 months.

This is the only time weirdorconfusing.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 18	18.192.231.252 18.192.231.252	16509 (AMAZON-02) (AMAZON-02)
22	2600:9000:20c... 2600:9000:20c3:1a00:12:4abd:d340:93a1	16509 (AMAZON-02) (AMAZON-02)
3	2a00:1450:400... 2a00:1450:4001:82a::200a	15169 (GOOGLE) (GOOGLE)
1	2a06:98c1:312... 2a06:98c1:3120::3	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2a00:1450:400... 2a00:1450:4001:810::2008	15169 (GOOGLE) (GOOGLE)
10	2a00:1450:400... 2a00:1450:4001:806::2003	15169 (GOOGLE) (GOOGLE)
2	2001:4860:480... 2001:4860:4802:32::36	15169 (GOOGLE) (GOOGLE)
3	2600:1901:0:d... 2600:1901:0:d733::1	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
2	2a00:1450:400... 2a00:1450:4001:82f::2002	15169 (GOOGLE) (GOOGLE)
1	2600:9000:211... 2600:9000:211e:c200:14:2602:6e80:93a1	16509 (AMAZON-02) (AMAZON-02)
1	2600:9000:26d... 2600:9000:26da:7e00:8:48e:53c0:93a1	16509 (AMAZON-02) (AMAZON-02)
1	18.66.192.106 18.66.192.106	16509 (AMAZON-02) (AMAZON-02)
1	2606:4700:10:... 2606:4700:10::6816:4ad8	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	23.35.237.151 23.35.237.151	16625 (AKAMAI-AS) (AKAMAI-AS)
8	2a00:1450:400... 2a00:1450:4001:829::2004	15169 (GOOGLE) (GOOGLE)
1	2606:4700:303... 2606:4700:3032::6815:39f0	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3	130.211.23.194 130.211.23.194	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
2	2606:4700:20:... 2606:4700:20::ac43:4513	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	142.250.184.198 142.250.184.198	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:830::200e	15169 (GOOGLE) (GOOGLE)
9	2a00:1450:400... 2a00:1450:4001:831::2003	15169 (GOOGLE) (GOOGLE)
1	141.147.81.223 141.147.81.223	31898 (ORACLE-BM...) (ORACLE-BMC-31898)
96	22

18 18.192.231.252 (Frankfurt am Main, Germany) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-18-192-231-252.eu-central-1.compute.amazonaws.com

weirdorconfusing.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

22 2600:9000:20c3:1a00:12:4abd:d340:93a1 (United States)

ASN16509 (AMAZON-02, US)

cdn.intergient.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:82a::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a06:98c1:3120::3 (United States)

ASN13335 (CLOUDFLARENET, US)

eocampaign1.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:810::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 2a00:1450:4001:806::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2001:4860:4802:32::36 (United States)

ASN15169 (GOOGLE, US)

region1.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2600:1901:0:d733::1 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)

shapecomb.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:82f::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

securepubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:211e:c200:14:2602:6e80:93a1 (United States)

ASN16509 (AMAZON-02, US)

cdn.intergi.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:26da:7e00:8:48e:53c0:93a1 (United States)

ASN16509 (AMAZON-02, US)

static.adsafeprotected.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.66.192.106 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-192-106.muc50.r.cloudfront.net

impression-inferences-edge-prod.playwire.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:10::6816:4ad8 (United States)

ASN13335 (CLOUDFLARENET, US)

btloader.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 23.35.237.151 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-35-237-151.deploy.static.akamaitechnologies.com

z.moatads.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
px.moatads.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 2a00:1450:4001:829::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:3032::6815:39f0 (United States)

ASN13335 (CLOUDFLARENET, US)

gallery.eo.page	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 130.211.23.194 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 194.23.211.130.bc.googleusercontent.com

api.btloader.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700:20::ac43:4513 (United States)

ASN13335 (CLOUDFLARENET, US)

ad-delivery.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.184.198 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s11-in-f6.1e100.net

ad.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:830::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fundingchoicesmessages.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 2a00:1450:4001:831::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 141.147.81.223 (Slough, United Kingdom)

ASN31898 (ORACLE-BMC-31898, US)

mb.moatads.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
22	intergient.com cdn.intergient.com — Cisco Umbrella Rank: 5096	250 KB
19	gstatic.com fonts.gstatic.com www.gstatic.com	963 KB
18	weirdorconfusing.com 1 redirects weirdorconfusing.com — Cisco Umbrella Rank: 690139	774 KB
11	google.com www.google.com — Cisco Umbrella Rank: 2 fundingchoicesmessages.google.com — Cisco Umbrella Rank: 1143	216 KB
4	btloader.com btloader.com — Cisco Umbrella Rank: 881 api.btloader.com — Cisco Umbrella Rank: 960	28 KB
3	moatads.com z.moatads.com — Cisco Umbrella Rank: 704 px.moatads.com — Cisco Umbrella Rank: 660 mb.moatads.com — Cisco Umbrella Rank: 809	44 KB
3	doubleclick.net securepubads.g.doubleclick.net — Cisco Umbrella Rank: 209 ad.doubleclick.net — Cisco Umbrella Rank: 163	167 KB
3	shapecomb.com shapecomb.com — Cisco Umbrella Rank: 172499	24 KB
3	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 28	8 KB
2	ad-delivery.net ad-delivery.net — Cisco Umbrella Rank: 918	1 KB
2	google-analytics.com region1.google-analytics.com — Cisco Umbrella Rank: 2029	293 B
2	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 37	165 KB
1	eo.page gallery.eo.page — Cisco Umbrella Rank: 163663	2 KB
1	playwire.com impression-inferences-edge-prod.playwire.com — Cisco Umbrella Rank: 8784	704 B
1	adsafeprotected.com static.adsafeprotected.com — Cisco Umbrella Rank: 721	483 B
1	intergi.com cdn.intergi.com — Cisco Umbrella Rank: 5099	130 KB
1	eocampaign1.com eocampaign1.com — Cisco Umbrella Rank: 167381	31 KB
96	17

	Domain	Requested by
22	cdn.intergient.com	weirdorconfusing.com cdn.intergient.com
18	weirdorconfusing.com	1 redirects weirdorconfusing.com
10	fonts.gstatic.com	fonts.googleapis.com www.google.com weirdorconfusing.com
9	www.gstatic.com	www.google.com www.gstatic.com
8	www.google.com	eocampaign1.com www.gstatic.com www.google.com
3	fundingchoicesmessages.google.com	securepubads.g.doubleclick.net
3	api.btloader.com	btloader.com
3	shapecomb.com	cdn.intergient.com shapecomb.com
3	fonts.googleapis.com	weirdorconfusing.com client
2	ad-delivery.net	weirdorconfusing.com
2	securepubads.g.doubleclick.net	cdn.intergient.com securepubads.g.doubleclick.net
2	region1.google-analytics.com	www.googletagmanager.com
2	www.googletagmanager.com	weirdorconfusing.com www.googletagmanager.com
1	mb.moatads.com	z.moatads.com
1	ad.doubleclick.net	weirdorconfusing.com
1	gallery.eo.page	weirdorconfusing.com
1	px.moatads.com	weirdorconfusing.com
1	z.moatads.com	cdn.intergient.com
1	btloader.com	cdn.intergient.com
1	impression-inferences-edge-prod.playwire.com	cdn.intergient.com
1	static.adsafeprotected.com	weirdorconfusing.com
1	cdn.intergi.com	cdn.intergient.com
1	eocampaign1.com	weirdorconfusing.com
96	23

This site contains links to these domains. Also see Links.

Domain
docs.google.com
tholman.com
www.amazon.com
emailoctopus.com

Subject Issuer	Validity	Valid
*.weirdorconfusing.com R3	`2024-01-19` - `2024-04-18`	3 months	crt.sh
cdn.intergient.com Amazon RSA 2048 M03	`2023-11-04` - `2024-12-01`	a year	crt.sh
upload.video.google.com GTS CA 1C3	`2024-01-09` - `2024-04-02`	3 months	crt.sh
eocampaign1.com GTS CA 1P5	`2023-12-28` - `2024-03-27`	3 months	crt.sh
*.google-analytics.com GTS CA 1C3	`2024-01-09` - `2024-04-02`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2024-01-09` - `2024-04-02`	3 months	crt.sh
shapecomb.com R3	`2023-11-28` - `2024-02-26`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2024-01-09` - `2024-04-02`	3 months	crt.sh
cdn.intergi.com Amazon RSA 2048 M03	`2023-11-04` - `2024-12-01`	a year	crt.sh
static.adsafeprotected.com Amazon RSA 2048 M02	`2023-07-07` - `2024-08-04`	a year	crt.sh
*.playwire.com Amazon RSA 2048 M03	`2024-01-12` - `2025-02-09`	a year	crt.sh
btloader.com GTS CA 1P5	`2023-12-17` - `2024-03-16`	3 months	crt.sh
moatads.com DigiCert TLS RSA SHA256 2020 CA1	`2023-10-25` - `2024-10-24`	a year	crt.sh
www.google.com GTS CA 1C3	`2024-01-09` - `2024-04-02`	3 months	crt.sh
eo.page E1	`2023-12-13` - `2024-03-12`	3 months	crt.sh
api.btloader.com GTS CA 1D4	`2023-12-08` - `2024-03-07`	3 months	crt.sh
ad-delivery.net GTS CA 1P5	`2024-01-20` - `2024-04-19`	3 months	crt.sh
*.doubleclick.net GTS CA 1C3	`2024-01-09` - `2024-04-02`	3 months	crt.sh
*.google.com GTS CA 1C3	`2024-01-09` - `2024-04-02`	3 months	crt.sh
*.moatads.com DigiCert TLS RSA SHA256 2020 CA1	`2023-06-20` - `2024-07-20`	a year	crt.sh

This page contains 3 frames:

Primary Page: https://weirdorconfusing.com/
Frame ID: 3A057237D72F84A618FD7CE9A2E42CB3
Requests: 76 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LdYsmsUAAAAAPXVTt-ovRsPIJ_IVhvYBBhGvRV6&co=aHR0cHM6Ly93ZWlyZG9yY29uZnVzaW5nLmNvbTo0NDM.&hl=de&type=image&v=MHBiAvbtvk5Wb2eTZHoP1dUd&theme=light&size=invisible&cb=evdt88ktar6t
Frame ID: 8450297DDDF640C36FD30F5F00EC0750
Requests: 8 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/bframe?hl=de&v=MHBiAvbtvk5Wb2eTZHoP1dUd&k=6LdYsmsUAAAAAPXVTt-ovRsPIJ_IVhvYBBhGvRV6
Frame ID: 663977F3A490260058E20DFBDDFC47BF
Requests: 12 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Weird or Confusing

Page URL History Show full URLs

http://weirdorconfusing.com/ HTTP 301
https://weirdorconfusing.com/ Page URL

Detected technologies

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtag/js

Lodash (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

lodash.*\.js

Moat (Analytics) Expand

Overall confidence: 100%
Detected patterns

moatads\.com

Prebid (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

/prebid\.js

reCAPTCHA (Captchas) Expand

Overall confidence: 100%
Detected patterns

/recaptcha/api\.js

Page Statistics

96
Requests

100 %
HTTPS

73 %
IPv6

17
Domains

23
Subdomains

22
IPs

3
Countries

2804 kB
Transfer

6627 kB
Size

6
Cookies

15 Outgoing links

These are links going to different origins than the main page.

URL: https://docs.google.com/forms/d/e/1FAIpQLSf_jX02kXi2CoR1-LijkZod3Rm_c_YQluKcTR2jZ_qkD_Ix0w/viewform
Title: Suggest

Search URL Search Domain Scan URL

URL: https://tholman.com/
Title: Me

Search URL Search Domain Scan URL

URL: https://www.amazon.com/dp/B09RQCB3J6/?tag=oddthings-20
Title: Chicken Nugget Keychain on Amazon

Search URL Search Domain Scan URL

URL: https://www.amazon.com/dp/B07QX3YJLH?tag=oddthings-20
Title: Tortilla Blanket on Amazon

Search URL Search Domain Scan URL

URL: https://www.amazon.com/dp/1539486125?tag=oddthings-20
Title: Farting Animal Coloring Book on Amazon

Search URL Search Domain Scan URL

URL: https://emailoctopus.com/?utm_source=powered_by_form&utm_medium=user_referral
Title: EmailOctopus

Search URL Search Domain Scan URL

URL: https://www.amazon.com/dp/B004A2LW6A?tag=oddthings-20
Title: Instant Underpants on Amazon

Search URL Search Domain Scan URL

URL: https://www.amazon.com/dp/B00KAH704W?tag=oddthings-20
Title: Lie Down Glasses on Amazon

Search URL Search Domain Scan URL

URL: https://www.amazon.com/dp/B07GTJ3WK4?tag=oddthings-20
Title: Nicolas Cage Sequin Pillow on Amazon

Search URL Search Domain Scan URL

URL: https://www.amazon.com/dp/B076J8R7YK?tag=oddthings-20
Title: Stomach Fanny Pack on Amazon

Search URL Search Domain Scan URL

URL: https://www.amazon.com/dp/B015LYSQJ6?tag=oddthings-20
Title: Bacon Bandages on Amazon

Search URL Search Domain Scan URL

URL: https://www.amazon.com/dp/B073C95WTN?tag=oddthings-20
Title: Chia Bob Ross on Amazon

Search URL Search Domain Scan URL

URL: https://www.amazon.com/dp/B072L38SGT?tag=oddthings-20
Title: Dehydrated Water on Amazon

Search URL Search Domain Scan URL

URL: https://www.amazon.com/dp/B0090U47KA?tag=oddthings-20
Title: Grow a Boyfriend on Amazon

Search URL Search Domain Scan URL

URL: https://www.amazon.com/dp/B002Q0L6UK/?tag=oddthings-20
Title: Handerpants on Amazon

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://weirdorconfusing.com/ HTTP 301
https://weirdorconfusing.com/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

96 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request / Show response
weirdorconfusing.com/
Redirect Chain

http://weirdorconfusing.com/
https://weirdorconfusing.com/

23 KB
7 KB

23ms
8ms

Document
text/html

18.192.231.252
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://weirdorconfusing.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.192.231.252 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-18-192-231-252.eu-central-1.compute.amazonaws.com

Software

Netlify /

Resource Hash

70fa3b71a823c6c238d913947b4d315710a43650a0546fc07e11f3cbe344d1a0

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 18345
cache-control: public,max-age=0,must-revalidate
cache-status: "Netlify Edge"; hit
content-encoding: br
content-length: 6631
content-type: text/html; charset=UTF-8
date: Thu, 01 Feb 2024 16:16:01 GMT
etag: "286d2587e52ddc620abbbd1debefef71-ssl-df"
server: Netlify
strict-transport-security: max-age=31536000
vary: Accept-Encoding
x-nf-request-id: 01HNJQ9BB0RS9DCDSQQKWV4SCY

Redirect headers

Content-Length: 44
Content-Type: text/plain; charset=utf-8
Date: Thu, 01 Feb 2024 16:16:01 GMT
Location: https://weirdorconfusing.com/
Server: Netlify
X-Nf-Request-Id: 01HNJQ9BABGMSSA074CTGETQMD

GET
H2 200 ramp_config.js Show response
cdn.intergient.com/1024872/74069/ 41 KB
7 KB 94ms
16ms Script
application/javascript 2600:9000:20c3:1a00:12:4abd:d340:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.intergient.com/1024872/74069/ramp_config.js
Requested by: Host: weirdorconfusing.com
URL: https://weirdorconfusing.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:20c3:1a00:12:4abd:d340:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: CloudFront /
Resource Hash: 3cde3a31a6d3bcf72aef4c0f9f769a6821cf956f6e8c400829310c6cb71c49b4

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://weirdorconfusing.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Thu, 01 Feb 2024 07:14:40 GMT
content-encoding: br
via: 1.1 5f3006c64f23c42b9bf4b3b63c77aedc.cloudfront.net (CloudFront)
server: CloudFront
x-amz-cf-pop: MUC50-C1
age: 32480
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: max-age=600, public, must-revalidate
x-amz-cf-id: R2BLIZNRt4F1J6_zZz8AuEeu4jJi7Ytgve26EseBPNLH8LMBFpGT5Q==

GET
H2 200 styles.css
weirdorconfusing.com/css/ 6 KB
2 KB 8ms
7ms Stylesheet
text/css 18.192.231.252
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://weirdorconfusing.com/css/styles.css

Requested by

Host: weirdorconfusing.com
URL: https://weirdorconfusing.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.192.231.252 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-18-192-231-252.eu-central-1.compute.amazonaws.com

Software

Netlify /

Resource Hash

4fa0da5166fb1a78e114e1ae8397aa32c3383e4a32e1d46a82e6dac6c481d045

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://weirdorconfusing.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

x-nf-request-id: 01HNJQ9BBD4H9W66T644QTXMPW
date: Thu, 01 Feb 2024 16:16:01 GMT
content-encoding: br
strict-transport-security: max-age=31536000
server: Netlify
age: 18343
cache-status: "Netlify Edge"; hit
etag: "5649c6aa9aac63834d69fd237bf1a22a-ssl-df"
vary: Accept-Encoding
content-type: text/css; charset=UTF-8
cache-control: public,max-age=0,must-revalidate
accept-ranges: bytes
content-length: 1497

GET
H2 200 css2
fonts.googleapis.com/ 8 KB
2 KB 38ms
15ms Stylesheet
text/css 2a00:1450:4001:82a::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Lobster&family=Open+Sans&display=swap

Requested by

Host: weirdorconfusing.com
URL: https://weirdorconfusing.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

8f561375a580f5a2106b2c57dbcabda79b52500798d90be86fd32571d744dd75

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://weirdorconfusing.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Thu, 01 Feb 2024 16:16:01 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Thu, 01 Feb 2024 16:16:01 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Thu, 01 Feb 2024 16:16:01 GMT

GET
H2 200 long-drip.png
weirdorconfusing.com/assets/images/ 88 KB
88 KB 9ms
8ms Image
image/png 18.192.231.252
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://weirdorconfusing.com/assets/images/long-drip.png

Requested by

Host: weirdorconfusing.com
URL: https://weirdorconfusing.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.192.231.252 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-18-192-231-252.eu-central-1.compute.amazonaws.com

Software

Netlify /

Resource Hash

98ca4d5ca29397716a5bc48489630804f94f516f5b488e1956fbb8bf2e2c5228

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://weirdorconfusing.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

x-nf-request-id: 01HNJQ9BBDQ3HAKSWPYH8DE3M3
date: Thu, 01 Feb 2024 16:16:01 GMT
strict-transport-security: max-age=31536000
server: Netlify
age: 2157
cache-status: "Netlify Edge"; hit
etag: "bbfd06fe4c55fdd486540a36ce519d12-ssl"
content-type: image/png
cache-control: public,max-age=0,must-revalidate
accept-ranges: bytes
content-length: 89673

GET
H2 200 bd191654-7be0-11ed-bbe5-392bd510cd34.js Show response
eocampaign1.com/form/ 208 KB
31 KB 232ms
169ms Script
text/javascript 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://eocampaign1.com/form/bd191654-7be0-11ed-bbe5-392bd510cd34.js

Requested by

Host: weirdorconfusing.com
URL: https://weirdorconfusing.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e99816549c04ba5309418013cfcaa35ee17ede3a036738191a77d75170ae7abd

Security Headers

Name	Value
Content-Security-Policy	default-src *;img-src 'self';font-src 'self' https://fonts.gstatic.com;style-src 'self' https://fonts.googleapis.com 'unsafe-inline';script-src 'strict-dynamic' 'nonce-yRb/8MDIyuuEypJfk0LM7b/0OJk=' https: 'unsafe-inline';frame-src https://www.google.com/recaptcha/;base-uri 'none';object-src 'none';report-to main-endpoint;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://weirdorconfusing.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Thu, 01 Feb 2024 16:16:02 GMT
content-security-policy: default-src *;img-src 'self';font-src 'self' https://fonts.gstatic.com;style-src 'self' https://fonts.googleapis.com 'unsafe-inline';script-src 'strict-dynamic' 'nonce-yRb/8MDIyuuEypJfk0LM7b/0OJk=' https: 'unsafe-inline';frame-src https://www.google.com/recaptcha/;base-uri 'none';object-src 'none';report-to main-endpoint;
x-content-type-options: nosniff
cf-cache-status: BYPASS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding: br
alt-svc: h3=":443"; ma=86400
reporting-endpoints: main-endpoint="http://eocampaign1.com/csp-report"
referrer-policy: strict-origin-when-cross-origin
server: cloudflare
x-frame-options: SAMEORIGIN
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=0wkOzL5hwRveVfW6NfgCU81LmhoS0FcLJrB%2F2tOZNc3Ue3Rs2cRbdd5UpQJunLr0Md%2BP2h22HlLQ1bi3%2FXGzEP6Wv5yfl38rGVBkzG6zkGuep4%2Fu3YhcbJZ0eTNVhyJSzUOhMF7PHI0sTie2sqM%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/javascript; charset=UTF-8
vary: Accept-Encoding
cache-control: no-cache, private
permissions-policy: camera=(), display-capture=(), geolocation=(), microphone=()
cf-ray: 84eb7f1c68992a3f-CDG

GET
H2 200 ramp_core.js Show response
cdn.intergient.com/ 2 KB
1 KB 106ms
40ms Script
application/javascript 2600:9000:20c3:1a00:12:4abd:d340:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.intergient.com/ramp_core.js
Requested by: Host: weirdorconfusing.com
URL: https://weirdorconfusing.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:20c3:1a00:12:4abd:d340:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: CloudFront /
Resource Hash: 2fbb1cd990a665dafd7c6fbd45e15b075f3e5905d4d8072711a2b264d81a5f90

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://weirdorconfusing.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Thu, 01 Feb 2024 16:16:02 GMT
content-encoding: br
via: 1.1 5f3006c64f23c42b9bf4b3b63c77aedc.cloudfront.net (CloudFront)
server: CloudFront
x-amz-cf-pop: MUC50-C1
vary: Accept-Encoding
x-cache: Miss from cloudfront
content-type: application/javascript
x-lambda-function: us-east-1.pageos_production:316
cache-control: max-age=600, public, must-revalidate
x-amz-cf-id: 2usx_OaiWJEe-69Ebaet3kSDh_EV1tFQw863f4k5TulnLQnJouwn2A==

GET
H2 200 index.js Show response
weirdorconfusing.com/js/ 0
105 B 10ms
8ms Script
application/javascript 18.192.231.252
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://weirdorconfusing.com/js/index.js

Requested by

Host: weirdorconfusing.com
URL: https://weirdorconfusing.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.192.231.252 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-18-192-231-252.eu-central-1.compute.amazonaws.com

Software

Netlify /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://weirdorconfusing.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

x-nf-request-id: 01HNJQ9BBTEKAVGWTTYDWZYVKS
date: Thu, 01 Feb 2024 16:16:01 GMT
strict-transport-security: max-age=31536000
server: Netlify
age: 2157
cache-status: "Netlify Edge"; hit
etag: "0144712dd81be0c3d9724f5e56ce6685-ssl"
content-type: application/javascript; charset=UTF-8
cache-control: public,max-age=0,must-revalidate
accept-ranges: bytes
content-length: 0

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 264 KB
89 KB 48ms
26ms Script
application/javascript 2a00:1450:4001:810::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-LJX3N3MESX

Requested by

Host: weirdorconfusing.com
URL: https://weirdorconfusing.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

5e6c1c9fee799e16b810142f7602d53ce3ae84d26e89327486beeb605d9b6787

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://weirdorconfusing.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Thu, 01 Feb 2024 16:16:01 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 90694
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Thu, 01 Feb 2024 16:16:01 GMT

GET
H2 200 amz-logo.svg
weirdorconfusing.com/assets/icons/ 3 KB
1 KB 8ms
8ms Image
image/svg+xml 18.192.231.252
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://weirdorconfusing.com/assets/icons/amz-logo.svg

Requested by

Host: weirdorconfusing.com
URL: https://weirdorconfusing.com/css/styles.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.192.231.252 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-18-192-231-252.eu-central-1.compute.amazonaws.com

Software

Netlify /

Resource Hash

d8757ae1d42d691b7e3724f390785c0c99e804b2e4187eec4bf4602fac69d376

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://weirdorconfusing.com/css/styles.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

x-nf-request-id: 01HNJQ9BCN76NTCDFA91F1504Y
date: Thu, 01 Feb 2024 16:16:01 GMT
content-encoding: br
strict-transport-security: max-age=31536000
server: Netlify
age: 18343
cache-status: "Netlify Edge"; hit
etag: "973513ef84232d339ed18854943288bd-ssl-df"
vary: Accept-Encoding
content-type: image/svg+xml
cache-control: public,max-age=0,must-revalidate
accept-ranges: bytes
content-length: 1324

GET
H2 200 neILzCirqoswsqX9zoKmMw.woff2
fonts.gstatic.com/s/lobster/v30/ 33 KB
33 KB 29ms
9ms Font
font/woff2 2a00:1450:4001:806::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/lobster/v30/neILzCirqoswsqX9zoKmMw.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Lobster&family=Open+Sans&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

997e7f6c4136b962cec732d922735900aaa874e3e19b7a8ddd277ada23605451

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://weirdorconfusing.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 30 Jan 2024 18:53:01 GMT
x-content-type-options: nosniff
age: 163380
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 33896
x-xss-protection: 0
last-modified: Thu, 24 Aug 2023 20:01:59 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 29 Jan 2025 18:53:01 GMT

GET
H2 200 memSYaGs126MiZpBA-UvWbX2vVnXBbObj2OVZyOOSr4dVJWUgsjZ0B4gaVI.woff2
fonts.gstatic.com/s/opensans/v40/ 18 KB
19 KB 27ms
7ms Font
font/woff2 2a00:1450:4001:806::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/opensans/v40/memSYaGs126MiZpBA-UvWbX2vVnXBbObj2OVZyOOSr4dVJWUgsjZ0B4gaVI.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Lobster&family=Open+Sans&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e7af9d60d875eb1c1b1037bbbfdec41fcb096d0ebcf98a48717ad8b07906ced6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://weirdorconfusing.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Thu, 01 Feb 2024 06:10:26 GMT
x-content-type-options: nosniff
age: 36335
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 18668
x-xss-protection: 0
last-modified: Thu, 14 Dec 2023 02:00:39 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 31 Jan 2025 06:10:26 GMT

GET
H2 200 30-chicken-nugget-keychain-1.jpg
weirdorconfusing.com/assets/images/ 99 KB
99 KB 10ms
9ms Image
image/jpeg 18.192.231.252
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://weirdorconfusing.com/assets/images/30-chicken-nugget-keychain-1.jpg

Requested by

Host: weirdorconfusing.com
URL: https://weirdorconfusing.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.192.231.252 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-18-192-231-252.eu-central-1.compute.amazonaws.com

Software

Netlify /

Resource Hash

c849a2d9a07b6401ec0711ba57479eb94efee5c4ee60035c4dcd94a841066968

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://weirdorconfusing.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

x-nf-request-id: 01HNJQ9BD7E27Q8CJQ60X7MT4M
date: Thu, 01 Feb 2024 16:16:01 GMT
strict-transport-security: max-age=31536000
server: Netlify
age: 2155
cache-status: "Netlify Edge"; hit
etag: "5d7356d32efab7b681b4b3e8fb65df49-ssl"
content-type: image/jpeg
cache-control: public,max-age=0,must-revalidate
accept-ranges: bytes
content-length: 101411

GET
H2 200 30-chicken-nugget-keychain-main.jpg
weirdorconfusing.com/assets/images/ 30 KB
30 KB 10ms
9ms Image
image/jpeg 18.192.231.252
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://weirdorconfusing.com/assets/images/30-chicken-nugget-keychain-main.jpg

Requested by

Host: weirdorconfusing.com
URL: https://weirdorconfusing.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.192.231.252 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-18-192-231-252.eu-central-1.compute.amazonaws.com

Software

Netlify /

Resource Hash

b120dd71699f10ee1f28a2e428a5d128cb4052aede3a35cdf0170b90a82e514f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://weirdorconfusing.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

x-nf-request-id: 01HNJQ9BD7XY3RW094B2J3FC17
date: Thu, 01 Feb 2024 16:16:01 GMT
strict-transport-security: max-age=31536000
server: Netlify
age: 2155
cache-status: "Netlify Edge"; hit
etag: "e5bad604f5874e2f76fbbafc3f0c966f-ssl"
content-type: image/jpeg
cache-control: public,max-age=0,must-revalidate
accept-ranges: bytes
content-length: 30318

GET
H2 200 30-chicken-nugget-keychain-2.jpg
weirdorconfusing.com/assets/images/ 64 KB
64 KB 15ms
14ms Image
image/jpeg 18.192.231.252
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://weirdorconfusing.com/assets/images/30-chicken-nugget-keychain-2.jpg

Requested by

Host: weirdorconfusing.com
URL: https://weirdorconfusing.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.192.231.252 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-18-192-231-252.eu-central-1.compute.amazonaws.com

Software

Netlify /

Resource Hash

fb40edd1d0456a9eb9d6f10769233a1ac96aa841465b007eb2739c3b580d8351

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://weirdorconfusing.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

x-nf-request-id: 01HNJQ9BD73VJX0KT7A9TKD697
date: Thu, 01 Feb 2024 16:16:01 GMT
strict-transport-security: max-age=31536000
server: Netlify
age: 2155
cache-status: "Netlify Edge"; hit
etag: "b36661586acd72d396dee9ae9cfb082c-ssl"
content-type: image/jpeg
cache-control: public,max-age=0,must-revalidate
accept-ranges: bytes
content-length: 65134

GET
H2 200 29-tortilla-blanket-1.jpg
weirdorconfusing.com/assets/images/ 41 KB
41 KB 8ms
7ms Image
image/jpeg 18.192.231.252
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://weirdorconfusing.com/assets/images/29-tortilla-blanket-1.jpg

Requested by

Host: weirdorconfusing.com
URL: https://weirdorconfusing.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.192.231.252 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-18-192-231-252.eu-central-1.compute.amazonaws.com

Software

Netlify /

Resource Hash

a05e091bc7b165349b0d661e55560b20a3307f5a7b8ddf62bb2369fbd6c1f039

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://weirdorconfusing.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

x-nf-request-id: 01HNJQ9BD7EGNFYT96GVRBX4KS
date: Thu, 01 Feb 2024 16:16:01 GMT
strict-transport-security: max-age=31536000
server: Netlify
age: 2155
cache-status: "Netlify Edge"; hit
etag: "1ddc726b5bd23e33a3d5d24af960cf29-ssl"
content-type: image/jpeg
cache-control: public,max-age=0,must-revalidate
accept-ranges: bytes
content-length: 41530

GET
H2 200 29-tortilla-blanket-main.jpg
weirdorconfusing.com/assets/images/ 32 KB
32 KB 9ms
8ms Image
image/jpeg 18.192.231.252
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://weirdorconfusing.com/assets/images/29-tortilla-blanket-main.jpg

Requested by

Host: weirdorconfusing.com
URL: https://weirdorconfusing.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.192.231.252 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-18-192-231-252.eu-central-1.compute.amazonaws.com

Software

Netlify /

Resource Hash

d155f8240398ac0ab359d9bbd1c18156e57a15bfc8a161f39bf9b4b4ec7ff37e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://weirdorconfusing.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

x-nf-request-id: 01HNJQ9BD7SAJ00R0H0PRYGZ1G
date: Thu, 01 Feb 2024 16:16:01 GMT
strict-transport-security: max-age=31536000
server: Netlify
age: 2155
cache-status: "Netlify Edge"; hit
etag: "af93ba055ce609e4e99368481d368d00-ssl"
content-type: image/jpeg
cache-control: public,max-age=0,must-revalidate
accept-ranges: bytes
content-length: 32584

GET
H2 200 29-tortilla-blanket-2.jpg
weirdorconfusing.com/assets/images/ 62 KB
62 KB 10ms
9ms Image
image/jpeg 18.192.231.252
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://weirdorconfusing.com/assets/images/29-tortilla-blanket-2.jpg

Requested by

Host: weirdorconfusing.com
URL: https://weirdorconfusing.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.192.231.252 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-18-192-231-252.eu-central-1.compute.amazonaws.com

Software

Netlify /

Resource Hash

1e64f93311de0c01089d0454a51c5987a6b64b9a4af28cd348ea79f3435dc1c5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://weirdorconfusing.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

x-nf-request-id: 01HNJQ9BD7G9YMW4K2A6C9JCVF
date: Thu, 01 Feb 2024 16:16:01 GMT
strict-transport-security: max-age=31536000
server: Netlify
age: 41631
cache-status: "Netlify Edge"; hit
etag: "e730321a249dcbacbe0dff237ae4c400-ssl"
content-type: image/jpeg
cache-control: public,max-age=0,must-revalidate
accept-ranges: bytes
content-length: 63327

GET
H2 200 13-farting-animals-1.jpg
weirdorconfusing.com/assets/images/ 45 KB
45 KB 26ms
25ms Image
image/jpeg 18.192.231.252
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://weirdorconfusing.com/assets/images/13-farting-animals-1.jpg

Requested by

Host: weirdorconfusing.com
URL: https://weirdorconfusing.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.192.231.252 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-18-192-231-252.eu-central-1.compute.amazonaws.com

Software

Netlify /

Resource Hash

4202c60ac74b67ee581c5b75554e68c51bb01282363e7d8e58484270a51844c7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://weirdorconfusing.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

x-nf-request-id: 01HNJQ9BD7GP7JWYATPHNAQRFX
date: Thu, 01 Feb 2024 16:16:01 GMT
strict-transport-security: max-age=31536000
server: Netlify
age: 23155
cache-status: "Netlify Edge"; hit
etag: "0cec0fa20020d1c74499de6bd1de0b4f-ssl"
content-type: image/jpeg
cache-control: public,max-age=0,must-revalidate
accept-ranges: bytes
content-length: 46395

GET
H2 200 13-farting-animals-main.jpg
weirdorconfusing.com/assets/images/ 68 KB
68 KB 15ms
14ms Image
image/jpeg 18.192.231.252
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://weirdorconfusing.com/assets/images/13-farting-animals-main.jpg

Requested by

Host: weirdorconfusing.com
URL: https://weirdorconfusing.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.192.231.252 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-18-192-231-252.eu-central-1.compute.amazonaws.com

Software

Netlify /

Resource Hash

d2ec796bd833a4c3c2718db3ca6225390be8e4d7b7173160222b28ca95a0307c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://weirdorconfusing.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

x-nf-request-id: 01HNJQ9BD7AXD6ZBZXNDXJEH3A
date: Thu, 01 Feb 2024 16:16:01 GMT
strict-transport-security: max-age=31536000
server: Netlify
age: 23155
cache-status: "Netlify Edge"; hit
etag: "ce0e5922f6142927e579f29026bf687e-ssl"
content-type: image/jpeg
cache-control: public,max-age=0,must-revalidate
accept-ranges: bytes
content-length: 69894

GET
H2 200 13-farting-animals-2.jpg
weirdorconfusing.com/assets/images/ 40 KB
41 KB 17ms
17ms Image
image/jpeg 18.192.231.252
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://weirdorconfusing.com/assets/images/13-farting-animals-2.jpg

Requested by

Host: weirdorconfusing.com
URL: https://weirdorconfusing.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.192.231.252 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-18-192-231-252.eu-central-1.compute.amazonaws.com

Software

Netlify /

Resource Hash

4565d43253577ea193e68764f1dcccd171b7570dbf64b6fcc6a400c10c16a754

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://weirdorconfusing.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

x-nf-request-id: 01HNJQ9BD7WC4BS1VKY656ZBTJ
date: Thu, 01 Feb 2024 16:16:01 GMT
strict-transport-security: max-age=31536000
server: Netlify
age: 23155
cache-status: "Netlify Edge"; hit
etag: "9d7d1edff421025794a96a0ae719ea99-ssl"
content-type: image/jpeg
cache-control: public,max-age=0,must-revalidate
accept-ranges: bytes
content-length: 41469

GET
H2 200 21-instant-underpants-1.jpg
weirdorconfusing.com/assets/images/ 33 KB
33 KB 17ms
17ms Image
image/jpeg 18.192.231.252
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://weirdorconfusing.com/assets/images/21-instant-underpants-1.jpg

Requested by

Host: weirdorconfusing.com
URL: https://weirdorconfusing.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.192.231.252 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-18-192-231-252.eu-central-1.compute.amazonaws.com

Software

Netlify /

Resource Hash

524428f48539fefc8f2f47c546db1f45675a0ecdc798365c7ab9dae0385346d1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://weirdorconfusing.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

x-nf-request-id: 01HNJQ9BD75W9JMZBS462YB1RC
date: Thu, 01 Feb 2024 16:16:01 GMT
strict-transport-security: max-age=31536000
server: Netlify
age: 9645
cache-status: "Netlify Edge"; hit
etag: "4a6b8d241a0790df6257bfe4173a59cd-ssl"
content-type: image/jpeg
cache-control: public,max-age=0,must-revalidate
accept-ranges: bytes
content-length: 34158

GET
H2 200 21-instant-underpants-main.jpg
weirdorconfusing.com/assets/images/ 89 KB
89 KB 27ms
26ms Image
image/jpeg 18.192.231.252
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://weirdorconfusing.com/assets/images/21-instant-underpants-main.jpg

Requested by

Host: weirdorconfusing.com
URL: https://weirdorconfusing.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.192.231.252 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-18-192-231-252.eu-central-1.compute.amazonaws.com

Software

Netlify /

Resource Hash

99e5dc98a3afdc1771cfa42e700d598b0d9c17290174fd03666664191b172035

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://weirdorconfusing.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

x-nf-request-id: 01HNJQ9BDCNH9K7TV0KWP2VCA7
date: Thu, 01 Feb 2024 16:16:01 GMT
strict-transport-security: max-age=31536000
server: Netlify
age: 9645
cache-status: "Netlify Edge"; hit
etag: "015866f710d83ff54be917bf510f7ec0-ssl"
content-type: image/jpeg
cache-control: public,max-age=0,must-revalidate
accept-ranges: bytes
content-length: 91190

GET
H2 200 21-instant-underpants-2.jpg
weirdorconfusing.com/assets/images/ 72 KB
72 KB 17ms
17ms Image
image/jpeg 18.192.231.252
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://weirdorconfusing.com/assets/images/21-instant-underpants-2.jpg

Requested by

Host: weirdorconfusing.com
URL: https://weirdorconfusing.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.192.231.252 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-18-192-231-252.eu-central-1.compute.amazonaws.com

Software

Netlify /

Resource Hash

c5a2731fe039aa470014f5cffdf36bde7bef0e2b83ecd7ed10a77bdcde798368

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://weirdorconfusing.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

x-nf-request-id: 01HNJQ9BDCEZJNP5V7533J0AEH
date: Thu, 01 Feb 2024 16:16:01 GMT
strict-transport-security: max-age=31536000
server: Netlify
age: 9645
cache-status: "Netlify Edge"; hit
etag: "25897403a78d7d16360b93dad08ff0c6-ssl"
content-type: image/jpeg
cache-control: public,max-age=0,must-revalidate
accept-ranges: bytes
content-length: 73728

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 213 KB
76 KB 26ms
25ms Script
application/javascript 2a00:1450:4001:810::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-RF3445PVZM&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-LJX3N3MESX

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

f935ba97c5f72b7f5baf1fac0503f04cc32b214ea02f9d3ea630945c38aed2f0

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://weirdorconfusing.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Thu, 01 Feb 2024 16:16:02 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 78179
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Thu, 01 Feb 2024 16:16:02 GMT

POST
H2 204 collect
region1.google-analytics.com/g/ 0
248 B 41ms
17ms Ping
text/plain 2001:4860:4802:32::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.google-analytics.com/g/collect?v=2&tid=G-LJX3N3MESX&gtm=45je41v0v897220874&_p=1706804161909&gcd=11l1l1l1l1&npa=0&dma_cps=sypham&dma=1&cid=2061908179.1706804162&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&pscdl=noapi&_s=1&sid=1706804162&sct=1&seg=0&dl=https%3A%2F%2Fweirdorconfusing.com%2F&dt=Weird%20or%20Confusing&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1&tfd=190
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-LJX3N3MESX
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://weirdorconfusing.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 01 Feb 2024 16:16:02 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://weirdorconfusing.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 c73c29d774af9da8632cc28059f353e43400ea.index.js Show response
shapecomb.com/public/ 68 KB
24 KB 70ms
28ms Script
text/javascript 2600:1901:0:d733::1
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL

https://shapecomb.com/public/c73c29d774af9da8632cc28059f353e43400ea.index.js

Requested by

Host: cdn.intergient.com
URL: https://cdn.intergient.com/1024872/74069/ramp_config.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:1901:0:d733::1 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

Software

Resource Hash

ca5ef8094fb84670ee0256839b71caf2f6becc91d251def8b4f1973766fcfc7b

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://weirdorconfusing.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

strict-transport-security: max-age=15724800; preload
content-encoding: br
via: 1.1 google
date: Thu, 01 Feb 2024 16:16:02 GMT
x-datacenter: gce-europe-west1
etag: "968e10ce32a21477f9b67c99dd6c03408c5315b2f50030fd70981a9acaa73d80"
x-buildname: hoothoot
vary: Accept-Encoding, Accept-Language
x-hostname: fen-hoothoot-europe-west1-lbtz
content-type: text/javascript; charset=utf-8
cache-control: private, must-revalidate, max-age=21600
x-buildnumber: 1156469846
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

GET
H2 200 gpt.js Show response
securepubads.g.doubleclick.net/tag/js/ 98 KB
30 KB 78ms
55ms Script
text/javascript 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/tag/js/gpt.js

Requested by

Host: cdn.intergient.com
URL: https://cdn.intergient.com/1024872/74069/ramp_config.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0f1cfcb5e2e98d2eb3f32e02176cbeddd4d6f301df9c1d2c76950ae7b6fe163f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://weirdorconfusing.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Thu, 01 Feb 2024 16:16:02 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 29799
x-xss-protection: 0
server: cafe
etag: 747 / 19754 / m202401290101 / config-hash: 10746953351813898889
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
expires: Thu, 01 Feb 2024 16:16:02 GMT

GET
H2 200 prebid.js.br Show response
cdn.intergi.com/prebid/ 497 KB
130 KB 48ms
7ms Script
text/javascript 2600:9000:211e:c200:14:2602:6e80:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.intergi.com/prebid/prebid.js.br
Requested by: Host: cdn.intergient.com
URL: https://cdn.intergient.com/1024872/74069/ramp_config.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:211e:c200:14:2602:6e80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: cf252e94bf2c0bbbcb148c4a6a8eecd14ebc52a80cb8760eac283a6a7245f491

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://weirdorconfusing.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

x-amz-version-id: q9Kv6QJtNCiJZCWLBTgiKYLA_3ozOaxj
content-encoding: br
via: 1.1 3d58896f901dbeed449603f5d2b4d9f0.cloudfront.net (CloudFront)
date: Thu, 01 Feb 2024 07:56:54 GMT
last-modified: Wed, 10 Jan 2024 15:51:09 GMT
server: AmazonS3
x-amz-cf-pop: FRA56-C2
age: 30546
x-amz-server-side-encryption: AES256
etag: "773c53f81ab65f520eea7c4a2b52c350"
x-cache: Hit from cloudfront
content-type: text/javascript
accept-ranges: bytes
content-length: 132312
x-amz-cf-id: 7S9yvMrej1LpQ1cmFln-MME0XS2hu9lJod8QJZCtV4UYYpcVlahWhw==

GET
H2 200 pageos.js Show response
cdn.intergient.com/pageos/1.10.32/ 1 KB
861 B 14ms
13ms Script
text/javascript 2600:9000:20c3:1a00:12:4abd:d340:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.intergient.com/pageos/1.10.32/pageos.js
Requested by: Host: cdn.intergient.com
URL: https://cdn.intergient.com/ramp_core.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:20c3:1a00:12:4abd:d340:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 807b33a376f35f1504fc12010f80d40a17f46e36101a442c0d1775904d6634b3

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://weirdorconfusing.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Thu, 01 Feb 2024 07:31:26 GMT
content-encoding: br
via: 1.1 5f3006c64f23c42b9bf4b3b63c77aedc.cloudfront.net (CloudFront)
last-modified: Wed, 31 Jan 2024 14:45:48 GMT
server: AmazonS3
x-amz-cf-pop: MUC50-C1
age: 31477
etag: W/"3674e42a90008536ca6b0d36a7bd7da4"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/javascript
cache-control: public, max-age=31536000
x-amz-cf-id: zlcDavEUF_wuNkXNCAbCO0hXH3w0E4EglR7t9QE0A-NfQSrQlpaLsQ==

GET
H2 200 runtime.405484225a1cc8fc781b.js Show response
cdn.intergient.com/pageos/1.10.32/ 3 KB
2 KB 20ms
15ms Script
text/javascript 2600:9000:20c3:1a00:12:4abd:d340:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.intergient.com/pageos/1.10.32/runtime.405484225a1cc8fc781b.js
Requested by: Host: cdn.intergient.com
URL: https://cdn.intergient.com/pageos/1.10.32/pageos.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:20c3:1a00:12:4abd:d340:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 0fd3d7844e774abe7c68678baad79ef8a8735bb16a4e71252ab02147b26601fb

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://weirdorconfusing.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Thu, 01 Feb 2024 07:31:22 GMT
content-encoding: br
via: 1.1 5f3006c64f23c42b9bf4b3b63c77aedc.cloudfront.net (CloudFront)
last-modified: Wed, 31 Jan 2024 14:45:49 GMT
server: AmazonS3
x-amz-cf-pop: MUC50-C1
age: 31481
etag: W/"0e1c58493b180774f8787cd5743c5448"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/javascript
cache-control: public, max-age=31536000
x-amz-cf-id: p-s3rT8rbEGB4u8i9HQ8RenuM9V6XY31antrtaObVYC5IbFEn72RzA==

GET
H2 200 npm.babel.577605e3c19d95ee2583.js Show response
cdn.intergient.com/pageos/1.10.32/vendor/ 4 KB
2 KB 21ms
17ms Script
text/javascript 2600:9000:20c3:1a00:12:4abd:d340:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.intergient.com/pageos/1.10.32/vendor/npm.babel.577605e3c19d95ee2583.js
Requested by: Host: cdn.intergient.com
URL: https://cdn.intergient.com/pageos/1.10.32/pageos.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:20c3:1a00:12:4abd:d340:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 0ac3add18dd91475983e7bb83698a64b1dbaff590b60ed9db8d9a396119ebad8

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://weirdorconfusing.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Thu, 01 Feb 2024 07:31:22 GMT
content-encoding: br
via: 1.1 5f3006c64f23c42b9bf4b3b63c77aedc.cloudfront.net (CloudFront)
last-modified: Wed, 31 Jan 2024 14:45:49 GMT
server: AmazonS3
x-amz-cf-pop: MUC50-C1
age: 31481
etag: W/"90f64a81dcd0d69efdd3283ee8bd8d7e"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/javascript
cache-control: public, max-age=31536000
x-amz-cf-id: D7pTs_TrerScvWFal4MetK8HhKCAkX5rOcpv9-4J9x3oT59fG9na-A==

GET
H2 200 npm.core-js.f31a74216d6f6cd45483.js Show response
cdn.intergient.com/pageos/1.10.32/vendor/ 16 KB
6 KB 22ms
18ms Script
text/javascript 2600:9000:20c3:1a00:12:4abd:d340:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.intergient.com/pageos/1.10.32/vendor/npm.core-js.f31a74216d6f6cd45483.js
Requested by: Host: cdn.intergient.com
URL: https://cdn.intergient.com/pageos/1.10.32/pageos.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:20c3:1a00:12:4abd:d340:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: a4d0ac2b5da3d104be4e005dad5b098ee9d502a335607663561492eb8bf7efb1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://weirdorconfusing.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Thu, 01 Feb 2024 07:31:22 GMT
content-encoding: br
via: 1.1 5f3006c64f23c42b9bf4b3b63c77aedc.cloudfront.net (CloudFront)
last-modified: Wed, 31 Jan 2024 14:45:49 GMT
server: AmazonS3
x-amz-cf-pop: MUC50-C1
age: 31481
etag: W/"7c50efe4b7a5c1f79e40471999f01809"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/javascript
cache-control: public, max-age=31536000
x-amz-cf-id: tlrivFbvrMHPx0WH4eAFhzbjExhf13TbhlLR-1wVe5f2Cfdu__62mQ==

GET
H2 200 npm.node-forge.3c761a594b15f1bc8ab2.js Show response
cdn.intergient.com/pageos/1.10.32/vendor/ 274 KB
66 KB 24ms
19ms Script
text/javascript 2600:9000:20c3:1a00:12:4abd:d340:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.intergient.com/pageos/1.10.32/vendor/npm.node-forge.3c761a594b15f1bc8ab2.js
Requested by: Host: cdn.intergient.com
URL: https://cdn.intergient.com/pageos/1.10.32/pageos.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:20c3:1a00:12:4abd:d340:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 9430ca65d64170fe7831fcd7ee244098531941366923a662c4821669512340cc

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://weirdorconfusing.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Thu, 01 Feb 2024 07:31:22 GMT
content-encoding: br
via: 1.1 5f3006c64f23c42b9bf4b3b63c77aedc.cloudfront.net (CloudFront)
last-modified: Wed, 31 Jan 2024 14:45:49 GMT
server: AmazonS3
x-amz-cf-pop: MUC50-C1
age: 31481
etag: W/"eff968a467600d5869bda90179f7e20b"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/javascript
cache-control: public, max-age=31536000
x-amz-cf-id: qad5PvZSvk6u5v4Bx0HZx-93ssqE0ifDcsfqFMPzIUH8-FLs-jlHOQ==

GET
H2 200 npm.lodash.0bb656828fd677849fe4.js Show response
cdn.intergient.com/pageos/1.10.32/vendor/ 3 KB
2 KB 39ms
35ms Script
text/javascript 2600:9000:20c3:1a00:12:4abd:d340:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.intergient.com/pageos/1.10.32/vendor/npm.lodash.0bb656828fd677849fe4.js
Requested by: Host: cdn.intergient.com
URL: https://cdn.intergient.com/pageos/1.10.32/pageos.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:20c3:1a00:12:4abd:d340:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 47335da2266533408f69770df9da1aea3a0775dcd21467b02cfe83a3ef7a7e2f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://weirdorconfusing.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Thu, 01 Feb 2024 07:31:23 GMT
content-encoding: br
via: 1.1 5f3006c64f23c42b9bf4b3b63c77aedc.cloudfront.net (CloudFront)
last-modified: Wed, 31 Jan 2024 14:45:49 GMT
server: AmazonS3
x-amz-cf-pop: MUC50-C1
age: 31480
etag: W/"be9c7aa9a10a590004eef22f91549e9a"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/javascript
cache-control: public, max-age=31536000
x-amz-cf-id: W80caubKkyCRyzYC9tzfAOqRZQE5VuJazjCytL7laF9W6UonNh4VYw==

GET
H2 200 npm.tldts-core.baf37f08bdef5091bcb2.js Show response
cdn.intergient.com/pageos/1.10.32/vendor/ 5 KB
2 KB 40ms
35ms Script
text/javascript 2600:9000:20c3:1a00:12:4abd:d340:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.intergient.com/pageos/1.10.32/vendor/npm.tldts-core.baf37f08bdef5091bcb2.js
Requested by: Host: cdn.intergient.com
URL: https://cdn.intergient.com/pageos/1.10.32/pageos.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:20c3:1a00:12:4abd:d340:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 83bed4ec5b459c42dcecdd942dd01900a1ad3a8ab928fb0f6007fd5c3ade1462

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://weirdorconfusing.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Thu, 01 Feb 2024 07:31:23 GMT
content-encoding: br
via: 1.1 5f3006c64f23c42b9bf4b3b63c77aedc.cloudfront.net (CloudFront)
last-modified: Wed, 31 Jan 2024 14:45:49 GMT
server: AmazonS3
x-amz-cf-pop: MUC50-C1
age: 31480
etag: W/"f4fae13c5290084093adf39f9560c7db"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/javascript
cache-control: public, max-age=31536000
x-amz-cf-id: Wfs5Q7kSSfsFE97Oz_TkUVUy1O7nziKmXI2YSodp4zdch_ZPCoEI1Q==

GET
H2 200 npm.uuid.bb38c3b9f61128c1491b.js Show response
cdn.intergient.com/pageos/1.10.32/vendor/ 1 KB
991 B 40ms
36ms Script
text/javascript 2600:9000:20c3:1a00:12:4abd:d340:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.intergient.com/pageos/1.10.32/vendor/npm.uuid.bb38c3b9f61128c1491b.js
Requested by: Host: cdn.intergient.com
URL: https://cdn.intergient.com/pageos/1.10.32/pageos.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:20c3:1a00:12:4abd:d340:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 0d91eb02126af4ca8f7f94f47db544b018aa3a2dbc84f2ea8623101f475a7ea3

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://weirdorconfusing.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Thu, 01 Feb 2024 07:31:23 GMT
content-encoding: br
via: 1.1 5f3006c64f23c42b9bf4b3b63c77aedc.cloudfront.net (CloudFront)
last-modified: Wed, 31 Jan 2024 14:45:49 GMT
server: AmazonS3
x-amz-cf-pop: MUC50-C1
age: 31480
etag: W/"fbd6e0c8128b300161f0eddecc9a965b"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/javascript
cache-control: public, max-age=31536000
x-amz-cf-id: PfZex5aqe2v3cWnirFyr66NNRYMUt7_T6JKEl4jsWwYop3yhQdmFiQ==

GET
H2 200 npm.tldts.5d1a2f50a8e982ec93c1.js Show response
cdn.intergient.com/pageos/1.10.32/vendor/ 104 KB
38 KB 41ms
37ms Script
text/javascript 2600:9000:20c3:1a00:12:4abd:d340:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.intergient.com/pageos/1.10.32/vendor/npm.tldts.5d1a2f50a8e982ec93c1.js
Requested by: Host: cdn.intergient.com
URL: https://cdn.intergient.com/pageos/1.10.32/pageos.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:20c3:1a00:12:4abd:d340:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 71dbc4d302eeef48e7b185d8f3ea91fb05aef0d7ca2ff17d9d85631b42edfdb4

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://weirdorconfusing.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Thu, 01 Feb 2024 07:31:24 GMT
content-encoding: br
via: 1.1 5f3006c64f23c42b9bf4b3b63c77aedc.cloudfront.net (CloudFront)
last-modified: Wed, 31 Jan 2024 14:45:49 GMT
server: AmazonS3
x-amz-cf-pop: MUC50-C1
age: 31479
etag: W/"4de1bbc769ad1453c037c177f863b62d"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/javascript
cache-control: public, max-age=31536000
x-amz-cf-id: zOa-KqJ71bNHX8ycqnjAihLaZoZOcuwSxiWSohdAqiqmcvDedsDBBQ==

GET
H2 200 npm.ua-parser-js.87d87f4c914560bfd6e3.js Show response
cdn.intergient.com/pageos/1.10.32/vendor/ 17 KB
8 KB 47ms
43ms Script
text/javascript 2600:9000:20c3:1a00:12:4abd:d340:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.intergient.com/pageos/1.10.32/vendor/npm.ua-parser-js.87d87f4c914560bfd6e3.js
Requested by: Host: cdn.intergient.com
URL: https://cdn.intergient.com/pageos/1.10.32/pageos.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:20c3:1a00:12:4abd:d340:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: f72c753000a9e31b145e27900b8dc595130b08a04d56f86053aef689b59b05e1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://weirdorconfusing.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Thu, 01 Feb 2024 07:31:24 GMT
content-encoding: br
via: 1.1 5f3006c64f23c42b9bf4b3b63c77aedc.cloudfront.net (CloudFront)
last-modified: Wed, 31 Jan 2024 14:45:49 GMT
server: AmazonS3
x-amz-cf-pop: MUC50-C1
age: 31479
etag: W/"36d2b2024e8116348b54e9470fd813d3"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/javascript
cache-control: public, max-age=31536000
x-amz-cf-id: uUIc2SxXTtpWp67B-GqlUsE7_pIh3aiPfj37r3IIX4LpnEaYbI8ETg==

GET
H2 200 npm.intersection-observer.3193b9e08f0049b7b4ed.js Show response
cdn.intergient.com/pageos/1.10.32/vendor/ 9 KB
3 KB 47ms
44ms Script
text/javascript 2600:9000:20c3:1a00:12:4abd:d340:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.intergient.com/pageos/1.10.32/vendor/npm.intersection-observer.3193b9e08f0049b7b4ed.js
Requested by: Host: cdn.intergient.com
URL: https://cdn.intergient.com/pageos/1.10.32/pageos.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:20c3:1a00:12:4abd:d340:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 4cfd8f747f151be5efaa25034ce0c6187dabebf35756a0c22e73a10b55ad9883

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://weirdorconfusing.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Thu, 01 Feb 2024 07:31:24 GMT
content-encoding: br
via: 1.1 5f3006c64f23c42b9bf4b3b63c77aedc.cloudfront.net (CloudFront)
last-modified: Wed, 31 Jan 2024 14:45:49 GMT
server: AmazonS3
x-amz-cf-pop: MUC50-C1
age: 31479
etag: W/"fa5ae7adfad172697f4e44144fca04a7"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/javascript
cache-control: public, max-age=31536000
x-amz-cf-id: zbFt0ulCvVLArfKayD9mK7QSV3sL6A0vpW6r8ACsFHC_frs2sBLGKw==

GET
H2 200 npm.ieee754.311fc3c8b90ccd4f62d3.js Show response
cdn.intergient.com/pageos/1.10.32/vendor/ 1 KB
996 B 48ms
45ms Script
text/javascript 2600:9000:20c3:1a00:12:4abd:d340:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.intergient.com/pageos/1.10.32/vendor/npm.ieee754.311fc3c8b90ccd4f62d3.js
Requested by: Host: cdn.intergient.com
URL: https://cdn.intergient.com/pageos/1.10.32/pageos.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:20c3:1a00:12:4abd:d340:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 10c1d7a5e91dec12cb4a76adf756add72651adf3c75e52a40743bcda0d828c91

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://weirdorconfusing.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Thu, 01 Feb 2024 07:31:24 GMT
content-encoding: br
via: 1.1 5f3006c64f23c42b9bf4b3b63c77aedc.cloudfront.net (CloudFront)
last-modified: Wed, 31 Jan 2024 14:45:49 GMT
server: AmazonS3
x-amz-cf-pop: MUC50-C1
age: 31479
etag: W/"a34b4d463351ee25923551e22aaff576"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/javascript
cache-control: public, max-age=31536000
x-amz-cf-id: JSIwzPkvA9rfEeqTYVcQ7azYyqeP2A0CLb_YUrLyd1BMjSOB5rcLXw==

GET
H2 200 npm.buffer.8c8e6040482295cd63a9.js Show response
cdn.intergient.com/pageos/1.10.32/vendor/ 20 KB
6 KB 48ms
45ms Script
text/javascript 2600:9000:20c3:1a00:12:4abd:d340:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.intergient.com/pageos/1.10.32/vendor/npm.buffer.8c8e6040482295cd63a9.js
Requested by: Host: cdn.intergient.com
URL: https://cdn.intergient.com/pageos/1.10.32/pageos.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:20c3:1a00:12:4abd:d340:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 80e28d645699b9b16ac28e44377a7a8831a1a59823895ccac2b0ac462ccb6db6

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://weirdorconfusing.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Thu, 01 Feb 2024 07:31:25 GMT
content-encoding: br
via: 1.1 5f3006c64f23c42b9bf4b3b63c77aedc.cloudfront.net (CloudFront)
last-modified: Wed, 31 Jan 2024 14:45:49 GMT
server: AmazonS3
x-amz-cf-pop: MUC50-C1
age: 31478
etag: W/"7779bd1da0b39290bbfd76f486703941"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/javascript
cache-control: public, max-age=31536000
x-amz-cf-id: -R_sTB5bA9-91KX2E20zXrlrBbe6svu5OH3oYKT5zftys6xcrsK5Mw==

GET
H2 200 npm.base64-js.fd0d599eb41eee80ac19.js Show response
cdn.intergient.com/pageos/1.10.32/vendor/ 1 KB
1 KB 49ms
46ms Script
text/javascript 2600:9000:20c3:1a00:12:4abd:d340:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.intergient.com/pageos/1.10.32/vendor/npm.base64-js.fd0d599eb41eee80ac19.js
Requested by: Host: cdn.intergient.com
URL: https://cdn.intergient.com/pageos/1.10.32/pageos.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:20c3:1a00:12:4abd:d340:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: be98b23d8a875e2b70630161759ad2b83a2c43acec9d01ad86884673feaf9894

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://weirdorconfusing.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Thu, 01 Feb 2024 07:31:25 GMT
content-encoding: br
via: 1.1 5f3006c64f23c42b9bf4b3b63c77aedc.cloudfront.net (CloudFront)
last-modified: Wed, 31 Jan 2024 14:45:49 GMT
server: AmazonS3
x-amz-cf-pop: MUC50-C1
age: 31478
etag: W/"5560d29641c3943c4cabe751f1928b56"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/javascript
cache-control: public, max-age=31536000
x-amz-cf-id: k6J7mTJzT_k926Pq2TIqKPxP-8G6OF84fJtWLLeNKpzTLKDO0mLlgA==

GET
H2 200 main.12bdcca450f17dc87029.js Show response
cdn.intergient.com/pageos/1.10.32/ 144 KB
39 KB 49ms
47ms Script
text/javascript 2600:9000:20c3:1a00:12:4abd:d340:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.intergient.com/pageos/1.10.32/main.12bdcca450f17dc87029.js
Requested by: Host: cdn.intergient.com
URL: https://cdn.intergient.com/pageos/1.10.32/pageos.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:20c3:1a00:12:4abd:d340:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 6a25b35fdcbc736af646299cfebaaf632d98c41127abf3a2c66a3ead97e5f4da

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://weirdorconfusing.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Thu, 01 Feb 2024 07:31:25 GMT
content-encoding: br
via: 1.1 5f3006c64f23c42b9bf4b3b63c77aedc.cloudfront.net (CloudFront)
last-modified: Wed, 31 Jan 2024 14:45:49 GMT
server: AmazonS3
x-amz-cf-pop: MUC50-C1
age: 31478
etag: W/"0d365a1f388eab475eeb88758e383b7b"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/javascript
cache-control: public, max-age=31536000
x-amz-cf-id: b7WDWQpbiFcLELPPOGaTrs10pNTqNXtPRyIw5-AsxjmjZ07GB3GVQQ==

POST
H2 204 collect
region1.google-analytics.com/g/ 0
45 B 19ms
17ms Ping
text/plain 2001:4860:4802:32::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.google-analytics.com/g/collect?v=2&tid=G-RF3445PVZM&gtm=45je41v0v9102397036&_p=1706804161909&gcd=11l1l1l1l1&npa=0&dma_cps=sypham&dma=1&cid=2061908179.1706804162&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&pscdl=noapi&_s=1&sid=1706804162&sct=1&seg=0&dl=https%3A%2F%2Fweirdorconfusing.com%2F&dt=Weird%20or%20Confusing&en=ramp_js&_fv=1&_ss=1&_ee=1&ep.pageview_id=1706804161909&tfd=241
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-RF3445PVZM&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://weirdorconfusing.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 01 Feb 2024 16:16:02 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://weirdorconfusing.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 skeleton.gif
static.adsafeprotected.com/ 43 B
483 B 75ms
17ms Image
image/gif 2600:9000:26da:7e00:8:48e:53c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.adsafeprotected.com/skeleton.gif?adslot=ad_300x250_343158
Requested by: Host: weirdorconfusing.com
URL: https://weirdorconfusing.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:26da:7e00:8:48e:53c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 42b976597a2d977d0e300f6d06bc903db389e5c112d33c1c8c249690a522d9f2

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://weirdorconfusing.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Mon, 11 Dec 2023 17:29:44 GMT
x-amz-version-id: iiN8XkcmZQdDIQeKkzAiegPwcD.5WPja
via: 1.1 c318f6c5edde4e7ab2b9ba2243b14b28.cloudfront.net (CloudFront)
x-amz-cf-pop: MUC50-P4
age: 4488379
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
content-length: 43
last-modified: Mon, 17 Aug 2020 23:55:15 GMT
server: AmazonS3
etag: "45cf913e5d9d3c9b2058033056d3dd23"
content-type: image/gif
cache-control: max-age=315360000
accept-ranges: bytes
x-amz-cf-id: 5oWU6vhybUW2vETYFXb7_OObveAvrIbC4rTA5NKcRZnlvB163N_z5g==

GET
H2 200 videoCard.0ade41255267a986b7f9.js Show response
cdn.intergient.com/pageos/1.10.32/ 555 B
934 B 14ms
14ms Script
text/javascript 2600:9000:20c3:1a00:12:4abd:d340:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.intergient.com/pageos/1.10.32/videoCard.0ade41255267a986b7f9.js
Requested by: Host: cdn.intergient.com
URL: https://cdn.intergient.com/pageos/1.10.32/runtime.405484225a1cc8fc781b.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:20c3:1a00:12:4abd:d340:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 184b753eb7ee8ace3abc3e6db8facfe5e2bced8574fe21391edb7abea71d343e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://weirdorconfusing.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Wed, 31 Jan 2024 17:01:53 GMT
via: 1.1 5f3006c64f23c42b9bf4b3b63c77aedc.cloudfront.net (CloudFront)
last-modified: Wed, 31 Jan 2024 14:45:49 GMT
server: AmazonS3
x-amz-cf-pop: MUC50-C1
age: 83650
etag: "623d9e0ced78fed3a6f039501c0975e6"
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
content-length: 555
x-amz-cf-id: h-QizVjNQZJaDr0ovAvhJQkYCDUOmPzEJylCY2XNiCVy_PoCuydVFA==

GET
H2 200 batchHandler.712efb919d92d7a3f3d8.js Show response
cdn.intergient.com/pageos/1.10.32/ 3 KB
2 KB 15ms
15ms Script
text/javascript 2600:9000:20c3:1a00:12:4abd:d340:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.intergient.com/pageos/1.10.32/batchHandler.712efb919d92d7a3f3d8.js
Requested by: Host: cdn.intergient.com
URL: https://cdn.intergient.com/pageos/1.10.32/runtime.405484225a1cc8fc781b.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:20c3:1a00:12:4abd:d340:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: dc211d3f0df83976c6d3243536973065e0393260b7e0259e087a9fe9ebb09ab5

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://weirdorconfusing.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Thu, 01 Feb 2024 07:31:26 GMT
content-encoding: br
via: 1.1 5f3006c64f23c42b9bf4b3b63c77aedc.cloudfront.net (CloudFront)
last-modified: Wed, 31 Jan 2024 14:45:49 GMT
server: AmazonS3
x-amz-cf-pop: MUC50-C1
age: 31476
etag: W/"c86b4b72aeb3e2fa6d45ff2243ba5eda"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/javascript
cache-control: public, max-age=31536000
x-amz-cf-id: 2I6rM1V0fllUVJ1gO7cvkXY9XUedP8JozVimgGMf6YNIbMAiyesP_A==

GET
H2 200 gdpr.9eba065f0a22be01768e.js Show response
cdn.intergient.com/pageos/1.10.32/ 6 KB
2 KB 15ms
15ms Script
text/javascript 2600:9000:20c3:1a00:12:4abd:d340:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.intergient.com/pageos/1.10.32/gdpr.9eba065f0a22be01768e.js
Requested by: Host: cdn.intergient.com
URL: https://cdn.intergient.com/pageos/1.10.32/runtime.405484225a1cc8fc781b.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:20c3:1a00:12:4abd:d340:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 9661af25cf556a79ed0f7aeb375e9672ff3ceac1df6652a10fd9bb38efe5c31b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://weirdorconfusing.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Thu, 01 Feb 2024 07:31:26 GMT
content-encoding: br
via: 1.1 5f3006c64f23c42b9bf4b3b63c77aedc.cloudfront.net (CloudFront)
last-modified: Wed, 31 Jan 2024 14:45:49 GMT
server: AmazonS3
x-amz-cf-pop: MUC50-C1
age: 31476
etag: W/"a11ba0ea5f2e8e3cae1bfe2d10c44d85"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/javascript
cache-control: public, max-age=31536000
x-amz-cf-id: izYexf557WvWiAXvGF7Vk63kYGjTfoXcjCElH7GQ4l5-F0b-ydIaOg==

GET
H2 200 GDPR Show response
impression-inferences-edge-prod.playwire.com/websites/74069/v1/Thu/11/desktop/Chrome/ 2 KB
704 B 84ms
31ms XHR
application/json 18.66.192.106
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://impression-inferences-edge-prod.playwire.com/websites/74069/v1/Thu/11/desktop/Chrome/GDPR
Requested by: Host: cdn.intergient.com
URL: https://cdn.intergient.com/pageos/1.10.32/main.12bdcca450f17dc87029.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.192.106 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-192-106.muc50.r.cloudfront.net
Software: CloudFront /
Resource Hash: 104f87cf5c541b46faf3a5ee0b5a599323dfb2726cb47bb113e7d39dd68177b9

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://weirdorconfusing.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Thu, 01 Feb 2024 16:00:04 GMT
content-encoding: br
via: 1.1 32162aed20605276097da109dc97c5b0.cloudfront.net (CloudFront)
server: CloudFront
x-amz-cf-pop: MUC50-P1
age: 958
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/json
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: max-age=3600, public, must-revalidate
x-amz-cf-id: dZgE6lRCEOfkh6QekH-3XeIis2NgailiZiYjj_m52kUbkYLhskV6fQ==

GET
H2 200 tag Show response
btloader.com/ 97 KB
28 KB 36ms
18ms Script
application/javascript 2606:4700:10::6816:4ad8
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://btloader.com/tag?o=5150306120761344&upapi=true
Requested by: Host: cdn.intergient.com
URL: https://cdn.intergient.com/pageos/1.10.32/main.12bdcca450f17dc87029.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:4ad8 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ad76567625c74001883dd413e55b82cd443751cfd6bc76e9ce76505e3a8ee5b1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://weirdorconfusing.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Thu, 01 Feb 2024 16:16:02 GMT
content-encoding: gzip
via: 1.1 google
cf-cache-status: HIT
last-modified: Thu, 01 Feb 2024 15:57:28 GMT
server: cloudflare
age: 974
etag: "06d871a90f1f68c6ac985cbf1a5e4396"
vary: Origin, Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=300, must-revalidate, stale-if-error=3600, stale-while-revalidate=300
accept-ranges: bytes
cf-ray: 84eb7f1deb9a6adf-FRA
content-length: 28415

GET
H2 200 nielsen.177940d117fe5b665b32.js Show response
cdn.intergient.com/pageos/1.10.32/ 1 KB
1 KB 14ms
10ms Script
text/javascript 2600:9000:20c3:1a00:12:4abd:d340:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.intergient.com/pageos/1.10.32/nielsen.177940d117fe5b665b32.js
Requested by: Host: cdn.intergient.com
URL: https://cdn.intergient.com/pageos/1.10.32/runtime.405484225a1cc8fc781b.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:20c3:1a00:12:4abd:d340:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 3aea5db5acd0fad553746757387624977fe535db0c6e8692bcb8253c21540e6d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://weirdorconfusing.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Thu, 01 Feb 2024 07:31:26 GMT
content-encoding: br
via: 1.1 5f3006c64f23c42b9bf4b3b63c77aedc.cloudfront.net (CloudFront)
last-modified: Wed, 31 Jan 2024 14:45:49 GMT
server: AmazonS3
x-amz-cf-pop: MUC50-C1
age: 31476
etag: W/"17bd0e80bee3774647f85b539bd0cbb3"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/javascript
cache-control: public, max-age=31536000
x-amz-cf-id: WgKB9V5hOsBGWF_PIf1MZkfhfLD72-sWlAQ6wD-DWeblZH_K0vNmyA==

GET
H2 200 moatheader.js Show response
z.moatads.com/playwireprebidheader597261727146/ 115 KB
43 KB 59ms
14ms Script
application/x-javascript 23.35.237.151
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://z.moatads.com/playwireprebidheader597261727146/moatheader.js
Requested by: Host: cdn.intergient.com
URL: https://cdn.intergient.com/pageos/1.10.32/main.12bdcca450f17dc87029.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.35.237.151 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-35-237-151.deploy.static.akamaitechnologies.com
Software: AmazonS3 /
Resource Hash: fe5cbc2686cc18569a4839fa27912feed13b18ddaf7c88fe85a596de3c34f922

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://weirdorconfusing.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Thu, 01 Feb 2024 16:16:02 GMT
content-encoding: gzip
last-modified: Wed, 17 Jan 2024 10:56:47 GMT
server: AmazonS3
x-amz-request-id: R8EXRQZRMYB98QWY
etag: "7e272de710a5a4cbd8f5f024e4874845"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
content-type: application/x-javascript
cache-control: max-age=54545
accept-ranges: bytes
content-length: 43783
x-amz-id-2: psxSmp5x6P2UMdi4CbwVZwuCZ04i6yTZRkUO+k4upyHRYmdeaRLL89P7EO+TrhgLz+8IVv2iooznO+xr4/VfheT7o4Hy5uVr65uBRJGV3W0=

GET
H2 200 pixel.gif
px.moatads.com/ 43 B
265 B 60ms
17ms Image
image/gif 23.35.237.151
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.moatads.com/pixel.gif
Requested by: Host: weirdorconfusing.com
URL: https://weirdorconfusing.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.35.237.151 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-35-237-151.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://weirdorconfusing.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

unused62: 8096267
pragma: no-cache
date: Thu, 01 Feb 2024 16:16:02 GMT
last-modified: Fri, 20 May 2016 15:16:00 GMT
server: AkamaiNetStorage
etag: "ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type: image/gif
cache-control: max-age=0, no-cache, no-store
accept-ranges: bytes
content-length: 43
expires: Thu, 01 Feb 2024 16:16:02 GMT

GET
H2 200 css2
fonts.googleapis.com/ 761 B
478 B 16ms
16ms Stylesheet
text/css 2a00:1450:4001:82a::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Lato&display=swap

Requested by

Host: client
URL: about:client

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

f88d7a194e7f67fdc5e4f2cedd32e1d040d9976e4814adcaf7e56330a0653d5c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://weirdorconfusing.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Thu, 01 Feb 2024 16:16:02 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Thu, 01 Feb 2024 15:53:19 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Thu, 01 Feb 2024 16:16:02 GMT

GET
H2 200 api.js Show response
www.google.com/recaptcha/ 1 KB
1 KB 38ms
16ms Script
text/javascript 2a00:1450:4001:829::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api.js?onload=loadRecaptchaForbd1916547be011edbbe5392bd510cd34&render=explicit

Requested by

Host: eocampaign1.com
URL: https://eocampaign1.com/form/bd191654-7be0-11ed-bbe5-392bd510cd34.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

0198483a985e95f7c02deac233964afefb72155a7cb8ad1dcbfaf346c0fb37ad

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://weirdorconfusing.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Thu, 01 Feb 2024 16:16:02 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy: frame-ancestors 'self'
server: GSE
x-frame-options: SAMEORIGIN
content-type: text/javascript; charset=utf-8
cache-control: private, max-age=300
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 1; mode=block
expires: Thu, 01 Feb 2024 16:16:02 GMT

GET
H2 200 pubads_impl.js Show response
securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202401290101/ 436 KB
136 KB 8ms
7ms Script
text/javascript 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202401290101/pubads_impl.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

208e5d881a92d84ae1c0e296c5bafe669ec7ac8f87ede263ff5a84de441bdb55

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://weirdorconfusing.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Thu, 01 Feb 2024 14:37:50 GMT
content-encoding: br
x-content-type-options: nosniff
age: 5892
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 139485
x-xss-protection: 0
server: cafe
etag: 9760076492862216199
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, immutable, max-age=31536000
timing-allow-origin: *
expires: Fri, 31 Jan 2025 14:37:50 GMT

GET
H2 200 otto.svg
gallery.eo.page/tentacles/icons/v1/powered-by/ 3 KB
2 KB 155ms
34ms Image
image/svg+xml 2606:4700:3032::6815:39f0
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://gallery.eo.page/tentacles/icons/v1/powered-by/otto.svg
Requested by: Host: weirdorconfusing.com
URL: https://weirdorconfusing.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3032::6815:39f0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 49fc0234fad60121e36dd546751351adebebf231f27c8d8d105de0ffe33cb96e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://weirdorconfusing.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Thu, 01 Feb 2024 16:16:02 GMT
x-amz-version-id: null
via: 1.1 87460d1a148290fafb5fd26353cffdee.cloudfront.net (CloudFront)
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-cf-pop: CDG52-P5
age: 459
content-encoding: br
x-cache: Hit from cloudfront
alt-svc: h3=":443"; ma=86400
last-modified: Fri, 04 Dec 2020 17:25:12 GMT
server: cloudflare
etag: W/"72cefcb1dfdc4a35d5899af8e6f9f06c"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=yBDPJQPmPAwpduwHaJshqWiogFU%2BVNwoaXmqbHuGXC5nh%2Bq5IlhRIgGamHm8Mrl5LyLTjsO8bT46ccaJlwEyoMnQBYyuvkWq1ZfNuobVIfxlevHfusCEvcw%2FtykebWZNZKrA8G8d6HF32VG35%2F0%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
cache-control: max-age=14400
cf-ray: 84eb7f1ebe67153f-CDG
x-amz-cf-id: ZZXnmr75-YDhUk2SYsELaTannPTmkHNSE_4qFkaf30e9ugWBlKrG7Q==

GET
H2 200 aws-sdk-kinesis.min.js.br Show response
cdn.intergient.com/pageos/js/libs/ 227 KB
57 KB 16ms
14ms Script
text/javascript 2600:9000:20c3:1a00:12:4abd:d340:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.intergient.com/pageos/js/libs/aws-sdk-kinesis.min.js.br
Requested by: Host: cdn.intergient.com
URL: https://cdn.intergient.com/pageos/1.10.32/batchHandler.712efb919d92d7a3f3d8.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:20c3:1a00:12:4abd:d340:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: b41e0020ff5a4bec857828c37b9a425a5e0024aac1fb1519dd9cf4562f0681ee

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://weirdorconfusing.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Thu, 01 Feb 2024 06:54:39 GMT
content-encoding: br
via: 1.1 5f3006c64f23c42b9bf4b3b63c77aedc.cloudfront.net (CloudFront)
last-modified: Tue, 15 Feb 2022 19:02:54 GMT
server: AmazonS3
x-amz-cf-pop: MUC50-C1
age: 33684
etag: "575b9635960fa1d9b7ba4dafe1d2e7f5"
x-cache: Hit from cloudfront
content-type: text/javascript
accept-ranges: bytes
content-length: 57858
x-amz-cf-id: FTZyEiEdhgCXI6StR3L9N2CPDU9F8peKGijRNQGNkVXynwFnpKMOjw==

GET
H2 204 state Show response
api.btloader.com/mw/ 0
101 B 142ms
120ms Fetch 130.211.23.194
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://api.btloader.com/mw/state?bt_env=prod
Requested by: Host: btloader.com
URL: https://btloader.com/tag?o=5150306120761344&upapi=true
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 130.211.23.194 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 194.23.211.130.bc.googleusercontent.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://weirdorconfusing.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

access-control-allow-origin: *
date: Thu, 01 Feb 2024 16:16:02 GMT
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
vary: Origin

GET
H2 200 px.gif
ad-delivery.net/ 43 B
339 B 45ms
17ms Image
image/gif 2606:4700:20::ac43:4513
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ad-delivery.net/px.gif?ch=2
Requested by: Host: weirdorconfusing.com
URL: https://weirdorconfusing.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:4513 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://weirdorconfusing.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Thu, 01 Feb 2024 16:16:02 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 52498
x-guploader-uploadid: ABPtcPpIYU9GYWA9d34v55U3xtuPZwpzH-8zlNuoZeC48JgUSin9ojWXWINElBv9r-OXw11U0tgCQpYCow
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 5
x-goog-stored-content-encoding: identity
content-length: 43
last-modified: Wed, 05 May 2021 19:25:32 GMT
server: cloudflare
etag: "ad4b0f606e0f8465bc4c4c170b37e1a3"
vary: Accept-Encoding
x-goog-generation: 1620242732037093
content-type: image/gif
access-control-allow-origin: *
x-goog-hash: crc32c=cpEfJQ==, md5=rUsPYG4PhGW8TEwXCzfhow==
access-control-expose-headers: *, Content-Length, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
cache-control: public, max-age=86400
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=QeN8soEn0uUsCLDdCiTE7wV1OhTNI9ADOZAaEFiYwkKWiAoRA4q3JLEC3tXhiXqLAholPY8oLYqey%2Fe0pxDPi0DzlragRfRDiQzNvNY8M86Kh6DK%2FR25WT%2FrqlLu5Nxa%2FsSmT6IeESOmArJucw%3D%3D"}],"group":"cf-nel","max_age":604800}
x-goog-stored-content-length: 43
accept-ranges: bytes
cf-ray: 84eb7f1e3d947188-FRA
expires: Thu, 01 Feb 2024 02:06:06 GMT

GET
H2 200 favicon.ico
ad.doubleclick.net/ 1 KB
571 B 29ms
7ms Image
image/x-icon 142.250.184.198
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ad.doubleclick.net/favicon.ico?ad=300x250&ad_box_=1&adnet=1&showad=1&size=250x250

Requested by

Host: weirdorconfusing.com
URL: https://weirdorconfusing.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.184.198 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s11-in-f6.1e100.net

Software

sffe /

Resource Hash

d961b08e4321250926de6f79087594975fe20ad1518de8f91eb711af5d1a6ef8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://weirdorconfusing.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Thu, 01 Feb 2024 12:58:06 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 11876
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 104
x-xss-protection: 0
last-modified: Tue, 08 May 2012 13:08:06 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/x-icon
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Fri, 02 Feb 2024 12:58:06 GMT

GET
H2 200 px.gif
ad-delivery.net/ 43 B
916 B 43ms
16ms Image
image/gif 2606:4700:20::ac43:4513
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ad-delivery.net/px.gif?ch=1&e=0.28990666376435503
Requested by: Host: weirdorconfusing.com
URL: https://weirdorconfusing.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:4513 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://weirdorconfusing.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Thu, 01 Feb 2024 16:16:02 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 52498
x-guploader-uploadid: ABPtcPpIYU9GYWA9d34v55U3xtuPZwpzH-8zlNuoZeC48JgUSin9ojWXWINElBv9r-OXw11U0tgCQpYCow
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 5
x-goog-stored-content-encoding: identity
content-length: 43
last-modified: Wed, 05 May 2021 19:25:32 GMT
server: cloudflare
etag: "ad4b0f606e0f8465bc4c4c170b37e1a3"
vary: Accept-Encoding
x-goog-generation: 1620242732037093
content-type: image/gif
access-control-allow-origin: *
x-goog-hash: crc32c=cpEfJQ==, md5=rUsPYG4PhGW8TEwXCzfhow==
access-control-expose-headers: *, Content-Length, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
cache-control: public, max-age=86400
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=RlOmUBtp6wbOfRvTqWGbHAC7ewLQJO4ckJQ9R2Y3LfAubPHvFiMDE1aHyBLjTtbwM7eNw753%2BHVuk4lED79XCyG01mIHM2ty5Wz2xfOF4qLssUsX1yqBuglyvMwGUS1Urn1HdLGbgqMunBVGfA%3D%3D"}],"group":"cf-nel","max_age":604800}
x-goog-stored-content-length: 43
accept-ranges: bytes
cf-ray: 84eb7f1e3d967188-FRA
expires: Thu, 01 Feb 2024 02:06:06 GMT

GET
H2 200 S6uyw4BMUTPHjx4wXg.woff2
fonts.gstatic.com/s/lato/v24/ 23 KB
23 KB 7ms
7ms Font
font/woff2 2a00:1450:4001:806::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/lato/v24/S6uyw4BMUTPHjx4wXg.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Lato&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

918b7dc3e2e2d015c16ce08b57bcb64d2253bafc1707658f361e72865498e537

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://weirdorconfusing.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 30 Jan 2024 19:11:24 GMT
x-content-type-options: nosniff
age: 162278
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 23580
x-xss-protection: 0
last-modified: Tue, 02 May 2023 15:17:22 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 29 Jan 2025 19:11:24 GMT

GET
H2 200 154013155 Show response
fundingchoicesmessages.google.com/i/ 183 KB
61 KB 65ms
43ms Script
application/javascript 2a00:1450:4001:830::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/i/154013155?ers=3

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202401290101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

d270385f1c71d4dab86509a14930f04cbef76dc0e860f3f7b86c247dd17fcd0e

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-L4V-XQvfsYAh1sosQVU6BA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingWebSwitchboardHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://weirdorconfusing.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Thu, 01 Feb 2024 16:16:02 GMT
content-security-policy: script-src 'report-sample' 'nonce-L4V-XQvfsYAh1sosQVU6BA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingWebSwitchboardHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
reporting-endpoints: default="/_/ContributorServingWebSwitchboardHttp/web-reports?context=eJzjOsOoxSXF4KEhxXDe6Q7TdSC-qPKU6SYQ1zI8Y2oF4gfhz5heALGBxnMmCyAuyH7OVAHEjH9eMHEC8bsvL5k4vr5kkgBiNSB-J_mK6RsQ7_DxYHkTPp2VLQKIK6az8gFxXN101hwg5ls3nVVz_XTWLWems-4B4pjn01lTgHgx6wzW1UA8JXAG6xwgbomewToJiJ3SZ7AGAPHnzBmsv4HYp34GaxQQl90-x1oHxMJy51mlgViIh-NQ-_u1bAIdJ9oWMgIA04dZRQ"
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
timing-allow-origin: *
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 recaptcha__de.js Show response
www.gstatic.com/recaptcha/releases/MHBiAvbtvk5Wb2eTZHoP1dUd/ 491 KB
196 KB 27ms
7ms Script
text/javascript 2a00:1450:4001:831::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/MHBiAvbtvk5Wb2eTZHoP1dUd/recaptcha__de.js

Requested by

Host: www.google.com
URL: https://www.google.com/recaptcha/api.js?onload=loadRecaptchaForbd1916547be011edbbe5392bd510cd34&render=explicit

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

9da5c4d7969780a833c887b65df58a3b6abe8fdac34dfaafd12fb821dfe88a52

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://weirdorconfusing.com/
Origin: https://weirdorconfusing.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Thu, 01 Feb 2024 02:37:06 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 49136
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 200286
x-xss-protection: 0
last-modified: Mon, 29 Jan 2024 03:01:23 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
vary: Accept-Encoding
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Fri, 31 Jan 2025 02:37:06 GMT

GET
H2 200 v2 Show response
mb.moatads.com/yi/ 347 B
526 B 154ms
62ms Script
text/html 141.147.81.223
ORACLE-BMC-31898

General

Check archive.org

Show headers Download Go to

Full URL: https://mb.moatads.com/yi/v2?ol=0&qn=%604%7BZEYwoqI%24%5BK%2BdLLU)%2CMm~tM!90vv9L%24%2FoDb%2Fz(lKm3GFlNUU%2Cu%5Bh_GcS%25%5BHvLU%5B4(K%2B%7BgeFWl_%3DNqUXR%3A%3D%2BAxMn%3Ch%2CyenA8p%2FHm%24%60%233P(ry5*ZRocMp1tq%5BN%7Bq%60RP%3CG.ceFW%7CoG%22mxT%3Bwv%40V374BKm55%3D%261fp%5BoU5t(K%25.I%24%3D!%5DxPm2i3MAJ1%5D6WAJN3NZ_h)G%3E3%5D*lTr1W*d%5B4kf%2FLyUoRdByZ%3CPnKMV%25%3C%2Cbq.%22oDOk%2Cz%25GY&tf=1_nMzjG---CSa7H-1SJH-bW7qhB-LRwqH-nMzjG-&vi=111111&rc=1%2C1%2C0%2C3%2C3326192205%2C1%2C4%2C0%2Cprobably%2Cprobably&rb=1-GSTs7Lvoz2IHVpi6j1dGYr91P1tMeAYh8VIp1Vf7AbESGfrl5%2FmliBNlAlwWxmRnpyWz&rs=1-Fe6rgEk%2F0rYACQ%3D%3D&sc=1&os=1-jw%3D%3D&qp=10000&is=BBBBB2BBEYBvGl2BBCBBtUTE1RmsqbKW8BsrBu0rCFE48CRBeeBS2hWTMBBQeQBBn2soYggyUig0CBlWZ0uBBCCCCCCOgRBBiOfnE6Bkg7Oxib8MwBtJYHCBdm5kBhIcC9Y8oBXckXBR76iUUsJBCBBBBBBBBBWBBBj3BBBZeGV2BBBCMciUBBBjgEBBBBBB94UMgTdJMtEcpMBBBQBBBniOccBBBBBB47kNwxBbBBBBBBBBBhcjG6BBJM2L4Bk8BwCBQmIoRBBCzBz1BBCTClBBrbBBC4ehueB57NG9aJeRzBqBBiuwBBBB&iv=8&qt=0&gz=0&hh=0&hn=0&tw=&qc=0&qd=0&qf=1600&qe=1200&qh=1600&qg=1200&qm=-60&qa=1600&qb=1200&qi=1600&qj=1200&to=000&po=1-0020002000002120&vy=ot%24b%5Bh%40%22oD~T_Gr1%3E%3AB%40NVt7%3BY%3EhyMmxNXJZPV8t6%3D%3Dh_GW3r4Aj!L%3E%2BbK0pH%23H&qr=0&url=https%3A%2F%2Fweirdorconfusing.com%2F&pcode=playwireprebidheader597261727146&rx=95891217123&callback=MoatNadoAllJsonpRequest_53296852
Requested by: Host: z.moatads.com
URL: https://z.moatads.com/playwireprebidheader597261727146/moatheader.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 141.147.81.223 Slough, United Kingdom, ASN31898 (ORACLE-BMC-31898, US),
Reverse DNS
Software: istio-envoy /
Resource Hash: 2c4501f5219d5e6e35862e36006c51a0d39ee9e9b01e446cfac626e510326255

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://weirdorconfusing.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Thu, 01 Feb 2024 16:16:02 GMT
server: istio-envoy
etag: "6c63ada7349ddebd47a0bdd6bac6c8fb0d2e44a6"
content-type: text/html; charset=UTF-8
cache-control: max-age=900
x-envoy-upstream-service-time: 35
timing-allow-origin: *
content-length: 347

GET
H2 200 anchor Show response
www.google.com/recaptcha/api2/ Frame 8450 45 KB
29 KB 29ms
29ms Document
text/html 2a00:1450:4001:829::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LdYsmsUAAAAAPXVTt-ovRsPIJ_IVhvYBBhGvRV6&co=aHR0cHM6Ly93ZWlyZG9yY29uZnVzaW5nLmNvbTo0NDM.&hl=de&type=image&v=MHBiAvbtvk5Wb2eTZHoP1dUd&theme=light&size=invisible&cb=evdt88ktar6t

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/MHBiAvbtvk5Wb2eTZHoP1dUd/recaptcha__de.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

7b59280c12663c1ecc55a15617c09923730479b573896022e44f42db8bf325f1

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-Vaj2Y9crO43gjuYC4lwNxg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://weirdorconfusing.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-encoding: gzip
content-security-policy: script-src 'report-sample' 'nonce-Vaj2Y9crO43gjuYC4lwNxg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Thu, 01 Feb 2024 16:16:02 GMT
expires: Mon, 01 Jan 1990 00:00:00 GMT
pragma: no-cache
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H2 200 AGSKWxXd6ND7BsEkF3IeSA3VKgjbF0Y8C7qxmi1ptui7MQBNZdWBQE4HKCW2BebXLWGVzuyWSN8YrcP0P8NglytAdtUAxeZu2ApOA5wRS5XRhYBiNkXaQv7Xrm1SgcRxv8veJoojHF-6fA== Show response
fundingchoicesmessages.google.com/f/ 623 KB
82 KB 162ms
162ms Script
application/javascript 2a00:1450:4001:830::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/f/AGSKWxXd6ND7BsEkF3IeSA3VKgjbF0Y8C7qxmi1ptui7MQBNZdWBQE4HKCW2BebXLWGVzuyWSN8YrcP0P8NglytAdtUAxeZu2ApOA5wRS5XRhYBiNkXaQv7Xrm1SgcRxv8veJoojHF-6fA==?fccs=W251bGwsbnVsbCxudWxsLG51bGwsbnVsbCxudWxsLFsxNzA2ODA0MTYyLDM3MDAwMDAwMF0sbnVsbCxudWxsLG51bGwsW251bGwsWzddXSwiaHR0cHM6Ly93ZWlyZG9yY29uZnVzaW5nLmNvbS8iLG51bGwsW1s4LCJsTUl6ZEFLS0RFWSJdLFs5LCJkZSJdLFsxOSwiMSJdLFsxNywiWzBdIl1dXQ

Requested by

Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.de.lMIzdAKKDEY.es5.O/am=wA/d=1/rs=AJlcJMydysWSwbIpNQ8XJtR_bqujs8v2Qw/m=kernel_loader,loader_js_executable

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

1183fa6e0a645528987cae2f0143f28817835f33d8686b978eb8dcf48092ad71

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport, script-src 'report-sample' 'nonce-pmLEw_mAUvt9VCmZhIza6Q' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://weirdorconfusing.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Thu, 01 Feb 2024 16:16:02 GMT
content-security-policy: require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport, script-src 'report-sample' 'nonce-pmLEw_mAUvt9VCmZhIza6Q' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
reporting-endpoints: default="/_/ContributorGlobalRouterHttp/web-reports?context=eJzjusKoxSXF4KIhxXDy1m2mi0B83ukO03UgvqjylOkmENcyPGNqBeIH4c-YXgCxgcZzJgsgLsh-zlQBxIx_XjBxAvG7Ly-ZOL6-ZJIAYjUgfif5iukbEO_w8WB5Ez6dlS0CiCums_IBcVzddNYcIOZbN51Vc_101i1nprPuAeKY59NZU4B4MesM1tVAPCVwBuscIG6JnsE6CYid0mewBgDx58wZrL-B2Kd-BmsUEJfdPsdaB8TCcudZpYFYiIfjUPv7tWwCKx6d-sUIACEEXyg"
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
timing-allow-origin: *
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 country Show response
api.btloader.com/ 16 B
132 B 117ms
117ms Fetch
application/json 130.211.23.194
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://api.btloader.com/country
Requested by: Host: btloader.com
URL: https://btloader.com/tag?o=5150306120761344&upapi=true
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 130.211.23.194 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 194.23.211.130.bc.googleusercontent.com
Software: /
Resource Hash: a04a64eb55c4a16ed352d149385a8ac8d8c2d3291f0e5b59b0f48375443b5f24

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://weirdorconfusing.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Thu, 01 Feb 2024 16:16:02 GMT
via: 1.1 google
vary: Origin
content-type: application/json
access-control-allow-origin: *
cache-control: private, max-age=300, stale-while-revalidate=600, stale-if-error=600
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 16

GET
H2 204 pv Show response
api.btloader.com/ 0
66 B 117ms
117ms XHR
text/plain 130.211.23.194
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://api.btloader.com/pv?tid=vj6vDpmZA8&w=5109211052113920&o=5150306120761344&cv=2.1.30-2-g4e2aded&widget=false&r=false&vr=1600x1200&pageURL=https%3A%2F%2Fweirdorconfusing.com%2F&sid=eTvE17vpzD&pm=false&upapi=true
Requested by: Host: btloader.com
URL: https://btloader.com/tag?o=5150306120761344&upapi=true
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 130.211.23.194 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 194.23.211.130.bc.googleusercontent.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://weirdorconfusing.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

access-control-allow-origin: *
date: Thu, 01 Feb 2024 16:16:02 GMT
cache-control: no-cache, no-store, must-revalidate
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
vary: Origin

GET
H3 200 styles__ltr.css
www.gstatic.com/recaptcha/releases/MHBiAvbtvk5Wb2eTZHoP1dUd/ Frame 8450 55 KB
24 KB 22ms
7ms Stylesheet
text/css 2a00:1450:4001:831::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/MHBiAvbtvk5Wb2eTZHoP1dUd/styles__ltr.css

Requested by

Host: www.google.com
URL: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LdYsmsUAAAAAPXVTt-ovRsPIJ_IVhvYBBhGvRV6&co=aHR0cHM6Ly93ZWlyZG9yY29uZnVzaW5nLmNvbTo0NDM.&hl=de&type=image&v=MHBiAvbtvk5Wb2eTZHoP1dUd&theme=light&size=invisible&cb=evdt88ktar6t

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7859a62e04b0acb06516eb12454de6673883ecfaeaed6c254659bca7cd59c050

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Thu, 01 Feb 2024 12:51:38 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 12264
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 24606
x-xss-protection: 0
last-modified: Mon, 29 Jan 2024 03:01:23 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
vary: Accept-Encoding
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/css
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Fri, 31 Jan 2025 12:51:38 GMT

GET
H3 200 recaptcha__de.js Show response
www.gstatic.com/recaptcha/releases/MHBiAvbtvk5Wb2eTZHoP1dUd/ Frame 8450 491 KB
196 KB 21ms
6ms Script
text/javascript 2a00:1450:4001:831::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/MHBiAvbtvk5Wb2eTZHoP1dUd/recaptcha__de.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

9da5c4d7969780a833c887b65df58a3b6abe8fdac34dfaafd12fb821dfe88a52

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Thu, 01 Feb 2024 02:37:06 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 49136
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 200286
x-xss-protection: 0
last-modified: Mon, 29 Jan 2024 03:01:23 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
vary: Accept-Encoding
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Fri, 31 Jan 2025 02:37:06 GMT

GET
H3 200 KkWFeSURekXGycdprVC-UY6ED-ZF5ll2JCMiHhJE2Rk.js Show response
www.google.com/js/bg/ Frame 8450 17 KB
7 KB 7ms
6ms Script
text/javascript 2a00:1450:4001:829::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/js/bg/KkWFeSURekXGycdprVC-UY6ED-ZF5ll2JCMiHhJE2Rk.js

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/MHBiAvbtvk5Wb2eTZHoP1dUd/recaptcha__de.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

2a45857925117a45c6c9c769ad50be518e840fe645e659762423221e1244d919

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LdYsmsUAAAAAPXVTt-ovRsPIJ_IVhvYBBhGvRV6&co=aHR0cHM6Ly93ZWlyZG9yY29uZnVzaW5nLmNvbTo0NDM.&hl=de&type=image&v=MHBiAvbtvk5Wb2eTZHoP1dUd&theme=light&size=invisible&cb=evdt88ktar6t
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 30 Jan 2024 18:58:24 GMT
content-encoding: br
x-content-type-options: nosniff
age: 163058
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6842
x-xss-protection: 0
last-modified: Mon, 15 Jan 2024 10:00:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 29 Jan 2025 18:58:24 GMT

GET
H3 200 logo_48.png
www.gstatic.com/recaptcha/api2/ Frame 8450 2 KB
2 KB 9ms
8ms Image
image/png 2a00:1450:4001:831::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gstatic.com/recaptcha/api2/logo_48.png

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/MHBiAvbtvk5Wb2eTZHoP1dUd/styles__ltr.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1b9efb22c938500971aac2b2130a475fa23684dd69e43103894968df83145b8a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.gstatic.com/recaptcha/releases/MHBiAvbtvk5Wb2eTZHoP1dUd/styles__ltr.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Mon, 29 Jan 2024 19:56:54 GMT
x-content-type-options: nosniff
age: 245948
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2228
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: image/png
cache-control: public, max-age=604800
accept-ranges: bytes
expires: Mon, 05 Feb 2024 19:56:54 GMT

GET
H3 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v18/ Frame 8450 15 KB
15 KB 6ms
6ms Font
font/woff2 2a00:1450:4001:806::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.google.com/
Origin: https://www.google.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Thu, 25 Jan 2024 23:26:56 GMT
x-content-type-options: nosniff
age: 578946
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15344
x-xss-protection: 0
last-modified: Mon, 16 Oct 2017 17:32:55 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 24 Jan 2025 23:26:56 GMT

GET
H3 200 KFOlCnqEu92Fr1MmEU9fBBc4.woff2
fonts.gstatic.com/s/roboto/v18/ Frame 8450 15 KB
15 KB 7ms
7ms Font
font/woff2 2a00:1450:4001:806::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v18/KFOlCnqEu92Fr1MmEU9fBBc4.woff2

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5a8c1e7681318caa29e9f44e8a6e271f6a4067a2703e9916dfd4fe9099241db7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.google.com/
Origin: https://www.google.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Mon, 29 Jan 2024 10:08:25 GMT
x-content-type-options: nosniff
age: 281257
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15552
x-xss-protection: 0
last-modified: Mon, 16 Oct 2017 17:33:02 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 28 Jan 2025 10:08:25 GMT

GET
H3 200 webworker.js
www.google.com/recaptcha/api2/ Frame 8450 102 B
135 B 16ms
16ms Other
text/javascript 2a00:1450:4001:829::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/webworker.js?hl=de&v=MHBiAvbtvk5Wb2eTZHoP1dUd

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

88da3de1dc2c227432343cdf8c04ff54cc97013a9c57a1f1eda56ea5a37e8b9c

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LdYsmsUAAAAAPXVTt-ovRsPIJ_IVhvYBBhGvRV6&co=aHR0cHM6Ly93ZWlyZG9yY29uZnVzaW5nLmNvbTo0NDM.&hl=de&type=image&v=MHBiAvbtvk5Wb2eTZHoP1dUd&theme=light&size=invisible&cb=evdt88ktar6t
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Thu, 01 Feb 2024 16:16:02 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy: frame-ancestors 'self'
server: GSE
cross-origin-embedder-policy: require-corp
x-frame-options: SAMEORIGIN
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/javascript; charset=utf-8
cache-control: private, max-age=300
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 1; mode=block
expires: Thu, 01 Feb 2024 16:16:02 GMT

POST
H3 200 3bf4efb507f1bed23594d189e79b38348a0de792cbb6f2d43d6be7 Show response
shapecomb.com/send/ 303 B
330 B 42ms
26ms Fetch
application/json 2600:1901:0:d733::1
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL

https://shapecomb.com/send/3bf4efb507f1bed23594d189e79b38348a0de792cbb6f2d43d6be7

Requested by

Host: shapecomb.com
URL: https://shapecomb.com/public/c73c29d774af9da8632cc28059f353e43400ea.index.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2600:1901:0:d733::1 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

Software

Resource Hash

67fe2cca5ba416dde84248f6ca96ae7856ae9d647acdd51d62250383d71a4789

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; preload

Request headers

Referer: https://weirdorconfusing.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

strict-transport-security: max-age=15724800; preload
date: Thu, 01 Feb 2024 16:16:02 GMT
via: 1.1 google
x-buildnumber: 1156469846
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 303
x-datacenter: gce-europe-west1
x-buildname: hoothoot
vary: Accept-Encoding, Origin
access-control-allow-methods: POST, OPTIONS
content-type: application/json; charset=utf-8
access-control-allow-origin: https://weirdorconfusing.com
x-hostname: fen-hoothoot-europe-west1-lbtz
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
access-control-allow-headers: DNT,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Cookie
expires: Thu, 01 Feb 2024 16:16:01 GMT

POST
H3 200 ed59972df3a55203e2ee6641dfe446b3ce5cbfb77a1399d8 Show response
shapecomb.com/2d304c/ 3 B
29 B 26ms
26ms Fetch
application/json 2600:1901:0:d733::1
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL

https://shapecomb.com/2d304c/ed59972df3a55203e2ee6641dfe446b3ce5cbfb77a1399d8

Requested by

Host: shapecomb.com
URL: https://shapecomb.com/public/c73c29d774af9da8632cc28059f353e43400ea.index.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2600:1901:0:d733::1 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

Software

Resource Hash

ca3d163bab055381827226140568f3bef7eaac187cebd76878e0b63e9e442356

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; preload

Request headers

Referer: https://weirdorconfusing.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

strict-transport-security: max-age=15724800; preload
date: Thu, 01 Feb 2024 16:16:02 GMT
via: 1.1 google
x-buildnumber: 1156469846
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 3
x-datacenter: gce-europe-west1
x-buildname: hoothoot
vary: Accept-Encoding, Origin
access-control-allow-methods: POST, OPTIONS
content-type: application/json; charset=utf-8
access-control-allow-origin: https://weirdorconfusing.com
x-hostname: fen-hoothoot-europe-west1-lbtz
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
access-control-allow-headers: DNT,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Cookie
expires: Thu, 01 Feb 2024 16:16:01 GMT

GET
H3 200 css
fonts.googleapis.com/ 100 KB
5 KB 27ms
26ms Stylesheet
text/css 2a00:1450:4001:82a::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.de.lMIzdAKKDEY.es5.O/d=1/exm=kernel_loader,loader_js_executable/ed=1/rs=AJlcJMx30KSgFiR5BFnNJbpBGjmlO4oozg/m=web_iab_tcf_v2_wall_executable

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

d8dafdf9ef6affe7075b6fad200e065100934a702c198812b41a48d1570e34e4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://weirdorconfusing.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Thu, 01 Feb 2024 16:16:02 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Thu, 01 Feb 2024 16:16:02 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Thu, 01 Feb 2024 16:16:02 GMT

GET
H3 200 memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
fonts.gstatic.com/s/opensans/v40/ 47 KB
47 KB 8ms
8ms Font
font/woff2 2a00:1450:4001:806::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/opensans/v40/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2

Requested by

Host: weirdorconfusing.com
URL: https://weirdorconfusing.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3c4d6a1421c7ddb7e404521fe8c4cd5be5af446d7689cd880be26612eaad3cfa

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://weirdorconfusing.com/
Origin: https://weirdorconfusing.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 30 Jan 2024 19:10:32 GMT
x-content-type-options: nosniff
age: 162330
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 48236
x-xss-protection: 0
last-modified: Thu, 14 Dec 2023 02:08:40 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 29 Jan 2025 19:10:32 GMT

GET
H3 200 bframe Show response
www.google.com/recaptcha/api2/ Frame 6639 7 KB
1 KB 28ms
27ms Document
text/html 2a00:1450:4001:829::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/bframe?hl=de&v=MHBiAvbtvk5Wb2eTZHoP1dUd&k=6LdYsmsUAAAAAPXVTt-ovRsPIJ_IVhvYBBhGvRV6

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/MHBiAvbtvk5Wb2eTZHoP1dUd/recaptcha__de.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

741e171f927805d83acf03ab6c6177cb37995036b755346e193c0c11d4e08408

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-B6ghZuD-E_HxwElQNeoE0Q' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://weirdorconfusing.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-encoding: gzip
content-security-policy: script-src 'report-sample' 'nonce-B6ghZuD-E_HxwElQNeoE0Q' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Thu, 01 Feb 2024 16:16:02 GMT
expires: Mon, 01 Jan 1990 00:00:00 GMT
pragma: no-cache
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H3 200 flUhRq6tzZclQEJ-Vdg-IuiaDsNc.woff2
fonts.gstatic.com/s/materialicons/v140/ 125 KB
125 KB 10ms
9ms Font
font/woff2 2a00:1450:4001:806::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/materialicons/v140/flUhRq6tzZclQEJ-Vdg-IuiaDsNc.woff2

Requested by

Host: weirdorconfusing.com
URL: https://weirdorconfusing.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8265f64786397d6b832d1ca0aafdf149ad84e72759fffa9f7272e91a0fb015d1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://weirdorconfusing.com/
Origin: https://weirdorconfusing.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 30 Jan 2024 02:19:49 GMT
x-content-type-options: nosniff
age: 222973
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 128352
x-xss-protection: 0
last-modified: Tue, 07 Mar 2023 19:51:56 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 29 Jan 2025 02:19:49 GMT

POST
H3 204 AGSKWxXaRNO9YeddUda7NL64CdWAii3dZ78yCZ-gcKurdbviZzrTmJzKBst1Jo7ITQvAuc4KOesgLa8BpcJrjYGhjpOxkoETqUOcVpcTIlIDSSHUCWCvLZ2UjuscqMRxGYeGlMvrcgu2VQ== Show response
fundingchoicesmessages.google.com/el/ 0
29 B 45ms
28ms XHR
text/html 2a00:1450:4001:830::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/el/AGSKWxXaRNO9YeddUda7NL64CdWAii3dZ78yCZ-gcKurdbviZzrTmJzKBst1Jo7ITQvAuc4KOesgLa8BpcJrjYGhjpOxkoETqUOcVpcTIlIDSSHUCWCvLZ2UjuscqMRxGYeGlMvrcgu2VQ==

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce--rL_LZCGV_VJ4ZymXDY0rA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://weirdorconfusing.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36
Content-Type: text/plain

Response headers

date: Thu, 01 Feb 2024 16:16:02 GMT
content-security-policy: script-src 'report-sample' 'nonce--rL_LZCGV_VJ4ZymXDY0rA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
reporting-endpoints: default="/_/ContributorLoggingHttp/web-reports?context=eJzj8tHikmJw1ZBiqGV4xtQKxAXZz5kqgJjxzwsmTiB-J_mK6RsQ7_DxYJkSOIN1DhA7pc9gDQHistvnWOuAWFjuPKs0EAvxcBxqf7-WTeDCj7fHmQDrLSNN"
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
access-control-max-age: 86400
access-control-allow-methods: POST, GET, OPTIONS
access-control-allow-origin: https://weirdorconfusing.com
content-type: text/html; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
x-frame-options: SAMEORIGIN
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 200 styles__ltr.css
www.gstatic.com/recaptcha/releases/MHBiAvbtvk5Wb2eTZHoP1dUd/ Frame 6639 55 KB
24 KB 8ms
7ms Stylesheet
text/css 2a00:1450:4001:831::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/MHBiAvbtvk5Wb2eTZHoP1dUd/styles__ltr.css

Requested by

Host: www.google.com
URL: https://www.google.com/recaptcha/api2/bframe?hl=de&v=MHBiAvbtvk5Wb2eTZHoP1dUd&k=6LdYsmsUAAAAAPXVTt-ovRsPIJ_IVhvYBBhGvRV6

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7859a62e04b0acb06516eb12454de6673883ecfaeaed6c254659bca7cd59c050

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Thu, 01 Feb 2024 12:51:38 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 12264
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 24606
x-xss-protection: 0
last-modified: Mon, 29 Jan 2024 03:01:23 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
vary: Accept-Encoding
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/css
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Fri, 31 Jan 2025 12:51:38 GMT

GET
H3 200 recaptcha__de.js Show response
www.gstatic.com/recaptcha/releases/MHBiAvbtvk5Wb2eTZHoP1dUd/ Frame 6639 491 KB
196 KB 9ms
9ms Script
text/javascript 2a00:1450:4001:831::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/MHBiAvbtvk5Wb2eTZHoP1dUd/recaptcha__de.js

Requested by

Host: www.google.com
URL: https://www.google.com/recaptcha/api2/bframe?hl=de&v=MHBiAvbtvk5Wb2eTZHoP1dUd&k=6LdYsmsUAAAAAPXVTt-ovRsPIJ_IVhvYBBhGvRV6

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

9da5c4d7969780a833c887b65df58a3b6abe8fdac34dfaafd12fb821dfe88a52

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Thu, 01 Feb 2024 02:37:06 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 49136
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 200286
x-xss-protection: 0
last-modified: Mon, 29 Jan 2024 03:01:23 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
vary: Accept-Encoding
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Fri, 31 Jan 2025 02:37:06 GMT

POST
H3 200 reload Show response
www.google.com/recaptcha/api2/ Frame 6639 20 KB
15 KB 44ms
44ms XHR
application/json 2a00:1450:4001:829::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/reload?k=6LdYsmsUAAAAAPXVTt-ovRsPIJ_IVhvYBBhGvRV6

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/MHBiAvbtvk5Wb2eTZHoP1dUd/recaptcha__de.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

da6db18d63ecc543e134554b0e9311b2c5781addc4950a971fab806aadad787a

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.google.com/recaptcha/api2/bframe?hl=de&v=MHBiAvbtvk5Wb2eTZHoP1dUd&k=6LdYsmsUAAAAAPXVTt-ovRsPIJ_IVhvYBBhGvRV6
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36
Content-Type: application/x-protobuffer

Response headers

date: Thu, 01 Feb 2024 16:16:02 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy: frame-ancestors 'self'
server: GSE
x-frame-options: SAMEORIGIN
content-type: application/json; charset=utf-8
cache-control: private, max-age=0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 1; mode=block
expires: Thu, 01 Feb 2024 16:16:02 GMT

GET
H3 200 refresh_2x.png
www.gstatic.com/recaptcha/api2/ Frame 6639 600 B
624 B 6ms
6ms Image
image/png 2a00:1450:4001:831::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gstatic.com/recaptcha/api2/refresh_2x.png

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/MHBiAvbtvk5Wb2eTZHoP1dUd/styles__ltr.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

44b988703019cd6bfa86c91840fecf2a42b611b364e3eea2f4eb63bf62714e98

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.gstatic.com/recaptcha/releases/MHBiAvbtvk5Wb2eTZHoP1dUd/styles__ltr.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 30 Jan 2024 19:07:59 GMT
x-content-type-options: nosniff
age: 162483
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 600
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: image/png
cache-control: public, max-age=604800
accept-ranges: bytes
expires: Tue, 06 Feb 2024 19:07:59 GMT

GET
H3 200 audio_2x.png
www.gstatic.com/recaptcha/api2/ Frame 6639 530 B
554 B 12ms
12ms Image
image/png 2a00:1450:4001:831::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gstatic.com/recaptcha/api2/audio_2x.png

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/MHBiAvbtvk5Wb2eTZHoP1dUd/styles__ltr.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

89c62095126fca89ea1511cf35b49b8306162946b0c26d6f60c5506c51d85992

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.gstatic.com/recaptcha/releases/MHBiAvbtvk5Wb2eTZHoP1dUd/styles__ltr.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 30 Jan 2024 19:02:16 GMT
x-content-type-options: nosniff
age: 162826
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 530
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: image/png
cache-control: public, max-age=604800
accept-ranges: bytes
expires: Tue, 06 Feb 2024 19:02:16 GMT

GET
H3 200 info_2x.png
www.gstatic.com/recaptcha/api2/ Frame 6639 665 B
689 B 14ms
14ms Image
image/png 2a00:1450:4001:831::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gstatic.com/recaptcha/api2/info_2x.png

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/MHBiAvbtvk5Wb2eTZHoP1dUd/styles__ltr.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55eaf62cb05da20088dc12b39d7d254d046cb1fd61ddf3ae641f1439efd0a5ee

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.gstatic.com/recaptcha/releases/MHBiAvbtvk5Wb2eTZHoP1dUd/styles__ltr.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 30 Jan 2024 19:07:59 GMT
x-content-type-options: nosniff
age: 162483
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 665
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: image/png
cache-control: public, max-age=604800
accept-ranges: bytes
expires: Tue, 06 Feb 2024 19:07:59 GMT

GET
H3 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v18/ Frame 6639 15 KB
15 KB 9ms
9ms Font
font/woff2 2a00:1450:4001:806::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.google.com/
Origin: https://www.google.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Thu, 25 Jan 2024 23:26:56 GMT
x-content-type-options: nosniff
age: 578946
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15344
x-xss-protection: 0
last-modified: Mon, 16 Oct 2017 17:32:55 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 24 Jan 2025 23:26:56 GMT

GET
H3 200 KFOlCnqEu92Fr1MmYUtfBBc4.woff2
fonts.gstatic.com/s/roboto/v18/ Frame 6639 15 KB
15 KB 13ms
12ms Font
font/woff2 2a00:1450:4001:806::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v18/KFOlCnqEu92Fr1MmYUtfBBc4.woff2

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c912a9ce0c3122d4b2b29ad26bfe06b0390d1a5bdaa5d6128692c0befd1dfbbd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.google.com/
Origin: https://www.google.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Mon, 29 Jan 2024 17:34:06 GMT
x-content-type-options: nosniff
age: 254516
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15340
x-xss-protection: 0
last-modified: Mon, 16 Oct 2017 17:33:16 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 28 Jan 2025 17:34:06 GMT

GET
H3 200 KFOlCnqEu92Fr1MmEU9fBBc4.woff2
fonts.gstatic.com/s/roboto/v18/ Frame 6639 15 KB
15 KB 11ms
11ms Font
font/woff2 2a00:1450:4001:806::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v18/KFOlCnqEu92Fr1MmEU9fBBc4.woff2

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5a8c1e7681318caa29e9f44e8a6e271f6a4067a2703e9916dfd4fe9099241db7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.google.com/
Origin: https://www.google.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Mon, 29 Jan 2024 10:08:25 GMT
x-content-type-options: nosniff
age: 281257
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15552
x-xss-protection: 0
last-modified: Mon, 16 Oct 2017 17:33:02 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 28 Jan 2025 10:08:25 GMT

GET
H3 200 KkWFeSURekXGycdprVC-UY6ED-ZF5ll2JCMiHhJE2Rk.js Show response
www.google.com/js/bg/ Frame 6639 17 KB
7 KB 10ms
9ms Script
text/javascript 2a00:1450:4001:829::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/js/bg/KkWFeSURekXGycdprVC-UY6ED-ZF5ll2JCMiHhJE2Rk.js

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/MHBiAvbtvk5Wb2eTZHoP1dUd/recaptcha__de.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

2a45857925117a45c6c9c769ad50be518e840fe645e659762423221e1244d919

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/recaptcha/api2/bframe?hl=de&v=MHBiAvbtvk5Wb2eTZHoP1dUd&k=6LdYsmsUAAAAAPXVTt-ovRsPIJ_IVhvYBBhGvRV6
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 30 Jan 2024 18:58:24 GMT
content-encoding: br
x-content-type-options: nosniff
age: 163058
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6842
x-xss-protection: 0
last-modified: Mon, 15 Jan 2024 10:00:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 29 Jan 2025 18:58:24 GMT

GET
H3 200 payload
www.google.com/recaptcha/api2/ Frame 6639 14 KB
14 KB 17ms
17ms Image
image/jpeg 2a00:1450:4001:829::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/recaptcha/api2/payload?p=06AFcWeA7Q9TxxgIQlIPufAcIIPveOJ4DyX1UCWiTsNYXfSw7Z2QhMypE3u9_qLnixuAvxMGwrL_DRFj3xwlbwwzvVCuYqgPY7Q3-Ixh7Rr9p5t3rGs5Oh-g3O1ZnYGJBJDkleXfo8KGgoYoaBEdAIRpr1nKRpeli97ZZrygd-4c42PIeFK5CDDnMVynawTBGIfl6XAHWQW0QjxHOpFPClwQeGsYeh92LhXQ&k=6LdYsmsUAAAAAPXVTt-ovRsPIJ_IVhvYBBhGvRV6

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

d37d0176a9e2c8261ab655e3f0e1c67d58f30fe953915c0e6f4591fbceae80ed

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/recaptcha/api2/bframe?hl=de&v=MHBiAvbtvk5Wb2eTZHoP1dUd&k=6LdYsmsUAAAAAPXVTt-ovRsPIJ_IVhvYBBhGvRV6
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Thu, 01 Feb 2024 16:16:02 GMT
content-security-policy: frame-ancestors 'self'
x-content-type-options: nosniff
server: GSE
x-frame-options: SAMEORIGIN
content-type: image/jpeg
cache-control: private, max-age=30
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 1; mode=block
expires: Thu, 01 Feb 2024 16:16:02 GMT

Verdicts & Comments Add Verdict or Comment

99 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

6 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
www.google.com/recaptcha	1970-01-20 22:25:56	Name: _GRECAPTCHA Value: 09AEqpVBlO3OyLsONAK9pP4hJhd_RAUYbJKdaZrM0xxpDiixkYm-EufAbafqREYXARCUjoycMsY2JKJ278J21QA1c
.weirdorconfusing.com/	1970-01-21 03:42:44	Name: _ga_LJX3N3MESX Value: GS1.1.1706804162.1.0.1706804162.0.0.0
.weirdorconfusing.com/	1970-01-21 03:42:44	Name: _ga Value: GA1.1.2061908179.1706804162
.weirdorconfusing.com/	1970-01-21 03:42:44	Name: _ga_RF3445PVZM Value: GS1.1.1706804162.1.0.1706804162.0.0.0
weirdorconfusing.com/	1970-01-21 03:28:20	Name: usprivacy Value: 1---
.weirdorconfusing.com/	1970-01-21 03:35:32	Name: _awl Value: 2.1706804162.5-3062fffae6af2434e1d4bbafecafcdbe-6763652d6575726f70652d7765737431-0

2 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
other	warning	URL: https://weirdorconfusing.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://weirdorconfusing.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Strict-Transport-Security	max-age=31536000

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ad-delivery.net
ad.doubleclick.net
api.btloader.com
btloader.com
cdn.intergi.com
cdn.intergient.com
eocampaign1.com
fonts.googleapis.com
fonts.gstatic.com
fundingchoicesmessages.google.com
gallery.eo.page
impression-inferences-edge-prod.playwire.com
mb.moatads.com
px.moatads.com
region1.google-analytics.com
securepubads.g.doubleclick.net
shapecomb.com
static.adsafeprotected.com
weirdorconfusing.com
www.google.com
www.googletagmanager.com
www.gstatic.com
z.moatads.com
130.211.23.194
141.147.81.223
142.250.184.198
18.192.231.252
18.66.192.106
2001:4860:4802:32::36
23.35.237.151
2600:1901:0:d733::1
2600:9000:20c3:1a00:12:4abd:d340:93a1
2600:9000:211e:c200:14:2602:6e80:93a1
2600:9000:26da:7e00:8:48e:53c0:93a1
2606:4700:10::6816:4ad8
2606:4700:20::ac43:4513
2606:4700:3032::6815:39f0
2a00:1450:4001:806::2003
2a00:1450:4001:810::2008
2a00:1450:4001:829::2004
2a00:1450:4001:82a::200a
2a00:1450:4001:82f::2002
2a00:1450:4001:830::200e
2a00:1450:4001:831::2003
2a06:98c1:3120::3
0198483a985e95f7c02deac233964afefb72155a7cb8ad1dcbfaf346c0fb37ad
0ac3add18dd91475983e7bb83698a64b1dbaff590b60ed9db8d9a396119ebad8
0d91eb02126af4ca8f7f94f47db544b018aa3a2dbc84f2ea8623101f475a7ea3
0f1cfcb5e2e98d2eb3f32e02176cbeddd4d6f301df9c1d2c76950ae7b6fe163f
0fd3d7844e774abe7c68678baad79ef8a8735bb16a4e71252ab02147b26601fb
104f87cf5c541b46faf3a5ee0b5a599323dfb2726cb47bb113e7d39dd68177b9
10c1d7a5e91dec12cb4a76adf756add72651adf3c75e52a40743bcda0d828c91
1183fa6e0a645528987cae2f0143f28817835f33d8686b978eb8dcf48092ad71
184b753eb7ee8ace3abc3e6db8facfe5e2bced8574fe21391edb7abea71d343e
1b9efb22c938500971aac2b2130a475fa23684dd69e43103894968df83145b8a
1e64f93311de0c01089d0454a51c5987a6b64b9a4af28cd348ea79f3435dc1c5
208e5d881a92d84ae1c0e296c5bafe669ec7ac8f87ede263ff5a84de441bdb55
2a45857925117a45c6c9c769ad50be518e840fe645e659762423221e1244d919
2c4501f5219d5e6e35862e36006c51a0d39ee9e9b01e446cfac626e510326255
2fbb1cd990a665dafd7c6fbd45e15b075f3e5905d4d8072711a2b264d81a5f90
3aea5db5acd0fad553746757387624977fe535db0c6e8692bcb8253c21540e6d
3c4d6a1421c7ddb7e404521fe8c4cd5be5af446d7689cd880be26612eaad3cfa
3cde3a31a6d3bcf72aef4c0f9f769a6821cf956f6e8c400829310c6cb71c49b4
3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc
4202c60ac74b67ee581c5b75554e68c51bb01282363e7d8e58484270a51844c7
42b976597a2d977d0e300f6d06bc903db389e5c112d33c1c8c249690a522d9f2
44b988703019cd6bfa86c91840fecf2a42b611b364e3eea2f4eb63bf62714e98
4565d43253577ea193e68764f1dcccd171b7570dbf64b6fcc6a400c10c16a754
47335da2266533408f69770df9da1aea3a0775dcd21467b02cfe83a3ef7a7e2f
49fc0234fad60121e36dd546751351adebebf231f27c8d8d105de0ffe33cb96e
4cfd8f747f151be5efaa25034ce0c6187dabebf35756a0c22e73a10b55ad9883
4fa0da5166fb1a78e114e1ae8397aa32c3383e4a32e1d46a82e6dac6c481d045
524428f48539fefc8f2f47c546db1f45675a0ecdc798365c7ab9dae0385346d1
55eaf62cb05da20088dc12b39d7d254d046cb1fd61ddf3ae641f1439efd0a5ee
5a8c1e7681318caa29e9f44e8a6e271f6a4067a2703e9916dfd4fe9099241db7
5e6c1c9fee799e16b810142f7602d53ce3ae84d26e89327486beeb605d9b6787
67fe2cca5ba416dde84248f6ca96ae7856ae9d647acdd51d62250383d71a4789
6a25b35fdcbc736af646299cfebaaf632d98c41127abf3a2c66a3ead97e5f4da
70fa3b71a823c6c238d913947b4d315710a43650a0546fc07e11f3cbe344d1a0
71dbc4d302eeef48e7b185d8f3ea91fb05aef0d7ca2ff17d9d85631b42edfdb4
741e171f927805d83acf03ab6c6177cb37995036b755346e193c0c11d4e08408
7859a62e04b0acb06516eb12454de6673883ecfaeaed6c254659bca7cd59c050
7b59280c12663c1ecc55a15617c09923730479b573896022e44f42db8bf325f1
807b33a376f35f1504fc12010f80d40a17f46e36101a442c0d1775904d6634b3
80e28d645699b9b16ac28e44377a7a8831a1a59823895ccac2b0ac462ccb6db6
8265f64786397d6b832d1ca0aafdf149ad84e72759fffa9f7272e91a0fb015d1
83bed4ec5b459c42dcecdd942dd01900a1ad3a8ab928fb0f6007fd5c3ade1462
88da3de1dc2c227432343cdf8c04ff54cc97013a9c57a1f1eda56ea5a37e8b9c
89c62095126fca89ea1511cf35b49b8306162946b0c26d6f60c5506c51d85992
8f561375a580f5a2106b2c57dbcabda79b52500798d90be86fd32571d744dd75
918b7dc3e2e2d015c16ce08b57bcb64d2253bafc1707658f361e72865498e537
9430ca65d64170fe7831fcd7ee244098531941366923a662c4821669512340cc
9661af25cf556a79ed0f7aeb375e9672ff3ceac1df6652a10fd9bb38efe5c31b
98ca4d5ca29397716a5bc48489630804f94f516f5b488e1956fbb8bf2e2c5228
997e7f6c4136b962cec732d922735900aaa874e3e19b7a8ddd277ada23605451
99e5dc98a3afdc1771cfa42e700d598b0d9c17290174fd03666664191b172035
9da5c4d7969780a833c887b65df58a3b6abe8fdac34dfaafd12fb821dfe88a52
a04a64eb55c4a16ed352d149385a8ac8d8c2d3291f0e5b59b0f48375443b5f24
a05e091bc7b165349b0d661e55560b20a3307f5a7b8ddf62bb2369fbd6c1f039
a4d0ac2b5da3d104be4e005dad5b098ee9d502a335607663561492eb8bf7efb1
ad76567625c74001883dd413e55b82cd443751cfd6bc76e9ce76505e3a8ee5b1
b120dd71699f10ee1f28a2e428a5d128cb4052aede3a35cdf0170b90a82e514f
b41e0020ff5a4bec857828c37b9a425a5e0024aac1fb1519dd9cf4562f0681ee
be98b23d8a875e2b70630161759ad2b83a2c43acec9d01ad86884673feaf9894
c5a2731fe039aa470014f5cffdf36bde7bef0e2b83ecd7ed10a77bdcde798368
c849a2d9a07b6401ec0711ba57479eb94efee5c4ee60035c4dcd94a841066968
c912a9ce0c3122d4b2b29ad26bfe06b0390d1a5bdaa5d6128692c0befd1dfbbd
ca3d163bab055381827226140568f3bef7eaac187cebd76878e0b63e9e442356
ca5ef8094fb84670ee0256839b71caf2f6becc91d251def8b4f1973766fcfc7b
cf252e94bf2c0bbbcb148c4a6a8eecd14ebc52a80cb8760eac283a6a7245f491
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
d155f8240398ac0ab359d9bbd1c18156e57a15bfc8a161f39bf9b4b4ec7ff37e
d270385f1c71d4dab86509a14930f04cbef76dc0e860f3f7b86c247dd17fcd0e
d2ec796bd833a4c3c2718db3ca6225390be8e4d7b7173160222b28ca95a0307c
d37d0176a9e2c8261ab655e3f0e1c67d58f30fe953915c0e6f4591fbceae80ed
d8757ae1d42d691b7e3724f390785c0c99e804b2e4187eec4bf4602fac69d376
d8dafdf9ef6affe7075b6fad200e065100934a702c198812b41a48d1570e34e4
d961b08e4321250926de6f79087594975fe20ad1518de8f91eb711af5d1a6ef8
da6db18d63ecc543e134554b0e9311b2c5781addc4950a971fab806aadad787a
dc211d3f0df83976c6d3243536973065e0393260b7e0259e087a9fe9ebb09ab5
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e7af9d60d875eb1c1b1037bbbfdec41fcb096d0ebcf98a48717ad8b07906ced6
e99816549c04ba5309418013cfcaa35ee17ede3a036738191a77d75170ae7abd
f72c753000a9e31b145e27900b8dc595130b08a04d56f86053aef689b59b05e1
f88d7a194e7f67fdc5e4f2cedd32e1d040d9976e4814adcaf7e56330a0653d5c
f935ba97c5f72b7f5baf1fac0503f04cc32b214ea02f9d3ea630945c38aed2f0
fb40edd1d0456a9eb9d6f10769233a1ac96aa841465b007eb2739c3b580d8351
fe5cbc2686cc18569a4839fa27912feed13b18ddaf7c88fe85a596de3c34f922

weirdorconfusing.com Open in urlscan Pro 18.192.231.252 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

96 Requests

100 %HTTPS

73 %IPv6

17 Domains

23 Subdomains

22 IPs

3 Countries

2804 kBTransfer

6627 kBSize

6 Cookies

15 Outgoing links

Page URL History

Redirected requests

96 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

weirdorconfusing.com Open in urlscan Pro
18.192.231.252 Public Scan

Screenshot
Live screenshot

Full Image

96
Requests

100 %
HTTPS

73 %
IPv6

17
Domains

23
Subdomains

22
IPs

3
Countries

2804 kB
Transfer

6627 kB
Size

6
Cookies

96 HTTP transactions
0 data transactions