freebieshere2306.click Open in urlscan Pro
185.155.184.225 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://grigny21.transitdata2019.fr/
Effective URL:
http://freebieshere2306.click/?u=mhwp605&o=f3t0mvz&t=hudat3
Submission: On October 22 via api (October 22nd 2023, 11:09:00 pm UTC) from US — Scanned from US

Summary HTTP 42 Redirects Behaviour Indicators

Summary

This website contacted 13 IPs in 4 countries across 13 domains to perform 42 HTTP transactions. The main IP is 185.155.184.225, located in Switzerland and belongs to AS5398, CH. The main domain is freebieshere2306.click.

This is the only time freebieshere2306.click was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
7	2606:4700:303... 2606:4700:3030::ac43:cc7c	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2607:f8b0:400... 2607:f8b0:4004:c09::5f	15169 (GOOGLE) (GOOGLE)
1	92.61.114.179 92.61.114.179	44302 (IECHU-AS) (IECHU-AS)
4	2606:4700:303... 2606:4700:3034::ac43:c249	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2606:4700::68... 2606:4700::6812:17df	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	172.64.153.101 172.64.153.101	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	108.138.61.132 108.138.61.132	16509 (AMAZON-02) (AMAZON-02)
1	2600:1408:c40... 2600:1408:c400:382::2a1	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1 2	88.212.201.198 88.212.201.198	39134 (UNITEDNET) (UNITEDNET)
9	2607:f8b0:400... 2607:f8b0:4004:c1b::5e	15169 (GOOGLE) (GOOGLE)
12	185.155.184.225 185.155.184.225	5398 (AS5398) (AS5398)
1	2606:4700::68... 2606:4700::6812:bcf	13335 (CLOUDFLAR...) (CLOUDFLARENET)
42	13

7 2606:4700:3030::ac43:cc7c (United States)

ASN13335 (CLOUDFLARENET, US)

grigny21.transitdata2019.fr	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
transitdata2019.fr	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2607:f8b0:4004:c09::5f (Ashburn, United States)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 92.61.114.179 (Budapest, Hungary)

ASN44302 (IECHU-AS, HU)
PTR: r10.prohardver.hu

prohardver.hu	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2606:4700:3034::ac43:c249 (United States)

ASN13335 (CLOUDFLARENET, US)

www.napiszar.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6812:17df (United States)

ASN13335 (CLOUDFLARENET, US)

assets.fireside.fm	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 172.64.153.101 (United States)

ASN13335 (CLOUDFLARENET, US)

cdn-profiles.tunein.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 108.138.61.132 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-108-138-61-132.iad12.r.cloudfront.net

d1hlpam123zqko.cloudfront.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:1408:c400:382::2a1 (Ashburn, United States)

ASN20940 (AKAMAI-ASN1, NL)

is4-ssl.mzstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 88.212.201.198 (Russian Federation) 1 redirects

ASN39134 (UNITEDNET, RU)
PTR: host198.rax.ru

counter.yadro.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 2607:f8b0:4004:c1b::5e (Washington, United States)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

12 185.155.184.225 (Switzerland)

ASN5398 (AS5398, CH)

freebieshere2306.click	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6812:bcf (United States)

ASN13335 (CLOUDFLARENET, US)

maxcdn.bootstrapcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
12	freebieshere2306.click freebieshere2306.click	291 KB
9	gstatic.com fonts.gstatic.com	277 KB
7	transitdata2019.fr grigny21.transitdata2019.fr transitdata2019.fr	41 KB
4	napiszar.com www.napiszar.com
2	yadro.ru 1 redirects counter.yadro.ru — Cisco Umbrella Rank: 10154	1 KB
2	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 49	2 KB
1	bootstrapcdn.com maxcdn.bootstrapcdn.com — Cisco Umbrella Rank: 1183	7 KB
1	mzstatic.com is4-ssl.mzstatic.com — Cisco Umbrella Rank: 6113	177 KB
1	cloudfront.net d1hlpam123zqko.cloudfront.net	85 KB
1	tunein.com cdn-profiles.tunein.com — Cisco Umbrella Rank: 40340	150 KB
1	fireside.fm assets.fireside.fm — Cisco Umbrella Rank: 708883	56 KB
1	prohardver.hu prohardver.hu	401 KB
0	szalagavatoruhaszalon.hu Failed www.szalagavatoruhaszalon.hu Failed
42	13

	Domain	Requested by
12	freebieshere2306.click	grigny21.transitdata2019.fr freebieshere2306.click
9	fonts.gstatic.com	fonts.googleapis.com
4	www.napiszar.com	grigny21.transitdata2019.fr
4	grigny21.transitdata2019.fr	grigny21.transitdata2019.fr
3	transitdata2019.fr	grigny21.transitdata2019.fr
2	counter.yadro.ru	1 redirects grigny21.transitdata2019.fr
2	fonts.googleapis.com	grigny21.transitdata2019.fr freebieshere2306.click
1	maxcdn.bootstrapcdn.com	freebieshere2306.click
1	is4-ssl.mzstatic.com	grigny21.transitdata2019.fr
1	d1hlpam123zqko.cloudfront.net	grigny21.transitdata2019.fr
1	cdn-profiles.tunein.com	grigny21.transitdata2019.fr
1	assets.fireside.fm	grigny21.transitdata2019.fr
1	prohardver.hu	grigny21.transitdata2019.fr
0	www.szalagavatoruhaszalon.hu Failed	grigny21.transitdata2019.fr
42	14

This site contains no links.

Subject Issuer	Validity	Valid
transitdata2019.fr E1	`2023-09-22` - `2023-12-21`	3 months	crt.sh
upload.video.google.com GTS CA 1C3	`2023-09-28` - `2023-12-21`	3 months	crt.sh
fototrend.hu R3	`2023-10-14` - `2024-01-12`	3 months	crt.sh
napiszar.com GTS CA 1P5	`2023-09-19` - `2023-12-18`	3 months	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2023-04-18` - `2024-04-17`	a year	crt.sh
tunein.com Cloudflare Inc ECC CA-3	`2023-06-26` - `2024-06-25`	a year	crt.sh
*.cloudfront.net Amazon RSA 2048 M01	`2022-12-08` - `2023-12-07`	a year	crt.sh
itunes.apple.com Apple Public EV Server RSA CA 2 - G1	`2023-09-26` - `2023-12-25`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2023-09-28` - `2023-12-21`	3 months	crt.sh

This page contains 1 frames:

Primary Page: http://freebieshere2306.click/?u=mhwp605&o=f3t0mvz&t=hudat3
Frame ID: C7D2140F329D26B76E733C407C11C3CD
Requests: 43 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Looking for hot hookups tonight in New York?

Page URL History Show full URLs

https://grigny21.transitdata2019.fr/ Page URL
http://freebieshere2306.click/?u=mhwp605&o=f3t0mvz&t=hudat3 Page URL

Detected technologies

WordPress (CMS) Expand

Overall confidence: 100%
Detected patterns

/wp-(?:content|includes)/

Bootstrap (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]*?bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.css
bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js

Font Awesome (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+(?:([\d.]+)/)?(?:css/)?font-awesome(?:\.min)?\.css
<link[^>]* href=[^>]*?(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]([\d.]*\d)[^/]*\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

42
Requests

67 %
HTTPS

58 %
IPv6

13
Domains

14
Subdomains

13
IPs

4
Countries

1487 kB
Transfer

1597 kB
Size

4
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://grigny21.transitdata2019.fr/ Page URL
http://freebieshere2306.click/?u=mhwp605&o=f3t0mvz&t=hudat3 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 17

https://counter.yadro.ru/hit;hudat3?t39.6;r;s1600*1200*24;uhttps%3A//grigny21.transitdata2019.fr/;hRetkes%20punci%20milf%20punci%20kukkol%E1s;0.86372132732692 HTTP 302
https://counter.yadro.ru/hit;hudat3?q;t39.6;r;s1600*1200*24;uhttps%3A//grigny21.transitdata2019.fr/;hRetkes%20punci%20milf%20punci%20kukkol%E1s;0.86372132732692

42 HTTP transactions
1 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 / Show response
grigny21.transitdata2019.fr/ 20 KB
7 KB 514ms
296ms Document
text/html 2606:4700:3030::ac43:cc7c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://grigny21.transitdata2019.fr/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3030::ac43:cc7c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PHP/5.6.40
Resource Hash: 753868af3d88ed7ac40255d0eb782fe78066567bf36375560a409024d501f73a

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 81a5679abaf2c33e-EWR
content-encoding: br
content-type: text/html; charset=UTF-8
date: Sun, 22 Oct 2023 23:08:52 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=jE76IlQIxCOyBF0Vp33mhXuStDhCJYZY%2Fs6h%2Fp4PFP4MHn%2FNZo5%2BMKjJpajPS8z9oHQV%2FKbSYOLMgMms9jx951TtoKMRfdeoI8iJlLpGomac7rJUVOVoEEW93svH2QZnv4ALIyCFOCfWnA5j2uXDOibKCpWSOS%2FBYI0%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
x-powered-by: PHP/5.6.40

GET
H2 200 css
fonts.googleapis.com/ 15 KB
1 KB 372ms
72ms Stylesheet
text/css 2607:f8b0:4004:c09::5f
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Merriweather%3A400%2C700%2C900%2C400italic%2C700italic%2C900italic%7CMontserrat%3A400%2C700%7CInconsolata%3A400&subset=latin%2Clatin-ext

Requested by

Host: grigny21.transitdata2019.fr
URL: https://grigny21.transitdata2019.fr/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c09::5f Ashburn, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

17588b7451571ecd83cdf4c048f717244740bfe920bcc9ccd3b1259ec9511c0c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://grigny21.transitdata2019.fr/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Sun, 22 Oct 2023 23:08:52 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Sun, 22 Oct 2023 23:04:18 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sun, 22 Oct 2023 23:08:52 GMT

GET
H2 200 genericons.css
transitdata2019.fr/wp-content/themes/twentysixteen/genericons/ 28 KB
16 KB 264ms
250ms Stylesheet
text/css 2606:4700:3030::ac43:cc7c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://transitdata2019.fr/wp-content/themes/twentysixteen/genericons/genericons.css?ver=3.4.1
Requested by: Host: grigny21.transitdata2019.fr
URL: https://grigny21.transitdata2019.fr/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3030::ac43:cc7c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4ed10d0d64bb1515397e8666a63f484d640dbc5678fa62574e077b7aef1c3af2

Request headers

accept-language: en-US,en;q=0.9
Referer: https://grigny21.transitdata2019.fr/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Sun, 22 Oct 2023 23:08:52 GMT
content-encoding: br
cf-cache-status: REVALIDATED
last-modified: Sat, 29 May 2021 17:57:20 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"6e6a-5c37bb9412000"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=6wBp1JQsNNNo1sn1Kvzqxpn9stFWMmsP5qG8HEaZNfGpbunu%2FhB9APAkf2qOh97qeimZ7j2sFIWg%2FqaD14aJi95Q4pWHfXLF2koFk9mG7Lwh5ZqFLY44goqHRiknGRVeSkxkxgPo63cUHDVcXdgWgLo%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=14400
cf-ray: 81a5679cacc9c33e-EWR
alt-svc: h3=":443"; ma=86400

GET
H2 200 style.css
transitdata2019.fr/wp-content/themes/twentysixteen/ 69 KB
14 KB 323ms
308ms Stylesheet
text/css 2606:4700:3030::ac43:cc7c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://transitdata2019.fr/wp-content/themes/twentysixteen/style.css?ver=4.9.10
Requested by: Host: grigny21.transitdata2019.fr
URL: https://grigny21.transitdata2019.fr/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3030::ac43:cc7c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: bdd61466ca0b78b6fe38127bc598f47a6b4648c3f780e8af7f06e8ad5aaa6573

Request headers

accept-language: en-US,en;q=0.9
Referer: https://grigny21.transitdata2019.fr/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Sun, 22 Oct 2023 23:08:52 GMT
content-encoding: br
cf-cache-status: REVALIDATED
last-modified: Sat, 29 May 2021 17:57:20 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"112a7-5c37bb9412000"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=vcvNYHJEyKAF1dmvwTx4NrwPIa%2FU0Gglb8vnQHjLMzeIOKGHI3lTY93MTFZ5mRfv1iHwBRCWUM2R9Nvj0Yqk6w4joRMCbc%2BLf3IqC6JpBAs1ktECGEqm%2FCwvb3TEh%2B3Ie%2FTCayCg3nrJGO21fb4dRmY%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=14400
cf-ray: 81a5679cace0c33e-EWR
alt-svc: h3=":443"; ma=86400

GET
H2 200 blocks.css
transitdata2019.fr/wp-content/themes/twentysixteen/css/ 8 KB
2 KB 322ms
307ms Stylesheet
text/css 2606:4700:3030::ac43:cc7c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://transitdata2019.fr/wp-content/themes/twentysixteen/css/blocks.css?ver=20181230
Requested by: Host: grigny21.transitdata2019.fr
URL: https://grigny21.transitdata2019.fr/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3030::ac43:cc7c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2b682eafdbb1105c7e0292965160ed0e2a446a30ac0d49049297f29e8c48a278

Request headers

accept-language: en-US,en;q=0.9
Referer: https://grigny21.transitdata2019.fr/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Sun, 22 Oct 2023 23:08:52 GMT
content-encoding: br
cf-cache-status: REVALIDATED
last-modified: Sat, 29 May 2021 17:57:20 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"213b-5c37bb9412000"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=QpHvoxqNXxfj%2BizB7kEIwZs7dOYBBLJ%2Bc65oQaOIbFtlYKMj2RXJL1g0Ano9MBp9OonOTOLoBTKZd3Cns6EpD1kJWty9vJSTT1Emk9mls8v2AhDChcYAUUV4%2FTvaCPSAaxVb3Upb0ALxZFwGuo5nZYg%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=14400
cf-ray: 81a5679cacdec33e-EWR
alt-svc: h3=":443"; ma=86400

GET
H2 200 13365_c2d_2.jpg
prohardver.hu/dl/upc/2016-04/ 400 KB
401 KB 854ms
266ms Image
image/jpeg 92.61.114.179
IECHU-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://prohardver.hu/dl/upc/2016-04/13365_c2d_2.jpg
Requested by: Host: grigny21.transitdata2019.fr
URL: https://grigny21.transitdata2019.fr/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 92.61.114.179 Budapest, Hungary, ASN44302 (IECHU-AS, HU),
Reverse DNS: r10.prohardver.hu
Software: nginx /
Resource Hash

Request headers

accept-language: en-US,en;q=0.9
Referer: https://grigny21.transitdata2019.fr/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Sun, 22 Oct 2023 23:08:53 GMT
last-modified: Tue, 19 Apr 2016 13:54:07 GMT
server: nginx
etag: "5716387f-641f3"
content-type: image/jpeg
cache-control: max-age=2592000
accept-ranges: bytes
content-length: 410099
expires: Tue, 21 Nov 2023 23:08:53 GMT

GET
H2 403 762567dd833d67a5ec6e741365f1f155_origi.jpg
www.napiszar.com/uploads/2012/08/23/ 0
0 363ms
65ms Image
text/html 2606:4700:3034::ac43:c249
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.napiszar.com/uploads/2012/08/23/762567dd833d67a5ec6e741365f1f155_origi.jpg
Requested by: Host: grigny21.transitdata2019.fr
URL: https://grigny21.transitdata2019.fr/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3034::ac43:c249 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://grigny21.transitdata2019.fr/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

GET
H2 403 d3f6f1d83d10bc87218d1decf6eaa8fe_origi.jpg
www.napiszar.com/uploads/2018/04/12/ 0
0 362ms
64ms Image
text/html 2606:4700:3034::ac43:c249
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.napiszar.com/uploads/2018/04/12/d3f6f1d83d10bc87218d1decf6eaa8fe_origi.jpg
Requested by: Host: grigny21.transitdata2019.fr
URL: https://grigny21.transitdata2019.fr/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3034::ac43:c249 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://grigny21.transitdata2019.fr/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

GET
H2 200 avatar_small.jpg
assets.fireside.fm/file/fireside-images/podcasts/images/d/da3f5743-bcf1-44fc-a46d-d6d5587cfe4c/hosts/1/15c6bc05-32b4-49f1-b46a-133ff23a48e8/ 55 KB
56 KB 374ms
76ms Image
image/jpeg 2606:4700::6812:17df
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.fireside.fm/file/fireside-images/podcasts/images/d/da3f5743-bcf1-44fc-a46d-d6d5587cfe4c/hosts/1/15c6bc05-32b4-49f1-b46a-133ff23a48e8/avatar_small.jpg?v=2
Requested by: Host: grigny21.transitdata2019.fr
URL: https://grigny21.transitdata2019.fr/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:17df , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: fcb4c97b273ad0760400c069a62e04b73f85f41b2a1cb29afcedbd7a08c57d97

Request headers

accept-language: en-US,en;q=0.9
Referer: https://grigny21.transitdata2019.fr/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Sun, 22 Oct 2023 23:08:52 GMT
cf-cache-status: HIT
x-bz-file-id: 4_z227af71b30e5af03668a081e_f114b14700dda079e_d20190131_m171940_c001_v0001008_t0005
age: 70511
x-bz-content-sha1: d75114cc8551c4c3efd75d66a30c31ca2ab5f12a
x-bz-file-name: podcasts/images/d/da3f5743-bcf1-44fc-a46d-d6d5587cfe4c/hosts/1/15c6bc05-32b4-49f1-b46a-133ff23a48e8/avatar_small.jpg
content-length: 56525
x-bz-info-src_last_modified_millis: 1537844006000
x-bz-upload-timestamp: 1548955180000
last-modified: Thu, 31 Jan 2019 17:19:40 GMT
server: cloudflare
etag: d75114cc8551c4c3efd75d66a30c31ca2ab5f12a
vary: Accept-Encoding
content-type: image/jpeg
cache-control: max-age=604800
accept-ranges: bytes
cf-ray: 81a5679e79464367-EWR

GET ruhaszalon.JPG
www.szalagavatoruhaszalon.hu/images/Kepek/tancruha/cigany/ 0
0

GET
H2 403 9f9ea36a00d81e18d34f611ee2c12325_origi.jpg
www.napiszar.com/uploads/2020/10/17/ 0
0 363ms
66ms Image
text/html 2606:4700:3034::ac43:c249
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.napiszar.com/uploads/2020/10/17/9f9ea36a00d81e18d34f611ee2c12325_origi.jpg
Requested by: Host: grigny21.transitdata2019.fr
URL: https://grigny21.transitdata2019.fr/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3034::ac43:c249 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://grigny21.transitdata2019.fr/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

GET
H2 403 3c54e6bc20483c01845bd08d1b72ece6_origi.jpg
www.napiszar.com/uploads/2012/04/30/ 0
0 365ms
69ms Image
text/html 2606:4700:3034::ac43:c249
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.napiszar.com/uploads/2012/04/30/3c54e6bc20483c01845bd08d1b72ece6_origi.jpg
Requested by: Host: grigny21.transitdata2019.fr
URL: https://grigny21.transitdata2019.fr/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3034::ac43:c249 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://grigny21.transitdata2019.fr/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

GET
H2 200 logog.png
cdn-profiles.tunein.com/p1160827/images/ 149 KB
150 KB 580ms
301ms Image
image/png 172.64.153.101
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn-profiles.tunein.com/p1160827/images/logog.png
Requested by: Host: grigny21.transitdata2019.fr
URL: https://grigny21.transitdata2019.fr/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.64.153.101 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e69fee552686c3a187b2b139607f93d1a89407b19d8dd5800b0c54d67a2efa28

Request headers

accept-language: en-US,en;q=0.9
Referer: https://grigny21.transitdata2019.fr/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Sun, 22 Oct 2023 23:08:53 GMT
x-amz-version-id: null
cf-cache-status: MISS
x-amz-request-id: 0YPWSDGD14MV6QG8
x-amz-storage-class: INTELLIGENT_TIERING
x-amz-replication-status: COMPLETED
content-length: 153036
x-amz-id-2: dU0P7SQd+57fVyKeDNfhYksZSjB0wqPqR369SEB7nk6njguCr/bOUKm6+doMhF907j1TYqXqlJM=
last-modified: Thu, 02 Apr 2020 17:40:04 GMT
server: cloudflare
etag: "28a79ae584d80de4f0b603ebcb9e7334"
vary: Accept-Encoding
content-type: image/png
cache-control: public, max-age=86400
accept-ranges: bytes
cf-ray: 81a5679e686d32c5-PHL
expires: Mon, 23 Oct 2023 23:08:53 GMT

GET
H2 200 4hBWiMk.jpg
d1hlpam123zqko.cloudfront.net/828/134/464/-449996986-1si1t8f-52ojn2f094qfp00/original/ 85 KB
85 KB 782ms
289ms Image
image/jpeg 108.138.61.132
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d1hlpam123zqko.cloudfront.net/828/134/464/-449996986-1si1t8f-52ojn2f094qfp00/original/4hBWiMk.jpg
Requested by: Host: grigny21.transitdata2019.fr
URL: https://grigny21.transitdata2019.fr/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.138.61.132 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-138-61-132.iad12.r.cloudfront.net
Software: AmazonS3 /
Resource Hash

Request headers

accept-language: en-US,en;q=0.9
Referer: https://grigny21.transitdata2019.fr/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Sun, 22 Oct 2023 23:08:54 GMT
x-amz-version-id: null
via: 1.1 f588325f7617672d954c4267c8bee1ea.cloudfront.net (CloudFront)
last-modified: Sun, 15 Feb 2015 20:49:16 GMT
server: AmazonS3
x-amz-cf-pop: IAD12-P1
etag: "51b5f7e1787c67560cfcaf173925f3c0"
x-cache: Miss from cloudfront
content-type: image/jpeg
x-amz-storage-class: REDUCED_REDUNDANCY
accept-ranges: bytes
content-length: 87016
x-amz-cf-id: acmOXl5yqHLlGsKmD4P6TeoFvC8vhE15VEYbuD9kiG-MCsrFkUCbqg==
expires: Mon, 01 Jan 2024 00:00:00 GMT

GET
H2 200 1200x1200bb.jpg
is4-ssl.mzstatic.com/image/thumb/Podcasts123/v4/31/ac/66/31ac66bb-b637-b44b-c8ad-e5a805060408/mza_4521882449181298035.jpg/ 176 KB
177 KB 581ms
88ms Image
image/jpeg 2600:1408:c400:382::2a1
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://is4-ssl.mzstatic.com/image/thumb/Podcasts123/v4/31/ac/66/31ac66bb-b637-b44b-c8ad-e5a805060408/mza_4521882449181298035.jpg/1200x1200bb.jpg

Requested by

Host: grigny21.transitdata2019.fr
URL: https://grigny21.transitdata2019.fr/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2600:1408:c400:382::2a1 Ashburn, United States, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

4.0.0 /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: en-US,en;q=0.9
Referer: https://grigny21.transitdata2019.fr/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

x-apple-jingle-correlation-key: N64JW3J2MPRDO4YELYC3WNP4HY
strict-transport-security: max-age=31536000; includeSubDomains
date: Sun, 22 Oct 2023 23:08:53 GMT
x-b3-traceid: da878172b1dfd722
x-daiquiri-instance: daiquiri:13624002:mr85p00it-hyhk03094901:7987:23RELEASE169:daiquiri-amp-processing-shared-int-001-mr, daiquiri:11338003:mr47p00it-qujn05120301:7987:23RELEASE169:daiquiri-amp-all-l7shared-int-001-mr
cdnuuid: 6e590393-76b5-4d83-b23f-42866b7403d6-513552291
x-cache: TCP_MISS from a23-218-220-133.deploy.akamaitechnologies.com (AkamaiGHost/11.3.0-51618102) (-)
x-b3-parentspanid: 4e5d000e12b9f312
b3: 6fb89b6d3a63e23773045e05bb35fc3e-dd0d733938f5dd99
content-length: 179716
apple-tk: false
server: 4.0.0
apple-seq: 0.0
last-modified: Sun, 22 Oct 2023 02:25:24 GMT
x-cache-remote: TCP_MISS from a104-96-220-142.deploy.akamaitechnologies.com (AkamaiGHost/11.3.0.1-51931778) (-)
etag: "MSwxLjcyLjYtMjNMLFZlcnNpb24gMTMuNS4yIChCdWlsZCAyMkc5MSksMTY5Nzk0MTUyNDUwOSxpc0J1aWxkVmVyc2lvbk5vdFNldCxkOTBiZWU5OCxub0VmZmVjdA=="
apple-originating-system: UnknownOriginatingSystem
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length,Content-Type,ETag,Cache-Control,Expires,Last-Modified
x-apple-request-uuid: 6fb89b6d-3a63-e237-7304-5e05bb35fc3e
x-b3-spanid: dd0d733938f5dd99
cache-control: no-transform, max-age=15977988
timing-allow-origin: *

GET
H2 200 cmewexr.js Show response
grigny21.transitdata2019.fr/ 1004 B
859 B 243ms
242ms Script
application/javascript 2606:4700:3030::ac43:cc7c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://grigny21.transitdata2019.fr/cmewexr.js?0.5777292702173202&q=cmV0a2VzIHB1bmNp
Requested by: Host: grigny21.transitdata2019.fr
URL: https://grigny21.transitdata2019.fr/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3030::ac43:cc7c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PHP/5.6.40
Resource Hash: 6741500ac0496e8dc1c57caf9ed798d69baf5f4304d60cfa879af13f735d01dc

Request headers

accept-language: en-US,en;q=0.9
Referer: https://grigny21.transitdata2019.fr/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Sun, 22 Oct 2023 23:08:53 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Sun, 22 Oct 2023 23:08:53 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
x-powered-by: PHP/5.6.40
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Xbav3ajxKjyrZYKADptKuG5Eay4%2F5pPR6jLO1hJq0W8QarupIMXGX6PFOhqxIZ%2FaH8Zh%2BxikJaiXKEJxPQ%2BvHtEUSzYG0o6Dt7d%2BdNntOG0CdlOQm%2Fr0uXndpjDIqUiE1H%2F1xSlLhHdDTNyK4L9kphxTQq13WuGuKQ0%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=14400
cf-ray: 81a5679eef33c33e-EWR
alt-svc: h3=":443"; ma=86400

GET
DATA 200
OK truncated
/ 42 B
0 Image
image/gif

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

Content-Type: image/gif

GET
H/1.1

200
OK

hit;hudat3
counter.yadro.ru/
Redirect Chain

https://counter.yadro.ru/hit;hudat3?t39.6;r;s1600*1200*24;uhttps%3A//grigny21.transitdata2019.fr/;hRetkes%20punci%20milf%20punci%20kukkol%E1s;0.86372132732692
https://counter.yadro.ru/hit;hudat3?q;t39.6;r;s1600*1200*24;uhttps%3A//grigny21.transitdata2019.fr/;hRetkes%20punci%20milf%20punci%20kukkol%E1s;0.86372132732692

130 B
616 B

158ms
152ms

Image
image/gif

88.212.201.198
UNITEDNET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://counter.yadro.ru/hit;hudat3?q;t39.6;r;s1600*1200*24;uhttps%3A//grigny21.transitdata2019.fr/;hRetkes%20punci%20milf%20punci%20kukkol%E1s;0.86372132732692

Requested by

Host: grigny21.transitdata2019.fr
URL: https://grigny21.transitdata2019.fr/

Protocol

HTTP/1.1

Server

88.212.201.198 , Russian Federation, ASN39134 (UNITEDNET, RU),

Reverse DNS

host198.rax.ru

Software

nginx/1.17.9 /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400

Request headers

accept-language: en-US,en;q=0.9
Referer: https://grigny21.transitdata2019.fr/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

Pragma: no-cache
Date: Sun, 22 Oct 2023 23:08:53 GMT
Strict-Transport-Security: max-age=86400
Server: nginx/1.17.9
Content-Type: image/gif
P3P: policyref="/w3c/p3p.xml", CP="UNI"
Access-Control-Allow-Origin: *
Cache-control: no-cache
Connection: keep-alive
Content-Length: 130
Expires: Sat, 22 Oct 2022 21:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Sun, 22 Oct 2023 23:08:53 GMT
Strict-Transport-Security: max-age=86400
Server: nginx/1.17.9
Content-Type: text/html
Location: https://counter.yadro.ru/hit;hudat3?q;t39.6;r;s1600*1200*24;uhttps%3A//grigny21.transitdata2019.fr/;hRetkes%20punci%20milf%20punci%20kukkol%E1s;0.86372132732692
P3P: policyref="/w3c/p3p.xml", CP="UNI"
Cache-control: no-cache
Connection: keep-alive
Content-Length: 32
Expires: Sat, 22 Oct 2022 21:00:00 GMT

GET
H2 200 u-4n0qyriQwlOrhSvowK_l52xwNZWMf6.woff2
fonts.gstatic.com/s/merriweather/v30/ 19 KB
19 KB 248ms
88ms Font
font/woff2 2607:f8b0:4004:c1b::5e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/merriweather/v30/u-4n0qyriQwlOrhSvowK_l52xwNZWMf6.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Merriweather%3A400%2C700%2C900%2C400italic%2C700italic%2C900italic%7CMontserrat%3A400%2C700%7CInconsolata%3A400&subset=latin%2Clatin-ext

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c1b::5e Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

273c8613cdd2852dd5318f224d804ae6d2fc717c48d3f1dab587b6d396fb4fc8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://grigny21.transitdata2019.fr
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Thu, 19 Oct 2023 18:15:37 GMT
x-content-type-options: nosniff
age: 276796
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 19740
x-xss-protection: 0
last-modified: Tue, 26 Apr 2022 15:48:38 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 18 Oct 2024 18:15:37 GMT

GET
H2 200 u-440qyriQwlOrhSvowK_l5-fCZM.woff2
fonts.gstatic.com/s/merriweather/v30/ 20 KB
20 KB 271ms
111ms Font
font/woff2 2607:f8b0:4004:c1b::5e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/merriweather/v30/u-440qyriQwlOrhSvowK_l5-fCZM.woff2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c1b::5e Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5c2d662e92bcbf1a5970b97040f901031295e79a96314db8302f549003022087

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://grigny21.transitdata2019.fr
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Thu, 19 Oct 2023 18:17:58 GMT
x-content-type-options: nosniff
age: 276655
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20028
x-xss-protection: 0
last-modified: Tue, 26 Apr 2022 16:41:08 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 18 Oct 2024 18:17:58 GMT

GET
H2 200 JTUSjIg1_i6t8kCHKm459Wlhyw.woff2
fonts.gstatic.com/s/montserrat/v26/ 32 KB
33 KB 205ms
45ms Font
font/woff2 2607:f8b0:4004:c1b::5e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/montserrat/v26/JTUSjIg1_i6t8kCHKm459Wlhyw.woff2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c1b::5e Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

bb2f90081933c0f2475883ca2c5cfee94e96d7314a09433fffc42e37f4cffd3b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://grigny21.transitdata2019.fr
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Thu, 19 Oct 2023 18:18:04 GMT
x-content-type-options: nosniff
age: 276649
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 33092
x-xss-protection: 0
last-modified: Wed, 13 Sep 2023 22:51:58 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 18 Oct 2024 18:18:04 GMT

GET
H2 200 JTUSjIg1_i6t8kCHKm459Wdhyzbi.woff2
fonts.gstatic.com/s/montserrat/v26/ 27 KB
27 KB 229ms
77ms Font
font/woff2 2607:f8b0:4004:c1b::5e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/montserrat/v26/JTUSjIg1_i6t8kCHKm459Wdhyzbi.woff2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c1b::5e Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6e1f71b09a1de41dc109318bff4733fa7dfa6d03bf6b7fa9a994939274555dd9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://grigny21.transitdata2019.fr
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Thu, 19 Oct 2023 18:12:54 GMT
x-content-type-options: nosniff
age: 276959
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 27812
x-xss-protection: 0
last-modified: Wed, 13 Sep 2023 22:37:02 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 18 Oct 2024 18:12:54 GMT

GET
H2 200 u-440qyriQwlOrhSvowK_l5-ciZMZ-Y.woff2
fonts.gstatic.com/s/merriweather/v30/ 18 KB
19 KB 272ms
123ms Font
font/woff2 2607:f8b0:4004:c1b::5e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/merriweather/v30/u-440qyriQwlOrhSvowK_l5-ciZMZ-Y.woff2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c1b::5e Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

9e26ab5064dab4ccd659362ecb893cd010d78264a4ae5b540766820d1026815d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://grigny21.transitdata2019.fr
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Tue, 17 Oct 2023 22:47:22 GMT
x-content-type-options: nosniff
age: 433291
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 18836
x-xss-protection: 0
last-modified: Tue, 26 Apr 2022 15:44:29 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 16 Oct 2024 22:47:22 GMT

GET
H2 200 u-4n0qyriQwlOrhSvowK_l52xwNZVsf6lvg.woff2
fonts.gstatic.com/s/merriweather/v30/ 18 KB
18 KB 266ms
118ms Font
font/woff2 2607:f8b0:4004:c1b::5e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/merriweather/v30/u-4n0qyriQwlOrhSvowK_l52xwNZVsf6lvg.woff2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c1b::5e Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c885b71cffb1153ba213e090165c17fdda244b4807b622c1cee91025b536dd53

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://grigny21.transitdata2019.fr
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Thu, 19 Oct 2023 18:18:35 GMT
x-content-type-options: nosniff
age: 276618
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 18416
x-xss-protection: 0
last-modified: Tue, 26 Apr 2022 15:45:21 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 18 Oct 2024 18:18:35 GMT

GET
H3 404 vfovwfv.gif
grigny21.transitdata2019.fr/ 209 B
209 B 226ms
226ms Image
text/html 2606:4700:3030::ac43:cc7c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://grigny21.transitdata2019.fr/vfovwfv.gif?ref=&url=https%3A//grigny21.transitdata2019.fr/&scr=1600x1200&q=1698016133&s=&ua=Mozilla/5.0%20(Windows%20NT%2010.0;%20Win64;%20x64)%20AppleWebKit/537.36%20(KHTML,%20like%20Gecko)%20Chrome/118.0.5993.88%20Safari/537.36&0.818939163988261
Requested by: Host: grigny21.transitdata2019.fr
URL: https://grigny21.transitdata2019.fr/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3030::ac43:cc7c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

accept-language: en-US,en;q=0.9
Referer: https://grigny21.transitdata2019.fr/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Sun, 22 Oct 2023 23:08:53 GMT
content-encoding: br
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=cDGK0569BXpsPJMczZamAqBDYMFst46BncXMRgIppb0VaGomUyj8H%2BGEWZX7myBBoWe5%2Fhi%2FJkUea%2BYL37L%2FTnHsDMYCTMYNXYAcAzW4%2FFOyuM5RWSbq0iCSBC5HPDfVBS%2FaoWT3qtdSHt4%2BVPb1st6f%2BSdHa5JvWqQ%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/html; charset=iso-8859-1
cache-control: max-age=14400
cf-ray: 81a567a0cb8619d3-EWR
alt-svc: h3=":443"; ma=86400

GET
H3 200 irjbvrr.js
grigny21.transitdata2019.fr/ 523 B
796 B 223ms
222ms XHR
application/javascript 2606:4700:3030::ac43:cc7c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://grigny21.transitdata2019.fr/irjbvrr.js?get=1&q=1698016133&s=&ua=Mozilla/5.0%20(Windows%20NT%2010.0;%20Win64;%20x64)%20AppleWebKit/537.36%20(KHTML,%20like%20Gecko)%20Chrome/118.0.5993.88%20Safari/537.36&0.11328900685779919
Requested by: Host: grigny21.transitdata2019.fr
URL: https://grigny21.transitdata2019.fr/cmewexr.js?0.5777292702173202&q=cmV0a2VzIHB1bmNp
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3030::ac43:cc7c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PHP/5.6.40
Resource Hash

Request headers

accept-language: en-US,en;q=0.9
Referer: https://grigny21.transitdata2019.fr/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Sun, 22 Oct 2023 23:08:53 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Sun, 22 Oct 2023 23:08:53 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
x-powered-by: PHP/5.6.40
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=dU5qlmpcpt5yOOzfil9TuhluqUf8sakEfkIyXwRh6bFEtXcPV9hZoZKq2MuTR44iRGnKDqhnDwlTcbGte1eiOfSTWMde%2BDTFonepRQR%2F%2BgSAJmDK092LAPG404t3D%2FE6%2BTJTJcu%2FtTO7Ac4YwDEmyCdUxCL%2BbUBbqgk%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=14400
cf-ray: 81a567a23cd719d3-EWR
alt-svc: h3=":443"; ma=86400

GET
H/1.1 200
OK Primary Request / Show response
freebieshere2306.click/ 5 KB
5 KB 410ms
398ms Document
text/html 185.155.184.225
AS5398

General

Check archive.org

Show headers Download Go to

Full URL: http://freebieshere2306.click/?u=mhwp605&o=f3t0mvz&t=hudat3
Requested by: Host: grigny21.transitdata2019.fr
URL: https://grigny21.transitdata2019.fr/
Protocol: HTTP/1.1
Server: 185.155.184.225 , Switzerland, ASN5398 (AS5398, CH),
Reverse DNS
Software: nginx /
Resource Hash: 2e723654010576a5fe6aed7b59f9b3b5f5ea1c195db85c43823214b81c5c135c

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

Connection: keep-alive
Content-Length: 4836
Content-Type: text/html
Date: Sun, 22 Oct 2023 23:08:54 GMT
Server: nginx
cache-control: private

GET
H2 200 css
fonts.googleapis.com/ 6 KB
769 B 59ms
56ms Stylesheet
text/css 2607:f8b0:4004:c09::5f
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=PT+Sans+Narrow:400,700|PT+Sans:400,700&display=swap

Requested by

Host: freebieshere2306.click
URL: http://freebieshere2306.click/?u=mhwp605&o=f3t0mvz&t=hudat3

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c09::5f Ashburn, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

82a1da297456db179ef45154fa71e5097292041cfcfc41e358c1e461aa10dfed

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: http://freebieshere2306.click/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Sun, 22 Oct 2023 23:08:54 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Sun, 22 Oct 2023 22:57:56 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sun, 22 Oct 2023 23:08:54 GMT

GET
H2 200 font-awesome.min.css
maxcdn.bootstrapcdn.com/font-awesome/4.5.0/css/ 27 KB
7 KB 214ms
79ms Stylesheet
text/css 2606:4700::6812:bcf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://maxcdn.bootstrapcdn.com/font-awesome/4.5.0/css/font-awesome.min.css

Requested by

Host: freebieshere2306.click
URL: http://freebieshere2306.click/?u=mhwp605&o=f3t0mvz&t=hudat3

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:bcf , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ddd92f10ad162c7449eff0acaf40598c05b1111739587edb75e5326b6697c5d5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer: http://freebieshere2306.click/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Sun, 22 Oct 2023 23:08:54 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: br
cdn-edgestorageid: 940
age: 18547483
cdn-cachedat: 07/06/2022 16:35:57
cdn-pullzone: 252412
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
last-modified: Mon, 25 Jan 2021 22:04:54 GMT
cdn-proxyver: 1.02
cdn-requestpullcode: 200
server: cloudflare
etag: W/"4fbd15cb6047af93373f4f895639c8bf"
vary: Accept-Encoding
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cdn-cache: HIT
cdn-uid: b1941f61-b576-4f40-80de-5677acb38f74
cache-control: public, max-age=31919000
cdn-requestid: c2ac29fefd200cd8a80bd09221b23858
timing-allow-origin: *
cdn-requestcountrycode: US
cdn-status: 200
cf-ray: 81a567a77e4fc323-EWR
cdn-requestpullsuccess: True

GET
H/1.1 200
OK flag-icon.css
freebieshere2306.click/util/flag-icon/css/ 40 KB
40 KB 129ms
126ms Stylesheet
text/css 185.155.184.225
AS5398

General

Check archive.org

Show headers Download Go to

Full URL

http://freebieshere2306.click/util/flag-icon/css/flag-icon.css

Requested by

Host: freebieshere2306.click
URL: http://freebieshere2306.click/?u=mhwp605&o=f3t0mvz&t=hudat3

Protocol

HTTP/1.1

Server

185.155.184.225 , Switzerland, ASN5398 (AS5398, CH),

Reverse DNS

Software

nginx /

Resource Hash

d6afd8d9abc2967f29ad396854cd05b1a12dcf9b7084f944c136ca6f540c5a39

Security Headers

Name	Value
Content-Security-Policy	block-all-mixed-content
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-US,en;q=0.9
Referer: http://freebieshere2306.click/?u=mhwp605&o=f3t0mvz&t=hudat3
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

Date: Sun, 22 Oct 2023 23:08:54 GMT
Content-Security-Policy: block-all-mixed-content
X-Content-Type-Options: nosniff
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Amz-Request-Id: 17908F5CE3980B10
Connection: keep-alive
Content-Length: 40627
X-Xss-Protection: 1; mode=block
Last-Modified: Mon, 20 Feb 2023 09:36:38 GMT
Server: nginx
x-amz-meta-mm-source-mtime: 2022-06-16T13:31:14.684017Z
ETag: "0a47b937981e7389e3ebe63e4a503066"
Vary: Origin, Accept-Encoding
Content-Type: text/css
Cache-Control: max-age=31536000
Accept-Ranges: bytes
x-amz-meta-mc-attrs: atime:1676841679#813157920/gid:0/gname:root/mode:33188/mtime:1655386274#684017000/uid:0/uname:root
Expires: Mon, 21 Oct 2024 23:08:54 GMT

GET
H/1.1 200
OK style.css
freebieshere2306.click/media/dating/striptease2/css/ 34 KB
35 KB 310ms
297ms Stylesheet
text/css 185.155.184.225
AS5398

General

Check archive.org

Show headers Download Go to

Full URL

http://freebieshere2306.click/media/dating/striptease2/css/style.css

Requested by

Host: freebieshere2306.click
URL: http://freebieshere2306.click/?u=mhwp605&o=f3t0mvz&t=hudat3

Protocol

HTTP/1.1

Server

185.155.184.225 , Switzerland, ASN5398 (AS5398, CH),

Reverse DNS

Software

nginx /

Resource Hash

422ebc24c3866c328141bc66717ea2a36d0368448001fbd3d8ca26da5e354849

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-US,en;q=0.9
Referer: http://freebieshere2306.click/?u=mhwp605&o=f3t0mvz&t=hudat3
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

Date: Sun, 22 Oct 2023 23:08:54 GMT
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
X-Amz-Request-Id: 17908F8D6CC137C7
Connection: keep-alive
Content-Length: 34768
X-Amz-Id-2: dd9025bab4ad464b049177c95eb6ebf374d3b3fd1af9251148b658df7ac2e3e8
X-Xss-Protection: 1; mode=block
Last-Modified: Wed, 20 Sep 2023 15:22:51 GMT
Server: nginx
x-amz-meta-mm-source-mtime: 2022-06-16T13:50:53.56258499Z
ETag: "b86a947287c124c91c04101428babad2"
Vary: Origin, Accept-Encoding
Content-Type: text/css
Cache-Control: max-age=31536000
Accept-Ranges: bytes
x-amz-meta-mc-attrs: atime:1693134506#260015113/gid:0/gname:root/mode:33279/mtime:1655387453#562584990/uid:0/uname:root
Expires: Mon, 21 Oct 2024 23:08:54 GMT

GET
H/1.1 200
OK style_shagslags.css
freebieshere2306.click/media/dating/striptease2/css/ 2 KB
2 KB 313ms
300ms Stylesheet
text/css 185.155.184.225
AS5398

General

Check archive.org

Show headers Download Go to

Full URL

http://freebieshere2306.click/media/dating/striptease2/css/style_shagslags.css

Requested by

Host: freebieshere2306.click
URL: http://freebieshere2306.click/?u=mhwp605&o=f3t0mvz&t=hudat3

Protocol

HTTP/1.1

Server

185.155.184.225 , Switzerland, ASN5398 (AS5398, CH),

Reverse DNS

Software

nginx /

Resource Hash

d937ca2eecf52bb0616251aab911c9ccae911ea5102edebb89d8ea2568fb51b4

Security Headers

Name	Value
Content-Security-Policy	block-all-mixed-content
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-US,en;q=0.9
Referer: http://freebieshere2306.click/?u=mhwp605&o=f3t0mvz&t=hudat3
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

Date: Sun, 22 Oct 2023 23:08:54 GMT
Content-Security-Policy: block-all-mixed-content
X-Content-Type-Options: nosniff
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Amz-Request-Id: 17908F8D7062C020
Connection: keep-alive
Content-Length: 1725
X-Xss-Protection: 1; mode=block
Last-Modified: Mon, 20 Feb 2023 09:32:18 GMT
Server: nginx
x-amz-meta-mm-source-mtime: 2022-06-16T13:50:53.566584999Z
ETag: "e7720a532d60a7f83076ff4db679eab3"
Vary: Origin, Accept-Encoding
Content-Type: text/css
Cache-Control: max-age=31536000
Accept-Ranges: bytes
x-amz-meta-mc-attrs: atime:1676843394#531755109/gid:0/gname:root/mode:33279/mtime:1655387453#566584999/uid:0/uname:root
Expires: Mon, 21 Oct 2024 23:08:54 GMT

GET
H/1.1 200
OK js.cookie.js Show response
freebieshere2306.click/cookie/ 4 KB
5 KB 318ms
306ms Script
application/javascript 185.155.184.225
AS5398

General

Check archive.org

Show headers Download Go to

Full URL

http://freebieshere2306.click/cookie/js.cookie.js

Requested by

Host: freebieshere2306.click
URL: http://freebieshere2306.click/?u=mhwp605&o=f3t0mvz&t=hudat3

Protocol

HTTP/1.1

Server

185.155.184.225 , Switzerland, ASN5398 (AS5398, CH),

Reverse DNS

Software

nginx /

Resource Hash

985659942ab60a92b3c0a7f876d9ef60e8f048ff655a622a172fa4b44f901b6c

Security Headers

Name	Value
Content-Security-Policy	block-all-mixed-content
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-US,en;q=0.9
Referer: http://freebieshere2306.click/?u=mhwp605&o=f3t0mvz&t=hudat3
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

Date: Sun, 22 Oct 2023 23:08:54 GMT
Content-Security-Policy: block-all-mixed-content
X-Content-Type-Options: nosniff
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Amz-Request-Id: 17908F5CE1E50B36
Connection: keep-alive
Content-Length: 4264
X-Amz-Id-2: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
X-Xss-Protection: 1; mode=block
Last-Modified: Mon, 03 Apr 2023 12:26:39 GMT
Server: nginx
x-amz-meta-mm-source-mtime: 2022-07-21T10:00:37.354375Z
ETag: "a7e9883924072f15259de6888d5ef515"
Vary: Origin, Accept-Encoding
Content-Type: application/javascript
Cache-Control: max-age=31536000
Accept-Ranges: bytes
x-amz-meta-mc-attrs: atime:1679394897#900490365/gid:0/gname:root/mode:33188/mtime:1658397637#354375000/uid:0/uname:root
Expires: Mon, 21 Oct 2024 23:08:54 GMT

GET
H/1.1 200
OK utils.js Show response
freebieshere2306.click/util/ 7 KB
8 KB 323ms
311ms Script
application/javascript 185.155.184.225
AS5398

General

Check archive.org

Show headers Download Go to

Full URL

http://freebieshere2306.click/util/utils.js

Requested by

Host: freebieshere2306.click
URL: http://freebieshere2306.click/?u=mhwp605&o=f3t0mvz&t=hudat3

Protocol

HTTP/1.1

Server

185.155.184.225 , Switzerland, ASN5398 (AS5398, CH),

Reverse DNS

Software

nginx /

Resource Hash

8b3c83a330bf1120a13eff6ef60c1e268b827b7bc49b42a7a1f5d8ad6941f2ea

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-US,en;q=0.9
Referer: http://freebieshere2306.click/?u=mhwp605&o=f3t0mvz&t=hudat3
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

Date: Sun, 22 Oct 2023 23:08:54 GMT
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
X-Amz-Request-Id: 17908F5CDFF2F17B
Connection: keep-alive
Content-Length: 7512
X-Amz-Id-2: dd9025bab4ad464b049177c95eb6ebf374d3b3fd1af9251148b658df7ac2e3e8
X-Xss-Protection: 1; mode=block
Last-Modified: Wed, 20 Sep 2023 15:26:19 GMT
Server: nginx
x-amz-meta-mm-source-mtime: 2022-07-29T09:04:49.684136Z
ETag: "01816d15ca03032751161a746e2fb7c3"
Vary: Origin, Accept-Encoding
Content-Type: application/javascript
Cache-Control: max-age=31536000
Accept-Ranges: bytes
x-amz-meta-mc-attrs: atime:1693134513#320037197/gid:0/gname:root/mode:33188/mtime:1659085489#684136000/uid:0/uname:root
Expires: Mon, 21 Oct 2024 23:08:54 GMT

GET
H/1.1 200
OK jquery-3.1.1.min.js Show response
freebieshere2306.click/media/dating/striptease2/js/ 85 KB
86 KB 324ms
312ms Script
application/javascript 185.155.184.225
AS5398

General

Check archive.org

Show headers Download Go to

Full URL

http://freebieshere2306.click/media/dating/striptease2/js/jquery-3.1.1.min.js

Requested by

Host: freebieshere2306.click
URL: http://freebieshere2306.click/?u=mhwp605&o=f3t0mvz&t=hudat3

Protocol

HTTP/1.1

Server

185.155.184.225 , Switzerland, ASN5398 (AS5398, CH),

Reverse DNS

Software

nginx /

Resource Hash

fc4982691b4178e9a72866bc354d7f9fba97e26363833be19ef7ed900962cc83

Security Headers

Name	Value
Content-Security-Policy	block-all-mixed-content
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-US,en;q=0.9
Referer: http://freebieshere2306.click/?u=mhwp605&o=f3t0mvz&t=hudat3
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

Date: Sun, 22 Oct 2023 23:08:54 GMT
Content-Security-Policy: block-all-mixed-content
X-Content-Type-Options: nosniff
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Amz-Request-Id: 17908F8D6E5E1617
Connection: keep-alive
Content-Length: 87411
X-Amz-Id-2: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
X-Xss-Protection: 1; mode=block
Last-Modified: Mon, 03 Apr 2023 12:29:41 GMT
Server: nginx
x-amz-meta-mm-source-mtime: 2022-06-16T13:50:53.430584687Z
ETag: "e21a794753fcdecf1e4b036860343c3c"
Vary: Origin, Accept-Encoding
Content-Type: application/javascript
Cache-Control: max-age=31536000
Accept-Ranges: bytes
x-amz-meta-mc-attrs: atime:1679349393#791503294/gid:0/gname:root/mode:33279/mtime:1655387453#430584687/uid:0/uname:root
Expires: Mon, 21 Oct 2024 23:08:54 GMT

GET
H/1.1 200
OK main.js Show response
freebieshere2306.click/media/dating/striptease2/js/ 8 KB
8 KB 446ms
166ms Script
application/javascript 185.155.184.225
AS5398

General

Check archive.org

Show headers Download Go to

Full URL

http://freebieshere2306.click/media/dating/striptease2/js/main.js

Requested by

Host: freebieshere2306.click
URL: http://freebieshere2306.click/?u=mhwp605&o=f3t0mvz&t=hudat3

Protocol

HTTP/1.1

Server

185.155.184.225 , Switzerland, ASN5398 (AS5398, CH),

Reverse DNS

Software

nginx /

Resource Hash

0946fccc72c41412be672ba724cd387a5f9a1be8e61da47de06f0bd111e2e32d

Security Headers

Name	Value
Content-Security-Policy	block-all-mixed-content
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-US,en;q=0.9
Referer: http://freebieshere2306.click/?u=mhwp605&o=f3t0mvz&t=hudat3
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

Date: Sun, 22 Oct 2023 23:08:54 GMT
Content-Security-Policy: block-all-mixed-content
X-Content-Type-Options: nosniff
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Amz-Request-Id: 17908F8D76C5CA3A
Connection: keep-alive
Content-Length: 7795
X-Amz-Id-2: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
X-Xss-Protection: 1; mode=block
Last-Modified: Mon, 03 Apr 2023 12:29:41 GMT
Server: nginx
x-amz-meta-mm-source-mtime: 2022-07-29T09:22:33.677996Z
ETag: "463221f114be5591b5ace8cfa144f1a0"
Vary: Origin, Accept-Encoding
Content-Type: application/javascript
Cache-Control: max-age=31536000
Accept-Ranges: bytes
x-amz-meta-mc-attrs: atime:1679394163#699354885/gid:0/gname:root/mode:33188/mtime:1659086553#677996000/uid:0/uname:root
Expires: Mon, 21 Oct 2024 23:08:54 GMT

GET
H/1.1 200
OK bb.js Show response
freebieshere2306.click/media/ 639 B
1 KB 484ms
172ms Script
application/javascript 185.155.184.225
AS5398

General

Check archive.org

Show headers Download Go to

Full URL

http://freebieshere2306.click/media/bb.js

Requested by

Host: freebieshere2306.click
URL: http://freebieshere2306.click/?u=mhwp605&o=f3t0mvz&t=hudat3

Protocol

HTTP/1.1

Server

185.155.184.225 , Switzerland, ASN5398 (AS5398, CH),

Reverse DNS

Software

nginx /

Resource Hash

1be1304c675449b1bad38ea8c3da6c1da0763ed2fad339ee1aa461c7bf4e2a68

Security Headers

Name	Value
Content-Security-Policy	block-all-mixed-content
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-US,en;q=0.9
Referer: http://freebieshere2306.click/?u=mhwp605&o=f3t0mvz&t=hudat3
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

Date: Sun, 22 Oct 2023 23:08:54 GMT
Content-Security-Policy: block-all-mixed-content
X-Content-Type-Options: nosniff
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Amz-Request-Id: 17908F5CF2AFE1D5
Connection: keep-alive
Content-Length: 639
X-Xss-Protection: 1; mode=block
Last-Modified: Mon, 20 Feb 2023 09:29:45 GMT
Server: nginx
x-amz-meta-mm-source-mtime: 2022-07-28T17:55:13.852764Z
ETag: "0d553e4bac91c74bfee2dbabba61e99e"
Vary: Origin, Accept-Encoding
Content-Type: application/javascript
Cache-Control: max-age=31536000
Accept-Ranges: bytes
x-amz-meta-mc-attrs: atime:1676832256#258761277/gid:0/gname:root/mode:33188/mtime:1659030913#852764000/uid:0/uname:root
Expires: Mon, 21 Oct 2024 23:08:54 GMT

GET
H/1.1 200
OK exit1.js Show response
freebieshere2306.click/media/exit-new/ 3 KB
4 KB 488ms
170ms Script
application/javascript 185.155.184.225
AS5398

General

Check archive.org

Show headers Download Go to

Full URL

http://freebieshere2306.click/media/exit-new/exit1.js

Requested by

Host: freebieshere2306.click
URL: http://freebieshere2306.click/?u=mhwp605&o=f3t0mvz&t=hudat3

Protocol

HTTP/1.1

Server

185.155.184.225 , Switzerland, ASN5398 (AS5398, CH),

Reverse DNS

Software

nginx /

Resource Hash

618f345a156a0eda55177a1bf0e8a414104f9b6c6ff5cdbe71966f081ccb8a46

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-US,en;q=0.9
Referer: http://freebieshere2306.click/?u=mhwp605&o=f3t0mvz&t=hudat3
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

Date: Sun, 22 Oct 2023 23:08:54 GMT
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
X-Amz-Request-Id: 17908F5CF7FB1546
Connection: keep-alive
Content-Length: 3473
X-Amz-Id-2: dd9025bab4ad464b049177c95eb6ebf374d3b3fd1af9251148b658df7ac2e3e8
X-Xss-Protection: 1; mode=block
Last-Modified: Wed, 20 Sep 2023 15:23:09 GMT
Server: nginx
x-amz-meta-mm-source-mtime: 2022-06-16T13:19:04.182688Z
ETag: "625e5e2950612f771e246beb33c9ea61"
Vary: Origin, Accept-Encoding
Content-Type: application/javascript
Cache-Control: max-age=31536000
Accept-Ranges: bytes
x-amz-meta-mc-attrs: atime:1693134511#160030446/gid:0/gname:root/mode:33279/mtime:1655385544#182688000/uid:0/uname:root
Expires: Mon, 21 Oct 2024 23:08:54 GMT

GET
H2 200 jizfRExUiTo99u79B_mh0O6tLQ.woff2
fonts.gstatic.com/s/ptsans/v17/ 46 KB
46 KB 91ms
89ms Font
font/woff2 2607:f8b0:4004:c1b::5e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/ptsans/v17/jizfRExUiTo99u79B_mh0O6tLQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=PT+Sans+Narrow:400,700|PT+Sans:400,700&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c1b::5e Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

141f0c53e457585d4ac7426eb3d757666d250ee6fbf0e9c0878128e4c627f0b1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: http://freebieshere2306.click
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Thu, 19 Oct 2023 18:25:36 GMT
x-content-type-options: nosniff
age: 276198
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 47048
x-xss-protection: 0
last-modified: Wed, 27 Apr 2022 16:55:54 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 18 Oct 2024 18:25:36 GMT

GET
H2 200 jizaRExUiTo99u79D0KExQ.woff2
fonts.gstatic.com/s/ptsans/v17/ 44 KB
44 KB 93ms
92ms Font
font/woff2 2607:f8b0:4004:c1b::5e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/ptsans/v17/jizaRExUiTo99u79D0KExQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=PT+Sans+Narrow:400,700|PT+Sans:400,700&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c1b::5e Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e13ffa988be59cbf299d7ff68f019f902b60848203ac4990819eb7e4624ee52d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: http://freebieshere2306.click
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Thu, 19 Oct 2023 18:12:54 GMT
x-content-type-options: nosniff
age: 276960
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 45300
x-xss-protection: 0
last-modified: Wed, 27 Apr 2022 16:11:08 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 18 Oct 2024 18:12:54 GMT

GET
H/1.1 200
OK us.svg
freebieshere2306.click/util/flag-icon/flags/4x3/ 6 KB
7 KB 174ms
174ms Image
image/svg+xml 185.155.184.225
AS5398

General

Check archive.org

Show headers Download Go to Show image

Full URL

http://freebieshere2306.click/util/flag-icon/flags/4x3/us.svg

Requested by

Host: freebieshere2306.click
URL: http://freebieshere2306.click/util/flag-icon/css/flag-icon.css

Protocol

HTTP/1.1

Server

185.155.184.225 , Switzerland, ASN5398 (AS5398, CH),

Reverse DNS

Software

nginx /

Resource Hash

7db44305e217e7a44845b47fe090b5f077a1cecf820899c7a6977b26549cdc08

Security Headers

Name	Value
Content-Security-Policy	block-all-mixed-content
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-US,en;q=0.9
Referer: http://freebieshere2306.click/util/flag-icon/css/flag-icon.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

Date: Sun, 22 Oct 2023 23:08:54 GMT
Content-Security-Policy: block-all-mixed-content
X-Content-Type-Options: nosniff
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Amz-Request-Id: 17908F5D03560106
Connection: keep-alive
Content-Length: 6215
X-Xss-Protection: 1; mode=block
Last-Modified: Mon, 20 Feb 2023 09:36:41 GMT
Server: nginx
x-amz-meta-mm-source-mtime: 2022-06-16T13:31:50.70409Z
ETag: "2b327bda75ccb4c9c3cd7ea61c4fed82"
Vary: Origin, Accept-Encoding
Content-Type: image/svg+xml
Cache-Control: max-age=31536000
Accept-Ranges: bytes
x-amz-meta-mc-attrs: atime:1676841679#853157980/gid:0/gname:root/mode:33188/mtime:1655386310#704090000/uid:0/uname:root
Expires: Mon, 21 Oct 2024 23:08:54 GMT

GET
H/1.1 200
OK 2018_15_105_background1.jpg
freebieshere2306.click/media/dating/striptease2/images/ 87 KB
88 KB 173ms
173ms Image
image/jpeg 185.155.184.225
AS5398

General

Check archive.org

Show headers Download Go to Show image

Full URL

http://freebieshere2306.click/media/dating/striptease2/images/2018_15_105_background1.jpg

Requested by

Host: freebieshere2306.click
URL: http://freebieshere2306.click/media/dating/striptease2/css/style.css

Protocol

HTTP/1.1

Server

185.155.184.225 , Switzerland, ASN5398 (AS5398, CH),

Reverse DNS

Software

nginx /

Resource Hash

6a75db58530645b3c6d8e1a7fde5f2ae33d9866811ac335680501ed1ec17a364

Security Headers

Name	Value
Content-Security-Policy	block-all-mixed-content
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-US,en;q=0.9
Referer: http://freebieshere2306.click/media/dating/striptease2/css/style.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

Date: Sun, 22 Oct 2023 23:08:54 GMT
Content-Security-Policy: block-all-mixed-content
X-Content-Type-Options: nosniff
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Amz-Request-Id: 17908F8DAC7B002E
Connection: keep-alive
Content-Length: 89456
X-Xss-Protection: 1; mode=block
Last-Modified: Mon, 20 Feb 2023 09:32:18 GMT
Server: nginx
x-amz-meta-mm-source-mtime: 2022-06-16T13:50:53.486584815Z
ETag: "324b25b5bf7d9c5e413b4e766ae09e85"
Vary: Origin, Accept-Encoding
Content-Type: image/jpeg
Cache-Control: max-age=31536000
Accept-Ranges: bytes
x-amz-meta-mc-attrs: atime:1676843394#535755114/gid:0/gname:root/mode:33279/mtime:1655387453#486584815/uid:0/uname:root
Expires: Mon, 21 Oct 2024 23:08:54 GMT

GET
H2 200 BngSUXNadjH0qYEzV7ab-oWlsbg95AiFW_0.woff2
fonts.gstatic.com/s/ptsansnarrow/v18/ 50 KB
50 KB 82ms
81ms Font
font/woff2 2607:f8b0:4004:c1b::5e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/ptsansnarrow/v18/BngSUXNadjH0qYEzV7ab-oWlsbg95AiFW_0.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=PT+Sans+Narrow:400,700|PT+Sans:400,700&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c1b::5e Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c9881931311b77f935225d7eeb7ebd0395480a7737a56d427778c98534ade38a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: http://freebieshere2306.click
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Thu, 19 Oct 2023 18:28:10 GMT
x-content-type-options: nosniff
age: 276044
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 51384
x-xss-protection: 0
last-modified: Tue, 02 May 2023 15:10:36 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 18 Oct 2024 18:28:10 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: www.szalagavatoruhaszalon.hu
URL: https://www.szalagavatoruhaszalon.hu/images/Kepek/tancruha/cigany/ruhaszalon.JPG

Verdicts & Comments Add Verdict or Comment

33 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

4 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.tunein.com/	1970-01-20 15:40:17	Name: __cf_bm Value: q9BfQY1iAKYfpv3wb.X8yqkNlCMy7bR2cPBCb8MBYck-1698016133-0-AZnifY9BgekWXs/8qxQC04K30i+L1xEtBMrGUzMcFEnB7NumocMIeN/tqAcEufG0eksOcmXOAS8w0XyRoCtJjfs=
.yadro.ru/	1970-01-21 00:25:44	Name: FTID Value: 1bDQk50OSP8f1bDQk5001Iab
.yadro.ru/	1970-01-21 00:25:44	Name: VID Value: 115H4R0ky3Of1bDQk50019xp
freebieshere2306.click/	1969-12-31 23:59:59	Name: sid Value: t3~v3qnrkhe1hsdzge1yxbj4kfv

19 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
security	warning	URL: https://grigny21.transitdata2019.fr/ Message: Mixed Content: The page at 'https://grigny21.transitdata2019.fr/' was loaded over HTTPS, but requested an insecure element 'http://prohardver.hu/dl/upc/2016-04/13365_c2d_2.jpg'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
security	warning	URL: https://grigny21.transitdata2019.fr/ Message: Mixed Content: The page at 'https://grigny21.transitdata2019.fr/' was loaded over HTTPS, but requested an insecure element 'http://www.napiszar.com/uploads/2012/08/23/762567dd833d67a5ec6e741365f1f155_origi.jpg'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
security	warning	URL: https://grigny21.transitdata2019.fr/ Message: Mixed Content: The page at 'https://grigny21.transitdata2019.fr/' was loaded over HTTPS, but requested an insecure element 'http://www.napiszar.com/uploads/2018/04/12/d3f6f1d83d10bc87218d1decf6eaa8fe_origi.jpg'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
security	warning	URL: https://grigny21.transitdata2019.fr/ Message: Mixed Content: The page at 'https://grigny21.transitdata2019.fr/' was loaded over HTTPS, but requested an insecure element 'http://www.szalagavatoruhaszalon.hu/images/Kepek/tancruha/cigany/ruhaszalon.JPG'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
security	warning	URL: https://grigny21.transitdata2019.fr/ Message: Mixed Content: The page at 'https://grigny21.transitdata2019.fr/' was loaded over HTTPS, but requested an insecure element 'http://www.napiszar.com/uploads/2020/10/17/9f9ea36a00d81e18d34f611ee2c12325_origi.jpg'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
security	warning	URL: https://grigny21.transitdata2019.fr/ Message: Mixed Content: The page at 'https://grigny21.transitdata2019.fr/' was loaded over HTTPS, but requested an insecure element 'http://www.napiszar.com/uploads/2012/04/30/3c54e6bc20483c01845bd08d1b72ece6_origi.jpg'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
security	warning	URL: https://grigny21.transitdata2019.fr/ Message: Mixed Content: The page at 'https://grigny21.transitdata2019.fr/' was loaded over HTTPS, but requested an insecure element 'http://cdn-profiles.tunein.com/p1160827/images/logog.png'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
network	error	URL: https://www.napiszar.com/uploads/2018/04/12/d3f6f1d83d10bc87218d1decf6eaa8fe_origi.jpg Message: Failed to load resource: the server responded with a status of 403 ()
network	error	URL: https://www.napiszar.com/uploads/2012/08/23/762567dd833d67a5ec6e741365f1f155_origi.jpg Message: Failed to load resource: the server responded with a status of 403 ()
network	error	URL: https://www.napiszar.com/uploads/2020/10/17/9f9ea36a00d81e18d34f611ee2c12325_origi.jpg Message: Failed to load resource: the server responded with a status of 403 ()
network	error	URL: https://www.napiszar.com/uploads/2012/04/30/3c54e6bc20483c01845bd08d1b72ece6_origi.jpg Message: Failed to load resource: the server responded with a status of 403 ()
security	warning	URL: https://grigny21.transitdata2019.fr/(Line 413) Message: Mixed Content: The page at 'https://grigny21.transitdata2019.fr/' was loaded over HTTPS, but requested an insecure element 'http://prohardver.hu/dl/upc/2016-04/13365_c2d_2.jpg'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
security	warning	URL: https://grigny21.transitdata2019.fr/(Line 413) Message: Mixed Content: The page at 'https://grigny21.transitdata2019.fr/' was loaded over HTTPS, but requested an insecure element 'http://www.napiszar.com/uploads/2012/08/23/762567dd833d67a5ec6e741365f1f155_origi.jpg'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
security	warning	URL: https://grigny21.transitdata2019.fr/(Line 413) Message: Mixed Content: The page at 'https://grigny21.transitdata2019.fr/' was loaded over HTTPS, but requested an insecure element 'http://www.napiszar.com/uploads/2018/04/12/d3f6f1d83d10bc87218d1decf6eaa8fe_origi.jpg'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
security	warning	URL: https://grigny21.transitdata2019.fr/(Line 413) Message: Mixed Content: The page at 'https://grigny21.transitdata2019.fr/' was loaded over HTTPS, but requested an insecure element 'http://www.szalagavatoruhaszalon.hu/images/Kepek/tancruha/cigany/ruhaszalon.JPG'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
security	warning	URL: https://grigny21.transitdata2019.fr/(Line 413) Message: Mixed Content: The page at 'https://grigny21.transitdata2019.fr/' was loaded over HTTPS, but requested an insecure element 'http://www.napiszar.com/uploads/2020/10/17/9f9ea36a00d81e18d34f611ee2c12325_origi.jpg'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
security	warning	URL: https://grigny21.transitdata2019.fr/(Line 413) Message: Mixed Content: The page at 'https://grigny21.transitdata2019.fr/' was loaded over HTTPS, but requested an insecure element 'http://www.napiszar.com/uploads/2012/04/30/3c54e6bc20483c01845bd08d1b72ece6_origi.jpg'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
security	warning	URL: https://grigny21.transitdata2019.fr/(Line 413) Message: Mixed Content: The page at 'https://grigny21.transitdata2019.fr/' was loaded over HTTPS, but requested an insecure element 'http://cdn-profiles.tunein.com/p1160827/images/logog.png'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
network	error	URL: https://grigny21.transitdata2019.fr/vfovwfv.gif?ref=&url=https%3A//grigny21.transitdata2019.fr/&scr=1600x1200&q=1698016133&s=&ua=Mozilla/5.0%20(Windows%20NT%2010.0;%20Win64;%20x64)%20AppleWebKit/537.36%20(KHTML,%20like%20Gecko)%20Chrome/118.0.5993.88%20Safari/537.36&0.818939163988261 Message: Failed to load resource: the server responded with a status of 404 ()

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

assets.fireside.fm
cdn-profiles.tunein.com
counter.yadro.ru
d1hlpam123zqko.cloudfront.net
fonts.googleapis.com
fonts.gstatic.com
freebieshere2306.click
grigny21.transitdata2019.fr
is4-ssl.mzstatic.com
maxcdn.bootstrapcdn.com
prohardver.hu
transitdata2019.fr
www.napiszar.com
www.szalagavatoruhaszalon.hu
www.szalagavatoruhaszalon.hu
108.138.61.132
172.64.153.101
185.155.184.225
2600:1408:c400:382::2a1
2606:4700:3030::ac43:cc7c
2606:4700:3034::ac43:c249
2606:4700::6812:17df
2606:4700::6812:bcf
2607:f8b0:4004:c09::5f
2607:f8b0:4004:c1b::5e
88.212.201.198
92.61.114.179
0946fccc72c41412be672ba724cd387a5f9a1be8e61da47de06f0bd111e2e32d
141f0c53e457585d4ac7426eb3d757666d250ee6fbf0e9c0878128e4c627f0b1
17588b7451571ecd83cdf4c048f717244740bfe920bcc9ccd3b1259ec9511c0c
1be1304c675449b1bad38ea8c3da6c1da0763ed2fad339ee1aa461c7bf4e2a68
273c8613cdd2852dd5318f224d804ae6d2fc717c48d3f1dab587b6d396fb4fc8
2b682eafdbb1105c7e0292965160ed0e2a446a30ac0d49049297f29e8c48a278
2e723654010576a5fe6aed7b59f9b3b5f5ea1c195db85c43823214b81c5c135c
422ebc24c3866c328141bc66717ea2a36d0368448001fbd3d8ca26da5e354849
4ed10d0d64bb1515397e8666a63f484d640dbc5678fa62574e077b7aef1c3af2
5c2d662e92bcbf1a5970b97040f901031295e79a96314db8302f549003022087
618f345a156a0eda55177a1bf0e8a414104f9b6c6ff5cdbe71966f081ccb8a46
6741500ac0496e8dc1c57caf9ed798d69baf5f4304d60cfa879af13f735d01dc
6a75db58530645b3c6d8e1a7fde5f2ae33d9866811ac335680501ed1ec17a364
6e1f71b09a1de41dc109318bff4733fa7dfa6d03bf6b7fa9a994939274555dd9
753868af3d88ed7ac40255d0eb782fe78066567bf36375560a409024d501f73a
7db44305e217e7a44845b47fe090b5f077a1cecf820899c7a6977b26549cdc08
82a1da297456db179ef45154fa71e5097292041cfcfc41e358c1e461aa10dfed
8b3c83a330bf1120a13eff6ef60c1e268b827b7bc49b42a7a1f5d8ad6941f2ea
985659942ab60a92b3c0a7f876d9ef60e8f048ff655a622a172fa4b44f901b6c
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12
9e26ab5064dab4ccd659362ecb893cd010d78264a4ae5b540766820d1026815d
bb2f90081933c0f2475883ca2c5cfee94e96d7314a09433fffc42e37f4cffd3b
bdd61466ca0b78b6fe38127bc598f47a6b4648c3f780e8af7f06e8ad5aaa6573
c885b71cffb1153ba213e090165c17fdda244b4807b622c1cee91025b536dd53
c9881931311b77f935225d7eeb7ebd0395480a7737a56d427778c98534ade38a
d6afd8d9abc2967f29ad396854cd05b1a12dcf9b7084f944c136ca6f540c5a39
d937ca2eecf52bb0616251aab911c9ccae911ea5102edebb89d8ea2568fb51b4
ddd92f10ad162c7449eff0acaf40598c05b1111739587edb75e5326b6697c5d5
e13ffa988be59cbf299d7ff68f019f902b60848203ac4990819eb7e4624ee52d
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e69fee552686c3a187b2b139607f93d1a89407b19d8dd5800b0c54d67a2efa28
fc4982691b4178e9a72866bc354d7f9fba97e26363833be19ef7ed900962cc83
fcb4c97b273ad0760400c069a62e04b73f85f41b2a1cb29afcedbd7a08c57d97

freebieshere2306.click Open in urlscan Pro 185.155.184.225 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

42 Requests

67 %HTTPS

58 %IPv6

13 Domains

14 Subdomains

13 IPs

4 Countries

1487 kBTransfer

1597 kBSize

4 Cookies

0 Outgoing links

Page URL History

Redirected requests

42 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 1 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

freebieshere2306.click Open in urlscan Pro
185.155.184.225 Public Scan

Screenshot
Live screenshot

Full Image

42
Requests

67 %
HTTPS

58 %
IPv6

13
Domains

14
Subdomains

13
IPs

4
Countries

1487 kB
Transfer

1597 kB
Size

4
Cookies

42 HTTP transactions
1 data transactions