cqty1.bhuefbfrvbn.workers.dev Open in urlscan Pro
188.114.96.3 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://cqty1.bhuefbfrvbn.workers.dev/
Submission: On July 08 via api (July 8th 2024, 1:55:54 pm UTC) from US — Scanned from NL

Summary HTTP 206 Redirects Links 67 Behaviour Indicators

Summary

This website contacted 27 IPs in 6 countries across 18 domains to perform 206 HTTP transactions. The main IP is 188.114.96.3, located in Amsterdam, Netherlands and belongs to CLOUDFLARENET, US. The main domain is cqty1.bhuefbfrvbn.workers.dev.
TLS certificate: Issued by WE1 on June 20th 2024. Valid for: 3 months.

This is the only time cqty1.bhuefbfrvbn.workers.dev was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
2	188.114.96.3 188.114.96.3	13335 (CLOUDFLAR...) (CLOUDFLARENET)
86	172.67.216.21 172.67.216.21	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	65.9.95.36 65.9.95.36	16509 (AMAZON-02) (AMAZON-02)
1	2a00:1450:400... 2a00:1450:4001:809::2002	15169 (GOOGLE) (GOOGLE)
3	142.250.185.162 142.250.185.162	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:80b::2008	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:803::200a	15169 (GOOGLE) (GOOGLE)
60	172.217.18.2 172.217.18.2	15169 (GOOGLE) (GOOGLE)
1	2606:4700::68... 2606:4700::6810:4f49	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2600:9000:212... 2600:9000:2127:e800:c:abe:f440:93a1	16509 (AMAZON-02) (AMAZON-02)
3	151.101.65.44 151.101.65.44	54113 (FASTLY) (FASTLY)
1	3.69.40.101 3.69.40.101	16509 (AMAZON-02) (AMAZON-02)
3	2606:4700:303... 2606:4700:3033::6815:4e37	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3	2a00:1450:400... 2a00:1450:4001:827::2003	15169 (GOOGLE) (GOOGLE)
12	102.130.121.238 102.130.121.238	328364 (Host-Afri...) (Host-Africa-AS)
2	2a00:1450:400... 2a00:1450:4001:82a::200e	15169 (GOOGLE) (GOOGLE)
1	142.250.186.130 142.250.186.130	15169 (GOOGLE) (GOOGLE)
2	2a02:2638:3::c 2a02:2638:3::c	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
2	2a00:1450:400... 2a00:1450:4001:82b::2001	15169 (GOOGLE) (GOOGLE)
1	151.101.129.44 151.101.129.44	54113 (FASTLY) (FASTLY)
1	2001:4860:480... 2001:4860:4802:32::36	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:400c:c04::9c	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:82f::2003	15169 (GOOGLE) (GOOGLE)
1 1	172.217.16.194 172.217.16.194	15169 (GOOGLE) (GOOGLE)
1 2	142.250.186.100 142.250.186.100	15169 (GOOGLE) (GOOGLE)
1	142.250.181.227 142.250.181.227	15169 (GOOGLE) (GOOGLE)
8	2a00:1450:400... 2a00:1450:4001:80b::2001	15169 (GOOGLE) (GOOGLE)
206	27

2 188.114.96.3 (Amsterdam, Netherlands)

ASN13335 (CLOUDFLARENET, US)

cqty1.bhuefbfrvbn.workers.dev	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

86 172.67.216.21 (United States)

ASN13335 (CLOUDFLARENET, US)

dctboyojy.578333.xyz	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 65.9.95.36 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-65-9-95-36.prg50.r.cloudfront.net

platform-api.sharethis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:809::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 142.250.185.162 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s51-in-f2.1e100.net

securepubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:80b::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:803::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

60 172.217.18.2 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s22-in-f2.1e100.net

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6810:4f49 (United States)

ASN13335 (CLOUDFLARENET, US)

static.cloudflareinsights.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:2127:e800:c:abe:f440:93a1 (United States)

ASN16509 (AMAZON-02, US)

buttons-config.sharethis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 151.101.65.44 (San Francisco, United States)

ASN54113 (FASTLY, US)

cdn.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 3.69.40.101 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-69-40-101.eu-central-1.compute.amazonaws.com

l.sharethis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2606:4700:3033::6815:4e37 (United States)

ASN13335 (CLOUDFLARENET, US)

highburyads.co.za	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:827::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

12 102.130.121.238 (South Africa)

ASN328364 (Host-Africa-AS, ZA)

image.blob.ix.co.za	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:82a::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.186.130 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s07-in-f2.1e100.net

www.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a02:2638:3::c (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

gum.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:82b::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

c2fee64726ff3dcf87809d402f7ffa1b.safeframe.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 151.101.129.44 (San Francisco, United States)

ASN54113 (FASTLY, US)

cdn.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2001:4860:4802:32::36 (United States)

ASN15169 (GOOGLE, US)

region1.analytics.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:400c:c04::9c (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:82f::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.nl	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 172.217.16.194 (United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: fra16s08-in-f2.1e100.net

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.250.186.100 (United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: fra24s06-in-f4.1e100.net

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.181.227 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s56-in-f3.1e100.net

www.google.nl	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 2a00:1450:4001:80b::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
86	578333.xyz dctboyojy.578333.xyz	1018 KB
70	googlesyndication.com pagead2.googlesyndication.com — Cisco Umbrella Rank: 157 c2fee64726ff3dcf87809d402f7ffa1b.safeframe.googlesyndication.com tpc.googlesyndication.com — Cisco Umbrella Rank: 211	2 MB
12	ix.co.za image.blob.ix.co.za	3 MB
6	doubleclick.net 1 redirects securepubads.g.doubleclick.net — Cisco Umbrella Rank: 279 stats.g.doubleclick.net — Cisco Umbrella Rank: 208 googleads.g.doubleclick.net — Cisco Umbrella Rank: 77	177 KB
4	taboola.com cdn.taboola.com — Cisco Umbrella Rank: 1193	237 KB
3	google.nl www.google.nl — Cisco Umbrella Rank: 9102	581 B
3	google.com 1 redirects region1.analytics.google.com — Cisco Umbrella Rank: 3576 www.google.com — Cisco Umbrella Rank: 10	87 B
3	gstatic.com fonts.gstatic.com	47 KB
3	highburyads.co.za highburyads.co.za	212 KB
3	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 110	277 KB
3	sharethis.com platform-api.sharethis.com — Cisco Umbrella Rank: 5578 buttons-config.sharethis.com — Cisco Umbrella Rank: 6319 l.sharethis.com — Cisco Umbrella Rank: 6190	48 KB
2	criteo.com gum.criteo.com — Cisco Umbrella Rank: 528	431 B
2	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 102	21 KB
2	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 108	2 KB
2	workers.dev cqty1.bhuefbfrvbn.workers.dev	25 KB
1	googleadservices.com www.googleadservices.com — Cisco Umbrella Rank: 177	2 KB
1	cloudflareinsights.com static.cloudflareinsights.com — Cisco Umbrella Rank: 1204	7 KB
1	googletagservices.com www.googletagservices.com — Cisco Umbrella Rank: 346	31 KB
206	18

	Domain	Requested by
86	dctboyojy.578333.xyz	cqty1.bhuefbfrvbn.workers.dev dctboyojy.578333.xyz
60	pagead2.googlesyndication.com	cqty1.bhuefbfrvbn.workers.dev pagead2.googlesyndication.com securepubads.g.doubleclick.net
12	image.blob.ix.co.za	cqty1.bhuefbfrvbn.workers.dev
8	tpc.googlesyndication.com	securepubads.g.doubleclick.net
4	cdn.taboola.com	cqty1.bhuefbfrvbn.workers.dev cdn.taboola.com
3	www.google.nl	cqty1.bhuefbfrvbn.workers.dev
3	fonts.gstatic.com	fonts.googleapis.com
3	highburyads.co.za	cqty1.bhuefbfrvbn.workers.dev
3	www.googletagmanager.com	cqty1.bhuefbfrvbn.workers.dev www.googletagmanager.com
3	securepubads.g.doubleclick.net	cqty1.bhuefbfrvbn.workers.dev securepubads.g.doubleclick.net
2	www.google.com	1 redirects cqty1.bhuefbfrvbn.workers.dev
2	stats.g.doubleclick.net	www.googletagmanager.com www.google-analytics.com
2	c2fee64726ff3dcf87809d402f7ffa1b.safeframe.googlesyndication.com	securepubads.g.doubleclick.net
2	gum.criteo.com	cdn.taboola.com
2	www.google-analytics.com	www.googletagmanager.com www.google-analytics.com
2	fonts.googleapis.com	cqty1.bhuefbfrvbn.workers.dev
2	cqty1.bhuefbfrvbn.workers.dev	cqty1.bhuefbfrvbn.workers.dev
1	googleads.g.doubleclick.net	1 redirects
1	region1.analytics.google.com	www.googletagmanager.com
1	www.googleadservices.com	www.googletagmanager.com
1	l.sharethis.com	platform-api.sharethis.com
1	buttons-config.sharethis.com	platform-api.sharethis.com
1	static.cloudflareinsights.com	cqty1.bhuefbfrvbn.workers.dev
1	www.googletagservices.com	cqty1.bhuefbfrvbn.workers.dev
1	platform-api.sharethis.com	cqty1.bhuefbfrvbn.workers.dev
206	25

This site contains links to these domains. Also see Links.

Domain
dctboyojy.578333.xyz
www.joburgetc.com
www.capetownetc.com
www.africaninsider.com
www.youtube.com
www.facebook.com
www.instagram.com
twitter.com
wordpress.org
highburyads.co.za

Subject Issuer	Validity	Valid
bhuefbfrvbn.workers.dev WE1	`2024-06-20` - `2024-09-18`	3 months	crt.sh
578333.xyz GTS CA 1P5	`2024-06-03` - `2024-09-01`	3 months	crt.sh
sharethis.com Amazon RSA 2048 M03	`2024-04-19` - `2025-05-17`	a year	crt.sh
*.g.doubleclick.net WR2	`2024-06-13` - `2024-09-05`	3 months	crt.sh
*.google-analytics.com WR2	`2024-06-13` - `2024-09-05`	3 months	crt.sh
upload.video.google.com WR2	`2024-06-13` - `2024-09-05`	3 months	crt.sh
cloudflareinsights.com WE1	`2024-07-06` - `2024-10-04`	3 months	crt.sh
*.taboola.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-10-23` - `2024-11-22`	a year	crt.sh
highburyads.co.za WE1	`2024-06-22` - `2024-09-20`	3 months	crt.sh
*.gstatic.com WR2	`2024-06-13` - `2024-09-05`	3 months	crt.sh
image.blob.ix.co.za R3	`2024-05-22` - `2024-08-20`	3 months	crt.sh
*.googleadservices.com WR2	`2024-06-13` - `2024-09-05`	3 months	crt.sh
*.criteo.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2024-06-18` - `2024-09-17`	3 months	crt.sh
*.google.nl WR2	`2024-06-13` - `2024-09-05`	3 months	crt.sh
tpc.googlesyndication.com WR2	`2024-06-13` - `2024-09-05`	3 months	crt.sh
*.google.com WR2	`2024-06-13` - `2024-09-05`	3 months	crt.sh

This page contains 14 frames:

Primary Page: https://cqty1.bhuefbfrvbn.workers.dev/
Frame ID: 665693E9C371CE0C99AA2B3448498841
Requests: 140 HTTP requests in this frame

Frame: https://c2fee64726ff3dcf87809d402f7ffa1b.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: E8BC329CD638613D824BDA0A2C23BFC5
Requests: 1 HTTP requests in this frame

Frame: https://cdn.taboola.com/libtrc/static/topics/taboola-browsing-topics.html
Frame ID: C169B089EEB600F9D54AD3C8E858F502
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/html/r20240702/r20110914/zrt_lookup_fy2021.html
Frame ID: CAD19B7A5C0D5264296B84065396C25F
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/ads?ltd_cs=1&client=ca-pub-7073370864490749&output=html&adk=1812271804&adf=3025194257&abgtt=6&lmt=1720446945&plat=9%3A134250504%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&plas=188x945_l%7C188x945_r&format=0x0&url=https%3A%2F%2Fcqty1.bhuefbfrvbn.workers.dev%2F&pra=5&wgl=1&easpi=0&aihb=0&asro=0&ailel=27~1~2~4~6~7~8~9~10~11~12~13~14~15~16~17~18~19~20~21~24~30&aiael=27~1~2~4~6~7~8~9~10~11~12~13~14~15~16~17~18~19~20~21~24~30&aifxl=27_8~30_19&aiixl=27_3~30_6&aslmct=0.7&asamct=0.7&aipaq=1&aisaib=1&itsi=-1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1720446945014&bpp=5&bdt=1549&idt=487&shv=r20240702&mjsv=m202406270101&ptt=9&saldr=aa&abxe=1&eoidce=1&nras=1&correlator=5730938282287&frm=20&pv=2&ga_vid=505424223.1720446945&ga_sid=1720446945&ga_hid=677306968&ga_fc=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759837%2C42532523%2C44798934%2C95331695%2C95334508%2C95334527%2C95334564%2C95335887%2C95337026%2C31084927%2C95335246%2C31078663%2C31078668%2C31078670&oid=2&pvsid=3700418703506396&tmod=1212430100&uas=0&nvt=1&fsapi=1&fc=1920&brdim=110%2C110%2C110%2C110%2C1600%2C0%2C1600%2C1285%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&bz=1&nt=1&ifi=1&uci=a!1&fsb=1&dtd=503
Frame ID: E5F8C03E814EBF94AC0B8EF3C92DD5C3
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pcs/view?xai=AKAOjssmjnclnraz79Y7ErhGB1MKmC5AjkawLsCoYaeoAuKmmdUm63Dj7T63Sn8Zwjkxmm2ivP87gYygmL5cD-WRYlds3nsZMYyEvB8CauqlwQF3Mp6KNSgQAd7ReVW_k-RIVMOP1nfBupgqMZ6NpWAuj75FpQr2a4cOZGHI7wve90_lZ1tETG2Jm7WZ6dpacVl--gO7RgVOYmer7UlrEFp97AI19CarAGGrSDRr5SqQTeX37MJJDA-jDAHDSCNOqZS3AYZCZMXgAXwxCQ4EzZ1h_EUCS1adWqorFbuYTxdEruOlPXXKkkvcNiqCQCkvs3xmoP3SENgCe4YoFwmqILKO4u9nHXhd-YgW_uIhr9KJHo19Zr-fcn_lasE&sig=Cg0ArKJSzMVMzVulnVJzEAE&uach_m=%5BUACH%5D&adurl=
Frame ID: 7DDE7945DAB8892311C14C15129EA13B
Requests: 9 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pcs/view?xai=AKAOjsu4sL0PvW2YYMC4Yh2UoDax1Jj1W0E30_cpj05M-ml5V9wtrzWT4rAEgIesWU0wL-9wJ3gXP1l4gTDNFQaX8cOBC1UPO1zKmKwI27ovR1mDqx7TU76oWEt4Xa5aiEEXMQn-uIPEg6N0mYsXv2i9698QjxEKBFjnTV9iiW9Z_W4IpuQub7WPDMyFjkReqT1vo1uJgjqfmerunwolSeMjpdei47bsTaqIDE0HkQrTHo45pgE3JFy0z2xg8-JWniwPMStr1oKxL_ynvqJuKH1QzUoU6tQIdEwVr2UdT1GfSvfOeaJwmYtLBJdZVvoPvBKF7PZg9CDoa-f7VfjhDJ_lQ4i0h2chsNQuyhFwsi1NUO897N77ktlBLX4&sig=Cg0ArKJSzCKE0B3B9EMKEAE&uach_m=%5BUACH%5D&adurl=
Frame ID: 89A833492A51E9835E222D50B060BCB5
Requests: 9 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pcs/view?xai=AKAOjssX1nY5FY3A0LyXTWd4YzlZdqZ-8UPwcFCRXK8Wl0D2_oxgajQEP46wDoluNz5DRD9JWyWIaT1gjC3vtxd95u3AZ106bvTNL93v-rovf34Hkz_9wU5qTp6AnENIzeCusuny5Qio2VS8pX8tHj4r-6zc6US_AK5mITSRtKI0SVbWtV4nQSSg80Oehl-jBKGgmpHL_eUVoYZWQlxak-u0zXSyWCizlfewyGWO1lRdodHt2HIii9uC06-DRmMeWzyXbN4IpX6iAaup27uMBe8uPRx0ivH2qvJQgIxt3y_e8PrwfdOB5nbzSHZ0rfTceQoKfCgtygT915W7zH-baBJ2asEDYONd7OTa8ACFo5qDr0pvwovqXD8D1Ooi&sig=Cg0ArKJSzCq4vOEYhnnOEAE&uach_m=%5BUACH%5D&adurl=
Frame ID: 7E646BDB418A4DCD5B6AAD171B5443F1
Requests: 9 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pcs/view?xai=AKAOjssx7e7Rrd6Q3DCderJBzcR1TqjU1NdXxOrDCOdf31nolEO10oD0g20Awck6f6skLWNUyJqaDurOppVxbvEuwpDJUVD0YKfrl1tTYZhbLnpRwv5vxDh9TK1WtuobQuhzoBVcg6PE_NavJxIuGES6njfHO0j83tW-EwtmjmfZAME0rDy8aNX7sLMV4aNWZM_eI0hfOv9yNeG9H-xqPLLGKK9-fhWbFBGX0sBO8PaUyJTjkv2HiW1FKz3g5uQ8WJC-WKP-4cVOiDtancoAkMODu_Jm1W0tjyql4n2KdUFiISKewBXpQLP4OUU-8gz72T_RmeEK6nJM29-zEWtTViuUtfLtY_vwrUzHRwIMC0beYN3gJbkFLzUVUw0&sig=Cg0ArKJSzAmpUdfVHyuuEAE&uach_m=%5BUACH%5D&adurl=
Frame ID: 108DF3DBF8638561B05B22A438FDAF07
Requests: 9 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pcs/view?xai=AKAOjsv8RlwADiFvE5UmCDDd6WZViOMIcWtMB9BdYjQfr9dFNXZDC9l0AY4StvBAYjAHLzBK2UvLm_SoYl9y9DiUFUMNmw822IRPCWKKXlJGqdwdlDuajeKa61zvb24J1m9taQs6z6syIFBgPhlXZH8_4v4J1C33cKjV1q3IXSKYjLIUppCFtC3D6caamldlPm4_rfHNqQZrcCTLewf70R5eXaNk63RYiUa8V5AW1HcDZUveFjKdnVIYj07Q8txkuIZJAHvII608fWw1mJHb45Bx4yvMPjM_B8xjS-l2e1sdRu2zyGhRH6ZY__Saex2OMkfSS20K2RN6N3agGdbCtUvF2-PuAd8ozc-Ocupg8j6ntnDl-ywd37D_ZI4&sig=Cg0ArKJSzHGMtvy-5ZffEAE&uach_m=%5BUACH%5D&adurl=
Frame ID: 179162781D255BC4A82BB7D903FFC8EB
Requests: 9 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pcs/view?xai=AKAOjstOEcN6Ok6pb3EZrQ_8FASv3lw9Mop7Mh5yvwWYV6mgnGydQo6zmFBctTmkBdicN47fIHwZq3_FRnJ0-47q07g-HeCPxS3rEfWe2G3jcEw8IasTnIT4lyus0p6fTRQCTWSYWjOihRLVK2LQHDwyv4-7oPfR_-d_3XQHfroNX3BfGH7R5K8kTrw8L_H_tBOMquHyzIPQjehPAuS0jneLXbKaDwRvgnjyJLiHpLysoDJBa-tlnQnxpwsWNlLt0QmKp4un476vyY_sQAcHU8zpnN1yjgFjvPlZBfU6FrX6rWyEfEpfUgbSZCPnFVehHIj09E-6RyQU9CuX-IxyUvjiq8da4iA65qTA-JkVlYZxZvieNJASvDE47Kk&sig=Cg0ArKJSzMNQd_YWKKXjEAE&uach_m=%5BUACH%5D&adurl=
Frame ID: EEB462746FBCE1D41199A7B70691227E
Requests: 8 HTTP requests in this frame

Frame: https://c2fee64726ff3dcf87809d402f7ffa1b.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: 1AABEB9FC4F0ECC4C6EF7354885F5220
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pcs/view?xai=AKAOjsuWv8MYGMPz7_4pfSf_n2ffXwSvlGpNAyE8d0IcBehJxEuIYmMLywUQ8XPy1pCl7VleHGJYRoWEPCVCF3ImXAXENkRZ_c3tV8YcuczEiTKqEEGodJpu9b6rt2sL8HD2n30cA6-YUD_NoEbNMs6ulNusSvyPz73kgIF0GO9iX21QT4MdOAh5-kywlQefYaLOhk3cWBdEYnxuXfxYqvWFVpt5rBKcjHW826JzGwcLLeWysLSgn29GT5h1lM1gy550cnxg6RD6uTfSf64leLiVLvWkcUWNFFwvbHB8VdAEmEFMqyopSh4zbnZRdOlPCUs4YU0j4wAJtVIMgNNlMIXtr0KdD3yaJr1dQmaixyavm_GFmTr0EU3PLhjM&sig=Cg0ArKJSzG0X5RSKE-jGEAE&uach_m=%5BUACH%5D&adurl=
Frame ID: 25E4F987E57A2A08E1AE12C01E41C304
Requests: 8 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pcs/view?xai=AKAOjstWNFGRZnfxcW_t3qpBDjQcdSeSrQLQV7_lMkuPY7fncJfEopP7Zo45i18R1jsCLw4HaF78r_0v1epFR2X-J3rYElheGW_0z1p5rWmiUlaEMyuGYluKviuUig0paMfWQbVaNllvLlX_CKYEX5Y2J7DTelnjV3RoJfV_LfkUoAm_bS7YzdxJL1V8gJPQzJ1MLm2BJogTEKh6QSiy_aOfq920dze9MtbjzUrYTsUj6SctSqc4EqHBInLtLJNBog39PIVVw4LkjrmW68nEY4WWrOQ3PkP0QT0CzDLQoL1w7qnEvBPdro5fUYXuIJMVSljchav5o9_yga5Cc7laql01pTtKxRIbJS6BuztQ_J_tDPIGGB3NhvKijQ-8&sig=Cg0ArKJSzEO-_NL0cvsMEAE&uach_m=%5BUACH%5D&adurl=
Frame ID: 1B55F79F69B0BE2BFC278A370490982C
Requests: 9 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Car News, Car Videos, Car Reviews, Car Road Tests, Car Industry News, Car Rumours, and much more | CAR Magazine

Detected technologies

WordPress (CMS) Expand

Overall confidence: 100%
Detected patterns

<link rel=["']stylesheet["'] [^>]+/wp-(?:content|includes)/
/wp-(?:content|includes)/

Cloudflare Browser Insights (Analytics) Expand

Overall confidence: 100%
Detected patterns

static\.cloudflareinsights\.com/beacon(?:\.min)?\.js

DoubleClick for Publishers (DFP) (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googletagservices\.com/tag/js/gpt(?:_mobile)?\.js

Font Awesome (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtag/js

Swiper Slider (Miscellaneous) Expand

Overall confidence: 100%
Detected patterns

swiper(?:\.min)?\.js

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

jQuery Migrate (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]migrate(?:-([\d.]+))?(?:\.min)?\.js(?:\?ver=([\d.]+))?

Page Statistics

206
Requests

99 %
HTTPS

52 %
IPv6

18
Domains

25
Subdomains

27
IPs

6
Countries

7231 kB
Transfer

15423 kB
Size

7
Cookies

67 Outgoing links

These are links going to different origins than the main page.

URL: https://dctboyojy.578333.xyz/

Search URL Search Domain Scan URL

URL: https://www.joburgetc.com/news/
Title: News in Johannesburg

Search URL Search Domain Scan URL

URL: https://www.capetownetc.com/
Title: News in Cape Town

Search URL Search Domain Scan URL

URL: https://www.africaninsider.com/
Title: News in Africa

Search URL Search Domain Scan URL

URL: https://dctboyojy.578333.xyz/car-reviews/
Title: Reviews

Search URL Search Domain Scan URL

URL: https://dctboyojy.578333.xyz/bakkies-for-sale/
Title: Bakkies For Sale

Search URL Search Domain Scan URL

URL: https://dctboyojy.578333.xyz/elite-cars/
Title: Elite Cars

Search URL Search Domain Scan URL

URL: https://dctboyojy.578333.xyz/news/industry-news/tesla-south-africa/
Title: Tesla

Search URL Search Domain Scan URL

URL: https://dctboyojy.578333.xyz/bikes-for-sale/
Title: Bikes For Sale

Search URL Search Domain Scan URL

URL: https://dctboyojy.578333.xyz/car-valuation-report/
Title: Car Valuation

Search URL Search Domain Scan URL

URL: https://dctboyojy.578333.xyz/car-insurance/
Title: Finance Calculator

Search URL Search Domain Scan URL

URL: https://dctboyojy.578333.xyz/news/industry-news/natis-online-booking/
Title: Natis Online Booking

Search URL Search Domain Scan URL

URL: https://dctboyojy.578333.xyz/car-dealer/
Title: Car Dealer

Search URL Search Domain Scan URL

URL: https://dctboyojy.578333.xyz/videos/dashcams/
Title: Dashcams

Search URL Search Domain Scan URL

URL: https://dctboyojy.578333.xyz/car-price-guide/
Title: Price Guide

Search URL Search Domain Scan URL

URL: https://dctboyojy.578333.xyz/news/arctic-trucks-turns-land-rover-defender-110-into-widebody-beast/

Search URL Search Domain Scan URL

URL: https://dctboyojy.578333.xyz/news/new-models/the-koenigsegg-chimera-is-a-bespoke-mt-hypercar-for-the-fia-president/

Search URL Search Domain Scan URL

URL: https://dctboyojy.578333.xyz/news/buying-used-cars/buying-used-renault-scenic-ii-2004-2009/

Search URL Search Domain Scan URL

URL: https://dctboyojy.578333.xyz/news/industry-news/best-selling-chinese-bakkies-june-2024/

Search URL Search Domain Scan URL

URL: https://dctboyojy.578333.xyz/car-for-sale/demo-2024-renault-kwid-kwazulu-natal-hillcrest/7138938/

Search URL Search Domain Scan URL

URL: https://dctboyojy.578333.xyz/car-for-sale/demo-2023-renault-kwid-kwazulu-natal-hillcrest/7138937/

Search URL Search Domain Scan URL

URL: https://dctboyojy.578333.xyz/car-for-sale/demo-2024-renault-kiger-kwazulu-natal-hillcrest/7138936/

Search URL Search Domain Scan URL

URL: https://dctboyojy.578333.xyz/car-for-sale/demo-2024-renault-kiger-kwazulu-natal-hillcrest/7138935/

Search URL Search Domain Scan URL

URL: https://dctboyojy.578333.xyz/car-for-sale/used-2022-volkswagen-t-cross-kwazulu-natal-hillcrest/7138944/

Search URL Search Domain Scan URL

URL: https://dctboyojy.578333.xyz/car-for-sale/used-2021-toyota-corolla-quest-kwazulu-natal-hillcrest/7138943/

Search URL Search Domain Scan URL

URL: https://dctboyojy.578333.xyz/car-for-sale/used-2022-toyota-corolla-cross-kwazulu-natal-hillcrest/7138942/

Search URL Search Domain Scan URL

URL: https://dctboyojy.578333.xyz/car-for-sale/used-2024-renault-triber-express-kwazulu-natal-hillcrest/7138941/

Search URL Search Domain Scan URL

URL: https://dctboyojy.578333.xyz/car-for-sale/demo-2022-renault-triber-express-kwazulu-natal-hillcrest/7138940/

Search URL Search Domain Scan URL

URL: https://dctboyojy.578333.xyz/car-for-sale/demo-2024-renault-kwid-kwazulu-natal-hillcrest/7138939/

Search URL Search Domain Scan URL

URL: https://dctboyojy.578333.xyz/news/all-of-the-car-magazine-top-12-best-buys-for-2024/

Search URL Search Domain Scan URL

URL: https://dctboyojy.578333.xyz/car-reviews/driving-impressions/review-opel-corsa-gs-line/

Search URL Search Domain Scan URL

URL: https://dctboyojy.578333.xyz/car-reviews/driving-impressions/fuel-consumption-test-volkswagen-polo-gti/

Search URL Search Domain Scan URL

URL: https://dctboyojy.578333.xyz/car-reviews/driving-impressions/ineos-grenadier-3-0td-trialmaster-edition/

Search URL Search Domain Scan URL

URL: https://dctboyojy.578333.xyz/car-reviews/driving-impressions/review-mini-countryman-s-all4/

Search URL Search Domain Scan URL

URL: https://dctboyojy.578333.xyz/car-reviews/driving-impressions/review-hyundai-i20-1-0t-n-line-dct/

Search URL Search Domain Scan URL

URL: https://dctboyojy.578333.xyz/car-reviews/driving-impressions/review-toyota-hilux-raider-2-8-gd-6-48v/

Search URL Search Domain Scan URL

URL: https://dctboyojy.578333.xyz/car-reviews/driving-impressions/review-ford-transit-custom/

Search URL Search Domain Scan URL

URL: https://dctboyojy.578333.xyz/car-reviews/driving-impressions/review-haval-jolion-pro-1-5t-s-ultra-lux-7dct/

Search URL Search Domain Scan URL

URL: https://dctboyojy.578333.xyz/car-reviews/driving-impressions/kia-sonet-1-0t-ex-dct-review/

Search URL Search Domain Scan URL

URL: https://dctboyojy.578333.xyz/car-reviews/review-mercedes-benz-e220d/

Search URL Search Domain Scan URL

URL: https://dctboyojy.578333.xyz/videos/have-a-look-inside-the-chinese-facility-where-ford-manufactures-the-territory/

Search URL Search Domain Scan URL

URL: https://dctboyojy.578333.xyz/videos/zwartkops-rebound-round-3-2024-gr-cup-ep-4/

Search URL Search Domain Scan URL

URL: https://dctboyojy.578333.xyz/videos/drag-race-mercedes-amg-c63-e-performance-vs-v8-c63/

Search URL Search Domain Scan URL

URL: https://dctboyojy.578333.xyz/videos/suv-shootout-2024/

Search URL Search Domain Scan URL

URL: https://dctboyojy.578333.xyz/videos/sheldon-van-der-linde-crashes-out-of-contention-for-24h-nurburgring/

Search URL Search Domain Scan URL

URL: https://dctboyojy.578333.xyz/car-reviews/driving-impressions/review-range-rover-evoque-p300-dynamic-hse/

Search URL Search Domain Scan URL

URL: https://dctboyojy.578333.xyz/car-reviews/driving-impressions/review-toyota-land-cruiser-76-2-8-gd-6-station-wagon-lx/

Search URL Search Domain Scan URL

URL: https://dctboyojy.578333.xyz/car-reviews/driving-impressions/review-bmw-520d-m-sport/

Search URL Search Domain Scan URL

URL: https://dctboyojy.578333.xyz/car-reviews/driving-impressions/review-mazda-cx-60-3-3-takumi/

Search URL Search Domain Scan URL

URL: https://dctboyojy.578333.xyz/car-reviews/driving-impressions/review-toyota-hilux-gr-sport-iii/

Search URL Search Domain Scan URL

URL: https://dctboyojy.578333.xyz/car-reviews/driving-impressions/review-porsche-panamera-4-e-hybrid/

Search URL Search Domain Scan URL

URL: https://dctboyojy.578333.xyz/car-reviews/driving-impressions/living-with-it-volkswagen-polo-life-1-0-tsi-mt-introduction/

Search URL Search Domain Scan URL

URL: https://dctboyojy.578333.xyz/car-reviews/driving-impressions/review-ldv-t60-max-luxe/

Search URL Search Domain Scan URL

URL: https://dctboyojy.578333.xyz/car-reviews/driving-impressions/review-jac-t9-4x4-super-lux/

Search URL Search Domain Scan URL

URL: https://dctboyojy.578333.xyz/car-reviews/driving-impressions/living-with-it-suzuki-xl6-1-5-glx-update-2/

Search URL Search Domain Scan URL

URL: https://www.youtube.com/c/CARSouthAfrica

Search URL Search Domain Scan URL

URL: https://www.facebook.com/CARmagazineSA

Search URL Search Domain Scan URL

URL: https://www.instagram.com/carmagazineSA/

Search URL Search Domain Scan URL

URL: https://twitter.com/CARmagSA

Search URL Search Domain Scan URL

URL: https://dctboyojy.578333.xyz/contact-us/
Title: Contact us

Search URL Search Domain Scan URL

URL: https://dctboyojy.578333.xyz/advertise-with-us/
Title: Advertise with us

Search URL Search Domain Scan URL

URL: https://dctboyojy.578333.xyz/privacy-policy/
Title: Privacy Policy

Search URL Search Domain Scan URL

URL: https://dctboyojy.578333.xyz/terms-and-conditions/
Title: Terms and Conditions

Search URL Search Domain Scan URL

URL: https://dctboyojy.578333.xyz/competition-rules-2/
Title: Competition Rules

Search URL Search Domain Scan URL

URL: https://dctboyojy.578333.xyz/privacy-policy/#cookies
Title: We use cookies

Search URL Search Domain Scan URL

URL: http://wordpress.org/
Title: WordPress

Search URL Search Domain Scan URL

URL: https://highburyads.co.za/www/delivery/ck.php?oaparams=2__bannerid=6127__zoneid=1599__cb=df7a010898__oadest=https%3A%2F%2Fwoobox.com%2F4tmhg4

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 108

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/981195317/?random=1364410309&cv=11&fst=1720446945119&bg=ffffff&guid=ON&async=1&gtm=45be4730v9181219265za200&gcd=13l3lPl2l1&dma_cps=sypham&dma=1&tag_exp=0&u_w=1600&u_h=1200&url=https%3A%2F%2Fcqty1.bhuefbfrvbn.workers.dev%2F&label=tlaeCPvm4sIBELW079MD&hn=www.googleadservices.com&frm=0&tiba=Car%20News%2C%20Car%20Videos%2C%20Car%20Reviews%2C%20Car%20Road%20Tests%2C%20Car%20Industry%20News%2C%20Car%20Rumours%2C%20and%20much%20more%20%7C%20CAR%20Magazine&gtm_ee=1&npa=1&pscdl=noapi&auid=1945906829.1720446945&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&ec_mode=a&fdr=SA&capi=1&data=event%3Dconversion&em=tv.1&fmt=3&ct_cookie_present=false&sscte=1&crd=CLHBsQIIsMGxAgi5wbECShV0cmlnZ2VyLCBldmVudC1zb3VyY2VaAwoBAWIECgICAw&pscrd=IhMIt-SXqMyXhwMVrBaiAx2oHgmoMgIIAzICCAQyAggHMgIICDICCAkyAggKMgIIAjICCAs6Jmh0dHBzOi8vY3F0eTEuYmh1ZWZiZnJ2Ym4ud29ya2Vycy5kZXYv HTTP 302
https://www.google.com/pagead/1p-conversion/981195317/?random=1364410309&cv=11&fst=1720446945119&bg=ffffff&guid=ON&async=1&gtm=45be4730v9181219265za200&gcd=13l3lPl2l1&dma_cps=sypham&dma=1&tag_exp=0&u_w=1600&u_h=1200&url=https%3A%2F%2Fcqty1.bhuefbfrvbn.workers.dev%2F&label=tlaeCPvm4sIBELW079MD&hn=www.googleadservices.com&frm=0&tiba=Car%20News%2C%20Car%20Videos%2C%20Car%20Reviews%2C%20Car%20Road%20Tests%2C%20Car%20Industry%20News%2C%20Car%20Rumours%2C%20and%20much%20more%20%7C%20CAR%20Magazine&gtm_ee=1&npa=1&pscdl=noapi&auid=1945906829.1720446945&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&ec_mode=a&fdr=SA&capi=1&data=event%3Dconversion&em=tv.1&fmt=3&ct_cookie_present=false&sscte=1&crd=CLHBsQIIsMGxAgi5wbECShV0cmlnZ2VyLCBldmVudC1zb3VyY2VaAwoBAWIECgICAw&pscrd=IhMIt-SXqMyXhwMVrBaiAx2oHgmoMgIIAzICCAQyAggHMgIICDICCAkyAggKMgIIAjICCAs6Jmh0dHBzOi8vY3F0eTEuYmh1ZWZiZnJ2Ym4ud29ya2Vycy5kZXYv&is_vtc=1&cid=CAQSGwDaQooLyGYJU1nLRacU4bnr9KhNbaAbNo-NzQ&random=339109625 HTTP 302
https://www.google.nl/pagead/1p-conversion/981195317/?random=1364410309&cv=11&fst=1720446945119&bg=ffffff&guid=ON&async=1&gtm=45be4730v9181219265za200&gcd=13l3lPl2l1&dma_cps=sypham&dma=1&tag_exp=0&u_w=1600&u_h=1200&url=https%3A%2F%2Fcqty1.bhuefbfrvbn.workers.dev%2F&label=tlaeCPvm4sIBELW079MD&hn=www.googleadservices.com&frm=0&tiba=Car%20News%2C%20Car%20Videos%2C%20Car%20Reviews%2C%20Car%20Road%20Tests%2C%20Car%20Industry%20News%2C%20Car%20Rumours%2C%20and%20much%20more%20%7C%20CAR%20Magazine&gtm_ee=1&npa=1&pscdl=noapi&auid=1945906829.1720446945&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&ec_mode=a&fdr=SA&capi=1&data=event%3Dconversion&em=tv.1&fmt=3&ct_cookie_present=false&sscte=1&crd=CLHBsQIIsMGxAgi5wbECShV0cmlnZ2VyLCBldmVudC1zb3VyY2VaAwoBAWIECgICAw&pscrd=IhMIt-SXqMyXhwMVrBaiAx2oHgmoMgIIAzICCAQyAggHMgIICDICCAkyAggKMgIIAjICCAs6Jmh0dHBzOi8vY3F0eTEuYmh1ZWZiZnJ2Ym4ud29ya2Vycy5kZXYv&is_vtc=1&cid=CAQSGwDaQooLyGYJU1nLRacU4bnr9KhNbaAbNo-NzQ&random=339109625&ipr=y

206 HTTP transactions
9 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H3 200 Primary Request / Show response
cqty1.bhuefbfrvbn.workers.dev/ 154 KB
23 KB 3619ms
1442ms Document
text/html 188.114.96.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cqty1.bhuefbfrvbn.workers.dev/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 9642e72ab2d4621ecd3ebdfbc35330a9dfbd7356fd5343b022d3ce1c4d30783c

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

access-control-allow-origin: *
alt-svc: h3=":443"; ma=86400
cache-control: no-store, no-cache, must-revalidate
cf-cache-status: DYNAMIC
cf-ray: 8a0092cba85606c0-AMS
content-encoding: br
content-type: text/html; charset=UTF-8
date: Mon, 08 Jul 2024 13:55:43 GMT
expires: Thu, 19 Nov 1981 08:52:00 GMT
link: <https://www.carmag.co.za/wp-json/>; rel="https://api.w.org/"
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
pragma: no-cache
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Ey%2B1gU9vZ%2B4LAsjfvj9bSu8zVi6uugmQkD2S2VEmbHYJ%2FkZ5p3uPGjUWhABpY2OoZ%2FrlW3wghkvDACsQ7H0nK3sI3MIPrdBE7mUde37DhOID7rBYCyCVio6YwyAcugIE5Y50"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding

GET
H3 200 style.min.css
dctboyojy.578333.xyz/wp-content/themes/CarMag_Revamp/ 208 KB
38 KB 1110ms
1034ms Stylesheet
text/css 172.67.216.21
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://dctboyojy.578333.xyz/wp-content/themes/CarMag_Revamp/style.min.css?ver=xxx
Requested by: Host: cqty1.bhuefbfrvbn.workers.dev
URL: https://cqty1.bhuefbfrvbn.workers.dev/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.216.21 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c69f5786e5a533373cb05708984f7a43045904d333bcbb50fb754659eaeddef4

Request headers

Referer: https://cqty1.bhuefbfrvbn.workers.dev/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Mon, 08 Jul 2024 13:55:44 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Wed, 26 Jun 2024 08:32:20 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"667bd214-33e78"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=fWdyonW%2FjGgbpfRb9VWuJ7xBRyOkkBzJO1m7%2Fb3PxLLqSD3Ou7KRWrReXsTL3ZGGEnvLJQROaIvrPNpY6QAghPujt9BmUAi3mV%2Bn3p8MFBaO9t4Vz80wVGM8m3F%2BCqw%2BwlBB"}],"group":"cf-nel","max_age":604800}
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=14400
cf-ray: 8a0092d5394b66c4-AMS
alt-svc: h3=":443"; ma=86400

GET
H3 200 cfs-advanced-search.css
dctboyojy.578333.xyz/wp-content/plugins/cfs-advanced-search/dist/ 15 KB
3 KB 987ms
911ms Stylesheet
text/css 172.67.216.21
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://dctboyojy.578333.xyz/wp-content/plugins/cfs-advanced-search/dist/cfs-advanced-search.css?ver=08-07-2024-1720446398
Requested by: Host: cqty1.bhuefbfrvbn.workers.dev
URL: https://cqty1.bhuefbfrvbn.workers.dev/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.216.21 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e8a700630a179fb4e70f040a3dcb2334833dce7788f25a09f64542557615d41e

Request headers

Referer: https://cqty1.bhuefbfrvbn.workers.dev/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Mon, 08 Jul 2024 13:55:44 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Mon, 15 Apr 2024 09:56:42 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"661cf9da-3b19"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=jx8NC6wJF3XKxlx9wnK3Hs8KC91Q8uCF%2B87TKdYnfw%2Fl3WEeJiSlKjX6wkcXqacaIgj9L3wXH2bkh415oTfzkh4x%2FThwSIg%2FlukyJQaWbfjNqqSpTNW0rVgtcs2SStMVY7CF"}],"group":"cf-nel","max_age":604800}
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=14400
cf-ray: 8a0092d5394e66c4-AMS
alt-svc: h3=":443"; ma=86400

GET
H3 200 custom-widgets.css
dctboyojy.578333.xyz/wp-content/plugins/create-custom-recent-posts-widgets/css/ 50 KB
8 KB 1208ms
1131ms Stylesheet
text/css 172.67.216.21
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://dctboyojy.578333.xyz/wp-content/plugins/create-custom-recent-posts-widgets/css/custom-widgets.css?ver=08-07-2024-1720446398
Requested by: Host: cqty1.bhuefbfrvbn.workers.dev
URL: https://cqty1.bhuefbfrvbn.workers.dev/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.216.21 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 70619499e4709f4bc53d884a45e4895660c497295228bc928ae17ae694494c48

Request headers

Referer: https://cqty1.bhuefbfrvbn.workers.dev/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Mon, 08 Jul 2024 13:55:44 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Wed, 15 Nov 2023 11:38:21 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"6554adad-c8cd"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=qB7Dk8sh8UaWMhj33lqNtoX1Moy%2FGPmQjyUuZfnd0Gn6MiArAHtHPcLrrnGkcfTh%2Fj3LW0%2F69LrIof8Mefv1JomkyT9Q6SCMTo7nJOERVHzpIloBR6rEYG%2BLJHqfsnBGtDLN"}],"group":"cf-nel","max_age":604800}
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=14400
cf-ray: 8a0092d5395566c4-AMS
alt-svc: h3=":443"; ma=86400

GET
H3 200 swiper.min.css
dctboyojy.578333.xyz/wp-content/plugins/create-custom-recent-posts-widgets/css/ 13 KB
4 KB 977ms
901ms Stylesheet
text/css 172.67.216.21
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://dctboyojy.578333.xyz/wp-content/plugins/create-custom-recent-posts-widgets/css/swiper.min.css?ver=08-07-2024-1720446398
Requested by: Host: cqty1.bhuefbfrvbn.workers.dev
URL: https://cqty1.bhuefbfrvbn.workers.dev/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.216.21 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: dea3c2d66b0679ee2db67a21c0a434f3e14d6ac8a2af06877a711151fc32b56d

Request headers

Referer: https://cqty1.bhuefbfrvbn.workers.dev/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Mon, 08 Jul 2024 13:55:44 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Thu, 17 Nov 2022 09:26:26 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"6375fe42-356e"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=SwCrKZ4rxgSymInd6EVfOABuCILDQtjOD9Bg5RDYE252xR02609nNXQoQCFXBr0Q2%2FbkE0xANROeZXuvxCTG1TIGiDj96xnJw148EyZidKu6FRMK03kKvqcDtAnRDcdty81h"}],"group":"cf-nel","max_age":604800}
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=14400
cf-ray: 8a0092d5395066c4-AMS
alt-svc: h3=":443"; ma=86400

GET
H3 200 cars-for-sale.css
dctboyojy.578333.xyz/wp-content/plugins/display-cars-for-sale/css/ 94 KB
17 KB 968ms
892ms Stylesheet
text/css 172.67.216.21
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://dctboyojy.578333.xyz/wp-content/plugins/display-cars-for-sale/css/cars-for-sale.css?ver=312
Requested by: Host: cqty1.bhuefbfrvbn.workers.dev
URL: https://cqty1.bhuefbfrvbn.workers.dev/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.216.21 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2866e98ae386469948188b57264807622938fd4c2f1a251b93473669c03497b1

Request headers

Referer: https://cqty1.bhuefbfrvbn.workers.dev/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Mon, 08 Jul 2024 13:55:44 GMT
content-encoding: br
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-polished: origSize=125033
alt-svc: h3=":443"; ma=86400
cf-bgj: minify
last-modified: Thu, 16 Nov 2023 08:30:48 GMT
server: cloudflare
etag: W/"6555d338-1e869"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=vjSRBNxw0Zxd%2FpD78EgEy0Y297EEwKj8SawEU%2FSIgSgwnn7Ra5bB1rWk6HdWCQ2EPOhFO%2BWfZWSv8mWAT7QQzsifPWHP3jRgeISWgXLIpGFg56G6fAQsW2nHN3dVlmqdFOQ0"}],"group":"cf-nel","max_age":604800}
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=14400
cf-ray: 8a0092d5395366c4-AMS

GET
H3 200 google-fonts.css
dctboyojy.578333.xyz/wp-content/themes/CarMag_Revamp/fonts/ 5 KB
934 B 582ms
506ms Stylesheet
text/css 172.67.216.21
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://dctboyojy.578333.xyz/wp-content/themes/CarMag_Revamp/fonts/google-fonts.css?ver=1.1
Requested by: Host: cqty1.bhuefbfrvbn.workers.dev
URL: https://cqty1.bhuefbfrvbn.workers.dev/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.216.21 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b352e35f5413292120165ce13962b3cead65738da4191b43286c6592d81e3a9e

Request headers

Referer: https://cqty1.bhuefbfrvbn.workers.dev/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Mon, 08 Jul 2024 13:55:44 GMT
content-encoding: br
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-polished: origSize=6670
alt-svc: h3=":443"; ma=86400
cf-bgj: minify
last-modified: Thu, 17 Nov 2022 09:28:49 GMT
server: cloudflare
etag: W/"6375fed1-1a0e"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=yuYqGnCbpxqA%2FC061RLg9e8H9bW8b6bCERbJ71a5uP%2FK69WkXsAvpVaD3dM%2BvRZUygUcpyUvQO8qrVq42y1xS6Q9CElXA8O%2Fsn42VScj92vUB%2B3kHUvz%2FKaq2XSYLdToniRv"}],"group":"cf-nel","max_age":604800}
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=14400
cf-ray: 8a0092d5394a66c4-AMS

GET
H3 200 font-awesome.css
dctboyojy.578333.xyz/wp-content/themes/CarMag_Revamp/font-awesome-4.7.0/css/ 30 KB
7 KB 767ms
692ms Stylesheet
text/css 172.67.216.21
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://dctboyojy.578333.xyz/wp-content/themes/CarMag_Revamp/font-awesome-4.7.0/css/font-awesome.css?ver=1
Requested by: Host: cqty1.bhuefbfrvbn.workers.dev
URL: https://cqty1.bhuefbfrvbn.workers.dev/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.216.21 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: bfbb02b2f82750344aa2bc6329085a7550de92926a22a951db6f1629fab862f0

Request headers

Referer: https://cqty1.bhuefbfrvbn.workers.dev/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Mon, 08 Jul 2024 13:55:44 GMT
content-encoding: br
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-polished: origSize=37414
alt-svc: h3=":443"; ma=86400
cf-bgj: minify
last-modified: Thu, 17 Nov 2022 09:31:48 GMT
server: cloudflare
etag: W/"6375ff84-9226"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=RoLE6C%2B99sCBYoYJaXU%2BkeJjtU6ndh%2B5ATnr9yMM2H2tP9sswHd0vhQV90QtBYTPSOds1MIT01o2yYwx1LCoks%2BKPYRYVCiA4TSMwWd9trPrmVtrBhZUlQ3bW89llZIl%2BHOV"}],"group":"cf-nel","max_age":604800}
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=14400
cf-ray: 8a0092d5394266c4-AMS

GET
H3 200 jquery.min.js Show response
dctboyojy.578333.xyz/wp-includes/js/jquery/ 86 KB
31 KB 946ms
871ms Script
application/javascript 172.67.216.21
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://dctboyojy.578333.xyz/wp-includes/js/jquery/jquery.min.js?ver=3.7.1
Requested by: Host: cqty1.bhuefbfrvbn.workers.dev
URL: https://cqty1.bhuefbfrvbn.workers.dev/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.216.21 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: cb6f2d32c49d1c2b25e9ffc9aaafa3f83075346c01bcd4ae6eb187392a4292cf

Request headers

Referer: https://cqty1.bhuefbfrvbn.workers.dev/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Mon, 08 Jul 2024 13:55:44 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Thu, 11 Apr 2024 14:30:26 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"6617f402-15601"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=%2FxASrqUX2FUscT%2BzzgKJ2C90Tzb5noqMa15tx0aLh%2FRK9Z4op1r3dk%2FLwFz2QlNNR1LBvsKmxbRuREtSdWPPhn8qEdKbjQ9WAHcc6yMrlqd0B1bsHBhzgTOxzLPl7a5bYVAH"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=14400
cf-ray: 8a0092d5394866c4-AMS
alt-svc: h3=":443"; ma=86400

GET
H3 200 jquery-migrate.min.js Show response
dctboyojy.578333.xyz/wp-includes/js/jquery/ 13 KB
5 KB 718ms
643ms Script
application/javascript 172.67.216.21
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://dctboyojy.578333.xyz/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.4.1
Requested by: Host: cqty1.bhuefbfrvbn.workers.dev
URL: https://cqty1.bhuefbfrvbn.workers.dev/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.216.21 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5274f11e6fb32ae0cf2dfb9f8043272865c397a7c4223b4cfa7d50ea52fbde89

Request headers

Referer: https://cqty1.bhuefbfrvbn.workers.dev/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Mon, 08 Jul 2024 13:55:44 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Thu, 11 Apr 2024 14:30:26 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"6617f402-3509"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=pedsNyQygDsDOrCEH880nMKHjK3rGj3mX319frbyHmu1P5e4IYYgIq4fSVUAaH7w6mhTz%2B8cZM4m5z4VAQlFoWo%2FitRFenwzFYeHRaYgS%2B8GgsGI0gQMrhWjLhWCHyojH9al"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=14400
cf-ray: 8a0092d5394766c4-AMS
alt-svc: h3=":443"; ma=86400

GET
H3 200 jquery.menufication.min.js Show response
dctboyojy.578333.xyz/wp-content/plugins/menufication/js/ 13 KB
4 KB 702ms
627ms Script
application/javascript 172.67.216.21
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://dctboyojy.578333.xyz/wp-content/plugins/menufication/js/jquery.menufication.min.js?ver=6.5.2
Requested by: Host: cqty1.bhuefbfrvbn.workers.dev
URL: https://cqty1.bhuefbfrvbn.workers.dev/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.216.21 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 716cb523fa841c30059a51fb52757884a4e5ddaaf9fdd33bd4fe4b6561421fe0

Request headers

Referer: https://cqty1.bhuefbfrvbn.workers.dev/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Mon, 08 Jul 2024 13:55:44 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Thu, 17 Nov 2022 09:27:22 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"6375fe7a-3265"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=dLycfoo%2Fy3HPqfbfQDbeUImPg8V03WWOF4x6oCosHmGZNsQGtRLVu4Xdvks2JN61gWxjCMuvfPySO%2FujqkuLvxz5hBrdBgKYyHqED4SvXLk%2F4yOGfjpWBYv0266WF4acRd8R"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=14400
cf-ray: 8a0092d5394566c4-AMS
alt-svc: h3=":443"; ma=86400

GET
H3 200 menufication-setup.js Show response
dctboyojy.578333.xyz/wp-content/plugins/menufication/js/ 2 KB
1 KB 571ms
497ms Script
application/javascript 172.67.216.21
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://dctboyojy.578333.xyz/wp-content/plugins/menufication/js/menufication-setup.js?ver=6.5.2
Requested by: Host: cqty1.bhuefbfrvbn.workers.dev
URL: https://cqty1.bhuefbfrvbn.workers.dev/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.216.21 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2e0c66741dfec2c3002fe92915499f6808da0a9ce99d34916bd9e7883d0f8074

Request headers

Referer: https://cqty1.bhuefbfrvbn.workers.dev/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Mon, 08 Jul 2024 13:55:44 GMT
content-encoding: br
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-polished: origSize=3588
alt-svc: h3=":443"; ma=86400
cf-bgj: minify
last-modified: Thu, 17 Nov 2022 09:27:22 GMT
server: cloudflare
etag: W/"6375fe7a-e04"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=dWN4BxtkSrxfYn2jPXA6Nqby9m9qgmq8ltmMv5jBBuuMjOf1N09laEVUYd54V2eU1Pv1XIwN6pnUkAx6rYb6VJGmPdK%2F99kZkhjAf2hW16hLRizX35zWBgDydDWGHEf6ucTX"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=14400
cf-ray: 8a0092d5394066c4-AMS

GET
H2 200 sharethis.js Show response
platform-api.sharethis.com/js/ 206 KB
46 KB 121ms
45ms Script
text/javascript 65.9.95.36
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://platform-api.sharethis.com/js/sharethis.js?ver=1.5.7

Requested by

Host: cqty1.bhuefbfrvbn.workers.dev
URL: https://cqty1.bhuefbfrvbn.workers.dev/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

65.9.95.36 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-65-9-95-36.prg50.r.cloudfront.net

Software

Resource Hash

98d32b00fca86fc6994df33302e051a6ad03461a43ff5797d5b10ace4cf4772f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://cqty1.bhuefbfrvbn.workers.dev/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Mon, 08 Jul 2024 13:55:43 GMT
content-encoding: gzip
via: 1.1 cb11ca2ff3db5adbe7df4bca70e51594.cloudfront.net (CloudFront)
strict-transport-security: max-age=31536000; includeSubDomains
x-amz-cf-pop: PRG50-C1
age: 343
etag: W/"336d0-g/6wprihOkYe7HpMswOVDodT6lU"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
edge-control: cache-maxage=60m,downstream-ttl=60m
cache-control: max-age=600, public
x-cache: Hit from cloudfront
x-amz-cf-id: 2y4yna9voenSDXoz4FloIdRg-iQ2OMN6yKPqFllSx21OuixJTHEe6Q==

GET
H2 200 gpt.js Show response
www.googletagservices.com/tag/js/ 97 KB
31 KB 182ms
89ms Script
text/javascript 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/tag/js/gpt.js

Requested by

Host: cqty1.bhuefbfrvbn.workers.dev
URL: https://cqty1.bhuefbfrvbn.workers.dev/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

112748ae973bead369b416cd0ba70c9aced54c043c4be5b43401e998426580b7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://cqty1.bhuefbfrvbn.workers.dev/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Mon, 08 Jul 2024 13:55:44 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 31314
x-xss-protection: 0
server: cafe
etag: 305 / 19912 / m202407020101 / config-hash: 18195161965586865016
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
expires: Mon, 08 Jul 2024 13:55:44 GMT

GET
H3 200 gpt.js Show response
securepubads.g.doubleclick.net/tag/js/ 97 KB
31 KB 142ms
92ms Script
text/javascript 142.250.185.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/tag/js/gpt.js

Requested by

Host: cqty1.bhuefbfrvbn.workers.dev
URL: https://cqty1.bhuefbfrvbn.workers.dev/

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s51-in-f2.1e100.net

Software

cafe /

Resource Hash

1e3fa10dc820a119caefb5ee3860acce7f3c2cdf78cb80b73fca89094abb24c1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://cqty1.bhuefbfrvbn.workers.dev/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Mon, 08 Jul 2024 13:55:44 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 31314
x-xss-protection: 0
server: cafe
etag: 365 / 19912 / m202407020101 / config-hash: 18195161965586865016
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
expires: Mon, 08 Jul 2024 13:55:44 GMT

GET
H3 200 style.min.css
dctboyojy.578333.xyz/wp-includes/css/dist/block-library/ 111 KB
15 KB 1039ms
1034ms Stylesheet
text/css 172.67.216.21
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://dctboyojy.578333.xyz/wp-includes/css/dist/block-library/style.min.css?ver=6.5.2
Requested by: Host: cqty1.bhuefbfrvbn.workers.dev
URL: https://cqty1.bhuefbfrvbn.workers.dev/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.216.21 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 98cecf88a23542fa047ce46eedb650b5c5128761ed4386c0977b847094ddfa20

Request headers

Referer: https://cqty1.bhuefbfrvbn.workers.dev/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Mon, 08 Jul 2024 13:55:45 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Thu, 11 Apr 2024 14:30:39 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"6617f40f-1bae5"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=aG6m4AcZtUm%2B5UC6ef%2BmrpkgB0ud70ACGEoM7x9PV8EwrpwFjQTbto%2FaNtLdHhF3AdH23%2BDSecaOwknAwttDkzcKJz0BK6R89dnwk9iyvSTBV0PRjPmGx6SJYUa6pZyPmK30"}],"group":"cf-nel","max_age":604800}
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=14400
cf-ray: 8a0092dc9bed66c4-AMS
alt-svc: h3=":443"; ma=86400

GET
H3 200 drivers-test.css
dctboyojy.578333.xyz/wp-content/plugins/drivers-test/css/ 2 KB
950 B 941ms
936ms Stylesheet
text/css 172.67.216.21
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://dctboyojy.578333.xyz/wp-content/plugins/drivers-test/css/drivers-test.css?ver=08-07-2024-1720446398
Requested by: Host: cqty1.bhuefbfrvbn.workers.dev
URL: https://cqty1.bhuefbfrvbn.workers.dev/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.216.21 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 432eb81d99e6c7f947e6e9f30ca98503157b92ae8fdf6e21a2da6ea143fbf3f9

Request headers

Referer: https://cqty1.bhuefbfrvbn.workers.dev/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Mon, 08 Jul 2024 13:55:45 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Fri, 13 Oct 2023 10:25:31 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"65291b1b-638"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=L1qipHHcjJrgog%2FPhfdgoT2OHhLJ7Q7r8CvIEWwerfVfp%2BF4%2BhICjwMmixgWeH66TL4t0VUD4dKofdiEjsN4PZ8RR4%2BpxGl3bYvlASCWP%2BMWL6jr6h2ZWECDpybI%2FcbqsGur"}],"group":"cf-nel","max_age":604800}
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=14400
cf-ray: 8a0092dc9bee66c4-AMS
alt-svc: h3=":443"; ma=86400

GET
H3 200 mu-style.css
dctboyojy.578333.xyz/wp-content/plugins/sharethis-share-buttons/css/ 0
470 B 562ms
557ms Stylesheet
text/css 172.67.216.21
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://dctboyojy.578333.xyz/wp-content/plugins/sharethis-share-buttons/css/mu-style.css?ver=1668677260
Requested by: Host: cqty1.bhuefbfrvbn.workers.dev
URL: https://cqty1.bhuefbfrvbn.workers.dev/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.216.21 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://cqty1.bhuefbfrvbn.workers.dev/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Mon, 08 Jul 2024 13:55:45 GMT
content-encoding: br
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-polished: origSize=26
alt-svc: h3=":443"; ma=86400
cf-bgj: minify
last-modified: Thu, 17 Nov 2022 09:27:40 GMT
server: cloudflare
etag: W/"6375fe8c-1a"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=sj4yWszNG4mRFS0vfOpcZQFntjBPSldefwhYxQe0YsGuGvRk%2BxDcyoj0lEgKoUumGEAplaR78UqRQ0htB9v0VJzQ3J7tR4A4j3uGlMlAo7y9n8GdVO28Av03kKqpHcedOvuw"}],"group":"cf-nel","max_age":604800}
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=14400
cf-ray: 8a0092dc9bef66c4-AMS

GET
H3 200 article-view-slick.css
dctboyojy.578333.xyz/wp-content/themes/CarMag_Revamp/css/ 1 KB
906 B 575ms
570ms Stylesheet
text/css 172.67.216.21
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://dctboyojy.578333.xyz/wp-content/themes/CarMag_Revamp/css/article-view-slick.css?ver=1.0
Requested by: Host: cqty1.bhuefbfrvbn.workers.dev
URL: https://cqty1.bhuefbfrvbn.workers.dev/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.216.21 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 21061765237c66c10b48e236063a3497c22d33629e98f8654d1a3b860fa48700

Request headers

Referer: https://cqty1.bhuefbfrvbn.workers.dev/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Mon, 08 Jul 2024 13:55:45 GMT
content-encoding: br
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-polished: origSize=1776
alt-svc: h3=":443"; ma=86400
cf-bgj: minify
last-modified: Thu, 17 Nov 2022 09:28:48 GMT
server: cloudflare
etag: W/"6375fed0-6f0"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=pvjGmJQERJtKW%2B4cY6fMe%2FWSrylnKijBBxz%2BfyUEVB3c6IBP2UqG6XawY%2B5qtfODZYT7%2BzngvvJS3WNQuQYkeTKzrgvZbp072jtBbWrPkaJZAMWzexZnEZM30RFxFyvOCHU0"}],"group":"cf-nel","max_age":604800}
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=14400
cf-ray: 8a0092dc9bf166c4-AMS

GET
H3 200 article-view-slick-theme.css
dctboyojy.578333.xyz/wp-content/themes/CarMag_Revamp/css/ 2 KB
1 KB 561ms
556ms Stylesheet
text/css 172.67.216.21
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://dctboyojy.578333.xyz/wp-content/themes/CarMag_Revamp/css/article-view-slick-theme.css?ver=1.0
Requested by: Host: cqty1.bhuefbfrvbn.workers.dev
URL: https://cqty1.bhuefbfrvbn.workers.dev/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.216.21 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f8b0220980de4339ca04d32bc5656435847fecb3a47f2eac38e33277e18eddc8

Request headers

Referer: https://cqty1.bhuefbfrvbn.workers.dev/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Mon, 08 Jul 2024 13:55:45 GMT
content-encoding: br
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-polished: origSize=3145
alt-svc: h3=":443"; ma=86400
cf-bgj: minify
last-modified: Thu, 17 Nov 2022 09:28:48 GMT
server: cloudflare
etag: W/"6375fed0-c49"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=UoykYqPHm97eV%2BF7HlOC50Jl20XNDpx%2BmManqlINUUp4VgGjtcP%2FS3l%2FaFBRBevvf94yqfE3FvbMzuURVK6fO2QcqlTtlLVm73C7wL26UXKdTps7NaERP7BfI9zfYoBLWpX4"}],"group":"cf-nel","max_age":604800}
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=14400
cf-ray: 8a0092dc9bf266c4-AMS

GET
H3 200 magnific-gallery-styles.css
dctboyojy.578333.xyz/wp-content/themes/CarMag_Revamp/css/ 6 KB
2 KB 587ms
582ms Stylesheet
text/css 172.67.216.21
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://dctboyojy.578333.xyz/wp-content/themes/CarMag_Revamp/css/magnific-gallery-styles.css?ver=1.0
Requested by: Host: cqty1.bhuefbfrvbn.workers.dev
URL: https://cqty1.bhuefbfrvbn.workers.dev/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.216.21 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 65d43fc1d47bdab6bb9a4f5add734f8b9d059f9e773c431a350b3804bfe38a7f

Request headers

Referer: https://cqty1.bhuefbfrvbn.workers.dev/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Mon, 08 Jul 2024 13:55:45 GMT
content-encoding: br
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-polished: origSize=7437
alt-svc: h3=":443"; ma=86400
cf-bgj: minify
last-modified: Thu, 17 Nov 2022 09:28:48 GMT
server: cloudflare
etag: W/"6375fed0-1d0d"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=XvgVIlaKOYCcFpQ9nZVXC8ZHYulUc4s5MelRb2%2FbjiL6p7IiOo9poW9kWOKYgblbdRrzF040lnzKe0s6b%2FDTTUORidRUF2w%2FrjNr14OwHjQzIQyH2HNk2As9yvfO9T0Uj7o6"}],"group":"cf-nel","max_age":604800}
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=14400
cf-ray: 8a0092dc9bf566c4-AMS

GET
H3 200 styles.min.css
dctboyojy.578333.xyz/wp-content/plugins/scroll-triggered-boxes/assets/css/ 1 KB
895 B 564ms
560ms Stylesheet
text/css 172.67.216.21
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://dctboyojy.578333.xyz/wp-content/plugins/scroll-triggered-boxes/assets/css/styles.min.css?ver=2.2.1
Requested by: Host: cqty1.bhuefbfrvbn.workers.dev
URL: https://cqty1.bhuefbfrvbn.workers.dev/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.216.21 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c1b0f6dee1e2b4b439e62daffe536db30431a1ca3d0628aa134b6ed7d689b91b

Request headers

Referer: https://cqty1.bhuefbfrvbn.workers.dev/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Mon, 08 Jul 2024 13:55:45 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Tue, 04 Jun 2024 11:17:00 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"665ef7ac-4f4"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=5CJtieWb0U9KjBSDyCGkBWGwl2Hr%2FIGNkJ38ywNJ1YJQtIDnxdSiglpmSUvCF5ikRVZ1C9YYfasr4mmhBYbvAyhpkJUzIc%2Fb9G5pisNgpuxxUXGz0nEhstHgUDBtzR33psrE"}],"group":"cf-nel","max_age":604800}
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=14400
cf-ray: 8a0092dc9bf666c4-AMS
alt-svc: h3=":443"; ma=86400

GET
H3 200 menufication.min.css
dctboyojy.578333.xyz/wp-content/plugins/menufication/css/ 29 KB
4 KB 754ms
750ms Stylesheet
text/css 172.67.216.21
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://dctboyojy.578333.xyz/wp-content/plugins/menufication/css/menufication.min.css?ver=6.5.2
Requested by: Host: cqty1.bhuefbfrvbn.workers.dev
URL: https://cqty1.bhuefbfrvbn.workers.dev/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.216.21 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f55c1dbc04d02e68da4ad12c1b703a08b9582e56154f5d18ee1ff792cf0648a0

Request headers

Referer: https://cqty1.bhuefbfrvbn.workers.dev/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Mon, 08 Jul 2024 13:55:45 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Thu, 17 Nov 2022 09:27:22 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"6375fe7a-723c"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=KDPVMYHF%2BZ90ZLTSK9J%2Fkt9ecj2%2FiHqW%2B3TB0lshdSWoBUaXvI0gBHLTfhLz3eY%2FJWRscD%2Be6EEpoSv8%2BiVXv%2BFiiHGT%2BCcB8ycSF2KVkvu6UCTHwv71P4osL4b0H6zvYlWw"}],"group":"cf-nel","max_age":604800}
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=14400
cf-ray: 8a0092dc9bf866c4-AMS
alt-svc: h3=":443"; ma=86400

GET
BLOB 200
OK 7ba9526a-7832-40a5-a6af-e66a9cce621f
https://cqty1.bhuefbfrvbn.workers.dev/ 1 KB
0 Other
text/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://cqty1.bhuefbfrvbn.workers.dev/7ba9526a-7832-40a5-a6af-e66a9cce621f
Requested by: Host: cqty1.bhuefbfrvbn.workers.dev
URL: https://cqty1.bhuefbfrvbn.workers.dev/
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 5b9f9afe7621ec465573f58064f5bef3a229e5e19362351168fd211f6a28bb5c

Request headers

Referer
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Content-Length: 1185
Content-Type: text/javascript

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 209 KB
75 KB 148ms
56ms Script
application/javascript 2a00:1450:4001:80b::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=UA-11411975-1

Requested by

Host: cqty1.bhuefbfrvbn.workers.dev
URL: https://cqty1.bhuefbfrvbn.workers.dev/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

7dec8257bc2f97f66b8e9b2bc91bb6b73304596fd9c0e6693dd857ffa1b23d9f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Referer: https://cqty1.bhuefbfrvbn.workers.dev/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Mon, 08 Jul 2024 13:55:44 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 76874
x-xss-protection: 0
last-modified: Mon, 08 Jul 2024 12:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Mon, 08 Jul 2024 13:55:44 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 270 KB
93 KB 148ms
56ms Script
application/javascript 2a00:1450:4001:80b::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=AW-981195317

Requested by

Host: cqty1.bhuefbfrvbn.workers.dev
URL: https://cqty1.bhuefbfrvbn.workers.dev/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

9efbb9bc93157ded8e59a37cc2c3786fe95706201a488692fdac00b8579662f1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Referer: https://cqty1.bhuefbfrvbn.workers.dev/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Mon, 08 Jul 2024 13:55:44 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 94731
x-xss-protection: 0
last-modified: Mon, 08 Jul 2024 12:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Mon, 08 Jul 2024 13:55:44 GMT

GET
H2 200 css2
fonts.googleapis.com/ 3 KB
746 B 98ms
33ms Stylesheet
text/css 2a00:1450:4001:803::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Arvo:wght@400;700&family=Roboto&display=swap

Requested by

Host: cqty1.bhuefbfrvbn.workers.dev
URL: https://cqty1.bhuefbfrvbn.workers.dev/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

4200e8df2c5f52c2bf9bd2f41ed424edd48c54b7534071a9e61f5ee4602b742f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://cqty1.bhuefbfrvbn.workers.dev/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Mon, 08 Jul 2024 13:55:43 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Mon, 08 Jul 2024 13:55:43 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Mon, 08 Jul 2024 13:55:43 GMT

GET
H2 200 css2
fonts.googleapis.com/ 7 KB
1 KB 95ms
31ms Stylesheet
text/css 2a00:1450:4001:803::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Roboto:wght@400;700;900&display=swap

Requested by

Host: cqty1.bhuefbfrvbn.workers.dev
URL: https://cqty1.bhuefbfrvbn.workers.dev/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

42e3aa6d662901ad9a1a467a06d2ea7514451ad93b1fda75bc093374aba78290

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://cqty1.bhuefbfrvbn.workers.dev/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Mon, 08 Jul 2024 13:55:43 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Mon, 08 Jul 2024 12:09:19 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Mon, 08 Jul 2024 13:55:43 GMT

GET
H3 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 159 KB
52 KB 186ms
72ms Script
text/javascript 172.217.18.2
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-7073370864490749

Requested by

Host: cqty1.bhuefbfrvbn.workers.dev
URL: https://cqty1.bhuefbfrvbn.workers.dev/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.18.2 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s22-in-f2.1e100.net

Software

cafe /

Resource Hash

e8ecef3343b1c3ef1af65add1ac283278f80aa021cdc4a12f746bd77bdc96c10

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://cqty1.bhuefbfrvbn.workers.dev/
Origin: https://cqty1.bhuefbfrvbn.workers.dev
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Mon, 08 Jul 2024 13:55:44 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 52912
x-xss-protection: 0
server: cafe
etag: 14277647853430856486
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
link: <https://googleads.g.doubleclick.net>; rel="preconnect"; crossorigin
expires: Mon, 08 Jul 2024 13:55:44 GMT

GET
H3 200 carmag-logo.svg
cqty1.bhuefbfrvbn.workers.dev/wp-content/uploads/logos/ 2 KB
1 KB 572ms
558ms Image
image/svg+xml 188.114.96.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cqty1.bhuefbfrvbn.workers.dev/wp-content/uploads/logos/carmag-logo.svg
Requested by: Host: cqty1.bhuefbfrvbn.workers.dev
URL: https://cqty1.bhuefbfrvbn.workers.dev/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: df2dbe77839fc3cb86552ed81b59456e25e95c65882976aa5fa7280e2f734f3a

Request headers

Referer: https://cqty1.bhuefbfrvbn.workers.dev/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Mon, 08 Jul 2024 13:55:45 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Fri, 02 Dec 2022 14:12:42 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"638a07da-7e5"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=eOdzPviCwRm%2BSkjjbbjztvTwUk4bEcS0cja1ItE%2FipMzOSobY1NMsa4oRAwVREhSRfPa%2FeGBBH9wCdnuj3%2BfihdI4ygxpIxjhgRZ%2Fj5egLU5t1Gxi2ikYUKtqt2QxUiVocP5"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=14400
cf-ray: 8a0092dc9d6806c0-AMS
alt-svc: h3=":443"; ma=86400

GET
H3 200 Land-Rover-Defender-110-AT35-By-Artic-Trucks-3-1536x1080-copy-832x499.webp
dctboyojy.578333.xyz/wp-content/uploads/2024/07/ 32 KB
33 KB 1258ms
1257ms Image
image/webp 172.67.216.21
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dctboyojy.578333.xyz/wp-content/uploads/2024/07/Land-Rover-Defender-110-AT35-By-Artic-Trucks-3-1536x1080-copy-832x499.webp
Requested by: Host: cqty1.bhuefbfrvbn.workers.dev
URL: https://cqty1.bhuefbfrvbn.workers.dev/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.216.21 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b9a5013374693c76df7c594affb3623b73d5df88bcbf925971e62186298ca9d2

Request headers

Referer: https://cqty1.bhuefbfrvbn.workers.dev/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Mon, 08 Jul 2024 13:55:45 GMT
cf-cache-status: MISS
last-modified: Mon, 08 Jul 2024 11:31:27 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "668bce0f-80d8"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Pc3O8QlC83GCDB6FDEBKwXwMqhlQ97BHnYDJD8al2qwEYxK%2Bk9elb4mey4ucjVWnD3lPdYv%2Fma%2Bj%2FVs0pZ6frJknu8sWojxNlg%2BxQcRGHHer2zU6G3tuXcUKrsCa%2FKQwYAa1"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
access-control-allow-origin: *
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 8a0092d85e1466c4-AMS
alt-svc: h3=":443"; ma=86400
content-length: 32984

GET
H3 200 TG_DSC1866.jpg-copy-407x230.webp
dctboyojy.578333.xyz/wp-content/uploads/2024/07/ 16 KB
16 KB 1104ms
1104ms Image
image/webp 172.67.216.21
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dctboyojy.578333.xyz/wp-content/uploads/2024/07/TG_DSC1866.jpg-copy-407x230.webp
Requested by: Host: cqty1.bhuefbfrvbn.workers.dev
URL: https://cqty1.bhuefbfrvbn.workers.dev/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.216.21 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a5149b5a78e38c4c320ad29c3da824fb90741c8baff03cb322895316467d1a96

Request headers

Referer: https://cqty1.bhuefbfrvbn.workers.dev/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Mon, 08 Jul 2024 13:55:45 GMT
cf-cache-status: MISS
last-modified: Mon, 08 Jul 2024 08:01:23 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "668b9cd3-3e66"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=iGoAL%2B6PY4Jh10jpazUpA%2B%2F%2B7XdD09DL%2BEp%2BYN284KXRHTNfGmc8j7WhBaXlu7jsEMzSifAsLU%2BKNARsTDzK7VGJ5NMrCEYWaEwusMSfiBfdnPa13uhH%2BFlH%2FQOjA7gGzYjy"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
access-control-allow-origin: *
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 8a0092d85e1666c4-AMS
alt-svc: h3=":443"; ma=86400
content-length: 15974

GET
H3 200 scenic-407x230.webp
dctboyojy.578333.xyz/wp-content/uploads/2024/07/ 17 KB
18 KB 1072ms
1070ms Image
image/webp 172.67.216.21
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dctboyojy.578333.xyz/wp-content/uploads/2024/07/scenic-407x230.webp
Requested by: Host: cqty1.bhuefbfrvbn.workers.dev
URL: https://cqty1.bhuefbfrvbn.workers.dev/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.216.21 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 28bfbe8a58027f433d124e1ded7ea900d08a5f73354359775626a9deed907386

Request headers

Referer: https://cqty1.bhuefbfrvbn.workers.dev/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Mon, 08 Jul 2024 13:55:45 GMT
cf-cache-status: MISS
last-modified: Sun, 07 Jul 2024 21:13:13 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "668b04e9-453c"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=oFI1R5H2WZv4GOSvMjAn3ErBhYQi3cNX1q1XOP4RIIWc8TYnPv8NCUFwpe4FvI0w%2BTzeV6N5ZRmcLc0AKgUXvBhKNnPwkHfoaI2Ofok2SUzUKe3b10rfWx0QxBhtglQLQKGj"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
access-control-allow-origin: *
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 8a0092dc8b8a66c4-AMS
alt-svc: h3=":443"; ma=86400
content-length: 17724

GET
H3 200 J-1-407x230.webp
dctboyojy.578333.xyz/wp-content/uploads/2024/05/ 22 KB
23 KB 1241ms
1238ms Image
image/webp 172.67.216.21
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dctboyojy.578333.xyz/wp-content/uploads/2024/05/J-1-407x230.webp
Requested by: Host: cqty1.bhuefbfrvbn.workers.dev
URL: https://cqty1.bhuefbfrvbn.workers.dev/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.216.21 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 30eba624890629f7fb30b4fc8a361b0dc3a7b161e9acf0330d2ac47bbf1006c3

Request headers

Referer: https://cqty1.bhuefbfrvbn.workers.dev/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Mon, 08 Jul 2024 13:55:45 GMT
cf-cache-status: MISS
last-modified: Wed, 22 May 2024 09:50:44 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "664dbff4-5824"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=0%2Fw9s9L1FNWKg0YjwCVPyV8OvGhRq6jbDUMx81XyqlIzdJ2lK7bQQJDdkIDPqWnZGcu0BOAWCNDuMpNcxDATYqH8eMFaIRpkCzjxyiRfjnBb4hZk1mYe4%2BWpU0Mhbn36NDw%2B"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
access-control-allow-origin: *
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 8a0092dc8b8c66c4-AMS
alt-svc: h3=":443"; ma=86400
content-length: 22564

GET
H3 200 Land-Rover-Defender-110-AT35-By-Artic-Trucks-3-1536x1080-copy-407x230.webp
dctboyojy.578333.xyz/wp-content/uploads/2024/07/ 11 KB
11 KB 874ms
874ms Image
image/webp 172.67.216.21
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dctboyojy.578333.xyz/wp-content/uploads/2024/07/Land-Rover-Defender-110-AT35-By-Artic-Trucks-3-1536x1080-copy-407x230.webp
Requested by: Host: cqty1.bhuefbfrvbn.workers.dev
URL: https://cqty1.bhuefbfrvbn.workers.dev/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.216.21 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 1d0bed49d934e674865b67fa29c984cba773316390c25a2831c88073da58dc2d

Request headers

Referer: https://cqty1.bhuefbfrvbn.workers.dev/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Mon, 08 Jul 2024 13:55:44 GMT
cf-cache-status: MISS
last-modified: Mon, 08 Jul 2024 11:31:29 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "668bce11-2b2a"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=hUYouZVPhReIKDTCkA4zWxUZdlc3rMtY%2BVg3IpK0t5DyYB2EhMOGPs2Yz%2FvrZaFvxwnJNYRuC2OANdhON74aUlSByT0TNSz6Ous13b2zM8L%2FXdzDhOpEZ6I1BBxjwOLHQkj5"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
access-control-allow-origin: *
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 8a0092d579a566c4-AMS
alt-svc: h3=":443"; ma=86400
content-length: 11050

GET
H3 200 Top-12-overall-winners-jpg.webp
dctboyojy.578333.xyz/wp-content/uploads/2023/11/ 159 KB
160 KB 1617ms
1603ms Image
image/webp 172.67.216.21
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dctboyojy.578333.xyz/wp-content/uploads/2023/11/Top-12-overall-winners-jpg.webp
Requested by: Host: cqty1.bhuefbfrvbn.workers.dev
URL: https://cqty1.bhuefbfrvbn.workers.dev/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.216.21 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5ad9bd21fb6717d406acb28c063cb8ff0969564cb1c3cf5089496f2ea4f0fbb1

Request headers

Referer: https://cqty1.bhuefbfrvbn.workers.dev/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Mon, 08 Jul 2024 13:55:46 GMT
cf-cache-status: MISS
last-modified: Tue, 07 Nov 2023 13:03:01 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "654a3585-27d12"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=LrH3z1guGRXPrUf3NZVWg3KKFFCAQ6a7r47v3ivEZrHx7%2BLU1jQvnSTGURFGvKiiqcbZ8SHcv0hsbV8hZhSVilKNIDoIl6ib4ItnKAd6QAbHnfBzPUGAgqYgBs5%2FuPigaS75"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
access-control-allow-origin: *
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 8a0092dc9bbe66c4-AMS
alt-svc: h3=":443"; ma=86400
content-length: 163090

GET
H3 200 carmag-locate-dealer.png
dctboyojy.578333.xyz/wp-content/themes/CarMag_Revamp/images/ 1 KB
2 KB 554ms
540ms Image
image/png 172.67.216.21
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dctboyojy.578333.xyz/wp-content/themes/CarMag_Revamp/images/carmag-locate-dealer.png
Requested by: Host: cqty1.bhuefbfrvbn.workers.dev
URL: https://cqty1.bhuefbfrvbn.workers.dev/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.216.21 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 754eb49a3151007ffe99db087e166fc6637651c12f614ac8696fbe76e7dca78e

Request headers

Referer: https://cqty1.bhuefbfrvbn.workers.dev/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Mon, 08 Jul 2024 13:55:45 GMT
cf-cache-status: MISS
last-modified: Thu, 17 Nov 2022 09:28:50 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "6375fed2-54c"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=ZNvAxevIvz5yqBcUmDDBpaT4gFWEtk1GxGZc1HOHU3Nndf1iB2J1ESasaCnJ%2BPeoJug5urhKnnwWUoO8hMTRCl15uY6LbNDHOpr1fJW6OkI3V2aMPkS6rPrc0xYTKwm4RH2a"}],"group":"cf-nel","max_age":604800}
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 8a0092dc9bbf66c4-AMS
alt-svc: h3=":443"; ma=86400
content-length: 1356

GET
H3 200 1-5-407x230.webp
dctboyojy.578333.xyz/wp-content/uploads/2024/07/ 25 KB
26 KB 1234ms
1221ms Image
image/webp 172.67.216.21
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dctboyojy.578333.xyz/wp-content/uploads/2024/07/1-5-407x230.webp
Requested by: Host: cqty1.bhuefbfrvbn.workers.dev
URL: https://cqty1.bhuefbfrvbn.workers.dev/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.216.21 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0f92e4e91880af852e0f5d85dec5e0bd99a3452bb57cb9843735b5075a86f385

Request headers

Referer: https://cqty1.bhuefbfrvbn.workers.dev/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Mon, 08 Jul 2024 13:55:45 GMT
cf-cache-status: MISS
last-modified: Fri, 05 Jul 2024 13:32:31 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "6687f5ef-6550"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=KGcmICWtMh5zTFSAheuF21Pj%2BvC7mWZ6EBUi5Wv7f%2B6JWGdAlO86dfkBlDokwjI8GrjIBRqlAump1cwHsWxSBLugzgQ%2FeCaSP%2BqktUjdRUBq4C4lGNMRmOJ4Okpe2V8Pv2kD"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
access-control-allow-origin: *
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 8a0092dc9bc166c4-AMS
alt-svc: h3=":443"; ma=86400
content-length: 25936

GET
H3 200 Toyota-Hilux-Hybrid-156-407x230.webp
dctboyojy.578333.xyz/wp-content/uploads/2024/06/ 12 KB
13 KB 952ms
938ms Image
image/webp 172.67.216.21
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dctboyojy.578333.xyz/wp-content/uploads/2024/06/Toyota-Hilux-Hybrid-156-407x230.webp
Requested by: Host: cqty1.bhuefbfrvbn.workers.dev
URL: https://cqty1.bhuefbfrvbn.workers.dev/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.216.21 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ba502317dc356ef143de5cd60838339f7dc5f235d5441b9fb5eb4c15855c6f69

Request headers

Referer: https://cqty1.bhuefbfrvbn.workers.dev/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Mon, 08 Jul 2024 13:55:45 GMT
cf-cache-status: MISS
last-modified: Fri, 28 Jun 2024 10:28:14 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "667e903e-3048"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=KS0J3z9liAZlQr2GsBrlnQO8cy1Ua1OOLUfMeBE6ie5Eh3gnBu4Y%2Fmr2SeCpTvgxXdfkvNJOu8EcbzUsn3BSalAkwJH%2FD3cace0paIIEVBoFqWr7unWRheJ%2B7zPc9lwhQXxX"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
access-control-allow-origin: *
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 8a0092dc9bc566c4-AMS
alt-svc: h3=":443"; ma=86400
content-length: 12360

GET
H3 200 F-3-3-407x230.webp
dctboyojy.578333.xyz/wp-content/uploads/2024/06/ 9 KB
10 KB 952ms
939ms Image
image/webp 172.67.216.21
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dctboyojy.578333.xyz/wp-content/uploads/2024/06/F-3-3-407x230.webp
Requested by: Host: cqty1.bhuefbfrvbn.workers.dev
URL: https://cqty1.bhuefbfrvbn.workers.dev/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.216.21 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3a05703fc249f3bf3f44cb427cfbfbd8460c05692880495ef7f62db393218156

Request headers

Referer: https://cqty1.bhuefbfrvbn.workers.dev/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Mon, 08 Jul 2024 13:55:45 GMT
cf-cache-status: MISS
last-modified: Thu, 20 Jun 2024 18:09:15 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "6674704b-2468"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=3yLQg8LQnG8eFC3Xwbqb4pdqILXsc2OCz7TrqCUKTlKlV0MHBpJlHklV1tlVY%2F0fKnDr%2BJ90lQ4FSNxjFjMYorwSDsZfDRawCD0LS8XuctjVlbmSdWFn0dFmhLPX%2Fzt5wbHt"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
access-control-allow-origin: *
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 8a0092dc9bc666c4-AMS
alt-svc: h3=":443"; ma=86400
content-length: 9320

GET
H3 200 H-5-1-407x230.webp
dctboyojy.578333.xyz/wp-content/uploads/2024/06/ 21 KB
22 KB 1232ms
1220ms Image
image/webp 172.67.216.21
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dctboyojy.578333.xyz/wp-content/uploads/2024/06/H-5-1-407x230.webp
Requested by: Host: cqty1.bhuefbfrvbn.workers.dev
URL: https://cqty1.bhuefbfrvbn.workers.dev/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.216.21 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a3c900b1f74a688dce1d47b538040ea7c8b243ae8a3e25de58482041b6feb2b8

Request headers

Referer: https://cqty1.bhuefbfrvbn.workers.dev/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Mon, 08 Jul 2024 13:55:45 GMT
cf-cache-status: MISS
last-modified: Thu, 20 Jun 2024 18:08:35 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "66747023-55c6"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=OSE3Bny9me%2FVqTSCMi18%2F2%2F6LCO7ZbxmmrsSciY%2BUW%2BERrpd5WQwsutI3%2B2J4VGvaEz1Lcmi33YEzqrr0XF3IWZW58LGu7Av58I6BMGqBNtcnLkfzIXvewDlUB6b0hkxzJax"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
access-control-allow-origin: *
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 8a0092dc9bc766c4-AMS
alt-svc: h3=":443"; ma=86400
content-length: 21958

GET
H3 200 Tunnel-Exterior-1-407x230.webp
dctboyojy.578333.xyz/wp-content/uploads/2024/06/ 12 KB
13 KB 950ms
939ms Image
image/webp 172.67.216.21
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dctboyojy.578333.xyz/wp-content/uploads/2024/06/Tunnel-Exterior-1-407x230.webp
Requested by: Host: cqty1.bhuefbfrvbn.workers.dev
URL: https://cqty1.bhuefbfrvbn.workers.dev/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.216.21 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 744267d0ad832cbc545f4f9bd5cecd0cf51a0ed600fcca68883255dd0fc55591

Request headers

Referer: https://cqty1.bhuefbfrvbn.workers.dev/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Mon, 08 Jul 2024 13:55:45 GMT
cf-cache-status: MISS
last-modified: Thu, 20 Jun 2024 07:01:28 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "6673d3c8-30e8"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=3oidwHqJqivx0kZu47kUC5wGnDwfinYS1P0qwo6LnbS3a3BOmOBEri%2FH6HE3tZd%2BveY%2F1LALQgqcArexpANTJr97CcLtMZNkyv4eDq6fAb%2FCjzw%2F1fz63AeytKtM%2BS0VQiUw"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
access-control-allow-origin: *
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 8a0092dc9bc966c4-AMS
alt-svc: h3=":443"; ma=86400
content-length: 12520

GET
H3 200 3-5-407x230.webp
dctboyojy.578333.xyz/wp-content/uploads/2024/06/ 14 KB
14 KB 975ms
963ms Image
image/webp 172.67.216.21
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dctboyojy.578333.xyz/wp-content/uploads/2024/06/3-5-407x230.webp
Requested by: Host: cqty1.bhuefbfrvbn.workers.dev
URL: https://cqty1.bhuefbfrvbn.workers.dev/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.216.21 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 038bd21e20a795956bc2d76c39c26c38247beb41cb859a05aaea1c76e027ebae

Request headers

Referer: https://cqty1.bhuefbfrvbn.workers.dev/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Mon, 08 Jul 2024 13:55:45 GMT
cf-cache-status: MISS
last-modified: Thu, 20 Jun 2024 07:55:59 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "6673e08f-3656"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=gnte11TYGJR5sgBygtF3k3rE5eX8r%2BP26nIgVU2q844nmT8uVCHec4D3mh1VjEfkGnfr0AGd4ZZb4lxt3RVi94pzGP3V7vRBP2RdvcK8kC%2B04iccaWlU58vsR6S2o%2B6pDV4i"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
access-control-allow-origin: *
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 8a0092dc9bcb66c4-AMS
alt-svc: h3=":443"; ma=86400
content-length: 13910

GET
H3 200 PP-2-407x230.webp
dctboyojy.578333.xyz/wp-content/uploads/2024/06/ 14 KB
14 KB 1119ms
1107ms Image
image/webp 172.67.216.21
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dctboyojy.578333.xyz/wp-content/uploads/2024/06/PP-2-407x230.webp
Requested by: Host: cqty1.bhuefbfrvbn.workers.dev
URL: https://cqty1.bhuefbfrvbn.workers.dev/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.216.21 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ee243c73addc0685d8bf52fe27cf4483488a8445f727e1cd4ddc3bd0fda866f1

Request headers

Referer: https://cqty1.bhuefbfrvbn.workers.dev/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Mon, 08 Jul 2024 13:55:45 GMT
cf-cache-status: MISS
last-modified: Thu, 13 Jun 2024 16:36:28 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "666b200c-37cc"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Z99SK8NPldFNaiQDMPgXj2Kw2AtnJIZ8z5H%2BSWYLmEbmyVufyEAVUyYWSkXBL5rQfaqbAbDPJh2HDA%2Ftb3l67RrkiDCDBJSySSdxNQVidWaG3KFemkcO1iLNp2YSortab9F0"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
access-control-allow-origin: *
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 8a0092dc9bcc66c4-AMS
alt-svc: h3=":443"; ma=86400
content-length: 14284

GET
H3 200 VV-1-407x230.webp
dctboyojy.578333.xyz/wp-content/uploads/2024/06/ 10 KB
10 KB 940ms
929ms Image
image/webp 172.67.216.21
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dctboyojy.578333.xyz/wp-content/uploads/2024/06/VV-1-407x230.webp
Requested by: Host: cqty1.bhuefbfrvbn.workers.dev
URL: https://cqty1.bhuefbfrvbn.workers.dev/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.216.21 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: fa8d490fd9b2d65029f9c3ffd4e5fc299fbb9e4e3106c03adf81d24e9973d378

Request headers

Referer: https://cqty1.bhuefbfrvbn.workers.dev/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Mon, 08 Jul 2024 13:55:45 GMT
cf-cache-status: MISS
last-modified: Tue, 11 Jun 2024 15:15:55 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "66686a2b-2680"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=midHu2ismfhHGzbLfFL5g4Dv29ozL4oggEFFW8jL8jpD75tjFqTjEHDIrphI0VipwdPQVkwJxa5IFYYU%2F6iQ08bH5OV%2FZwOaeLX6LkRj9bnnOKlv12EjGGA40dpPicZVg%2BTr"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
access-control-allow-origin: *
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 8a0092dc9bcd66c4-AMS
alt-svc: h3=":443"; ma=86400
content-length: 9856

GET
H3 200 20240321car-8-407x230.webp
dctboyojy.578333.xyz/wp-content/uploads/2024/06/ 11 KB
11 KB 980ms
969ms Image
image/webp 172.67.216.21
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dctboyojy.578333.xyz/wp-content/uploads/2024/06/20240321car-8-407x230.webp
Requested by: Host: cqty1.bhuefbfrvbn.workers.dev
URL: https://cqty1.bhuefbfrvbn.workers.dev/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.216.21 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: fc609c8f86bcf6bdcdbb981b7cd50421337712a899c0e0ab721d152406245314

Request headers

Referer: https://cqty1.bhuefbfrvbn.workers.dev/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Mon, 08 Jul 2024 13:55:45 GMT
cf-cache-status: MISS
last-modified: Tue, 11 Jun 2024 09:12:09 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "666814e9-2bc2"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=m%2F9UMAFQV%2FJxS5vKWXv5b0L0mfu7O4tdhcepcoRV1YwrHL8rA4bXWyqLIhLDB4lK7687h0zEbc4C6rKIckKGZVkG4%2B7OwPAPeYGKJ6yGWTkmX3Rc9vgpy12N47VP%2B%2BqrwmXz"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
access-control-allow-origin: *
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 8a0092dc9bcf66c4-AMS
alt-svc: h3=":443"; ma=86400
content-length: 11202

GET
H3 200 Countryman_1-407x230.webp
dctboyojy.578333.xyz/wp-content/uploads/2024/06/ 15 KB
15 KB 1169ms
1158ms Image
image/webp 172.67.216.21
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dctboyojy.578333.xyz/wp-content/uploads/2024/06/Countryman_1-407x230.webp
Requested by: Host: cqty1.bhuefbfrvbn.workers.dev
URL: https://cqty1.bhuefbfrvbn.workers.dev/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.216.21 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 9f83d55dba8d6d1b574e5c34d4bca4548520c8fdaefcf860f44af33ca0258b11

Request headers

Referer: https://cqty1.bhuefbfrvbn.workers.dev/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Mon, 08 Jul 2024 13:55:45 GMT
cf-cache-status: MISS
last-modified: Tue, 11 Jun 2024 14:02:28 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "666858f4-3ad0"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=JwMxZ6Zls8Gif5BVWXye0F3zujpasAWtBe3LfECAkLVbWtSZhz5pxWZbGQ0W74AiKYgu6zT1bdOxQWI0jklCTSWufrC4tHws1iZFOvD9XAfXYtLnJ%2FTqIc4mTyrIw%2B%2FUb5sy"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
access-control-allow-origin: *
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 8a0092dc9bd066c4-AMS
alt-svc: h3=":443"; ma=86400
content-length: 15056

GET
H3 200 00E50A0F-EDD8-48C8-AEF3-9C0FBBB86EC8_1_201_a-832x499.webp
dctboyojy.578333.xyz/wp-content/uploads/2024/07/ 58 KB
59 KB 1578ms
1567ms Image
image/webp 172.67.216.21
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dctboyojy.578333.xyz/wp-content/uploads/2024/07/00E50A0F-EDD8-48C8-AEF3-9C0FBBB86EC8_1_201_a-832x499.webp
Requested by: Host: cqty1.bhuefbfrvbn.workers.dev
URL: https://cqty1.bhuefbfrvbn.workers.dev/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.216.21 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b9c8443e144d95f5b8823da366dd8dae7ca048aef8a795f2409549a64f3e3952

Request headers

Referer: https://cqty1.bhuefbfrvbn.workers.dev/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Mon, 08 Jul 2024 13:55:46 GMT
cf-cache-status: MISS
last-modified: Wed, 03 Jul 2024 12:57:30 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "66854aba-e9da"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=9yiQ8NTQrlLp3t1R9fbGj9PmyLSZCrp%2B7uHkVqy75D5Td2biDFqkh52EvZUBEBZo4ZHs24MmqxHGBrCHDB%2FDKksezZpeBEZe6VH29Frt1f1vvsCRhnn4f5CRVDWr6Z8nXUR%2B"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
access-control-allow-origin: *
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 8a0092dc9bd166c4-AMS
alt-svc: h3=":443"; ma=86400
content-length: 59866

GET
H3 200 CC-1-1-407x230.webp
dctboyojy.578333.xyz/wp-content/uploads/2024/06/ 17 KB
18 KB 1162ms
1152ms Image
image/webp 172.67.216.21
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dctboyojy.578333.xyz/wp-content/uploads/2024/06/CC-1-1-407x230.webp
Requested by: Host: cqty1.bhuefbfrvbn.workers.dev
URL: https://cqty1.bhuefbfrvbn.workers.dev/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.216.21 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5012542ef03c024f84bb5d2b0413fa110fd14533fb2a6473cd264b4df145cd44

Request headers

Referer: https://cqty1.bhuefbfrvbn.workers.dev/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Mon, 08 Jul 2024 13:55:45 GMT
cf-cache-status: MISS
last-modified: Wed, 26 Jun 2024 19:14:04 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "667c687c-44dc"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=41wT0wJTauRNjPngZEYWzkJJnlWM%2FW6E85n3Z%2FNfTFIuvhmdvUdQEt4Ji4MrB0%2BXoOS0fSNy3MBpEHPxWhCn1kUb6sWXr98pTthG6cdDXH0DYiHTiEu8O5%2B%2BtV6tFbKwBfwl"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
access-control-allow-origin: *
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 8a0092dc9bd266c4-AMS
alt-svc: h3=":443"; ma=86400
content-length: 17628

GET
H3 200 Untitled-design-58-407x230.webp
dctboyojy.578333.xyz/wp-content/uploads/2024/06/ 16 KB
16 KB 1168ms
1158ms Image
image/webp 172.67.216.21
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dctboyojy.578333.xyz/wp-content/uploads/2024/06/Untitled-design-58-407x230.webp
Requested by: Host: cqty1.bhuefbfrvbn.workers.dev
URL: https://cqty1.bhuefbfrvbn.workers.dev/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.216.21 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8bb57fcb37c5f411c45ac7ceef54cebe0e8550e0f766052e6f001b64f279f3ce

Request headers

Referer: https://cqty1.bhuefbfrvbn.workers.dev/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Mon, 08 Jul 2024 13:55:45 GMT
cf-cache-status: MISS
last-modified: Mon, 24 Jun 2024 09:01:43 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "667935f7-3e3e"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=y1kMXHawlMGcFWsGbfON2mzQYOnvJfI%2B158Mk18o40eQcpkLxluEg08CuCAkwYd5m4NK%2B17iYhX%2Fo%2FQDJRCSOELgeSGEOm57Kg2wEyu9dHfvFQQntqpwsjvPJmnCJdDeW3Rn"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
access-control-allow-origin: *
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 8a0092dc9bd566c4-AMS
alt-svc: h3=":443"; ma=86400
content-length: 15934

GET
H3 200 maxresdefault-407x230.webp
dctboyojy.578333.xyz/wp-content/uploads/2024/06/ 24 KB
24 KB 1228ms
1218ms Image
image/webp 172.67.216.21
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dctboyojy.578333.xyz/wp-content/uploads/2024/06/maxresdefault-407x230.webp
Requested by: Host: cqty1.bhuefbfrvbn.workers.dev
URL: https://cqty1.bhuefbfrvbn.workers.dev/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.216.21 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 50af957b9bedb343bf0cea4f4dc08b16aef7861d2890324adea73189105cd978

Request headers

Referer: https://cqty1.bhuefbfrvbn.workers.dev/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Mon, 08 Jul 2024 13:55:45 GMT
cf-cache-status: MISS
last-modified: Tue, 18 Jun 2024 12:16:12 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "66717a8c-5e28"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=tVKUAeW6oWMwHbz2xQWa9YKZJu30bKTSS9Eu5vvEVg1w2mrOSrZfowMMnv1JwSTBVQgrZDgT%2B7IRUGcz%2FJtA45Pc5D%2F%2FDogBdfZc%2B75YVqPdjNKjk%2BAKKrcwLfXU%2FB4coApW"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
access-control-allow-origin: *
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 8a0092dc9bd666c4-AMS
alt-svc: h3=":443"; ma=86400
content-length: 24104

GET
H3 200 B-1-407x230.webp
dctboyojy.578333.xyz/wp-content/uploads/2024/06/ 16 KB
17 KB 1173ms
1165ms Image
image/webp 172.67.216.21
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dctboyojy.578333.xyz/wp-content/uploads/2024/06/B-1-407x230.webp
Requested by: Host: cqty1.bhuefbfrvbn.workers.dev
URL: https://cqty1.bhuefbfrvbn.workers.dev/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.216.21 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5473248018f348cf42cd64f7768873a9b3deac3ca579e8c3a9d69feb0a4deb3b

Request headers

Referer: https://cqty1.bhuefbfrvbn.workers.dev/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Mon, 08 Jul 2024 13:55:45 GMT
cf-cache-status: MISS
last-modified: Mon, 03 Jun 2024 08:10:10 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "665d7a62-4038"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=nQdcXtZn%2BjqPCFzL1q0UW39X%2BjGN%2B5kRpO7c7TglmSGjsJIXdmkxpCaMfOY%2BQkUTe1S9wabrUpTFmWQgyoBtHwSLFEUpjSwXxK4JScGsG5pro5%2Fmw7mDNEHNWDHyjdbb6d%2Bs"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
access-control-allow-origin: *
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 8a0092dc9bda66c4-AMS
alt-svc: h3=":443"; ma=86400
content-length: 16440

GET
H3 200 carmag-car-compare.png
dctboyojy.578333.xyz/wp-content/themes/CarMag_Revamp/images/ 1 KB
2 KB 547ms
539ms Image
image/png 172.67.216.21
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dctboyojy.578333.xyz/wp-content/themes/CarMag_Revamp/images/carmag-car-compare.png
Requested by: Host: cqty1.bhuefbfrvbn.workers.dev
URL: https://cqty1.bhuefbfrvbn.workers.dev/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.216.21 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 754eb49a3151007ffe99db087e166fc6637651c12f614ac8696fbe76e7dca78e

Request headers

Referer: https://cqty1.bhuefbfrvbn.workers.dev/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Mon, 08 Jul 2024 13:55:45 GMT
cf-cache-status: MISS
last-modified: Thu, 17 Nov 2022 09:28:50 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "6375fed2-54c"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=dk%2FHX9CXmnJ9lxVQhqZiSLf2X9ozjym0zm%2Fdi2WZxSNaWb8Iu9WhloAuSQa4deLMNl6vjvriuZIYnrSyjzxS2MDsZ7f%2FZOTQOSkamjJS3thXHrh3f%2BTvujMuIz5DL8S9SZ0y"}],"group":"cf-nel","max_age":604800}
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 8a0092dc9bdc66c4-AMS
alt-svc: h3=":443"; ma=86400
content-length: 1356

GET
H3 200 aqcs7zpv8bkyvoitifje-copy-407x230.webp
dctboyojy.578333.xyz/wp-content/uploads/2024/05/ 17 KB
18 KB 1164ms
1156ms Image
image/webp 172.67.216.21
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dctboyojy.578333.xyz/wp-content/uploads/2024/05/aqcs7zpv8bkyvoitifje-copy-407x230.webp
Requested by: Host: cqty1.bhuefbfrvbn.workers.dev
URL: https://cqty1.bhuefbfrvbn.workers.dev/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.216.21 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 16e665c3ab8d60d214580dbdce0cd84d27cdad903593a86574d230efe90c4952

Request headers

Referer: https://cqty1.bhuefbfrvbn.workers.dev/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Mon, 08 Jul 2024 13:55:45 GMT
cf-cache-status: MISS
last-modified: Tue, 21 May 2024 11:59:23 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "664c8c9b-4522"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=rzMnlghVv0rnalLgAeXuTLNlxKGmGIMRdwPYBwblRkodIib76KqJyZjiZdNYu9fI7rBA2%2BjWjHcUaySY9c%2B0mphe0E5UT%2FdeQjcECCJagWf5OmYFl0u3KIIvsiPO52ji1DuD"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
access-control-allow-origin: *
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 8a0092dc9bdd66c4-AMS
alt-svc: h3=":443"; ma=86400
content-length: 17698

GET
H3 200 P-6-407x230.webp
dctboyojy.578333.xyz/wp-content/uploads/2024/05/ 14 KB
14 KB 970ms
962ms Image
image/webp 172.67.216.21
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dctboyojy.578333.xyz/wp-content/uploads/2024/05/P-6-407x230.webp
Requested by: Host: cqty1.bhuefbfrvbn.workers.dev
URL: https://cqty1.bhuefbfrvbn.workers.dev/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.216.21 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: dc61af77cc90e826ea655c43ef6ff9e28bd219e02ce269c60ddb4dc57ca741dd

Request headers

Referer: https://cqty1.bhuefbfrvbn.workers.dev/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Mon, 08 Jul 2024 13:55:45 GMT
cf-cache-status: MISS
last-modified: Wed, 29 May 2024 11:48:10 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "665715fa-36a8"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=P8%2BtrFqrr7fRPWS3ztT9N4Ut4SWO2vwSv3IA8Q%2Bd3I2s0G5hH9IBkqPBNXtt4jUNKT2ImAoMxyZ0CaaJ0s%2FUk59kM0wXNlXHBL9MSUNUVRypChTtOytL8s3wKIcQXjwwnIhi"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
access-control-allow-origin: *
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 8a0092dc9bde66c4-AMS
alt-svc: h3=":443"; ma=86400
content-length: 13992

GET
H3 200 20240502car-1-407x230.webp
dctboyojy.578333.xyz/wp-content/uploads/2024/05/ 19 KB
20 KB 1211ms
1204ms Image
image/webp 172.67.216.21
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dctboyojy.578333.xyz/wp-content/uploads/2024/05/20240502car-1-407x230.webp
Requested by: Host: cqty1.bhuefbfrvbn.workers.dev
URL: https://cqty1.bhuefbfrvbn.workers.dev/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.216.21 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f678ed2950ff009ba4f69d27138a40f8e926a177618583a04195774cb2ffc0c6

Request headers

Referer: https://cqty1.bhuefbfrvbn.workers.dev/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Mon, 08 Jul 2024 13:55:45 GMT
cf-cache-status: MISS
last-modified: Fri, 24 May 2024 10:09:05 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "66506741-4c8e"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Z%2B9eeD96sOzddF5zAI3wz%2BG3G9VDZKfBBmXWlHywXXnLpj%2BPbO3dbITwtvn7W0%2Bm1KI2MHuKFBx2PYtUOBVZP0LTBwB2syfrbZyKTnj%2FL4bZUNZ%2BjSfFk%2BSX%2Frt%2BzFFAwPN3"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
access-control-allow-origin: *
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 8a0092dc9bdf66c4-AMS
alt-svc: h3=":443"; ma=86400
content-length: 19598

GET
H3 200 LDV-1-1-407x230.webp
dctboyojy.578333.xyz/wp-content/uploads/2024/05/ 14 KB
15 KB 1160ms
1153ms Image
image/webp 172.67.216.21
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dctboyojy.578333.xyz/wp-content/uploads/2024/05/LDV-1-1-407x230.webp
Requested by: Host: cqty1.bhuefbfrvbn.workers.dev
URL: https://cqty1.bhuefbfrvbn.workers.dev/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.216.21 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5cd160f0761224389d0794a6ba6838ba8c260a15bb32ab82d20e8d8cddaf849b

Request headers

Referer: https://cqty1.bhuefbfrvbn.workers.dev/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Mon, 08 Jul 2024 13:55:45 GMT
cf-cache-status: MISS
last-modified: Thu, 23 May 2024 15:15:38 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "664f5d9a-39a8"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=umBIp2oty3CTtAaCmVUHjXi3M2Pb9%2BH8lk4RZsLHsoaWB%2BWoGuMoq8ww2RiS9LIJIMliQgenUABySxy7yIK5Ik%2BSs13LyT5Vo2gusUZr6ovWQlSeFYj3K8HwMwPrGRvG7%2Bhx"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
access-control-allow-origin: *
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 8a0092dc9be066c4-AMS
alt-svc: h3=":443"; ma=86400
content-length: 14760

GET
H3 200 S-4-407x230.webp
dctboyojy.578333.xyz/wp-content/uploads/2024/05/ 10 KB
11 KB 969ms
962ms Image
image/webp 172.67.216.21
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dctboyojy.578333.xyz/wp-content/uploads/2024/05/S-4-407x230.webp
Requested by: Host: cqty1.bhuefbfrvbn.workers.dev
URL: https://cqty1.bhuefbfrvbn.workers.dev/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.216.21 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3caea22bb39112951c5f10b8c6b94149f08e48dcbe3b23619adf6a02bc8e2da7

Request headers

Referer: https://cqty1.bhuefbfrvbn.workers.dev/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Mon, 08 Jul 2024 13:55:45 GMT
cf-cache-status: MISS
last-modified: Thu, 16 May 2024 09:59:42 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "6645d90e-2944"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=ItK27J2jnwqcYnBnG1H%2FLMEXcUNHB144lSNfS7baQ%2FsQynhYjmIRuKXYf0EgncGwmp0FpO4V8C%2FrVHsDqfK%2BOsAgW%2FF%2BVCiqKE50ej1T5YGxKfvGgm%2BrZ7%2FOtL3MdNFXCiNE"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
access-control-allow-origin: *
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 8a0092dc9be266c4-AMS
alt-svc: h3=":443"; ma=86400
content-length: 10564

GET
H3 200 RR-3-407x230.webp
dctboyojy.578333.xyz/wp-content/uploads/2024/05/ 10 KB
11 KB 975ms
968ms Image
image/webp 172.67.216.21
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dctboyojy.578333.xyz/wp-content/uploads/2024/05/RR-3-407x230.webp
Requested by: Host: cqty1.bhuefbfrvbn.workers.dev
URL: https://cqty1.bhuefbfrvbn.workers.dev/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.216.21 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 78fbbffad8fe3133860095eb3648454c538d8343c106df9da38c0255c233457a

Request headers

Referer: https://cqty1.bhuefbfrvbn.workers.dev/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Mon, 08 Jul 2024 13:55:45 GMT
cf-cache-status: MISS
last-modified: Thu, 16 May 2024 09:47:34 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "6645d636-29c8"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=gS1CbFEdNjtCQtqHWz2jrsiuoeI6YCY5xBYqC1dq%2FdoQOJiyWXS0X6sDoy4ptCzOTxH5GqWF8CfwZMcu9N6s%2Bo25fUSQAeee4bC5TV0gAqQbDNgnBFA9I4LNY1Co%2F07jsmLl"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
access-control-allow-origin: *
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 8a0092dc9be366c4-AMS
alt-svc: h3=":443"; ma=86400
content-length: 10696

GET
H3 200 T-2-407x230.webp
dctboyojy.578333.xyz/wp-content/uploads/2024/05/ 22 KB
22 KB 1195ms
1188ms Image
image/webp 172.67.216.21
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dctboyojy.578333.xyz/wp-content/uploads/2024/05/T-2-407x230.webp
Requested by: Host: cqty1.bhuefbfrvbn.workers.dev
URL: https://cqty1.bhuefbfrvbn.workers.dev/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.216.21 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6165e152a8800f0fac70adf9d459535cee60a2fb561c98f87db892d973c911e8

Request headers

Referer: https://cqty1.bhuefbfrvbn.workers.dev/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Mon, 08 Jul 2024 13:55:45 GMT
cf-cache-status: MISS
last-modified: Thu, 16 May 2024 09:26:16 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "6645d138-5664"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=YCu%2B%2BpBv99o8env%2FGNVdf2lpmi0%2BnYwlIcVO3P9%2BMOJLFSXbld3hRB1QlfswflmBC7ESJGM2QtXpJTja8Mq39sJjZ4d0Y1jo4rM6qxUr17oYGLC8N5n4BmT8sjbavhIfNIfk"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
access-control-allow-origin: *
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 8a0092dc9be566c4-AMS
alt-svc: h3=":443"; ma=86400
content-length: 22116

GET
H3 200 B-2-1-407x230.webp
dctboyojy.578333.xyz/wp-content/uploads/2024/05/ 27 KB
27 KB 1320ms
1313ms Image
image/webp 172.67.216.21
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dctboyojy.578333.xyz/wp-content/uploads/2024/05/B-2-1-407x230.webp
Requested by: Host: cqty1.bhuefbfrvbn.workers.dev
URL: https://cqty1.bhuefbfrvbn.workers.dev/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.216.21 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a26e6e117c00f30f956ccd72eb6af343ca68e42e10be4800ccbfe8abf96d32df

Request headers

Referer: https://cqty1.bhuefbfrvbn.workers.dev/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Mon, 08 Jul 2024 13:55:46 GMT
cf-cache-status: MISS
last-modified: Thu, 16 May 2024 09:12:48 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "6645ce10-6a54"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=OSbnvmqu615CYVULNSCUW2D1oeOe%2Fy2HeP7w1ohZnCwyrcJdUVQBk2BqETt4cU2mkpCzT4Sv%2BE7Xm%2B0c9ePvMgykVo6Gsxmlj5G53aotXncETdxh6xACcRgR0IUycL7iN%2F%2BW"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
access-control-allow-origin: *
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 8a0092dc9be966c4-AMS
alt-svc: h3=":443"; ma=86400
content-length: 27220

GET
H3 200 M-5-407x230.webp
dctboyojy.578333.xyz/wp-content/uploads/2024/05/ 20 KB
20 KB 1085ms
1078ms Image
image/webp 172.67.216.21
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dctboyojy.578333.xyz/wp-content/uploads/2024/05/M-5-407x230.webp
Requested by: Host: cqty1.bhuefbfrvbn.workers.dev
URL: https://cqty1.bhuefbfrvbn.workers.dev/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.216.21 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c946c4a4f654d511da76e9710ad22adc8fe9b5e9f424b14ce4a2265923c98802

Request headers

Referer: https://cqty1.bhuefbfrvbn.workers.dev/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Mon, 08 Jul 2024 13:55:45 GMT
cf-cache-status: MISS
last-modified: Thu, 16 May 2024 08:58:02 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "6645ca9a-4f1c"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=kiSY9leZZ4MRYvcb4jc2K7Dk3RnCVIMLtlrZ5ScBogAoJP%2BZw4v3btSZTcI%2Fa9Rs5geboqUvVN8h4Z74IZAg2s8Bb6fXSP8f8k6vUn3JNFTLrJ70alfU6KywoMPN7KRpa7kd"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
access-control-allow-origin: *
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 8a0092dc9bea66c4-AMS
alt-svc: h3=":443"; ma=86400
content-length: 20252

GET
H3 200 habari-footer-logo-2.png
dctboyojy.578333.xyz/wp-content/uploads/2023/07/ 3 KB
4 KB 564ms
557ms Image
image/png 172.67.216.21
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dctboyojy.578333.xyz/wp-content/uploads/2023/07/habari-footer-logo-2.png
Requested by: Host: cqty1.bhuefbfrvbn.workers.dev
URL: https://cqty1.bhuefbfrvbn.workers.dev/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.216.21 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 40c5a3816b27d87a187ffaabaef1a4d162f5510c51215f77da2ec281aaa2060a

Request headers

Referer: https://cqty1.bhuefbfrvbn.workers.dev/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Mon, 08 Jul 2024 13:55:45 GMT
cf-cache-status: MISS
last-modified: Mon, 17 Jul 2023 11:26:38 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "64b5256e-d26"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=AaOZqaPcQg5l%2BCu67b2q2%2B64js6HjUTlL8h6Jj1FNOeuUainZIFCjo%2FmsVXSsFvXAMC50ZJJt8W2nimgIVIh3PFcl4jNUFIZ%2BQEI4I7FP6cezLkC3scMmPQpHMJ0xhiVfM%2FS"}],"group":"cf-nel","max_age":604800}
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 8a0092dc9beb66c4-AMS
alt-svc: h3=":443"; ma=86400
content-length: 3366

GET
H3 200 carmag-search.css
dctboyojy.578333.xyz/wp-content/plugins/carmag-search/assets/css/ 2 KB
1019 B 495ms
490ms Stylesheet
text/css 172.67.216.21
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://dctboyojy.578333.xyz/wp-content/plugins/carmag-search/assets/css/carmag-search.css?ver=1.2
Requested by: Host: cqty1.bhuefbfrvbn.workers.dev
URL: https://cqty1.bhuefbfrvbn.workers.dev/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.216.21 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d6c6f0dedaa5f80bc141cdf9f6ba2b085ecd8781e6fa2e163ad33ed51c4b565a

Request headers

Referer: https://cqty1.bhuefbfrvbn.workers.dev/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Mon, 08 Jul 2024 13:55:45 GMT
content-encoding: br
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-polished: origSize=3095
alt-svc: h3=":443"; ma=86400
cf-bgj: minify
last-modified: Thu, 17 Nov 2022 09:29:26 GMT
server: cloudflare
etag: W/"6375fef6-c17"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=tygrMB%2B065%2BAXkjmntsjfgKeIw%2BK3EtGcPUvtcV24zSzTcAruaNIUIyYsr7SnCbaL%2FHe%2BkYmWhTfOlJfbLEBxy5rcXB0JE1%2BhMNfNmm8abXguOUakMOEuVxhjrVtW5hAwzX7"}],"group":"cf-nel","max_age":604800}
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=14400
cf-ray: 8a0092dc8b8f66c4-AMS

GET
H3 200 cfs-advanced-search.js Show response
dctboyojy.578333.xyz/wp-content/plugins/cfs-advanced-search/dist/ 31 KB
7 KB 1062ms
1054ms Script
application/javascript 172.67.216.21
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://dctboyojy.578333.xyz/wp-content/plugins/cfs-advanced-search/dist/cfs-advanced-search.js?ver=08-07-2024-1720446398
Requested by: Host: cqty1.bhuefbfrvbn.workers.dev
URL: https://cqty1.bhuefbfrvbn.workers.dev/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.216.21 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8352b5b204ffd4c0f6946891dc9210b0973c001401e74f8f84d850d42e601726

Request headers

Referer: https://cqty1.bhuefbfrvbn.workers.dev/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Mon, 08 Jul 2024 13:55:45 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Thu, 25 Apr 2024 09:52:40 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"662a27e8-7c7c"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=tX6Ln0R5F3NKaW5GGbHR9GHVcvYUvrMAeonEHCkklof7YDm87BIDkeMy2ArvsIzsKnt03%2ByVlTQ0oU463Cz%2FA11t3muBErRPkmEIqv%2B8hR%2BcjODLk8uGg0LuymHj2Ki8m%2BsO"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=14400
cf-ray: 8a0092dc8b9366c4-AMS
alt-svc: h3=":443"; ma=86400

GET
H3 200 custom-widgets.js Show response
dctboyojy.578333.xyz/wp-content/plugins/create-custom-recent-posts-widgets/js/ 4 KB
1 KB 883ms
873ms Script
application/javascript 172.67.216.21
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://dctboyojy.578333.xyz/wp-content/plugins/create-custom-recent-posts-widgets/js/custom-widgets.js?ver=08-07-2024-1720446398
Requested by: Host: cqty1.bhuefbfrvbn.workers.dev
URL: https://cqty1.bhuefbfrvbn.workers.dev/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.216.21 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c1438b7405eba426d534e4fb05a5dac264bc2d6b4e9cd05f7b8af32d225170ce

Request headers

Referer: https://cqty1.bhuefbfrvbn.workers.dev/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Mon, 08 Jul 2024 13:55:45 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Mon, 21 Nov 2022 10:59:37 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"637b5a19-fc3"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=wPTjFqHe2ky%2F%2BX2AdtSZkefBrQxthWUiFFWGmM%2FDEq%2FOwxQbYVkMwlDf73qvpiuCin91UrwwRnB1hi92%2BPIHNBsVI5WW08XMmqgAoiIr4fXe9XQ1KctPvo8pthy9rkg%2BYIQI"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=14400
cf-ray: 8a0092dc8b9d66c4-AMS
alt-svc: h3=":443"; ma=86400

GET
H3 200 swiper.min.js Show response
dctboyojy.578333.xyz/wp-content/plugins/create-custom-recent-posts-widgets/js/ 137 KB
36 KB 1055ms
1042ms Script
application/javascript 172.67.216.21
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://dctboyojy.578333.xyz/wp-content/plugins/create-custom-recent-posts-widgets/js/swiper.min.js?ver=1.1
Requested by: Host: cqty1.bhuefbfrvbn.workers.dev
URL: https://cqty1.bhuefbfrvbn.workers.dev/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.216.21 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 31b9a64530ca997b6bcc15ed933a677acb8659fd3d75c6f54736657bbf69c18e

Request headers

Referer: https://cqty1.bhuefbfrvbn.workers.dev/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Mon, 08 Jul 2024 13:55:45 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Thu, 17 Nov 2022 09:26:27 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"6375fe43-22208"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=3q9dA4iVVgg%2BXzJHtAmJ%2BOfkgFX%2BFhalvtDhYGkB8belyiv0ptAWpJABev%2BuGQEYCMxe%2B25R5%2FZy%2BEdc31CoBcF3oBDJDsXrTByTQz4KEYl0k5mc2sVgDMBlCNy6Gh1MMaIo"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=14400
cf-ray: 8a0092dc9ba066c4-AMS
alt-svc: h3=":443"; ma=86400

GET
H3 200 dynamic-data.js Show response
dctboyojy.578333.xyz/wp-content/plugins/create-custom-recent-posts-widgets/js/ 5 KB
2 KB 889ms
875ms Script
application/javascript 172.67.216.21
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://dctboyojy.578333.xyz/wp-content/plugins/create-custom-recent-posts-widgets/js/dynamic-data.js?ver=08-07-2024-1720446398
Requested by: Host: cqty1.bhuefbfrvbn.workers.dev
URL: https://cqty1.bhuefbfrvbn.workers.dev/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.216.21 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 25068766bea3ae98004f63d12d9145633c4916f32ce252431ac10406725dbd74

Request headers

Referer: https://cqty1.bhuefbfrvbn.workers.dev/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Mon, 08 Jul 2024 13:55:45 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Thu, 17 Nov 2022 09:26:27 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"6375fe43-132f"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=%2Bnyyqrn%2BdpNuf7Qk8mbEbbBfyhZ3ZYgX6Gx3QVMExYjy6D0OlMVvs8vwh7ISt5zwIE1M7CYoLyLcKHpgTcKkpr%2FpRICDsoAhj2%2FYu261OSkvs1n%2F7wTA1MIPTK4gVLomSNKa"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=14400
cf-ray: 8a0092dc9ba566c4-AMS
alt-svc: h3=":443"; ma=86400

GET
H3 200 cars-for-sale.js Show response
dctboyojy.578333.xyz/wp-content/plugins/display-cars-for-sale/js/ 30 KB
5 KB 674ms
659ms Script
application/javascript 172.67.216.21
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://dctboyojy.578333.xyz/wp-content/plugins/display-cars-for-sale/js/cars-for-sale.js?ver=6.3
Requested by: Host: cqty1.bhuefbfrvbn.workers.dev
URL: https://cqty1.bhuefbfrvbn.workers.dev/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.216.21 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 34d0c43ac6f03c6acee53f2edc211517edc33a6f1ef06ececc83d6eca33c608c

Request headers

Referer: https://cqty1.bhuefbfrvbn.workers.dev/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Mon, 08 Jul 2024 13:55:45 GMT
content-encoding: br
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-polished: origSize=55887
alt-svc: h3=":443"; ma=86400
cf-bgj: minify
last-modified: Mon, 01 Jul 2024 10:40:33 GMT
server: cloudflare
etag: W/"668287a1-da4f"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=aZJ9QBDzj9tQldzx6IFWIFppHLtVJrAWASEqpTFUbbada%2F0DtkDKmh%2BPqJs%2Br%2BJTk%2FtlcZi6oX4QAsmbrMimU6xKsT5FSC48HYc%2BQcuc0q7o9odwaCh4MefsG8X965wKEi%2FP"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=14400
cf-ray: 8a0092dc9baa66c4-AMS

GET
H3 200 dynamic-carlisting-data.js Show response
dctboyojy.578333.xyz/wp-content/plugins/display-cars-for-sale/js/ 21 KB
4 KB 670ms
653ms Script
application/javascript 172.67.216.21
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://dctboyojy.578333.xyz/wp-content/plugins/display-cars-for-sale/js/dynamic-carlisting-data.js?ver=6.1
Requested by: Host: cqty1.bhuefbfrvbn.workers.dev
URL: https://cqty1.bhuefbfrvbn.workers.dev/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.216.21 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 68e41b1cf2b6d00eedaa9ec57a7311a481d2bc03b8665bf44f3580943ea8a11a

Request headers

Referer: https://cqty1.bhuefbfrvbn.workers.dev/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Mon, 08 Jul 2024 13:55:45 GMT
content-encoding: br
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-polished: origSize=51453
alt-svc: h3=":443"; ma=86400
cf-bgj: minify
last-modified: Thu, 09 Nov 2023 13:06:44 GMT
server: cloudflare
etag: W/"654cd964-c8fd"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=l7gISpGnWDS6qYmqM6TNJFzeeMTGPHqTnHsv4NI8D7f8EJrSdMpwm9CEkrW4137PLbS%2FYVaCFyix4kOimQICbyf%2B4SnrD4lIRE%2BUd6JCuCoynmLU1kYwMAbXejm%2FT%2FL61NFc"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=14400
cf-ray: 8a0092dc9bb166c4-AMS

GET
H3 200 purl.js Show response
dctboyojy.578333.xyz/wp-content/plugins/display-cars-for-sale/js/ 5 KB
2 KB 557ms
540ms Script
application/javascript 172.67.216.21
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://dctboyojy.578333.xyz/wp-content/plugins/display-cars-for-sale/js/purl.js?ver=1.0
Requested by: Host: cqty1.bhuefbfrvbn.workers.dev
URL: https://cqty1.bhuefbfrvbn.workers.dev/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.216.21 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3d49b5d25b23f62d9db04b5bfb11a3aa5d443eb278eb55c2cbdd8da81c64523a

Request headers

Referer: https://cqty1.bhuefbfrvbn.workers.dev/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Mon, 08 Jul 2024 13:55:45 GMT
content-encoding: br
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-polished: origSize=8830
alt-svc: h3=":443"; ma=86400
cf-bgj: minify
last-modified: Thu, 17 Nov 2022 09:26:32 GMT
server: cloudflare
etag: W/"6375fe48-227e"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=YSpw5Ur97O8E7pvF1XQpv3hdx6R6jG863nnKNtXOZ2Ij4t0rZwh6wABPVo3HcUYuTVNhQYXdTh4Z5TXgESdYW8zr0jMw5nudbqR0g9ItAPDQM3HeBTQ8g%2BXxV%2FpIf6KudyR2"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=14400
cf-ray: 8a0092dc9bb466c4-AMS

GET
H3 200 wallpaper-custom.js Show response
dctboyojy.578333.xyz/wp-content/plugins/wallpaper-ads/js/ 1 KB
892 B 574ms
557ms Script
application/javascript 172.67.216.21
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://dctboyojy.578333.xyz/wp-content/plugins/wallpaper-ads/js/wallpaper-custom.js?ver=300
Requested by: Host: cqty1.bhuefbfrvbn.workers.dev
URL: https://cqty1.bhuefbfrvbn.workers.dev/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.216.21 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3442ff60c2a33c78c7b8a655b78d1ab757c6122a5cbfe9b84473f073805c709c

Request headers

Referer: https://cqty1.bhuefbfrvbn.workers.dev/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Mon, 08 Jul 2024 13:55:45 GMT
content-encoding: br
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-polished: origSize=2089
alt-svc: h3=":443"; ma=86400
cf-bgj: minify
last-modified: Thu, 17 Nov 2022 09:27:50 GMT
server: cloudflare
etag: W/"6375fe96-829"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=3hwXKUMRwdr4cO5boop%2FXuT3ydp5bBd%2Bj8l%2BfXGFgUimAKVwzoT6dqbMjCwnU%2BdRTcH%2Bds2zPPLmJNG10SqeJUpnTNYj2AeoG4hlY94zJi3BgiC74p75KA8Z03CiA08zU3U6"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=14400
cf-ray: 8a0092dc9bb566c4-AMS

GET
H3 200 custom.js Show response
dctboyojy.578333.xyz/wp-content/themes/CarMag_Revamp/js/ 4 KB
2 KB 558ms
540ms Script
application/javascript 172.67.216.21
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://dctboyojy.578333.xyz/wp-content/themes/CarMag_Revamp/js/custom.js?ver=306
Requested by: Host: cqty1.bhuefbfrvbn.workers.dev
URL: https://cqty1.bhuefbfrvbn.workers.dev/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.216.21 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 72dab8d6edb1639e61c4ff09a24320a00ea663afb9798941973c4485ef7c5b99

Request headers

Referer: https://cqty1.bhuefbfrvbn.workers.dev/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Mon, 08 Jul 2024 13:55:45 GMT
content-encoding: br
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-polished: origSize=9718
alt-svc: h3=":443"; ma=86400
cf-bgj: minify
last-modified: Thu, 14 Dec 2023 14:04:29 GMT
server: cloudflare
etag: W/"657b0b6d-25f6"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=nUedJmwB5XewVpYynKRWiM4y5DBQ%2F3EtCNoVV%2FBPt141paAZ4ZgV4wm4k0EwVYLUIeKh9eTNIz8i16QbA9YRsEAZD4QeutYJ136Cu6%2BTPJt40BYTaVLv5tkflKS2lXTGgCZG"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=14400
cf-ray: 8a0092dc9bb866c4-AMS

GET
H3 200 article-view-slick.min.js Show response
dctboyojy.578333.xyz/wp-content/themes/CarMag_Revamp/js/ 42 KB
11 KB 770ms
753ms Script
application/javascript 172.67.216.21
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://dctboyojy.578333.xyz/wp-content/themes/CarMag_Revamp/js/article-view-slick.min.js?ver=1.0
Requested by: Host: cqty1.bhuefbfrvbn.workers.dev
URL: https://cqty1.bhuefbfrvbn.workers.dev/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.216.21 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0c7178cc6ca34fb18e30f070a5e7a1c287b2d7ccfcba2cfdf06e0f46eda55740

Request headers

Referer: https://cqty1.bhuefbfrvbn.workers.dev/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Mon, 08 Jul 2024 13:55:45 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Thu, 17 Nov 2022 09:28:53 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"6375fed5-a76f"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=0Ari%2FsNWuMEhicQVRWT%2B2PuMKNWPUDZ33o%2B8ztg8TQzMbEEMuHhFZVHwGLhcjFm8MXaVmcO7VQsRIRkd%2B%2FyPMw9u8PFatPodGXd7yF2WdTrjUcxIzk6kAHkVT%2Bfcvpdx9L9E"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=14400
cf-ray: 8a0092dc9bba66c4-AMS
alt-svc: h3=":443"; ma=86400

GET
H3 200 magnific-gallery.js Show response
dctboyojy.578333.xyz/wp-content/themes/CarMag_Revamp/js/ 28 KB
9 KB 669ms
652ms Script
application/javascript 172.67.216.21
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://dctboyojy.578333.xyz/wp-content/themes/CarMag_Revamp/js/magnific-gallery.js?ver=1.0
Requested by: Host: cqty1.bhuefbfrvbn.workers.dev
URL: https://cqty1.bhuefbfrvbn.workers.dev/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.216.21 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2b5c6fefbc9cf825ebc533e5debfff5fb482c831e783d79198f1c1b6946fcce2

Request headers

Referer: https://cqty1.bhuefbfrvbn.workers.dev/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Mon, 08 Jul 2024 13:55:45 GMT
content-encoding: br
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-polished: origSize=43593
alt-svc: h3=":443"; ma=86400
cf-bgj: minify
last-modified: Thu, 17 Nov 2022 09:28:54 GMT
server: cloudflare
etag: W/"6375fed6-aa49"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=lDOZKUZ9d21CcXOtoqj80KBfh%2FpXDJAvxsBo7RPDNW9tiVWZJj2UiM3DE59nkbUvNtdPdS%2B9zM41oPK24X42U9OSW56Vxgn6oWBD%2FT0uT5yvSL52cfxp%2BeBkPKEW2uVa18NJ"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=14400
cf-ray: 8a0092dc9bbb66c4-AMS

GET
H3 200 script.min.js Show response
dctboyojy.578333.xyz/wp-content/plugins/scroll-triggered-boxes/assets/js/ 9 KB
4 KB 510ms
493ms Script
application/javascript 172.67.216.21
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://dctboyojy.578333.xyz/wp-content/plugins/scroll-triggered-boxes/assets/js/script.min.js?ver=2.2.1
Requested by: Host: cqty1.bhuefbfrvbn.workers.dev
URL: https://cqty1.bhuefbfrvbn.workers.dev/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.216.21 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b8a2eb068a42de22eee0dfb6173e802bbdb065b2cbe08c926952d8f11a22dd4f

Request headers

Referer: https://cqty1.bhuefbfrvbn.workers.dev/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Mon, 08 Jul 2024 13:55:45 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Tue, 04 Jun 2024 11:17:03 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"665ef7af-22b0"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=A1NL938SzS6Hx%2FuOdOv6vxA2n38iLA8myq15QszWAqRTi7tnI5E9dn3ALj3BxwgPFtF36JsTgO1hVb7yPozsdHQJD%2F7AwFn4Otp1Q2%2Fbj6UQ5xTuL1345BlQgv9aGpPRJoR7"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=14400
cf-ray: 8a0092dc9bbc66c4-AMS
alt-svc: h3=":443"; ma=86400

GET
H3 200 carmag-search.js Show response
dctboyojy.578333.xyz/wp-content/plugins/carmag-search/assets/js/ 184 B
583 B 557ms
541ms Script
application/javascript 172.67.216.21
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://dctboyojy.578333.xyz/wp-content/plugins/carmag-search/assets/js/carmag-search.js?ver=1.0.0
Requested by: Host: cqty1.bhuefbfrvbn.workers.dev
URL: https://cqty1.bhuefbfrvbn.workers.dev/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.216.21 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a0008eb2109ddfca588c1a7a7f4e68bfc3aa1462c894d05f885c3be21e12e4be

Request headers

Referer: https://cqty1.bhuefbfrvbn.workers.dev/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Mon, 08 Jul 2024 13:55:45 GMT
content-encoding: br
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-polished: origSize=960
alt-svc: h3=":443"; ma=86400
cf-bgj: minify
last-modified: Thu, 17 Nov 2022 09:29:26 GMT
server: cloudflare
etag: W/"6375fef6-3c0"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=T6MEmVI6NGHr5pItzqgVG%2BzJKEmb4brXKHc%2Bp8AAhHCbqlKZHw3%2BUdH6IofAb73wWEiffvHE7rNg4NPdLqSOS%2F4HRym2meybMOBp8TyjekfpJFPK3wz5wu7%2FNV58eCYSzXUk"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=14400
cf-ray: 8a0092dc9bbd66c4-AMS

GET
H2 200 vcd15cbe7772f49c399c6a5babf22c1241717689176015 Show response
static.cloudflareinsights.com/beacon.min.js/ 19 KB
7 KB 130ms
76ms Script
text/javascript 2606:4700::6810:4f49
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://static.cloudflareinsights.com/beacon.min.js/vcd15cbe7772f49c399c6a5babf22c1241717689176015
Requested by: Host: cqty1.bhuefbfrvbn.workers.dev
URL: https://cqty1.bhuefbfrvbn.workers.dev/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6810:4f49 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8a18d13015336bc184819a5a768447462202ef3105ec511bf42ed8304a7ed94f

Request headers

Referer: https://cqty1.bhuefbfrvbn.workers.dev/
Origin: https://cqty1.bhuefbfrvbn.workers.dev
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Mon, 08 Jul 2024 13:55:44 GMT
content-encoding: gzip
last-modified: Thu, 06 Jun 2024 15:52:56 GMT
server: cloudflare
etag: W/"2024.6.1"
vary: Accept-Encoding
content-type: text/javascript;charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
cf-ray: 8a0092dcffd2b7f8-AMS

GET
H2 200 6405f13eb20f5f00192a0d07.js Show response
buttons-config.sharethis.com/js/ 1 KB
907 B 165ms
74ms Script
text/javascript 2600:9000:2127:e800:c:abe:f440:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://buttons-config.sharethis.com/js/6405f13eb20f5f00192a0d07.js

Requested by

Host: platform-api.sharethis.com
URL: https://platform-api.sharethis.com/js/sharethis.js?ver=1.5.7

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2127:e800:c:abe:f440:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

77caa92f758f70c4f5953180bba818d10ace096b8ceeb84a0e0bdc86c2fc5fd4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://cqty1.bhuefbfrvbn.workers.dev/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Mon, 08 Jul 2024 13:55:32 GMT
content-encoding: gzip
via: 1.1 d33f640b9793fb0553cc6dbe55988068.cloudfront.net (CloudFront)
strict-transport-security: max-age=31536000; includeSubDomains
last-modified: Mon, 06 Mar 2023 15:04:22 GMT
server: AmazonS3
x-amz-cf-pop: PRG50-C1
age: 13
x-amz-server-side-encryption: AES256
etag: W/"46b6253cf9264f25509139f0d50e8fa5"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/javascript
cache-control: public, max-age=60
x-amz-cf-id: BCCP7VdQV1yO6c1klimYdfJg8DQWApmUWiHdgDKYRhwHMlza44mR1Q==

GET
H2 200 loader.js Show response
cdn.taboola.com/libtrc/highburymedia/ 362 KB
53 KB 106ms
47ms Script
application/javascript 151.101.65.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.taboola.com/libtrc/highburymedia/loader.js
Requested by: Host: cqty1.bhuefbfrvbn.workers.dev
URL: https://cqty1.bhuefbfrvbn.workers.dev/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.65.44 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: bb886e109d443b03c41bfed1c276a7ca5de30bbe60949d7c23b54c0bb6af2337

Request headers

Referer: https://cqty1.bhuefbfrvbn.workers.dev/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

x-amz-version-id: lO8carlmtDXXSUdHcWivA4fvlL23dT9q
content-encoding: gzip
via: 1.1 varnish
date: Mon, 08 Jul 2024 13:55:44 GMT
x-amz-request-id: 7DV7F894MXNF74P3
age: 0
x-amz-server-side-encryption: AES256
x-cache: MISS
x-from-cache: 1
x-envoy-upstream-service-time: 7
x-amz-replication-status: FAILED
content-length: 53963
x-amz-id-2: 4nlOXWhIdary66+lSiXv8sm+o+gjWOSOlIWhXntYazlx0c7WZR/+P+P0BH126WhbV9biG646qJ8=
x-served-by: cache-bru1480079-BRU
last-modified: Mon, 08 Jul 2024 13:55:44 UTC
server: nginx
x-timer: S1720446945.796144,VS0,VE26
etag: "c4efda032c55690256bc584ed6a1420f43c3fc7d"
vary: Accept-Encoding, Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
abp: 15
cache-control: private,max-age=14400
accept-ranges: bytes
x-cache-hits: 0

GET
H/1.1 204
No Content pview Show response
l.sharethis.com/ 0
416 B 146ms
38ms XHR
text/plain 3.69.40.101
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://l.sharethis.com/pview?event=pview&hostname=cqty1.bhuefbfrvbn.workers.dev&location=%2F&product=unknown&url=https%3A%2F%2Fcqty1.bhuefbfrvbn.workers.dev%2F&source=sharethis.js&fcmp=false&fcmpv2=false&has_segmentio=false&title=Car%20News%2C%20Car%20Videos%2C%20Car%20Reviews%2C%20Car%20Road%20Tests%2C%20Car%20Industry%20News%2C%20Car%20Rumours%2C%20and%20much%20more%20%7C%20CAR%20Magazine&cms=unknown&publisher=6405f13eb20f5f00192a0d07&sop=true&version=st_sop.js&lang=en&description=Car%20Magazine%20has%20daily%20motoring%20news%20updates%20along%20with%20professional%20road%20tests%2C%20driving%20impressions%20and%20all%20the%20latest%20model%20updates%20and%20more!&ua=&ua_mobile=false&ua_full_version_list=&uuid=bfcb0e14-2a81-4296-9675-c1a60d6a2cdd

Requested by

Host: platform-api.sharethis.com
URL: https://platform-api.sharethis.com/js/sharethis.js?ver=1.5.7

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

3.69.40.101 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-3-69-40-101.eu-central-1.compute.amazonaws.com

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains;

Request headers

Referer: https://cqty1.bhuefbfrvbn.workers.dev/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Date: Mon, 08 Jul 2024 13:55:44 GMT
Strict-Transport-Security: max-age=63072000; includeSubDomains;
Access-Control-Max-Age: 1728000
Access-Control-Allow-Origin: https://cqty1.bhuefbfrvbn.workers.dev
Access-Control-Expose-Headers: stid
Cache-Control: no-cache, no-store, must-revalidate
Access-Control-Allow-Credentials: true
Connection: keep-alive
Access-Control-Allow-Headers: *

GET
H2 200 ajs.php Show response
highburyads.co.za/www/delivery/ 777 B
1 KB 127ms
65ms Script
text/javascript 2606:4700:3033::6815:4e37
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://highburyads.co.za/www/delivery/ajs.php?zoneid=1599&cb=40944892961&charset=UTF-8&loc=https%3A//cqty1.bhuefbfrvbn.workers.dev/
Requested by: Host: cqty1.bhuefbfrvbn.workers.dev
URL: https://cqty1.bhuefbfrvbn.workers.dev/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3033::6815:4e37 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ea175c29224a838ddf9e61be79276ffd6cee40df20566b647be41ac0c326bdcd

Request headers

Referer: https://cqty1.bhuefbfrvbn.workers.dev/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Intervention: <https://www.chromestatus.com/feature/5718547946799104>; level="warning"

Response headers

pragma: no-cache
date: Mon, 08 Jul 2024 13:55:44 GMT
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=pfaP5%2B%2ByXOZ%2B86VaZIF5CvaSSjC0lLCXzfZOEHLZ0T5Rnd9kCsxSsGNznY3GlSs3nRkEhZKHuYoH3fGeAbuaoAR66MbKkOzbT63ZlbTcWXHWokLuoDBFZNPW7o2HP5R4Eo0AJOvX2CsaPtRFumt4IQ%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin: *
content-type: text/javascript; charset=UTF-8
cache-control: no-cache, no-store, must-revalidate
cf-ray: 8a0092dd0fd906de-AMS
alt-svc: h3=":443"; ma=86400
expires: 0

GET
H2 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v30/ 15 KB
16 KB 108ms
26ms Font
font/woff2 2a00:1450:4001:827::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Arvo:wght@400;700&family=Roboto&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://cqty1.bhuefbfrvbn.workers.dev
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Thu, 04 Jul 2024 17:31:01 GMT
x-content-type-options: nosniff
age: 332683
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15744
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:48 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 04 Jul 2025 17:31:01 GMT

GET
H2 200 KFOlCnqEu92Fr1MmWUlfBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ 15 KB
16 KB 113ms
31ms Font
font/woff2 2a00:1450:4001:827::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Roboto:wght@400;700;900&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://cqty1.bhuefbfrvbn.workers.dev
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Thu, 04 Jul 2024 07:43:41 GMT
x-content-type-options: nosniff
age: 367923
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15860
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:42 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 04 Jul 2025 07:43:41 GMT

GET
H3 200 fontawesome-webfont.woff2
dctboyojy.578333.xyz/wp-content/themes/CarMag_Revamp/font-awesome-4.7.0/fonts/ 75 KB
76 KB 1551ms
1519ms Font
application/octet-stream 172.67.216.21
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://dctboyojy.578333.xyz/wp-content/themes/CarMag_Revamp/font-awesome-4.7.0/fonts/fontawesome-webfont.woff2?v=4.7.0
Requested by: Host: dctboyojy.578333.xyz
URL: https://dctboyojy.578333.xyz/wp-content/themes/CarMag_Revamp/font-awesome-4.7.0/css/font-awesome.css?ver=1
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.216.21 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe

Request headers

Referer: https://dctboyojy.578333.xyz/wp-content/themes/CarMag_Revamp/font-awesome-4.7.0/css/font-awesome.css?ver=1
Origin: https://cqty1.bhuefbfrvbn.workers.dev
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Mon, 08 Jul 2024 13:55:46 GMT
cf-cache-status: MISS
last-modified: Thu, 17 Nov 2022 09:31:49 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "6375ff85-12d68"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=oIOWdNpQVIwz7flFms0RAf%2FuXP59qMhWj6dOHA7O6lHaw7kPzDcesfr%2FFWTajlh6Yd3rEAk7%2FnIOcneKw1NBukXJmxDMLYxYY1tPzwqe2j66WuUEp%2F4I91T3Sh7FjIFsALa4"}],"group":"cf-nel","max_age":604800}
content-type: application/octet-stream
access-control-allow-origin: *
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 8a0092dd28b49fff-AMS
alt-svc: h3=":443"; ma=86400
content-length: 77160

GET
H2 200 KFOlCnqEu92Fr1MmYUtfBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ 15 KB
15 KB 135ms
53ms Font
font/woff2 2a00:1450:4001:827::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmYUtfBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Roboto:wght@400;700;900&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7e262106f82cc52663e403f5b73795bbeab9ca0630c33c03579354fbcd4fae1e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://cqty1.bhuefbfrvbn.workers.dev
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Tue, 02 Jul 2024 14:57:01 GMT
x-content-type-options: nosniff
age: 514723
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15752
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:56 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 02 Jul 2025 14:57:01 GMT

GET
DATA 200
OK truncated
/ 2 KB
2 KB Font
application/font-woff

General

Check archive.org

Show headers Download Go to

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: c239fbd2387ceff073b22f05559eb6a3a9425ccde003eccb22a998429465302f

Request headers

Referer
Origin: https://cqty1.bhuefbfrvbn.workers.dev
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Content-Type: application/font-woff;charset=utf-8

GET
H2 200 2022-SILVER-Volkswagen-T-Cross-10-TSI-Highline-DSG-85kW-8071272-1-1000x1000.jpg
image.blob.ix.co.za/Used/8071272/1/ 357 KB
358 KB 1549ms
790ms Image
image/jpeg 102.130.121.238
Host-Africa-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://image.blob.ix.co.za/Used/8071272/1/2022-SILVER-Volkswagen-T-Cross-10-TSI-Highline-DSG-85kW-8071272-1-1000x1000.jpg
Requested by: Host: cqty1.bhuefbfrvbn.workers.dev
URL: https://cqty1.bhuefbfrvbn.workers.dev/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 102.130.121.238 , South Africa, ASN328364 (Host-Africa-AS, ZA),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: e2f78c68fc3d26045673e4daad5a261874d25cc3256ffaaf0a82194440daca03

Request headers

Referer: https://cqty1.bhuefbfrvbn.workers.dev/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Mon, 08 Jul 2024 13:55:45 GMT
last-modified: Thu, 28 Mar 2024 13:53:12 GMT
server: Microsoft-IIS/10.0
etag: "2c5a12461781da1:0"
x-powered-by: ASP.NET
content-type: image/jpeg
access-control-allow-origin: *
accept-ranges: bytes
content-length: 365710

GET
H2 200 2021-SILVER-Toyota-Corolla-Quest-18-Exclusive-8101331-1-1000x1000.jpg
image.blob.ix.co.za/Used/8101331/1/ 401 KB
401 KB 983ms
224ms Image
image/jpeg 102.130.121.238
Host-Africa-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://image.blob.ix.co.za/Used/8101331/1/2021-SILVER-Toyota-Corolla-Quest-18-Exclusive-8101331-1-1000x1000.jpg
Requested by: Host: cqty1.bhuefbfrvbn.workers.dev
URL: https://cqty1.bhuefbfrvbn.workers.dev/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 102.130.121.238 , South Africa, ASN328364 (Host-Africa-AS, ZA),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: e3921e972d6cf890bf16129c336fecd293cc26265d7952a080ae91e888fb1a7f

Request headers

Referer: https://cqty1.bhuefbfrvbn.workers.dev/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Mon, 08 Jul 2024 13:55:45 GMT
last-modified: Fri, 03 May 2024 10:40:58 GMT
server: Microsoft-IIS/10.0
etag: "b52b162469dda1:0"
x-powered-by: ASP.NET
content-type: image/jpeg
access-control-allow-origin: *
accept-ranges: bytes
content-length: 410632

GET
H2 200 be485aaeb80a241b13c80d48fd4b8003.jpg
highburyads.co.za/www/images/ 210 KB
210 KB 38ms
33ms Image
image/jpeg 2606:4700:3033::6815:4e37
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://highburyads.co.za/www/images/be485aaeb80a241b13c80d48fd4b8003.jpg
Requested by: Host: cqty1.bhuefbfrvbn.workers.dev
URL: https://cqty1.bhuefbfrvbn.workers.dev/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3033::6815:4e37 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 98496a884fd063ea8c90a862cee44986f6c945b33748f5967a775f01a65fd570

Request headers

Referer: https://cqty1.bhuefbfrvbn.workers.dev/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Mon, 08 Jul 2024 13:55:44 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 506241
alt-svc: h3=":443"; ma=86400
content-length: 214716
last-modified: Tue, 02 Jul 2024 13:04:36 GMT
server: cloudflare
etag: "6683fae4-346bc"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=PU0qg1JgO2C9be9Iq97Q%2FereOoa%2FbaxXVDpspkD1xhNbOj3rHv9g9HUk5s8KPZvEd4kCEirUoJqmGm1cbB7i%2BEAKZxIcVOKbeW7N%2F9JmhErYWXvi8VCWYNKMRczIuD7hOVj8shuHBPIz2BRyRERlvQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=604800
accept-ranges: bytes
cf-ray: 8a0092dd787d06de-AMS
expires: Tue, 09 Jul 2024 17:18:23 GMT

GET
H2 200 lg.php
highburyads.co.za/www/delivery/ 43 B
418 B 55ms
50ms Image
image/gif 2606:4700:3033::6815:4e37
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://highburyads.co.za/www/delivery/lg.php?bannerid=6127&campaignid=3997&zoneid=1599&loc=https%3A%2F%2Fcqty1.bhuefbfrvbn.workers.dev%2F&cb=df7a010898
Requested by: Host: cqty1.bhuefbfrvbn.workers.dev
URL: https://cqty1.bhuefbfrvbn.workers.dev/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3033::6815:4e37 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Referer: https://cqty1.bhuefbfrvbn.workers.dev/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 08 Jul 2024 13:55:44 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=6pe%2FdzgZb6qZaz9pVgrYM3DrMfDfGYZDRUnvCU45oov8R9Oz0ugRfsE2jz9MjCfqRrl0f89MaCZPuBKkrv%2B6UBujhwu8lia7%2FiNLx7Hr3VYCQ12KSdZ1oydRfCRqvWFzbi2BaJUPF7iTUIcnN%2BD4Sw%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin: *
content-type: image/gif
cache-control: no-cache, no-store, must-revalidate
cf-ray: 8a0092dd788206de-AMS
alt-svc: h3=":443"; ma=86400
expires: 0

GET
H2 200 impl.20240707-12-RELEASE.js Show response
cdn.taboola.com/libtrc/ 894 KB
182 KB 23ms
22ms Script
application/javascript 151.101.65.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.taboola.com/libtrc/impl.20240707-12-RELEASE.js
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/highburymedia/loader.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.65.44 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3-br /
Resource Hash: 35825e2b5d8f38b406c8c0555ee5f6414956898641b7bedb67bbd8f776946748

Request headers

Referer: https://cqty1.bhuefbfrvbn.workers.dev/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

x-amz-version-id: DMsAb7oWRrAOSO6bxZjYVKP.lasP0mV6
content-encoding: br
via: 1.1 varnish
date: Mon, 08 Jul 2024 13:55:44 GMT
x-amz-request-id: KM10WT4DQJJZYQ5B
age: 6667
x-amz-server-side-encryption: AES256
x-cache: HIT
content-length: 186059
x-amz-id-2: huCtbzFlHsmcLJeWjdUh4TWlIHB+OgHcnSvNl266q2AADU6j4ardU9sNNzvX72LZKGU0xh/ptbA=
x-served-by: cache-bru1480079-BRU
last-modified: Sun, 07 Jul 2024 12:01:55 GMT
server: AmazonS3-br
x-timer: S1720446945.915856,VS0,VE0
etag: "a1b3c421e2f2025184940a84bc671793"
vary: Accept-Encoding
content-type: application/javascript
abp: 92
access-control-allow-origin: *
cache-control: private,max-age=31536000
accept-ranges: bytes
x-cache-hits: 1567

GET
H3 200 pubads_impl.js Show response
securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202407020101/ 467 KB
145 KB 41ms
41ms Script
text/javascript 142.250.185.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202407020101/pubads_impl.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s51-in-f2.1e100.net

Software

cafe /

Resource Hash

4416286665bbc024eb7d80114a57625e9f57ea495844950d060293b230599af5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://cqty1.bhuefbfrvbn.workers.dev/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Mon, 08 Jul 2024 13:01:23 GMT
content-encoding: br
x-content-type-options: nosniff
age: 3261
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 148860
x-xss-protection: 0
server: cafe
etag: 3071004405367439963
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, immutable, max-age=31536000
timing-allow-origin: *
expires: Tue, 08 Jul 2025 13:01:23 GMT

GET
H3 200 ppub_config Show response
securepubads.g.doubleclick.net/pagead/ 83 B
96 B 233ms
174ms XHR
application/json 142.250.185.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/ppub_config?ippd=cqty1.bhuefbfrvbn.workers.dev

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s51-in-f2.1e100.net

Software

cafe /

Resource Hash

4afb07a576ad56e9e95c56167d9334061db42900677bef2585a33df4d4e28aba

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://cqty1.bhuefbfrvbn.workers.dev/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Mon, 08 Jul 2024 13:55:45 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private, max-age=3600, stale-while-revalidate=3600
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 71
x-xss-protection: 0
expires: Mon, 08 Jul 2024 13:55:45 GMT

GET
H3 200 show_ads_impl_with_ama_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202406270101/ 425 KB
143 KB 204ms
100ms Script
text/javascript 172.217.18.2
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202406270101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-7073370864490749&plah=cqty1.bhuefbfrvbn.workers.dev&aplac=true&bust=31084927

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-7073370864490749

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.18.2 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s22-in-f2.1e100.net

Software

cafe /

Resource Hash

4a213644824687bdb789ed24531180f6b9a91f80482a980f91c60547a09c3258

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://cqty1.bhuefbfrvbn.workers.dev/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Mon, 08 Jul 2024 13:55:45 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 146874
x-xss-protection: 0
server: cafe
etag: 5345246830724263768
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Mon, 08 Jul 2024 13:55:45 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 339 KB
109 KB 63ms
62ms Script
application/javascript 2a00:1450:4001:80b::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-KYLBT1M2BJ&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-11411975-1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

664940e70b22e4179c97dd19ebbe17ea6758e543de6160bcb189fbe8cb4bf4a4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Referer: https://cqty1.bhuefbfrvbn.workers.dev/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Mon, 08 Jul 2024 13:55:45 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 111441
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Mon, 08 Jul 2024 13:55:45 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 52 KB
21 KB 98ms
27ms Script
text/javascript 2a00:1450:4001:82a::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-11411975-1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://cqty1.bhuefbfrvbn.workers.dev/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Mon, 08 Jul 2024 12:29:07 GMT
last-modified: Tue, 12 Dec 2023 18:09:08 GMT
server: Golfe2
age: 5198
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20994
expires: Mon, 08 Jul 2024 14:29:07 GMT

GET
H3 200 / Show response
www.googleadservices.com/pagead/conversion/981195317/ 3 KB
2 KB 107ms
65ms Script
text/javascript 142.250.186.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleadservices.com/pagead/conversion/981195317/?random=1720446945119&cv=11&fst=1720446945119&bg=ffffff&guid=ON&async=1&gtm=45be4730v9181219265za200&gcd=13l3lPl2l1&dma_cps=sypham&dma=1&tag_exp=0&u_w=1600&u_h=1200&url=https%3A%2F%2Fcqty1.bhuefbfrvbn.workers.dev%2F&label=tlaeCPvm4sIBELW079MD&hn=www.googleadservices.com&frm=0&tiba=Car%20News%2C%20Car%20Videos%2C%20Car%20Reviews%2C%20Car%20Road%20Tests%2C%20Car%20Industry%20News%2C%20Car%20Rumours%2C%20and%20much%20more%20%7C%20CAR%20Magazine&gtm_ee=1&npa=1&pscdl=noapi&auid=1945906829.1720446945&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&ec_mode=a&fdr=SA&capi=1&data=event%3Dconversion&em=tv.1&rfmt=3&fmt=4

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=AW-981195317

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s07-in-f2.1e100.net

Software

cafe /

Resource Hash

6dcd4d59cb7a9228d46fa021bd9e71a27f5e523262af8ed404cacf23a646080d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://cqty1.bhuefbfrvbn.workers.dev/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 08 Jul 2024 13:55:45 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1625
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 google-topics-api.20240707-12-RELEASE.es6.js Show response
cdn.taboola.com/libtrc/ 2 KB
1 KB 33ms
33ms Script
application/javascript 151.101.65.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.taboola.com/libtrc/google-topics-api.20240707-12-RELEASE.es6.js
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/highburymedia/loader.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.65.44 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 476f713d39d370558402964f702894f0514a83e744c32f8c05bcda27bb118bca

Request headers

Referer: https://cqty1.bhuefbfrvbn.workers.dev/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

x-amz-version-id: JOrSWLYGkJXTKHtsR_Wep_FXH9dVgupi
content-encoding: gzip
via: 1.1 varnish
date: Mon, 08 Jul 2024 13:55:45 GMT
x-amz-request-id: 83K56HXDSQANN1DG
age: 7413
x-amz-server-side-encryption: AES256
x-cache: HIT
x-amz-replication-status: PENDING
content-length: 979
x-amz-id-2: GnQHsjJKnET4zXAmGXM9adYudn7DQqsQU8wHtj2DdjR26ZxVF649HI/4vizz0NfsPsZBzzUQWbw=
x-served-by: cache-bru1480079-BRU
last-modified: Mon, 08 Jul 2024 11:52:11 GMT
server: AmazonS3
x-timer: S1720446945.164756,VS0,VE0
etag: "abd4a249c5f4ca229975e16d3e603d7c"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
abp: 21
access-control-allow-origin: *
cache-control: private,max-age=2629743
accept-ranges: bytes
x-cache-hits: 1171

GET
H2 200 sync Show response
gum.criteo.com/ 46 B
431 B 65ms
20ms Script
text/javascript 2a02:2638:3::c
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://gum.criteo.com/sync?c=72&r=2&j=TRC.getRTUS

Requested by

Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20240707-12-RELEASE.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

189b8ed64093b12937354b2ef71ccf1df59690d90432241a10fe1cb25000acba

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://cqty1.bhuefbfrvbn.workers.dev/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Mon, 08 Jul 2024 13:55:44 GMT
strict-transport-security: max-age=31536000; preload;
content-encoding: gzip
server: Kestrel
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
cache-control: private, max-age=3600
server-processing-duration-in-ticks: 284684
expires: 60

GET
H3 200 ads Show response
pagead2.googlesyndication.com/gampad/ 566 KB
50 KB 204ms
202ms Fetch
text/plain 172.217.18.2
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/gampad/ads?pvsid=3700418703506396&correlator=589427668505989&eid=44809527%2C31085019%2C95335156%2C31078663%2C31078668%2C31078670&output=ldjh&gdfp_req=1&vrg=202407020101&ptt=17&impl=fifs&ltd_cs=1&iu_parts=21714487182%2CCAR-L%2CCAR-R%2CCarMag-BB-01%2CCarMag-BB-02%2CCarMag-BB-03%2CCAR-01%2CCAR-02%2CCarMag-LB-03%2CCarMag-LB-04%2CCAR-05%2CCAR-1%2CCAR-2%2CCAR-3%2CCAR-4%2CCAR-5%2CCAR-6%2CCAR-7%2CCAR-8%2CCAR-18%2CCAR-19%2CCAR-20%2CCAR-9%2CCAR-10%2CCAR-11&enc_prev_ius=0%2F1%2C0%2F2%2C0%2F3%2C0%2F4%2C0%2F5%2C0%2F6%2C0%2F7%2C0%2F8%2C0%2F9%2C0%2F10%2C0%2F11%2C0%2F12%2C0%2F13%2C0%2F14%2C0%2F15%2C0%2F16%2C0%2F17%2C0%2F18%2C0%2F19%2C0%2F20%2C0%2F21%2C0%2F22%2C0%2F23%2C0%2F24&prev_iu_szs=174x696%2C174x696%2C970x250%2C970x250%2C970x250%2C728x90%2C728x90%2C728x90%2C728x90%2C728x90%2C320x50%7C300x250%2C320x50%7C300x250%2C320x50%7C300x250%2C320x50%7C300x250%2C320x50%7C300x250%2C320x50%7C300x250%2C320x50%7C300x250%2C320x50%7C300x250%2C320x50%7C300x250%2C320x50%7C300x250%2C320x50%7C300x600%2C150x125%2C150x125%2C150x125&fluid=0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2Cheight%2Cheight%2Cheight%2Cheight%2Cheight%2Cheight%2Cheight%2Cheight%2Cheight%2Cheight%2Cheight%2C0%2C0%2C0&ifi=2&sfv=1-0-40&sc=1&abxe=1&dt=1720446945271&lmt=1720446945&adxs=0%2C1426%2C315%2C226%2C226%2C436%2C226%2C226%2C-9%2C-9%2C1074%2C1074%2C1074%2C1074%2C1074%2C1074%2C-9%2C-9%2C-9%2C-9%2C1074%2C-9%2C-9%2C-9&adys=190%2C190%2C1655%2C3193%2C5006%2C99%2C1048%2C2714%2C-9%2C-9%2C454%2C469%2C1988%2C2003%2C3508%2C3523%2C-9%2C-9%2C-9%2C-9%2C3538%2C-9%2C-9%2C-9&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0%7C0%7C1%7C2%7C3%7C0%7C0%7C4%7C-1%7C-1%7C0%7C0%7C5%7C6%7C7%7C8%7C-1%7C-1%7C-1%7C-1%7C9%7C-1%7C-1%7C-1&ucis=1%7C2%7C3%7C4%7C5%7C6%7C7%7C8%7C9%7Ca%7Cb%7Cc%7Cd%7Ce%7Cf%7Cg%7Ch%7Ci%7Cj%7Ck%7Cl%7Cm%7Cn%7Co&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=120&dmc=8&bc=31&nvt=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&url=https%3A%2F%2Fcqty1.bhuefbfrvbn.workers.dev%2F&vis=1&psz=174x-1%7C174x-1%7C1148x0%7C1148x0%7C1148x0%7C1600x90%7C1148x0%7C1148x0%7C0x-1%7C0x-1%7C300x275%7C300x275%7C300x262%7C300x262%7C300x259%7C300x259%7C0x-1%7C0x-1%7C0x-1%7C0x-1%7C300x259%7C0x-1%7C0x-1%7C0x-1&msz=174x-1%7C174x-1%7C970x0%7C1148x0%7C1148x0%7C1600x0%7C1148x0%7C1148x0%7C0x-1%7C0x-1%7C300x0%7C300x0%7C300x0%7C300x0%7C300x0%7C300x0%7C0x-1%7C0x-1%7C0x-1%7C0x-1%7C300x0%7C0x-1%7C0x-1%7C0x-1&fws=512%2C512%2C4%2C4%2C4%2C0%2C4%2C4%2C2%2C2%2C4%2C4%2C4%2C4%2C4%2C4%2C2%2C2%2C2%2C2%2C4%2C2%2C2%2C2&ohw=0%2C0%2C1180%2C1180%2C1180%2C0%2C1180%2C1180%2C0%2C0%2C1180%2C1180%2C1180%2C1180%2C1180%2C1180%2C0%2C0%2C0%2C0%2C1180%2C0%2C0%2C0&ga_vid=505424223.1720446945&ga_sid=1720446945&ga_hid=677306968&ga_fc=false&topics=5&tps=5&htps=5&nt=1&psd=WzE0LG51bGwsbnVsbCwzXQ..&dlt=1720446943466&idt=1730&adks=979567663%2C2185212989%2C2421375807%2C366054724%2C911572581%2C2558534381%2C3687027337%2C2772303345%2C1855939391%2C25877906%2C435244622%2C302933537%2C1587516836%2C723022383%2C3666453265%2C3235191153%2C639406632%2C1818096782%2C1904407829%2C1930634536%2C3509730642%2C3577480103%2C1807841720%2C2870509506&frm=20

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202407020101/pubads_impl.js

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.18.2 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s22-in-f2.1e100.net

Software

cafe /

Resource Hash

2567b63dccdb21c400fd427937bf5b58893b4d17d1e5c047c308f3f5fea0de37

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://cqty1.bhuefbfrvbn.workers.dev/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Mon, 08 Jul 2024 13:55:45 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2,-2,-2,-2,-2,-2,-2,-2,-2,-2,-2,-2,-2,-2,-2,-2,-2,-2,-2,-2,-2,-2,-2,-2
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 51351
x-xss-protection: 0
google-lineitem-id: 6748972946,6748972946,-2,-2,-2,6730823668,-2,-2,-2,6698483204,6744716122,6747264914,6743850441,-2,6720803688,-2,-2,-2,-2,6350839098,6707787743,-2,-2,-2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: 138480646050,138480646053,-2,-2,-2,138477196036,-2,-2,-2,138470372299,138479775933,138480100158,138480077445,-2,138475156043,-2,-2,-2,-2,138440657972,138472528555,-2,-2,-2
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://cqty1.bhuefbfrvbn.workers.dev
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 container.html
c2fee64726ff3dcf87809d402f7ffa1b.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame E8BC 0
0 142ms
37ms Document
text/html 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://c2fee64726ff3dcf87809d402f7ffa1b.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202407020101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://cqty1.bhuefbfrvbn.workers.dev/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=300
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Mon, 08 Jul 2024 13:55:45 GMT
expires: Mon, 08 Jul 2024 13:55:45 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 taboola-browsing-topics.html
cdn.taboola.com/libtrc/static/topics/ Frame C169 0
0 66ms
25ms Document
text/html 151.101.129.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.taboola.com/libtrc/static/topics/taboola-browsing-topics.html
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/google-topics-api.20240707-12-RELEASE.es6.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.129.44 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash

Request headers

Referer: https://cqty1.bhuefbfrvbn.workers.dev/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

abp: 26
accept-ranges: bytes
access-control-allow-origin: *
age: 37710
cache-control: private,max-age=31536000
content-encoding: gzip
content-length: 340
content-type: text/html
date: Mon, 08 Jul 2024 13:55:45 GMT
etag: "8b140f0f0f6e1a0f986cc7d6dfd74d65"
last-modified: Tue, 13 Feb 2024 13:15:59 GMT
server: AmazonS3
vary: Accept-Encoding
via: 1.1 varnish
x-amz-id-2: kSVYSCSo5KYgwhmA+BpXLl16PaUxjnXRba1yF2MPoe3y8N/kao8kvR7hFC9uWUlyPc7ia2IBTmw=
x-amz-replication-status: COMPLETED
x-amz-request-id: DC9WTSSEMZVHBN6D
x-amz-server-side-encryption: AES256
x-amz-version-id: 4MpQ_aQntJKuJTBB3LGK3B7cfa8k5k0b
x-cache: HIT
x-cache-hits: 7329
x-served-by: cache-bru1480020-BRU
x-timer: S1720446945.443429,VS0,VE0

POST
H2 200 collect Show response
www.google-analytics.com/j/ 2 B
219 B 38ms
37ms XHR
text/plain 2a00:1450:4001:82a::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j101&a=677306968&t=pageview&_s=1&dl=https%3A%2F%2Fcqty1.bhuefbfrvbn.workers.dev%2F&ul=nl-nl&de=UTF-8&dt=Car%20News%2C%20Car%20Videos%2C%20Car%20Reviews%2C%20Car%20Road%20Tests%2C%20Car%20Industry%20News%2C%20Car%20Rumours%2C%20and%20much%20more%20%7C%20CAR%20Magazine&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YAhAAUABAAAAACAAI~&jid=1593267632&gjid=1152815671&cid=505424223.1720446945&tid=UA-11411975-1&_gid=257934053.1720446945&_r=1&gtm=457e4730za200&gcd=13l3l3l2l1&dma_cps=sypham&dma=1&tag_exp=0&jsscut=1&npa=1&z=626303322

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://cqty1.bhuefbfrvbn.workers.dev/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Mon, 08 Jul 2024 13:55:45 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://cqty1.bhuefbfrvbn.workers.dev
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 collect
region1.analytics.google.com/g/ 0
0 97ms
24ms Fetch
text/plain 2001:4860:4802:32::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.analytics.google.com/g/collect?v=2&tid=G-KYLBT1M2BJ&gtm=45je4730v9100290862za200&_p=1720446944708&_gaz=1&gcd=13l3l3l2l1&npa=1&dma_cps=sypham&dma=1&tag_exp=0&cid=505424223.1720446945&ul=nl-nl&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&are=1&frm=0&pscdl=noapi&_eu=AAAI&_s=1&sid=1720446945&sct=1&seg=0&dl=https%3A%2F%2Fcqty1.bhuefbfrvbn.workers.dev%2F&dt=Car%20News%2C%20Car%20Videos%2C%20Car%20Reviews%2C%20Car%20Road%20Tests%2C%20Car%20Industry%20News%2C%20Car%20Rumours%2C%20and%20much%20more%20%7C%20CAR%20Magazine&en=page_view&_fv=1&_ss=1&tfd=5633&_z=fetch
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-KYLBT1M2BJ&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash

Request headers

Referer: https://cqty1.bhuefbfrvbn.workers.dev/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 08 Jul 2024 13:55:45 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://cqty1.bhuefbfrvbn.workers.dev
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 collect
stats.g.doubleclick.net/g/ 0
57 B 115ms
33ms Ping
text/plain 2a00:1450:400c:c04::9c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://stats.g.doubleclick.net/g/collect?v=2&tid=G-KYLBT1M2BJ&cid=505424223.1720446945&gtm=45je4730v9100290862za200&aip=1&dma=1&dma_cps=sypham&gcd=13l3l3l2l1&npa=1&frm=0
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-KYLBT1M2BJ&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:400c:c04::9c Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://cqty1.bhuefbfrvbn.workers.dev/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 08 Jul 2024 13:55:45 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://cqty1.bhuefbfrvbn.workers.dev
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.nl/ads/ 42 B
409 B 130ms
50ms Image
image/gif 2a00:1450:4001:82f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.nl/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-KYLBT1M2BJ&cid=505424223.1720446945&gtm=45je4730v9100290862za200&aip=1&dma=1&dma_cps=sypham&gcd=13l3l3l2l1&npa=1&frm=0&z=1024862302

Requested by

Host: cqty1.bhuefbfrvbn.workers.dev
URL: https://cqty1.bhuefbfrvbn.workers.dev/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://cqty1.bhuefbfrvbn.workers.dev/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 08 Jul 2024 13:55:45 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 4 B
361 B 101ms
32ms XHR
text/plain 2a00:1450:400c:c04::9c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j101&tid=UA-11411975-1&cid=505424223.1720446945&jid=1593267632&gjid=1152815671&_gid=257934053.1720446945&npa=1&_u=YAhAAUAAAAAAACAAI~&z=1690157309

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c04::9c Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

122fac0ffbb44fb8bba0388baa11afc67faec3b223a06871a40dbcab4c6cc787

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://cqty1.bhuefbfrvbn.workers.dev/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Mon, 08 Jul 2024 13:55:45 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://cqty1.bhuefbfrvbn.workers.dev
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 204 ping
pagead2.googlesyndication.com/pagead/ 0
0 197ms
194ms Fetch
text/html 172.217.18.2
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://pagead2.googlesyndication.com/pagead/ping?e=1
Requested by: Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-7073370864490749
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.217.18.2 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: fra24s22-in-f2.1e100.net
Software: /
Resource Hash

Request headers

Referer: https://cqty1.bhuefbfrvbn.workers.dev/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

GET
H3

200

/
www.google.nl/pagead/1p-conversion/981195317/
Redirect Chain

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/981195317/?random=1364410309&cv=11&fst=1720446945119&bg=ffffff&guid=ON&async=1&gtm=45be4730v9181219265za200&gcd=13l3lPl2l1&dma_cps=s...
https://www.google.com/pagead/1p-conversion/981195317/?random=1364410309&cv=11&fst=1720446945119&bg=ffffff&guid=ON&async=1&gtm=45be4730v9181219265za200&gcd=13l3lPl2l1&dma_cps=sypham&dma=1&tag_exp=0...
https://www.google.nl/pagead/1p-conversion/981195317/?random=1364410309&cv=11&fst=1720446945119&bg=ffffff&guid=ON&async=1&gtm=45be4730v9181219265za200&gcd=13l3lPl2l1&dma_cps=sypham&dma=1&tag_exp=0&...

42 B
64 B

64ms
63ms

Image
image/gif

142.250.181.227
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.nl/pagead/1p-conversion/981195317/?random=1364410309&cv=11&fst=1720446945119&bg=ffffff&guid=ON&async=1&gtm=45be4730v9181219265za200&gcd=13l3lPl2l1&dma_cps=sypham&dma=1&tag_exp=0&u_w=1600&u_h=1200&url=https%3A%2F%2Fcqty1.bhuefbfrvbn.workers.dev%2F&label=tlaeCPvm4sIBELW079MD&hn=www.googleadservices.com&frm=0&tiba=Car%20News%2C%20Car%20Videos%2C%20Car%20Reviews%2C%20Car%20Road%20Tests%2C%20Car%20Industry%20News%2C%20Car%20Rumours%2C%20and%20much%20more%20%7C%20CAR%20Magazine&gtm_ee=1&npa=1&pscdl=noapi&auid=1945906829.1720446945&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&ec_mode=a&fdr=SA&capi=1&data=event%3Dconversion&em=tv.1&fmt=3&ct_cookie_present=false&sscte=1&crd=CLHBsQIIsMGxAgi5wbECShV0cmlnZ2VyLCBldmVudC1zb3VyY2VaAwoBAWIECgICAw&pscrd=IhMIt-SXqMyXhwMVrBaiAx2oHgmoMgIIAzICCAQyAggHMgIICDICCAkyAggKMgIIAjICCAs6Jmh0dHBzOi8vY3F0eTEuYmh1ZWZiZnJ2Ym4ud29ya2Vycy5kZXYv&is_vtc=1&cid=CAQSGwDaQooLyGYJU1nLRacU4bnr9KhNbaAbNo-NzQ&random=339109625&ipr=y

Requested by

Host: cqty1.bhuefbfrvbn.workers.dev
URL: https://cqty1.bhuefbfrvbn.workers.dev/

Protocol

Server

142.250.181.227 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f3.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://cqty1.bhuefbfrvbn.workers.dev/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 08 Jul 2024 13:55:46 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Mon, 08 Jul 2024 13:55:45 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
location: https://www.google.nl/pagead/1p-conversion/981195317/?random=1364410309&cv=11&fst=1720446945119&bg=ffffff&guid=ON&async=1&gtm=45be4730v9181219265za200&gcd=13l3lPl2l1&dma_cps=sypham&dma=1&tag_exp=0&u_w=1600&u_h=1200&url=https%3A%2F%2Fcqty1.bhuefbfrvbn.workers.dev%2F&label=tlaeCPvm4sIBELW079MD&hn=www.googleadservices.com&frm=0&tiba=Car%20News%2C%20Car%20Videos%2C%20Car%20Reviews%2C%20Car%20Road%20Tests%2C%20Car%20Industry%20News%2C%20Car%20Rumours%2C%20and%20much%20more%20%7C%20CAR%20Magazine&gtm_ee=1&npa=1&pscdl=noapi&auid=1945906829.1720446945&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&ec_mode=a&fdr=SA&capi=1&data=event%3Dconversion&em=tv.1&fmt=3&ct_cookie_present=false&sscte=1&crd=CLHBsQIIsMGxAgi5wbECShV0cmlnZ2VyLCBldmVudC1zb3VyY2VaAwoBAWIECgICAw&pscrd=IhMIt-SXqMyXhwMVrBaiAx2oHgmoMgIIAzICCAQyAggHMgIICDICCAkyAggKMgIIAjICCAs6Jmh0dHBzOi8vY3F0eTEuYmh1ZWZiZnJ2Ym4ud29ya2Vycy5kZXYv&is_vtc=1&cid=CAQSGwDaQooLyGYJU1nLRacU4bnr9KhNbaAbNo-NzQ&random=339109625&ipr=y
content-type: image/gif
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 zrt_lookup_fy2021.html
pagead2.googlesyndication.com/pagead/html/r20240702/r20110914/ Frame CAD1 0
0 91ms
28ms Document
text/html 172.217.18.2
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/html/r20240702/r20110914/zrt_lookup_fy2021.html

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202406270101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-7073370864490749&plah=cqty1.bhuefbfrvbn.workers.dev&aplac=true&bust=31084927

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.18.2 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s22-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://cqty1.bhuefbfrvbn.workers.dev/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

age: 40911
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4142
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 08 Jul 2024 02:33:54 GMT
etag: 2738592464165616
expires: Mon, 22 Jul 2024 02:33:54 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 403 ads
pagead2.googlesyndication.com/pagead/ Frame E5F8 0
0 96ms
48ms Document
text/html 172.217.18.2
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/ads?ltd_cs=1&client=ca-pub-7073370864490749&output=html&adk=1812271804&adf=3025194257&abgtt=6&lmt=1720446945&plat=9%3A134250504%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&plas=188x945_l%7C188x945_r&format=0x0&url=https%3A%2F%2Fcqty1.bhuefbfrvbn.workers.dev%2F&pra=5&wgl=1&easpi=0&aihb=0&asro=0&ailel=27~1~2~4~6~7~8~9~10~11~12~13~14~15~16~17~18~19~20~21~24~30&aiael=27~1~2~4~6~7~8~9~10~11~12~13~14~15~16~17~18~19~20~21~24~30&aifxl=27_8~30_19&aiixl=27_3~30_6&aslmct=0.7&asamct=0.7&aipaq=1&aisaib=1&itsi=-1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1720446945014&bpp=5&bdt=1549&idt=487&shv=r20240702&mjsv=m202406270101&ptt=9&saldr=aa&abxe=1&eoidce=1&nras=1&correlator=5730938282287&frm=20&pv=2&ga_vid=505424223.1720446945&ga_sid=1720446945&ga_hid=677306968&ga_fc=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759837%2C42532523%2C44798934%2C95331695%2C95334508%2C95334527%2C95334564%2C95335887%2C95337026%2C31084927%2C95335246%2C31078663%2C31078668%2C31078670&oid=2&pvsid=3700418703506396&tmod=1212430100&uas=0&nvt=1&fsapi=1&fc=1920&brdim=110%2C110%2C110%2C110%2C1600%2C0%2C1600%2C1285%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&bz=1&nt=1&ifi=1&uci=a!1&fsb=1&dtd=503

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.18.2 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s22-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://cqty1.bhuefbfrvbn.workers.dev/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding: br
content-length: 46
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 08 Jul 2024 13:55:45 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 view
pagead2.googlesyndication.com/pcs/ Frame 7DDE 0
0 183ms
182ms Fetch
image/gif 172.217.18.2
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/view?xai=AKAOjssmjnclnraz79Y7ErhGB1MKmC5AjkawLsCoYaeoAuKmmdUm63Dj7T63Sn8Zwjkxmm2ivP87gYygmL5cD-WRYlds3nsZMYyEvB8CauqlwQF3Mp6KNSgQAd7ReVW_k-RIVMOP1nfBupgqMZ6NpWAuj75FpQr2a4cOZGHI7wve90_lZ1tETG2Jm7WZ6dpacVl--gO7RgVOYmer7UlrEFp97AI19CarAGGrSDRr5SqQTeX37MJJDA-jDAHDSCNOqZS3AYZCZMXgAXwxCQ4EzZ1h_EUCS1adWqorFbuYTxdEruOlPXXKkkvcNiqCQCkvs3xmoP3SENgCe4YoFwmqILKO4u9nHXhd-YgW_uIhr9KJHo19Zr-fcn_lasE&sig=Cg0ArKJSzMVMzVulnVJzEAE&uach_m=%5BUACH%5D&adurl=

Requested by

Host: cqty1.bhuefbfrvbn.workers.dev
URL: https://cqty1.bhuefbfrvbn.workers.dev/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.18.2 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s22-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://cqty1.bhuefbfrvbn.workers.dev/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Mon, 08 Jul 2024 13:55:45 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H3 200 abg_lite_fy2021.js Show response
pagead2.googlesyndication.com/pagead/js/r20240702/r20110914/ Frame 7DDE 23 KB
9 KB 71ms
69ms Script
text/javascript 172.217.18.2
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20240702/r20110914/abg_lite_fy2021.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202407020101/pubads_impl.js

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.18.2 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s22-in-f2.1e100.net

Software

cafe /

Resource Hash

679e233357e93a4f4d15bc2e62d33e0048a978a5ddd57a78ad1203d614b0773a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://cqty1.bhuefbfrvbn.workers.dev/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Mon, 08 Jul 2024 13:06:51 GMT
content-encoding: br
x-content-type-options: nosniff
age: 2934
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9191
x-xss-protection: 0
server: cafe
etag: 8778699909409299010
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 22 Jul 2024 13:06:51 GMT

GET
H3 200 window_focus_fy2021.js Show response
pagead2.googlesyndication.com/pagead/js/r20240702/r20110914/client/ Frame 7DDE 3 KB
1 KB 70ms
69ms Script
text/javascript 172.217.18.2
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20240702/r20110914/client/window_focus_fy2021.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202407020101/pubads_impl.js

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.18.2 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s22-in-f2.1e100.net

Software

cafe /

Resource Hash

66e9bf446316f6eec5eaefa7098592bbd2144a60eb38c481db233a6ca8b8d94a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://cqty1.bhuefbfrvbn.workers.dev/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Mon, 08 Jul 2024 13:06:50 GMT
content-encoding: br
x-content-type-options: nosniff
age: 2935
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1229
x-xss-protection: 0
server: cafe
etag: 16544991220582087243
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 22 Jul 2024 13:06:50 GMT

GET
H3 200 ufs_web_display.js Show response
pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ Frame 7DDE 205 KB
63 KB 77ms
71ms Script
text/javascript 172.217.18.2
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ufs_web_display.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202407020101/pubads_impl.js

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.18.2 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s22-in-f2.1e100.net

Software

cafe /

Resource Hash

066bf781659af09bb40a24a7d87dd2310c2324c9619e347c6d6d05c00ffeb182

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://cqty1.bhuefbfrvbn.workers.dev/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Mon, 08 Jul 2024 13:06:51 GMT
content-encoding: br
x-content-type-options: nosniff
age: 2934
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 64446
x-xss-protection: 0
server: cafe
etag
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Mon, 08 Jul 2024 14:06:51 GMT

GET
H2 200 2782905740778403640
tpc.googlesyndication.com/simgad/ Frame 7DDE 111 KB
111 KB 173ms
28ms Image
image/jpeg 2a00:1450:4001:80b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/2782905740778403640

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202407020101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3e37441765bb9324e2af8077194a2f0185d0c821ab2996edde7bc8328bf92d29

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://cqty1.bhuefbfrvbn.workers.dev/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

expires: Mon, 07 Jul 2025 22:56:10 GMT
date: Sun, 07 Jul 2024 22:56:10 GMT
x-content-type-options: nosniff
age: 53975
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 113593
x-xss-protection: 0
last-modified: Fri, 28 Jun 2024 11:50:39 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
allow-fenced-frame-automatic-beacons: true

GET
H3 200 view
pagead2.googlesyndication.com/pcs/ Frame 89A8 0
0 182ms
181ms Fetch
image/gif 172.217.18.2
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/view?xai=AKAOjsu4sL0PvW2YYMC4Yh2UoDax1Jj1W0E30_cpj05M-ml5V9wtrzWT4rAEgIesWU0wL-9wJ3gXP1l4gTDNFQaX8cOBC1UPO1zKmKwI27ovR1mDqx7TU76oWEt4Xa5aiEEXMQn-uIPEg6N0mYsXv2i9698QjxEKBFjnTV9iiW9Z_W4IpuQub7WPDMyFjkReqT1vo1uJgjqfmerunwolSeMjpdei47bsTaqIDE0HkQrTHo45pgE3JFy0z2xg8-JWniwPMStr1oKxL_ynvqJuKH1QzUoU6tQIdEwVr2UdT1GfSvfOeaJwmYtLBJdZVvoPvBKF7PZg9CDoa-f7VfjhDJ_lQ4i0h2chsNQuyhFwsi1NUO897N77ktlBLX4&sig=Cg0ArKJSzCKE0B3B9EMKEAE&uach_m=%5BUACH%5D&adurl=

Requested by

Host: cqty1.bhuefbfrvbn.workers.dev
URL: https://cqty1.bhuefbfrvbn.workers.dev/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.18.2 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s22-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://cqty1.bhuefbfrvbn.workers.dev/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Mon, 08 Jul 2024 13:55:45 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H3 200 abg_lite_fy2021.js Show response
pagead2.googlesyndication.com/pagead/js/r20240702/r20110914/ Frame 89A8 23 KB
0 58ms
58ms Script
text/javascript 172.217.18.2
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20240702/r20110914/abg_lite_fy2021.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202407020101/pubads_impl.js

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.18.2 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s22-in-f2.1e100.net

Software

cafe /

Resource Hash

679e233357e93a4f4d15bc2e62d33e0048a978a5ddd57a78ad1203d614b0773a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://cqty1.bhuefbfrvbn.workers.dev/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Mon, 08 Jul 2024 13:06:51 GMT
content-encoding: br
x-content-type-options: nosniff
age: 2934
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9191
x-xss-protection: 0
server: cafe
etag: 8778699909409299010
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 22 Jul 2024 13:06:51 GMT

GET
H3 200 window_focus_fy2021.js Show response
pagead2.googlesyndication.com/pagead/js/r20240702/r20110914/client/ Frame 89A8 3 KB
0 58ms
58ms Script
text/javascript 172.217.18.2
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20240702/r20110914/client/window_focus_fy2021.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202407020101/pubads_impl.js

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.18.2 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s22-in-f2.1e100.net

Software

cafe /

Resource Hash

66e9bf446316f6eec5eaefa7098592bbd2144a60eb38c481db233a6ca8b8d94a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://cqty1.bhuefbfrvbn.workers.dev/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Mon, 08 Jul 2024 13:06:50 GMT
content-encoding: br
x-content-type-options: nosniff
age: 2935
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1229
x-xss-protection: 0
server: cafe
etag: 16544991220582087243
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 22 Jul 2024 13:06:50 GMT

GET
H3 200 ufs_web_display.js Show response
pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ Frame 89A8 205 KB
0 83ms
82ms Script
text/javascript 172.217.18.2
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ufs_web_display.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202407020101/pubads_impl.js

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.18.2 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s22-in-f2.1e100.net

Software

cafe /

Resource Hash

066bf781659af09bb40a24a7d87dd2310c2324c9619e347c6d6d05c00ffeb182

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://cqty1.bhuefbfrvbn.workers.dev/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Mon, 08 Jul 2024 13:06:51 GMT
content-encoding: br
x-content-type-options: nosniff
age: 2934
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 64446
x-xss-protection: 0
server: cafe
etag
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Mon, 08 Jul 2024 14:06:51 GMT

GET
H2 200 8263214751554969774
tpc.googlesyndication.com/simgad/ Frame 89A8 111 KB
111 KB 228ms
100ms Image
image/jpeg 2a00:1450:4001:80b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/8263214751554969774

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202407020101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3e37441765bb9324e2af8077194a2f0185d0c821ab2996edde7bc8328bf92d29

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://cqty1.bhuefbfrvbn.workers.dev/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

expires: Mon, 07 Jul 2025 22:56:10 GMT
date: Sun, 07 Jul 2024 22:56:10 GMT
x-content-type-options: nosniff
age: 53975
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 113593
x-xss-protection: 0
last-modified: Fri, 28 Jun 2024 11:50:39 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
allow-fenced-frame-automatic-beacons: true

GET
H3 200 view
pagead2.googlesyndication.com/pcs/ Frame 7E64 0
0 179ms
178ms Fetch
image/gif 172.217.18.2
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/view?xai=AKAOjssX1nY5FY3A0LyXTWd4YzlZdqZ-8UPwcFCRXK8Wl0D2_oxgajQEP46wDoluNz5DRD9JWyWIaT1gjC3vtxd95u3AZ106bvTNL93v-rovf34Hkz_9wU5qTp6AnENIzeCusuny5Qio2VS8pX8tHj4r-6zc6US_AK5mITSRtKI0SVbWtV4nQSSg80Oehl-jBKGgmpHL_eUVoYZWQlxak-u0zXSyWCizlfewyGWO1lRdodHt2HIii9uC06-DRmMeWzyXbN4IpX6iAaup27uMBe8uPRx0ivH2qvJQgIxt3y_e8PrwfdOB5nbzSHZ0rfTceQoKfCgtygT915W7zH-baBJ2asEDYONd7OTa8ACFo5qDr0pvwovqXD8D1Ooi&sig=Cg0ArKJSzCq4vOEYhnnOEAE&uach_m=%5BUACH%5D&adurl=

Requested by

Host: cqty1.bhuefbfrvbn.workers.dev
URL: https://cqty1.bhuefbfrvbn.workers.dev/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.18.2 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s22-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://cqty1.bhuefbfrvbn.workers.dev/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Mon, 08 Jul 2024 13:55:45 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H3 200 abg_lite_fy2021.js Show response
pagead2.googlesyndication.com/pagead/js/r20240702/r20110914/ Frame 7E64 23 KB
0 78ms
78ms Script
text/javascript 172.217.18.2
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20240702/r20110914/abg_lite_fy2021.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202407020101/pubads_impl.js

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.18.2 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s22-in-f2.1e100.net

Software

cafe /

Resource Hash

679e233357e93a4f4d15bc2e62d33e0048a978a5ddd57a78ad1203d614b0773a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://cqty1.bhuefbfrvbn.workers.dev/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Mon, 08 Jul 2024 13:06:51 GMT
content-encoding: br
x-content-type-options: nosniff
age: 2934
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9191
x-xss-protection: 0
server: cafe
etag: 8778699909409299010
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 22 Jul 2024 13:06:51 GMT

GET
H3 200 window_focus_fy2021.js Show response
pagead2.googlesyndication.com/pagead/js/r20240702/r20110914/client/ Frame 7E64 3 KB
0 78ms
78ms Script
text/javascript 172.217.18.2
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20240702/r20110914/client/window_focus_fy2021.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202407020101/pubads_impl.js

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.18.2 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s22-in-f2.1e100.net

Software

cafe /

Resource Hash

66e9bf446316f6eec5eaefa7098592bbd2144a60eb38c481db233a6ca8b8d94a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://cqty1.bhuefbfrvbn.workers.dev/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Mon, 08 Jul 2024 13:06:50 GMT
content-encoding: br
x-content-type-options: nosniff
age: 2935
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1229
x-xss-protection: 0
server: cafe
etag: 16544991220582087243
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 22 Jul 2024 13:06:50 GMT

GET
H3 200 ufs_web_display.js Show response
pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ Frame 7E64 205 KB
0 86ms
86ms Script
text/javascript 172.217.18.2
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ufs_web_display.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202407020101/pubads_impl.js

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.18.2 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s22-in-f2.1e100.net

Software

cafe /

Resource Hash

066bf781659af09bb40a24a7d87dd2310c2324c9619e347c6d6d05c00ffeb182

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://cqty1.bhuefbfrvbn.workers.dev/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Mon, 08 Jul 2024 13:06:51 GMT
content-encoding: br
x-content-type-options: nosniff
age: 2934
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 64446
x-xss-protection: 0
server: cafe
etag
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Mon, 08 Jul 2024 14:06:51 GMT

GET
H2 200 12858679065924591065
tpc.googlesyndication.com/simgad/ Frame 7E64 332 KB
333 KB 262ms
140ms Image
image/gif 2a00:1450:4001:80b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/12858679065924591065

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202407020101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

2c908805bb93ed91ca0f9fcd6cb213315d350d3dd826fac4e31e268d96a80b63

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://cqty1.bhuefbfrvbn.workers.dev/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

expires: Mon, 07 Jul 2025 01:51:14 GMT
date: Sun, 07 Jul 2024 01:51:14 GMT
x-content-type-options: nosniff
age: 129871
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 340451
x-xss-protection: 0
last-modified: Fri, 24 May 2024 15:19:37 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/gif
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
allow-fenced-frame-automatic-beacons: true

GET
H3 200 view
pagead2.googlesyndication.com/pcs/ Frame 108D 0
0 233ms
219ms Fetch
image/gif 172.217.18.2
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/view?xai=AKAOjssx7e7Rrd6Q3DCderJBzcR1TqjU1NdXxOrDCOdf31nolEO10oD0g20Awck6f6skLWNUyJqaDurOppVxbvEuwpDJUVD0YKfrl1tTYZhbLnpRwv5vxDh9TK1WtuobQuhzoBVcg6PE_NavJxIuGES6njfHO0j83tW-EwtmjmfZAME0rDy8aNX7sLMV4aNWZM_eI0hfOv9yNeG9H-xqPLLGKK9-fhWbFBGX0sBO8PaUyJTjkv2HiW1FKz3g5uQ8WJC-WKP-4cVOiDtancoAkMODu_Jm1W0tjyql4n2KdUFiISKewBXpQLP4OUU-8gz72T_RmeEK6nJM29-zEWtTViuUtfLtY_vwrUzHRwIMC0beYN3gJbkFLzUVUw0&sig=Cg0ArKJSzAmpUdfVHyuuEAE&uach_m=%5BUACH%5D&adurl=

Requested by

Host: cqty1.bhuefbfrvbn.workers.dev
URL: https://cqty1.bhuefbfrvbn.workers.dev/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.18.2 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s22-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://cqty1.bhuefbfrvbn.workers.dev/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Mon, 08 Jul 2024 13:55:45 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H3 200 abg_lite_fy2021.js Show response
pagead2.googlesyndication.com/pagead/js/r20240702/r20110914/ Frame 108D 23 KB
0 49ms
49ms Script
text/javascript 172.217.18.2
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20240702/r20110914/abg_lite_fy2021.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202407020101/pubads_impl.js

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.18.2 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s22-in-f2.1e100.net

Software

cafe /

Resource Hash

679e233357e93a4f4d15bc2e62d33e0048a978a5ddd57a78ad1203d614b0773a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://cqty1.bhuefbfrvbn.workers.dev/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Mon, 08 Jul 2024 13:06:51 GMT
content-encoding: br
x-content-type-options: nosniff
age: 2934
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9191
x-xss-protection: 0
server: cafe
etag: 8778699909409299010
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 22 Jul 2024 13:06:51 GMT

GET
H3 200 window_focus_fy2021.js Show response
pagead2.googlesyndication.com/pagead/js/r20240702/r20110914/client/ Frame 108D 3 KB
0 50ms
50ms Script
text/javascript 172.217.18.2
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20240702/r20110914/client/window_focus_fy2021.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202407020101/pubads_impl.js

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.18.2 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s22-in-f2.1e100.net

Software

cafe /

Resource Hash

66e9bf446316f6eec5eaefa7098592bbd2144a60eb38c481db233a6ca8b8d94a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://cqty1.bhuefbfrvbn.workers.dev/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Mon, 08 Jul 2024 13:06:50 GMT
content-encoding: br
x-content-type-options: nosniff
age: 2935
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1229
x-xss-protection: 0
server: cafe
etag: 16544991220582087243
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 22 Jul 2024 13:06:50 GMT

GET
H3 200 ufs_web_display.js Show response
pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ Frame 108D 205 KB
0 111ms
111ms Script
text/javascript 172.217.18.2
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ufs_web_display.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202407020101/pubads_impl.js

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.18.2 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s22-in-f2.1e100.net

Software

cafe /

Resource Hash

066bf781659af09bb40a24a7d87dd2310c2324c9619e347c6d6d05c00ffeb182

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://cqty1.bhuefbfrvbn.workers.dev/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Mon, 08 Jul 2024 13:06:51 GMT
content-encoding: br
x-content-type-options: nosniff
age: 2934
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 64446
x-xss-protection: 0
server: cafe
etag
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Mon, 08 Jul 2024 14:06:51 GMT

GET
H2 200 18290394688435735426
tpc.googlesyndication.com/simgad/ Frame 108D 59 KB
59 KB 173ms
88ms Image
image/gif 2a00:1450:4001:80b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/18290394688435735426

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202407020101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e1ce0ead5458e276a5ebd4ee30d8042e95108571cd3dcb208bea93bbaac3de71

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://cqty1.bhuefbfrvbn.workers.dev/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

expires: Tue, 08 Jul 2025 02:18:00 GMT
date: Mon, 08 Jul 2024 02:18:00 GMT
x-content-type-options: nosniff
age: 41865
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 60102
x-xss-protection: 0
last-modified: Fri, 21 Jun 2024 12:21:40 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/gif
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
allow-fenced-frame-automatic-beacons: true

GET
H3 200 view
pagead2.googlesyndication.com/pcs/ Frame 1791 0
0 228ms
219ms Fetch
image/gif 172.217.18.2
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/view?xai=AKAOjsv8RlwADiFvE5UmCDDd6WZViOMIcWtMB9BdYjQfr9dFNXZDC9l0AY4StvBAYjAHLzBK2UvLm_SoYl9y9DiUFUMNmw822IRPCWKKXlJGqdwdlDuajeKa61zvb24J1m9taQs6z6syIFBgPhlXZH8_4v4J1C33cKjV1q3IXSKYjLIUppCFtC3D6caamldlPm4_rfHNqQZrcCTLewf70R5eXaNk63RYiUa8V5AW1HcDZUveFjKdnVIYj07Q8txkuIZJAHvII608fWw1mJHb45Bx4yvMPjM_B8xjS-l2e1sdRu2zyGhRH6ZY__Saex2OMkfSS20K2RN6N3agGdbCtUvF2-PuAd8ozc-Ocupg8j6ntnDl-ywd37D_ZI4&sig=Cg0ArKJSzHGMtvy-5ZffEAE&uach_m=%5BUACH%5D&adurl=

Requested by

Host: cqty1.bhuefbfrvbn.workers.dev
URL: https://cqty1.bhuefbfrvbn.workers.dev/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.18.2 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s22-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://cqty1.bhuefbfrvbn.workers.dev/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Mon, 08 Jul 2024 13:55:45 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H3 200 abg_lite_fy2021.js Show response
pagead2.googlesyndication.com/pagead/js/r20240702/r20110914/ Frame 1791 23 KB
0 101ms
101ms Script
text/javascript 172.217.18.2
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20240702/r20110914/abg_lite_fy2021.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202407020101/pubads_impl.js

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.18.2 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s22-in-f2.1e100.net

Software

cafe /

Resource Hash

679e233357e93a4f4d15bc2e62d33e0048a978a5ddd57a78ad1203d614b0773a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://cqty1.bhuefbfrvbn.workers.dev/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Mon, 08 Jul 2024 13:06:51 GMT
content-encoding: br
x-content-type-options: nosniff
age: 2934
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9191
x-xss-protection: 0
server: cafe
etag: 8778699909409299010
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 22 Jul 2024 13:06:51 GMT

GET
H3 200 window_focus_fy2021.js Show response
pagead2.googlesyndication.com/pagead/js/r20240702/r20110914/client/ Frame 1791 3 KB
0 103ms
103ms Script
text/javascript 172.217.18.2
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20240702/r20110914/client/window_focus_fy2021.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202407020101/pubads_impl.js

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.18.2 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s22-in-f2.1e100.net

Software

cafe /

Resource Hash

66e9bf446316f6eec5eaefa7098592bbd2144a60eb38c481db233a6ca8b8d94a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://cqty1.bhuefbfrvbn.workers.dev/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Mon, 08 Jul 2024 13:06:50 GMT
content-encoding: br
x-content-type-options: nosniff
age: 2935
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1229
x-xss-protection: 0
server: cafe
etag: 16544991220582087243
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 22 Jul 2024 13:06:50 GMT

GET
H3 200 ufs_web_display.js Show response
pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ Frame 1791 205 KB
0 95ms
95ms Script
text/javascript 172.217.18.2
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ufs_web_display.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202407020101/pubads_impl.js

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.18.2 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s22-in-f2.1e100.net

Software

cafe /

Resource Hash

066bf781659af09bb40a24a7d87dd2310c2324c9619e347c6d6d05c00ffeb182

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://cqty1.bhuefbfrvbn.workers.dev/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Mon, 08 Jul 2024 13:06:51 GMT
content-encoding: br
x-content-type-options: nosniff
age: 2934
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 64446
x-xss-protection: 0
server: cafe
etag
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Mon, 08 Jul 2024 14:06:51 GMT

GET
H2 200 15170199408206034283
tpc.googlesyndication.com/simgad/ Frame 1791 475 KB
476 KB 208ms
145ms Image
image/gif 2a00:1450:4001:80b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/15170199408206034283

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202407020101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

32e593a2d68a24dda32f9c841233d5ac706fc575f582350fe26e043ff7bb1783

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://cqty1.bhuefbfrvbn.workers.dev/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

expires: Tue, 08 Jul 2025 01:52:32 GMT
date: Mon, 08 Jul 2024 01:52:32 GMT
x-content-type-options: nosniff
age: 43393
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 486602
x-xss-protection: 0
last-modified: Tue, 25 Jun 2024 10:17:44 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/gif
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
allow-fenced-frame-automatic-beacons: true

GET
H3 200 view
pagead2.googlesyndication.com/pcs/ Frame EEB4 0
0 199ms
190ms Fetch
image/gif 172.217.18.2
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/view?xai=AKAOjstOEcN6Ok6pb3EZrQ_8FASv3lw9Mop7Mh5yvwWYV6mgnGydQo6zmFBctTmkBdicN47fIHwZq3_FRnJ0-47q07g-HeCPxS3rEfWe2G3jcEw8IasTnIT4lyus0p6fTRQCTWSYWjOihRLVK2LQHDwyv4-7oPfR_-d_3XQHfroNX3BfGH7R5K8kTrw8L_H_tBOMquHyzIPQjehPAuS0jneLXbKaDwRvgnjyJLiHpLysoDJBa-tlnQnxpwsWNlLt0QmKp4un476vyY_sQAcHU8zpnN1yjgFjvPlZBfU6FrX6rWyEfEpfUgbSZCPnFVehHIj09E-6RyQU9CuX-IxyUvjiq8da4iA65qTA-JkVlYZxZvieNJASvDE47Kk&sig=Cg0ArKJSzMNQd_YWKKXjEAE&uach_m=%5BUACH%5D&adurl=

Requested by

Host: cqty1.bhuefbfrvbn.workers.dev
URL: https://cqty1.bhuefbfrvbn.workers.dev/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.18.2 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s22-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://cqty1.bhuefbfrvbn.workers.dev/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Mon, 08 Jul 2024 13:55:45 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H3 200 abg_lite_fy2021.js Show response
pagead2.googlesyndication.com/pagead/js/r20240702/r20110914/ Frame EEB4 23 KB
0 77ms
77ms Script
text/javascript 172.217.18.2
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20240702/r20110914/abg_lite_fy2021.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202407020101/pubads_impl.js

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.18.2 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s22-in-f2.1e100.net

Software

cafe /

Resource Hash

679e233357e93a4f4d15bc2e62d33e0048a978a5ddd57a78ad1203d614b0773a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://cqty1.bhuefbfrvbn.workers.dev/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Mon, 08 Jul 2024 13:06:51 GMT
content-encoding: br
x-content-type-options: nosniff
age: 2934
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9191
x-xss-protection: 0
server: cafe
etag: 8778699909409299010
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 22 Jul 2024 13:06:51 GMT

GET
H3 200 window_focus_fy2021.js Show response
pagead2.googlesyndication.com/pagead/js/r20240702/r20110914/client/ Frame EEB4 3 KB
0 79ms
79ms Script
text/javascript 172.217.18.2
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20240702/r20110914/client/window_focus_fy2021.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202407020101/pubads_impl.js

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.18.2 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s22-in-f2.1e100.net

Software

cafe /

Resource Hash

66e9bf446316f6eec5eaefa7098592bbd2144a60eb38c481db233a6ca8b8d94a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://cqty1.bhuefbfrvbn.workers.dev/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Mon, 08 Jul 2024 13:06:50 GMT
content-encoding: br
x-content-type-options: nosniff
age: 2935
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1229
x-xss-protection: 0
server: cafe
etag: 16544991220582087243
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 22 Jul 2024 13:06:50 GMT

GET
H3 200 ufs_web_display.js Show response
pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ Frame EEB4 205 KB
0 83ms
83ms Script
text/javascript 172.217.18.2
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ufs_web_display.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202407020101/pubads_impl.js

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.18.2 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s22-in-f2.1e100.net

Software

cafe /

Resource Hash

066bf781659af09bb40a24a7d87dd2310c2324c9619e347c6d6d05c00ffeb182

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://cqty1.bhuefbfrvbn.workers.dev/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Mon, 08 Jul 2024 13:06:51 GMT
content-encoding: br
x-content-type-options: nosniff
age: 2934
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 64446
x-xss-protection: 0
server: cafe
etag
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Mon, 08 Jul 2024 14:06:51 GMT

GET
H2 200 15444799159851174667
tpc.googlesyndication.com/simgad/ Frame EEB4 67 KB
67 KB 150ms
102ms Image
image/jpeg 2a00:1450:4001:80b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/15444799159851174667

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202407020101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

42128027b82394dddc5828393482b9699e126249f79f647f28a249e39b029607

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://cqty1.bhuefbfrvbn.workers.dev/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

expires: Tue, 08 Jul 2025 01:57:26 GMT
date: Mon, 08 Jul 2024 01:57:26 GMT
x-content-type-options: nosniff
age: 43099
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 68852
x-xss-protection: 0
last-modified: Tue, 25 Jun 2024 07:55:55 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
allow-fenced-frame-automatic-beacons: true

GET
H2 200 container.html
c2fee64726ff3dcf87809d402f7ffa1b.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 1AAB 0
0 35ms
35ms Document
text/html 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://c2fee64726ff3dcf87809d402f7ffa1b.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202407020101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://cqty1.bhuefbfrvbn.workers.dev/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=300
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Mon, 08 Jul 2024 13:55:45 GMT
expires: Mon, 08 Jul 2024 13:55:45 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 view
pagead2.googlesyndication.com/pcs/ Frame 25E4 0
0 194ms
184ms Fetch
image/gif 172.217.18.2
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/view?xai=AKAOjsuWv8MYGMPz7_4pfSf_n2ffXwSvlGpNAyE8d0IcBehJxEuIYmMLywUQ8XPy1pCl7VleHGJYRoWEPCVCF3ImXAXENkRZ_c3tV8YcuczEiTKqEEGodJpu9b6rt2sL8HD2n30cA6-YUD_NoEbNMs6ulNusSvyPz73kgIF0GO9iX21QT4MdOAh5-kywlQefYaLOhk3cWBdEYnxuXfxYqvWFVpt5rBKcjHW826JzGwcLLeWysLSgn29GT5h1lM1gy550cnxg6RD6uTfSf64leLiVLvWkcUWNFFwvbHB8VdAEmEFMqyopSh4zbnZRdOlPCUs4YU0j4wAJtVIMgNNlMIXtr0KdD3yaJr1dQmaixyavm_GFmTr0EU3PLhjM&sig=Cg0ArKJSzG0X5RSKE-jGEAE&uach_m=%5BUACH%5D&adurl=

Requested by

Host: cqty1.bhuefbfrvbn.workers.dev
URL: https://cqty1.bhuefbfrvbn.workers.dev/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.18.2 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s22-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://cqty1.bhuefbfrvbn.workers.dev/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Mon, 08 Jul 2024 13:55:45 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H3 200 abg_lite_fy2021.js Show response
pagead2.googlesyndication.com/pagead/js/r20240702/r20110914/ Frame 25E4 23 KB
0 45ms
45ms Script
text/javascript 172.217.18.2
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20240702/r20110914/abg_lite_fy2021.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202407020101/pubads_impl.js

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.18.2 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s22-in-f2.1e100.net

Software

cafe /

Resource Hash

679e233357e93a4f4d15bc2e62d33e0048a978a5ddd57a78ad1203d614b0773a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://cqty1.bhuefbfrvbn.workers.dev/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Mon, 08 Jul 2024 13:06:51 GMT
content-encoding: br
x-content-type-options: nosniff
age: 2934
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9191
x-xss-protection: 0
server: cafe
etag: 8778699909409299010
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 22 Jul 2024 13:06:51 GMT

GET
H3 200 window_focus_fy2021.js Show response
pagead2.googlesyndication.com/pagead/js/r20240702/r20110914/client/ Frame 25E4 3 KB
0 46ms
46ms Script
text/javascript 172.217.18.2
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20240702/r20110914/client/window_focus_fy2021.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202407020101/pubads_impl.js

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.18.2 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s22-in-f2.1e100.net

Software

cafe /

Resource Hash

66e9bf446316f6eec5eaefa7098592bbd2144a60eb38c481db233a6ca8b8d94a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://cqty1.bhuefbfrvbn.workers.dev/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Mon, 08 Jul 2024 13:06:50 GMT
content-encoding: br
x-content-type-options: nosniff
age: 2935
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1229
x-xss-protection: 0
server: cafe
etag: 16544991220582087243
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 22 Jul 2024 13:06:50 GMT

GET
H3 200 ufs_web_display.js Show response
pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ Frame 25E4 205 KB
0 49ms
49ms Script
text/javascript 172.217.18.2
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ufs_web_display.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202407020101/pubads_impl.js

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.18.2 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s22-in-f2.1e100.net

Software

cafe /

Resource Hash

066bf781659af09bb40a24a7d87dd2310c2324c9619e347c6d6d05c00ffeb182

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://cqty1.bhuefbfrvbn.workers.dev/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Mon, 08 Jul 2024 13:06:51 GMT
content-encoding: br
x-content-type-options: nosniff
age: 2934
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 64446
x-xss-protection: 0
server: cafe
etag
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Mon, 08 Jul 2024 14:06:51 GMT

GET
H2 200 1773781326349927885
tpc.googlesyndication.com/simgad/ Frame 25E4 173 KB
173 KB 164ms
125ms Image
image/png 2a00:1450:4001:80b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/1773781326349927885

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202407020101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

647f9f85c5c0cbe0e6cc412225e043fc7abe5227cd1f148e39cb4ae560fb148a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://cqty1.bhuefbfrvbn.workers.dev/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

expires: Tue, 08 Jul 2025 02:49:35 GMT
date: Mon, 08 Jul 2024 02:49:35 GMT
x-content-type-options: nosniff
age: 39970
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 176962
x-xss-protection: 0
last-modified: Thu, 16 Nov 2023 14:43:33 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
allow-fenced-frame-automatic-beacons: true

GET
DATA 200
OK truncated
/ Frame 7DDE 213 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 014010751394eb4042ba71e6262ef497028912a287eaa01fa9fa82c96db3742d

Request headers

Referer
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ Frame 89A8 209 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 2d72616ad0a367087e407d65b6eaa0df759a4c5f1c36cfb6d4899307f155c81a

Request headers

Referer
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ Frame 7E64 211 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: b47ff5860c7ae685f8910dd1ca023c517603c8f3f408d83da450db63868a8bef

Request headers

Referer
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ Frame 108D 210 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: bb18cfce09669017a9ff75a912366a897f654d0c32f4b2ecb7112efe3f68c7cf

Request headers

Referer
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ Frame 1791 214 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: f928af9ebf371d1f0a1063fe35b1d8c9635e9166452bbc1eb6fd9c2118c81acf

Request headers

Referer
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ Frame EEB4 214 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 6130cfa42d00cf9223a5bbc4310619eb81201bce28922cef573fdb8ebb95e2ee

Request headers

Referer
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ Frame 25E4 214 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 5b627bc5ed3197d1eea12ffd9de8536c5bdab9ed3cc307ff4f51a081d4c6dba2

Request headers

Referer
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 ga-audiences
www.google.com/ads/ 42 B
63 B 162ms
63ms Image
image/gif 142.250.186.100
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j101&tid=UA-11411975-1&cid=505424223.1720446945&jid=1593267632&npa=1&_u=YAhAAUAAAAAAACAAI~&z=81608266

Requested by

Host: cqty1.bhuefbfrvbn.workers.dev
URL: https://cqty1.bhuefbfrvbn.workers.dev/

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.100 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f4.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://cqty1.bhuefbfrvbn.workers.dev/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 08 Jul 2024 13:55:45 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.nl/ads/ 42 B
108 B 64ms
53ms Image
image/gif 2a00:1450:4001:82f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.nl/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j101&tid=UA-11411975-1&cid=505424223.1720446945&jid=1593267632&npa=1&_u=YAhAAUAAAAAAACAAI~&z=81608266

Requested by

Host: cqty1.bhuefbfrvbn.workers.dev
URL: https://cqty1.bhuefbfrvbn.workers.dev/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://cqty1.bhuefbfrvbn.workers.dev/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 08 Jul 2024 13:55:45 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 drivers-test.css
dctboyojy.578333.xyz/wp-content/plugins/drivers-test/css/ 2 KB
0 5ms
5ms Stylesheet
text/css 172.67.216.21
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://dctboyojy.578333.xyz/wp-content/plugins/drivers-test/css/drivers-test.css?ver=08-07-2024-1720446398
Requested by: Host: cqty1.bhuefbfrvbn.workers.dev
URL: https://cqty1.bhuefbfrvbn.workers.dev/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.216.21 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 432eb81d99e6c7f947e6e9f30ca98503157b92ae8fdf6e21a2da6ea143fbf3f9

Request headers

Referer: https://cqty1.bhuefbfrvbn.workers.dev/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Mon, 08 Jul 2024 13:55:45 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Fri, 13 Oct 2023 10:25:31 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"65291b1b-638"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=L1qipHHcjJrgog%2FPhfdgoT2OHhLJ7Q7r8CvIEWwerfVfp%2BF4%2BhICjwMmixgWeH66TL4t0VUD4dKofdiEjsN4PZ8RR4%2BpxGl3bYvlASCWP%2BMWL6jr6h2ZWECDpybI%2FcbqsGur"}],"group":"cf-nel","max_age":604800}
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=14400
cf-ray: 8a0092dc9bee66c4-AMS
alt-svc: h3=":443"; ma=86400

GET
H3 200 style.min.css
dctboyojy.578333.xyz/wp-includes/css/dist/block-library/ 111 KB
0 2ms
2ms Stylesheet
text/css 172.67.216.21
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://dctboyojy.578333.xyz/wp-includes/css/dist/block-library/style.min.css?ver=6.5.2
Requested by: Host: cqty1.bhuefbfrvbn.workers.dev
URL: https://cqty1.bhuefbfrvbn.workers.dev/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.216.21 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 98cecf88a23542fa047ce46eedb650b5c5128761ed4386c0977b847094ddfa20

Request headers

Referer: https://cqty1.bhuefbfrvbn.workers.dev/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Mon, 08 Jul 2024 13:55:45 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Thu, 11 Apr 2024 14:30:39 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"6617f40f-1bae5"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=aG6m4AcZtUm%2B5UC6ef%2BmrpkgB0ud70ACGEoM7x9PV8EwrpwFjQTbto%2FaNtLdHhF3AdH23%2BDSecaOwknAwttDkzcKJz0BK6R89dnwk9iyvSTBV0PRjPmGx6SJYUa6pZyPmK30"}],"group":"cf-nel","max_age":604800}
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=14400
cf-ray: 8a0092dc9bed66c4-AMS
alt-svc: h3=":443"; ma=86400

GET
H3 200 view
pagead2.googlesyndication.com/pcs/ Frame 1B55 0
0 245ms
235ms Fetch
image/gif 172.217.18.2
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/view?xai=AKAOjstWNFGRZnfxcW_t3qpBDjQcdSeSrQLQV7_lMkuPY7fncJfEopP7Zo45i18R1jsCLw4HaF78r_0v1epFR2X-J3rYElheGW_0z1p5rWmiUlaEMyuGYluKviuUig0paMfWQbVaNllvLlX_CKYEX5Y2J7DTelnjV3RoJfV_LfkUoAm_bS7YzdxJL1V8gJPQzJ1MLm2BJogTEKh6QSiy_aOfq920dze9MtbjzUrYTsUj6SctSqc4EqHBInLtLJNBog39PIVVw4LkjrmW68nEY4WWrOQ3PkP0QT0CzDLQoL1w7qnEvBPdro5fUYXuIJMVSljchav5o9_yga5Cc7laql01pTtKxRIbJS6BuztQ_J_tDPIGGB3NhvKijQ-8&sig=Cg0ArKJSzEO-_NL0cvsMEAE&uach_m=%5BUACH%5D&adurl=

Requested by

Host: cqty1.bhuefbfrvbn.workers.dev
URL: https://cqty1.bhuefbfrvbn.workers.dev/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.18.2 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s22-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://cqty1.bhuefbfrvbn.workers.dev/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Mon, 08 Jul 2024 13:55:45 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H3 200 abg_lite_fy2021.js Show response
pagead2.googlesyndication.com/pagead/js/r20240702/r20110914/ Frame 1B55 23 KB
0 45ms
45ms Script
text/javascript 172.217.18.2
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20240702/r20110914/abg_lite_fy2021.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202407020101/pubads_impl.js

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.18.2 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s22-in-f2.1e100.net

Software

cafe /

Resource Hash

679e233357e93a4f4d15bc2e62d33e0048a978a5ddd57a78ad1203d614b0773a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://cqty1.bhuefbfrvbn.workers.dev/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Mon, 08 Jul 2024 13:06:51 GMT
content-encoding: br
x-content-type-options: nosniff
age: 2934
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9191
x-xss-protection: 0
server: cafe
etag: 8778699909409299010
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 22 Jul 2024 13:06:51 GMT

GET
H3 200 window_focus_fy2021.js Show response
pagead2.googlesyndication.com/pagead/js/r20240702/r20110914/client/ Frame 1B55 3 KB
0 46ms
46ms Script
text/javascript 172.217.18.2
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20240702/r20110914/client/window_focus_fy2021.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202407020101/pubads_impl.js

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.18.2 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s22-in-f2.1e100.net

Software

cafe /

Resource Hash

66e9bf446316f6eec5eaefa7098592bbd2144a60eb38c481db233a6ca8b8d94a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://cqty1.bhuefbfrvbn.workers.dev/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Mon, 08 Jul 2024 13:06:50 GMT
content-encoding: br
x-content-type-options: nosniff
age: 2935
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1229
x-xss-protection: 0
server: cafe
etag: 16544991220582087243
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 22 Jul 2024 13:06:50 GMT

GET
H3 200 ufs_web_display.js Show response
pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ Frame 1B55 205 KB
0 5ms
5ms Script
text/javascript 172.217.18.2
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ufs_web_display.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202407020101/pubads_impl.js

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.18.2 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s22-in-f2.1e100.net

Software

cafe /

Resource Hash

066bf781659af09bb40a24a7d87dd2310c2324c9619e347c6d6d05c00ffeb182

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://cqty1.bhuefbfrvbn.workers.dev/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Mon, 08 Jul 2024 13:06:51 GMT
content-encoding: br
x-content-type-options: nosniff
age: 2934
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 64446
x-xss-protection: 0
server: cafe
etag
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Mon, 08 Jul 2024 14:06:51 GMT

GET
H2 200 13438962500404442063
tpc.googlesyndication.com/simgad/ Frame 1B55 50 KB
50 KB 57ms
49ms Image
image/gif 2a00:1450:4001:80b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/13438962500404442063

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202407020101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1fca89b20705c6970617e9f5a3c18bdfd40ae1dd066d645deaaab856f91a1f3f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://cqty1.bhuefbfrvbn.workers.dev/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

expires: Mon, 07 Jul 2025 15:59:43 GMT
date: Sun, 07 Jul 2024 15:59:43 GMT
x-content-type-options: nosniff
age: 78962
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 51235
x-xss-protection: 0
last-modified: Thu, 30 Nov 2023 07:34:09 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/gif
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
allow-fenced-frame-automatic-beacons: true

GET
H3 200 view
pagead2.googlesyndication.com/pcs/ Frame 89A8 0
0 188ms
186ms Fetch
image/gif 172.217.18.2
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/view?xai=AKAOjst9TDQR-Q6HOKJnwJSLpz4jk8FQsSfHlJl2LcKC_-A6ru7QuYBetyR7Kj995rJEVZ448__gbKftIiB3jVJieM5cvdrmpxK72HXve7H5xOli18lLF7G0b5KSGr71NLEbFMdd_hTRaBgOP4V6uejKSIUIbgu5ID66SG4175dRUhHfpIxmw9g-SLLeaM8wHL-CUt07cWi7UJ7rzQplKGXSKOlKntxMov1X9bGfIXEL5Kr-Cwot2NdWEzK8W1gUvx0TmCpXrvNWRSjcTGNe13f2lXNq879l1LAA-yY89JAyrZAHF2eDgYbnNSn8wQISF3ZcT5QpHYTuAkckwRCkvRmOIhW-NN9EY4W1at4C0SB4nj2LJL9haukVMOe_3A&sig=Cg0ArKJSzGCyMa5xNMQREAE&uach_m=%5BUACH%5D&adurl=

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ufs_web_display.js

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.18.2 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s22-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://cqty1.bhuefbfrvbn.workers.dev/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Mon, 08 Jul 2024 13:55:46 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 89A8 0
0 174ms
171ms Fetch
image/gif 172.217.18.2
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=av-js&type=reach&proto=CAlgAWgD

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ufs_web_display.js

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.18.2 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s22-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://cqty1.bhuefbfrvbn.workers.dev/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 08 Jul 2024 13:55:46 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
DATA 200
OK truncated
/ Frame 1B55 213 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: acf855a10023b75eaa51024dbcca5294e93b2af1cde2217194e98706824e6d7d

Request headers

Referer
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 view
pagead2.googlesyndication.com/pcs/ Frame EEB4 0
0 177ms
176ms Fetch
image/gif 172.217.18.2
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/view?xai=AKAOjssahKJpfF3c5ll00ZOldzDUbYA1PLlBiMlH379KAlh-gkRRJ-CfldiQYVCKloTZXcynbrZTZIh0hrOgnKNt841xzmrFU335Nwv4MMeqhhfg7_O7v1oVqL00a3REiupFrkdnPgpci1UltwD1zw395XpIbmkxedWmanR9khlH2uHIyVSh-PMS2FcrRAX9PWPqfME2TXiCS1NfccMXZEigiDPO2LHGO9ErNtXenJITlSZYrwl7zToQRUJvO0bmrpDfLXqEEhVS1Df4BajqSmbqwfHuJ-LN_f9zq7AWeGdomCtSJMqwqc0Qv-ibPK2lUlM2oE6bBMpBdr2Syw6ttvrSZS55uP2P4lYEQxxzPpdkaLWWqhlQORjxgDaSoQ&sig=Cg0ArKJSzHvtVNajGG4-EAE&uach_m=%5BUACH%5D&adurl=

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ufs_web_display.js

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.18.2 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s22-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://cqty1.bhuefbfrvbn.workers.dev/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Mon, 08 Jul 2024 13:55:46 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame EEB4 0
0 290ms
172ms Fetch
image/gif 172.217.18.2
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=av-js&type=reach&proto=CAlgAWgD

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ufs_web_display.js

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.18.2 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s22-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://cqty1.bhuefbfrvbn.workers.dev/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 08 Jul 2024 13:55:46 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 view
pagead2.googlesyndication.com/pcs/ Frame 108D 0
0 220ms
176ms Fetch
image/gif 172.217.18.2
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/view?xai=AKAOjsvBn5bPW_g9HKNanGaSgov21GzcgqzQKjx4fD1cw__ckQvEVp99J_B6e1hWiJfrBULyhy05mWNRSTgScBDBBk6OlJbg5YAo45ag87frWRtO97pwXEV128twJRsm1MXTjCpJKDneDeOj1E_O5G5aiX1zqbpyOCMkmd8CkK0WOg77R7MLgp0M2RGCIOoeO6OsDscA_0tNH1meP1xYABY3W2KpEtUwsKrPk5knEnXr3PnHqajCpEf9mfn0jSCxxos9pEHD2A_6ayWh4LXv_hvp-3shJ6oV-GtRiKAIyjrPKsAcpr1A4eeuKOiXD5_B9YTvqZVzEJk4G7ka1Yb8tqEp_nGLZmMgH5d3MrXhi5Ekydi1sROqEWVWXnlfvA&sig=Cg0ArKJSzBq8a_49bRU5EAE&uach_m=%5BUACH%5D&adurl=

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ufs_web_display.js

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.18.2 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s22-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://cqty1.bhuefbfrvbn.workers.dev/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Mon, 08 Jul 2024 13:55:46 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 108D 0
0 402ms
178ms Fetch
image/gif 172.217.18.2
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=av-js&type=reach&proto=CAlgAWgD

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ufs_web_display.js

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.18.2 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s22-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://cqty1.bhuefbfrvbn.workers.dev/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 08 Jul 2024 13:55:46 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 view
pagead2.googlesyndication.com/pcs/ Frame 25E4 0
0 185ms
176ms Fetch
image/gif 172.217.18.2
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/view?xai=AKAOjsth3h2QZ1rSPdIViYjdTEAZBHwfl-iFeySS_1BvCFpad0wUVlDYkZvlXdfYtY-bbSV3rXIr4DNFiMwDwjeHCD4iQQPZPoWJnZ-qzDpk4cQFDAA-jhVimcPW2UZpvNMcNQ1hfnncBc3QYiFG0i95DrOI4-hZcwNXSBUCcCqOtTEUG7gvgpTON7nYxrsdC7Gom03VLSmlQi51or2UbSXQGJSFzdZJwdfc0xHoExF_6VkLPC9fq82EvjgiASWzl7Z183ylTH8k9bAgYc245sNvJLdvz16aMHELS1cbkxds8LTwmWihQpDKe0SVV0-OKgBujzGb7yEDToX8nGBs8O5RYq7TZ0Xe2FnWXiPdRMzNR9etZdTLQBDd1nnRLGg&sig=Cg0ArKJSzA2WPkYRN1ylEAE&uach_m=%5BUACH%5D&adurl=

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ufs_web_display.js

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.18.2 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s22-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://cqty1.bhuefbfrvbn.workers.dev/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Mon, 08 Jul 2024 13:55:46 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 25E4 0
0 581ms
178ms Fetch
image/gif 172.217.18.2
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=av-js&type=reach&proto=CAlgAWgD

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ufs_web_display.js

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.18.2 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s22-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://cqty1.bhuefbfrvbn.workers.dev/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 08 Jul 2024 13:55:46 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 view
pagead2.googlesyndication.com/pcs/ Frame 7DDE 0
0 196ms
195ms Fetch
image/gif 172.217.18.2
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/view?xai=AKAOjstSBgrppzIbpzd_WhqeZFy0OwKqE-jN0kfzfgpu74kjlYJ6T7iNdHD9Y-HI4g3fmPBzHqczS83Rrj_EBeb-SZ-hRGL7WWyZ6Yvk0lW9EDG5KuQtecF1_gQ9GjCv9Te0u8gsFzwx_WwJx37kFxSPpKhDXJ0_m4NgPZi0Mlxx_FXbfTPyOzGNT0HF1Zu2zlbvs--PAH0pBxtcb4wVzi0SGIsXYJXVFGYExPKuDmZ6FA-sUoUoG-Q78N5a3tht4bK6UyUXqX4C0riaInYkJjRH5c08AVloxOZ6n7Jb_NGHA8mLAtR88ht5V0z53cd_7BsQAcBA0C_SjEGAhyDd5G6JVhubuunK9otKH504Gi44TcVhfrFXbbYSix8-zw&sig=Cg0ArKJSzKpxMja87pM8EAE&uach_m=%5BUACH%5D&adurl=

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ufs_web_display.js

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.18.2 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s22-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://cqty1.bhuefbfrvbn.workers.dev/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Mon, 08 Jul 2024 13:55:46 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 7DDE 0
0 726ms
173ms Fetch
image/gif 172.217.18.2
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=av-js&type=reach&proto=CAlgAWgD

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ufs_web_display.js

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.18.2 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s22-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://cqty1.bhuefbfrvbn.workers.dev/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 08 Jul 2024 13:55:46 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 view
pagead2.googlesyndication.com/pcs/ Frame 7E64 0
0 185ms
185ms Fetch
image/gif 172.217.18.2
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/view?xai=AKAOjsvIj6B0NykOG3mRZOCm8bsKi2B9WmrVCMpX8ryNAPE2GX_6d1SFJpulzve2dDhRSzj70rb6J3nI3O8B682rBvHXTirCH_YUtFp5qaP3suqptVyuZc_tBuWJlBQJr0A0MuSppkt0mrI6hg83iWOkAO7SCXyrFgE4Xzb9ZfgiXmmp8rrsi1SogVolvS2OATnU55xeaKiuwlqMapCa7u0YLfOJumWN47NuDX3Udm1Zp6DKW18bVNHEnyKVwJvN0dwbL6UYeMF6Uf5QvAUjd2wKuplcYJv3xF_6zy64cwb_KB5M8TYWOfMe4fQ1VXvMTVnijWmcGPj8gBIVKPBNI-y3aTBTjeA0fi15DTu5ofN2N21TDXRF4NBJl_PeWnE&sig=Cg0ArKJSzDo39x5A7znYEAE&uach_m=%5BUACH%5D&adurl=

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ufs_web_display.js

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.18.2 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s22-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://cqty1.bhuefbfrvbn.workers.dev/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Mon, 08 Jul 2024 13:55:46 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 7E64 0
0 863ms
169ms Fetch
image/gif 172.217.18.2
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=av-js&type=reach&proto=CAlgAWgD

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ufs_web_display.js

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.18.2 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s22-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://cqty1.bhuefbfrvbn.workers.dev/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 08 Jul 2024 13:55:46 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 view
pagead2.googlesyndication.com/pcs/ Frame 1791 0
0 176ms
175ms Fetch
image/gif 172.217.18.2
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/view?xai=AKAOjst12CqPDf8cZlLEwgAZ5q-rk9nvfEbEgeI6CaKV4kTw7ZXRLXII6qlbCEiM2zSt8OuPhR-ru_21LRF14fOFr4upY73cP4qAmWUg7HhsT_9YsrDTJP99mnDN7e2XYwZ_NOVFmKT-O3-B2O3PEpps27nVgDAPKMtVK02JiFvs-mrMgWmEU2YIAkoluh8x3qyBkJQDRbCRpNK9mhHxa7Q8v7Q_uFMfK5mbwVa3UMUlwaQOe3aEE0SsizE_ypgZLF-381PfRD5WZhWotDoQ2-gw_NvGnUibdjPomqdRnudm9q9MeT7vR42NpMHsBx1I9Xn809OZmiQ3mtomSpKTnSmCL0afiPIZ_zZf5lWLGP8UY0ACZFP0Sj2Z3rGCBA&sig=Cg0ArKJSzBsSatm0BShxEAE&uach_m=%5BUACH%5D&adurl=

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ufs_web_display.js

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.18.2 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s22-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://cqty1.bhuefbfrvbn.workers.dev/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Mon, 08 Jul 2024 13:55:46 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 1791 0
0 1012ms
169ms Fetch
image/gif 172.217.18.2
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=av-js&type=reach&proto=CAlgAWgD

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ufs_web_display.js

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.18.2 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s22-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://cqty1.bhuefbfrvbn.workers.dev/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 08 Jul 2024 13:55:47 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 sync Show response
gum.criteo.com/ 46 B
0 0ms
0ms Script
text/javascript 2a02:2638:3::c
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL: https://gum.criteo.com/sync?c=72&r=2&j=TRC.getRTUS
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20240707-12-RELEASE.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a02:2638:3::c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software: Kestrel /
Resource Hash: 189b8ed64093b12937354b2ef71ccf1df59690d90432241a10fe1cb25000acba

Request headers

Referer: https://cqty1.bhuefbfrvbn.workers.dev/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Mon, 08 Jul 2024 13:55:44 GMT
content-encoding: gzip
server: Kestrel
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
cache-control: private, max-age=3600
server-processing-duration-in-ticks: 284684
expires: 60

GET
H3 200 wp-emoji-release.min.js Show response
dctboyojy.578333.xyz/wp-includes/js/ 18 KB
5 KB 636ms
634ms Script
application/javascript 172.67.216.21
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://dctboyojy.578333.xyz/wp-includes/js/wp-emoji-release.min.js?ver=6.5.2
Requested by: Host: cqty1.bhuefbfrvbn.workers.dev
URL: https://cqty1.bhuefbfrvbn.workers.dev/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.216.21 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4e6ce5444c7f396cef0eb1fa3611034151e485dd06fbe5573a5583e1eebc98c3

Request headers

Referer: https://cqty1.bhuefbfrvbn.workers.dev/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Mon, 08 Jul 2024 13:55:46 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Thu, 11 Apr 2024 14:29:21 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"6617f3c1-4926"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Y%2FR3W5IFoQEiB3iKMqr2wFPspk1KVLjb5NUdAUlfYlPXLdI0JRc%2FIgjRsDWV3%2F0r%2BvS9KrK4MUyae3PjoFM0HSqbvehyLkQBiYbYBvZ%2B%2F9VR8LZHr7uQdfH1rNEgD8wTx0kc"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=14400
cf-ray: 8a0092e6692c66c4-AMS
alt-svc: h3=":443"; ma=86400

GET
H3 200 view
pagead2.googlesyndication.com/pcs/ Frame 1B55 0
0 192ms
183ms Fetch
image/gif 172.217.18.2
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/view?xai=AKAOjssbsKah7xP9W-3tonxIrFK5dMkfB0jBVjWxlzPgZFHTQjyXzHoeTppEeNXuLJaUtYLTnGqdVnAFMw4OHehw21xj4dxt29BLq0vC53BOrURppwb1t0BNhVefY00hXzkklEQ1Lp87cbwq5LwTLve5qD2As8J_PQNNRmreZ48n16ZNFm-SfMrhEMan6oWi6vbCfvNaneCQPgZZgDXhdSdUlESdKPDf8tjtaD0WqPbnzj0KsgWdNtffaCSUoVxztDAt3Bftpay8STo90Z-uSg2Sbw5Bc6D_iNoLsJLcOFSrYzRJ4xgJFFQGeTFUmSPEq7-HvbAMT3m5onwdf1qm_FnbllIxw04cO5z2PQg5QI6vMFr8L_NUMxvepLgm-k4&sig=Cg0ArKJSzFyNsI8N6u40EAE&uach_m=%5BUACH%5D&adurl=

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ufs_web_display.js

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.18.2 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s22-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://cqty1.bhuefbfrvbn.workers.dev/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Mon, 08 Jul 2024 13:55:46 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 1B55 0
0 1052ms
168ms Fetch
image/gif 172.217.18.2
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=av-js&type=reach&proto=CAlgAWgD

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ufs_web_display.js

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.18.2 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s22-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://cqty1.bhuefbfrvbn.workers.dev/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 08 Jul 2024 13:55:47 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 1-5-407x230.webp
dctboyojy.578333.xyz/wp-content/uploads/2024/07/ 25 KB
0 2ms
1ms Image
image/webp 172.67.216.21
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dctboyojy.578333.xyz/wp-content/uploads/2024/07/1-5-407x230.webp
Requested by: Host: cqty1.bhuefbfrvbn.workers.dev
URL: https://cqty1.bhuefbfrvbn.workers.dev/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.216.21 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0f92e4e91880af852e0f5d85dec5e0bd99a3452bb57cb9843735b5075a86f385

Request headers

Referer: https://cqty1.bhuefbfrvbn.workers.dev/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Mon, 08 Jul 2024 13:55:45 GMT
cf-cache-status: MISS
last-modified: Fri, 05 Jul 2024 13:32:31 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "6687f5ef-6550"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=KGcmICWtMh5zTFSAheuF21Pj%2BvC7mWZ6EBUi5Wv7f%2B6JWGdAlO86dfkBlDokwjI8GrjIBRqlAump1cwHsWxSBLugzgQ%2FeCaSP%2BqktUjdRUBq4C4lGNMRmOJ4Okpe2V8Pv2kD"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
access-control-allow-origin: *
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 8a0092dc9bc166c4-AMS
alt-svc: h3=":443"; ma=86400
content-length: 25936

GET
H3 200 Toyota-Hilux-Hybrid-156-407x230.webp
dctboyojy.578333.xyz/wp-content/uploads/2024/06/ 12 KB
0 6ms
6ms Image
image/webp 172.67.216.21
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dctboyojy.578333.xyz/wp-content/uploads/2024/06/Toyota-Hilux-Hybrid-156-407x230.webp
Requested by: Host: cqty1.bhuefbfrvbn.workers.dev
URL: https://cqty1.bhuefbfrvbn.workers.dev/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.216.21 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ba502317dc356ef143de5cd60838339f7dc5f235d5441b9fb5eb4c15855c6f69

Request headers

Referer: https://cqty1.bhuefbfrvbn.workers.dev/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Mon, 08 Jul 2024 13:55:45 GMT
cf-cache-status: MISS
last-modified: Fri, 28 Jun 2024 10:28:14 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "667e903e-3048"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=KS0J3z9liAZlQr2GsBrlnQO8cy1Ua1OOLUfMeBE6ie5Eh3gnBu4Y%2Fmr2SeCpTvgxXdfkvNJOu8EcbzUsn3BSalAkwJH%2FD3cace0paIIEVBoFqWr7unWRheJ%2B7zPc9lwhQXxX"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
access-control-allow-origin: *
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 8a0092dc9bc566c4-AMS
alt-svc: h3=":443"; ma=86400
content-length: 12360

GET
H3 200 F-3-3-407x230.webp
dctboyojy.578333.xyz/wp-content/uploads/2024/06/ 9 KB
0 6ms
6ms Image
image/webp 172.67.216.21
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dctboyojy.578333.xyz/wp-content/uploads/2024/06/F-3-3-407x230.webp
Requested by: Host: cqty1.bhuefbfrvbn.workers.dev
URL: https://cqty1.bhuefbfrvbn.workers.dev/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.216.21 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3a05703fc249f3bf3f44cb427cfbfbd8460c05692880495ef7f62db393218156

Request headers

Referer: https://cqty1.bhuefbfrvbn.workers.dev/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Mon, 08 Jul 2024 13:55:45 GMT
cf-cache-status: MISS
last-modified: Thu, 20 Jun 2024 18:09:15 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "6674704b-2468"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=3yLQg8LQnG8eFC3Xwbqb4pdqILXsc2OCz7TrqCUKTlKlV0MHBpJlHklV1tlVY%2F0fKnDr%2BJ90lQ4FSNxjFjMYorwSDsZfDRawCD0LS8XuctjVlbmSdWFn0dFmhLPX%2Fzt5wbHt"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
access-control-allow-origin: *
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 8a0092dc9bc666c4-AMS
alt-svc: h3=":443"; ma=86400
content-length: 9320

GET
H3 200 H-5-1-407x230.webp
dctboyojy.578333.xyz/wp-content/uploads/2024/06/ 21 KB
0 7ms
7ms Image
image/webp 172.67.216.21
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dctboyojy.578333.xyz/wp-content/uploads/2024/06/H-5-1-407x230.webp
Requested by: Host: cqty1.bhuefbfrvbn.workers.dev
URL: https://cqty1.bhuefbfrvbn.workers.dev/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.216.21 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a3c900b1f74a688dce1d47b538040ea7c8b243ae8a3e25de58482041b6feb2b8

Request headers

Referer: https://cqty1.bhuefbfrvbn.workers.dev/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Mon, 08 Jul 2024 13:55:45 GMT
cf-cache-status: MISS
last-modified: Thu, 20 Jun 2024 18:08:35 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "66747023-55c6"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=OSE3Bny9me%2FVqTSCMi18%2F2%2F6LCO7ZbxmmrsSciY%2BUW%2BERrpd5WQwsutI3%2B2J4VGvaEz1Lcmi33YEzqrr0XF3IWZW58LGu7Av58I6BMGqBNtcnLkfzIXvewDlUB6b0hkxzJax"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
access-control-allow-origin: *
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 8a0092dc9bc766c4-AMS
alt-svc: h3=":443"; ma=86400
content-length: 21958

GET
H3 200 Countryman_1-407x230.webp
dctboyojy.578333.xyz/wp-content/uploads/2024/06/ 15 KB
0 7ms
7ms Image
image/webp 172.67.216.21
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dctboyojy.578333.xyz/wp-content/uploads/2024/06/Countryman_1-407x230.webp
Requested by: Host: cqty1.bhuefbfrvbn.workers.dev
URL: https://cqty1.bhuefbfrvbn.workers.dev/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.216.21 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 9f83d55dba8d6d1b574e5c34d4bca4548520c8fdaefcf860f44af33ca0258b11

Request headers

Referer: https://cqty1.bhuefbfrvbn.workers.dev/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Mon, 08 Jul 2024 13:55:45 GMT
cf-cache-status: MISS
last-modified: Tue, 11 Jun 2024 14:02:28 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "666858f4-3ad0"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=JwMxZ6Zls8Gif5BVWXye0F3zujpasAWtBe3LfECAkLVbWtSZhz5pxWZbGQ0W74AiKYgu6zT1bdOxQWI0jklCTSWufrC4tHws1iZFOvD9XAfXYtLnJ%2FTqIc4mTyrIw%2B%2FUb5sy"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
access-control-allow-origin: *
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 8a0092dc9bd066c4-AMS
alt-svc: h3=":443"; ma=86400
content-length: 15056

GET
H3 200 20240321car-8-407x230.webp
dctboyojy.578333.xyz/wp-content/uploads/2024/06/ 11 KB
0 6ms
6ms Image
image/webp 172.67.216.21
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dctboyojy.578333.xyz/wp-content/uploads/2024/06/20240321car-8-407x230.webp
Requested by: Host: cqty1.bhuefbfrvbn.workers.dev
URL: https://cqty1.bhuefbfrvbn.workers.dev/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.216.21 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: fc609c8f86bcf6bdcdbb981b7cd50421337712a899c0e0ab721d152406245314

Request headers

Referer: https://cqty1.bhuefbfrvbn.workers.dev/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Mon, 08 Jul 2024 13:55:45 GMT
cf-cache-status: MISS
last-modified: Tue, 11 Jun 2024 09:12:09 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "666814e9-2bc2"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=m%2F9UMAFQV%2FJxS5vKWXv5b0L0mfu7O4tdhcepcoRV1YwrHL8rA4bXWyqLIhLDB4lK7687h0zEbc4C6rKIckKGZVkG4%2B7OwPAPeYGKJ6yGWTkmX3Rc9vgpy12N47VP%2B%2BqrwmXz"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
access-control-allow-origin: *
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 8a0092dc9bcf66c4-AMS
alt-svc: h3=":443"; ma=86400
content-length: 11202

GET
H3 200 VV-1-407x230.webp
dctboyojy.578333.xyz/wp-content/uploads/2024/06/ 10 KB
0 6ms
6ms Image
image/webp 172.67.216.21
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dctboyojy.578333.xyz/wp-content/uploads/2024/06/VV-1-407x230.webp
Requested by: Host: cqty1.bhuefbfrvbn.workers.dev
URL: https://cqty1.bhuefbfrvbn.workers.dev/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.216.21 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: fa8d490fd9b2d65029f9c3ffd4e5fc299fbb9e4e3106c03adf81d24e9973d378

Request headers

Referer: https://cqty1.bhuefbfrvbn.workers.dev/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Mon, 08 Jul 2024 13:55:45 GMT
cf-cache-status: MISS
last-modified: Tue, 11 Jun 2024 15:15:55 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "66686a2b-2680"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=midHu2ismfhHGzbLfFL5g4Dv29ozL4oggEFFW8jL8jpD75tjFqTjEHDIrphI0VipwdPQVkwJxa5IFYYU%2F6iQ08bH5OV%2FZwOaeLX6LkRj9bnnOKlv12EjGGA40dpPicZVg%2BTr"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
access-control-allow-origin: *
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 8a0092dc9bcd66c4-AMS
alt-svc: h3=":443"; ma=86400
content-length: 9856

GET
H3 200 PP-2-407x230.webp
dctboyojy.578333.xyz/wp-content/uploads/2024/06/ 14 KB
0 6ms
6ms Image
image/webp 172.67.216.21
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dctboyojy.578333.xyz/wp-content/uploads/2024/06/PP-2-407x230.webp
Requested by: Host: cqty1.bhuefbfrvbn.workers.dev
URL: https://cqty1.bhuefbfrvbn.workers.dev/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.216.21 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ee243c73addc0685d8bf52fe27cf4483488a8445f727e1cd4ddc3bd0fda866f1

Request headers

Referer: https://cqty1.bhuefbfrvbn.workers.dev/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Mon, 08 Jul 2024 13:55:45 GMT
cf-cache-status: MISS
last-modified: Thu, 13 Jun 2024 16:36:28 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "666b200c-37cc"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Z99SK8NPldFNaiQDMPgXj2Kw2AtnJIZ8z5H%2BSWYLmEbmyVufyEAVUyYWSkXBL5rQfaqbAbDPJh2HDA%2Ftb3l67RrkiDCDBJSySSdxNQVidWaG3KFemkcO1iLNp2YSortab9F0"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
access-control-allow-origin: *
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 8a0092dc9bcc66c4-AMS
alt-svc: h3=":443"; ma=86400
content-length: 14284

GET
H3 200 aqcs7zpv8bkyvoitifje-copy-407x230.webp
dctboyojy.578333.xyz/wp-content/uploads/2024/05/ 17 KB
0 6ms
6ms Image
image/webp 172.67.216.21
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dctboyojy.578333.xyz/wp-content/uploads/2024/05/aqcs7zpv8bkyvoitifje-copy-407x230.webp
Requested by: Host: cqty1.bhuefbfrvbn.workers.dev
URL: https://cqty1.bhuefbfrvbn.workers.dev/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.216.21 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 16e665c3ab8d60d214580dbdce0cd84d27cdad903593a86574d230efe90c4952

Request headers

Referer: https://cqty1.bhuefbfrvbn.workers.dev/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Mon, 08 Jul 2024 13:55:45 GMT
cf-cache-status: MISS
last-modified: Tue, 21 May 2024 11:59:23 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "664c8c9b-4522"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=rzMnlghVv0rnalLgAeXuTLNlxKGmGIMRdwPYBwblRkodIib76KqJyZjiZdNYu9fI7rBA2%2BjWjHcUaySY9c%2B0mphe0E5UT%2FdeQjcECCJagWf5OmYFl0u3KIIvsiPO52ji1DuD"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
access-control-allow-origin: *
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 8a0092dc9bdd66c4-AMS
alt-svc: h3=":443"; ma=86400
content-length: 17698

GET
H3 200 P-6-407x230.webp
dctboyojy.578333.xyz/wp-content/uploads/2024/05/ 14 KB
0 6ms
6ms Image
image/webp 172.67.216.21
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dctboyojy.578333.xyz/wp-content/uploads/2024/05/P-6-407x230.webp
Requested by: Host: cqty1.bhuefbfrvbn.workers.dev
URL: https://cqty1.bhuefbfrvbn.workers.dev/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.216.21 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: dc61af77cc90e826ea655c43ef6ff9e28bd219e02ce269c60ddb4dc57ca741dd

Request headers

Referer: https://cqty1.bhuefbfrvbn.workers.dev/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Mon, 08 Jul 2024 13:55:45 GMT
cf-cache-status: MISS
last-modified: Wed, 29 May 2024 11:48:10 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "665715fa-36a8"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=P8%2BtrFqrr7fRPWS3ztT9N4Ut4SWO2vwSv3IA8Q%2Bd3I2s0G5hH9IBkqPBNXtt4jUNKT2ImAoMxyZ0CaaJ0s%2FUk59kM0wXNlXHBL9MSUNUVRypChTtOytL8s3wKIcQXjwwnIhi"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
access-control-allow-origin: *
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 8a0092dc9bde66c4-AMS
alt-svc: h3=":443"; ma=86400
content-length: 13992

GET
H3 200 20240502car-1-407x230.webp
dctboyojy.578333.xyz/wp-content/uploads/2024/05/ 19 KB
0 6ms
6ms Image
image/webp 172.67.216.21
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dctboyojy.578333.xyz/wp-content/uploads/2024/05/20240502car-1-407x230.webp
Requested by: Host: cqty1.bhuefbfrvbn.workers.dev
URL: https://cqty1.bhuefbfrvbn.workers.dev/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.216.21 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f678ed2950ff009ba4f69d27138a40f8e926a177618583a04195774cb2ffc0c6

Request headers

Referer: https://cqty1.bhuefbfrvbn.workers.dev/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Mon, 08 Jul 2024 13:55:45 GMT
cf-cache-status: MISS
last-modified: Fri, 24 May 2024 10:09:05 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "66506741-4c8e"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Z%2B9eeD96sOzddF5zAI3wz%2BG3G9VDZKfBBmXWlHywXXnLpj%2BPbO3dbITwtvn7W0%2Bm1KI2MHuKFBx2PYtUOBVZP0LTBwB2syfrbZyKTnj%2FL4bZUNZ%2BjSfFk%2BSX%2Frt%2BzFFAwPN3"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
access-control-allow-origin: *
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 8a0092dc9bdf66c4-AMS
alt-svc: h3=":443"; ma=86400
content-length: 19598

GET
H3 200 LDV-1-1-407x230.webp
dctboyojy.578333.xyz/wp-content/uploads/2024/05/ 14 KB
0 6ms
6ms Image
image/webp 172.67.216.21
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dctboyojy.578333.xyz/wp-content/uploads/2024/05/LDV-1-1-407x230.webp
Requested by: Host: cqty1.bhuefbfrvbn.workers.dev
URL: https://cqty1.bhuefbfrvbn.workers.dev/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.216.21 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5cd160f0761224389d0794a6ba6838ba8c260a15bb32ab82d20e8d8cddaf849b

Request headers

Referer: https://cqty1.bhuefbfrvbn.workers.dev/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Mon, 08 Jul 2024 13:55:45 GMT
cf-cache-status: MISS
last-modified: Thu, 23 May 2024 15:15:38 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "664f5d9a-39a8"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=umBIp2oty3CTtAaCmVUHjXi3M2Pb9%2BH8lk4RZsLHsoaWB%2BWoGuMoq8ww2RiS9LIJIMliQgenUABySxy7yIK5Ik%2BSs13LyT5Vo2gusUZr6ovWQlSeFYj3K8HwMwPrGRvG7%2Bhx"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
access-control-allow-origin: *
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 8a0092dc9be066c4-AMS
alt-svc: h3=":443"; ma=86400
content-length: 14760

GET
H3 200 M-5-407x230.webp
dctboyojy.578333.xyz/wp-content/uploads/2024/05/ 20 KB
0 6ms
6ms Image
image/webp 172.67.216.21
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dctboyojy.578333.xyz/wp-content/uploads/2024/05/M-5-407x230.webp
Requested by: Host: cqty1.bhuefbfrvbn.workers.dev
URL: https://cqty1.bhuefbfrvbn.workers.dev/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.216.21 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c946c4a4f654d511da76e9710ad22adc8fe9b5e9f424b14ce4a2265923c98802

Request headers

Referer: https://cqty1.bhuefbfrvbn.workers.dev/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Mon, 08 Jul 2024 13:55:45 GMT
cf-cache-status: MISS
last-modified: Thu, 16 May 2024 08:58:02 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "6645ca9a-4f1c"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=kiSY9leZZ4MRYvcb4jc2K7Dk3RnCVIMLtlrZ5ScBogAoJP%2BZw4v3btSZTcI%2Fa9Rs5geboqUvVN8h4Z74IZAg2s8Bb6fXSP8f8k6vUn3JNFTLrJ70alfU6KywoMPN7KRpa7kd"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
access-control-allow-origin: *
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 8a0092dc9bea66c4-AMS
alt-svc: h3=":443"; ma=86400
content-length: 20252

GET
H3 200 B-2-1-407x230.webp
dctboyojy.578333.xyz/wp-content/uploads/2024/05/ 27 KB
0 7ms
7ms Image
image/webp 172.67.216.21
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dctboyojy.578333.xyz/wp-content/uploads/2024/05/B-2-1-407x230.webp
Requested by: Host: cqty1.bhuefbfrvbn.workers.dev
URL: https://cqty1.bhuefbfrvbn.workers.dev/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.216.21 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a26e6e117c00f30f956ccd72eb6af343ca68e42e10be4800ccbfe8abf96d32df

Request headers

Referer: https://cqty1.bhuefbfrvbn.workers.dev/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Mon, 08 Jul 2024 13:55:46 GMT
cf-cache-status: MISS
last-modified: Thu, 16 May 2024 09:12:48 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "6645ce10-6a54"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=OSbnvmqu615CYVULNSCUW2D1oeOe%2Fy2HeP7w1ohZnCwyrcJdUVQBk2BqETt4cU2mkpCzT4Sv%2BE7Xm%2B0c9ePvMgykVo6Gsxmlj5G53aotXncETdxh6xACcRgR0IUycL7iN%2F%2BW"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
access-control-allow-origin: *
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 8a0092dc9be966c4-AMS
alt-svc: h3=":443"; ma=86400
content-length: 27220

GET
H3 200 T-2-407x230.webp
dctboyojy.578333.xyz/wp-content/uploads/2024/05/ 22 KB
0 8ms
7ms Image
image/webp 172.67.216.21
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dctboyojy.578333.xyz/wp-content/uploads/2024/05/T-2-407x230.webp
Requested by: Host: cqty1.bhuefbfrvbn.workers.dev
URL: https://cqty1.bhuefbfrvbn.workers.dev/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.216.21 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6165e152a8800f0fac70adf9d459535cee60a2fb561c98f87db892d973c911e8

Request headers

Referer: https://cqty1.bhuefbfrvbn.workers.dev/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Mon, 08 Jul 2024 13:55:45 GMT
cf-cache-status: MISS
last-modified: Thu, 16 May 2024 09:26:16 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "6645d138-5664"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=YCu%2B%2BpBv99o8env%2FGNVdf2lpmi0%2BnYwlIcVO3P9%2BMOJLFSXbld3hRB1QlfswflmBC7ESJGM2QtXpJTja8Mq39sJjZ4d0Y1jo4rM6qxUr17oYGLC8N5n4BmT8sjbavhIfNIfk"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
access-control-allow-origin: *
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 8a0092dc9be566c4-AMS
alt-svc: h3=":443"; ma=86400
content-length: 22116

GET
H3 200 RR-3-407x230.webp
dctboyojy.578333.xyz/wp-content/uploads/2024/05/ 10 KB
0 8ms
8ms Image
image/webp 172.67.216.21
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dctboyojy.578333.xyz/wp-content/uploads/2024/05/RR-3-407x230.webp
Requested by: Host: cqty1.bhuefbfrvbn.workers.dev
URL: https://cqty1.bhuefbfrvbn.workers.dev/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.216.21 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 78fbbffad8fe3133860095eb3648454c538d8343c106df9da38c0255c233457a

Request headers

Referer: https://cqty1.bhuefbfrvbn.workers.dev/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Mon, 08 Jul 2024 13:55:45 GMT
cf-cache-status: MISS
last-modified: Thu, 16 May 2024 09:47:34 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "6645d636-29c8"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=gS1CbFEdNjtCQtqHWz2jrsiuoeI6YCY5xBYqC1dq%2FdoQOJiyWXS0X6sDoy4ptCzOTxH5GqWF8CfwZMcu9N6s%2Bo25fUSQAeee4bC5TV0gAqQbDNgnBFA9I4LNY1Co%2F07jsmLl"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
access-control-allow-origin: *
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 8a0092dc9be366c4-AMS
alt-svc: h3=":443"; ma=86400
content-length: 10696

GET
H2 200 2024-SILVER-Renault-Kwid-10-DYNAMIQUE-5DR-8072966-1-1000x1000.jpg
image.blob.ix.co.za/Used/8072966/1/ 376 KB
376 KB 488ms
478ms Image
image/jpeg 102.130.121.238
Host-Africa-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://image.blob.ix.co.za/Used/8072966/1/2024-SILVER-Renault-Kwid-10-DYNAMIQUE-5DR-8072966-1-1000x1000.jpg
Requested by: Host: cqty1.bhuefbfrvbn.workers.dev
URL: https://cqty1.bhuefbfrvbn.workers.dev/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 102.130.121.238 , South Africa, ASN328364 (Host-Africa-AS, ZA),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: 3636633f563460288a9b022b599a1d204dfdb7cde5bd399ed23ce3850105b7e6

Request headers

Referer: https://cqty1.bhuefbfrvbn.workers.dev/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Mon, 08 Jul 2024 13:55:46 GMT
last-modified: Wed, 03 Apr 2024 06:38:02 GMT
server: Microsoft-IIS/10.0
etag: "196467a9185da1:0"
x-powered-by: ASP.NET
content-type: image/jpeg
access-control-allow-origin: *
accept-ranges: bytes
content-length: 384546

GET
H2 200 2023-Silver-Renault-Kwid-10-CLIMBER-5DR-AMT-8062671-1-1157x1157.jpg
image.blob.ix.co.za/Used/8062671/1/ 429 KB
430 KB 495ms
485ms Image
image/jpeg 102.130.121.238
Host-Africa-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://image.blob.ix.co.za/Used/8062671/1/2023-Silver-Renault-Kwid-10-CLIMBER-5DR-AMT-8062671-1-1157x1157.jpg
Requested by: Host: cqty1.bhuefbfrvbn.workers.dev
URL: https://cqty1.bhuefbfrvbn.workers.dev/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 102.130.121.238 , South Africa, ASN328364 (Host-Africa-AS, ZA),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: fedf79d11b2327ae2d35d7c0e3390f86b3a07036cec89f65c1e9293130c9b033

Request headers

Referer: https://cqty1.bhuefbfrvbn.workers.dev/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Mon, 08 Jul 2024 13:55:46 GMT
last-modified: Mon, 18 Mar 2024 08:09:22 GMT
server: Microsoft-IIS/10.0
etag: "5f157c95b79da1:0"
x-powered-by: ASP.NET
content-type: image/jpeg
access-control-allow-origin: *
accept-ranges: bytes
content-length: 439738

GET
H2 200 2024-SILVER-Renault-Kiger-10T-Zen-8160254-1-844x1000.jpg
image.blob.ix.co.za/Used/8160254/1/ 298 KB
299 KB 504ms
494ms Image
image/jpeg 102.130.121.238
Host-Africa-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://image.blob.ix.co.za/Used/8160254/1/2024-SILVER-Renault-Kiger-10T-Zen-8160254-1-844x1000.jpg
Requested by: Host: cqty1.bhuefbfrvbn.workers.dev
URL: https://cqty1.bhuefbfrvbn.workers.dev/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 102.130.121.238 , South Africa, ASN328364 (Host-Africa-AS, ZA),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: dfdd48303056a9528b872d9555ac33db34c7ce114b8e3dd0e93e56fbc956821c

Request headers

Referer: https://cqty1.bhuefbfrvbn.workers.dev/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Mon, 08 Jul 2024 13:55:46 GMT
last-modified: Tue, 02 Jul 2024 09:31:35 GMT
server: Microsoft-IIS/10.0
etag: "7031e0a162ccda1:0"
x-powered-by: ASP.NET
content-type: image/jpeg
access-control-allow-origin: *
accept-ranges: bytes
content-length: 305577

GET
H2 200 2024-BROWN-Renault-Kiger-10T-Intens-CVT-8118947-1-1000x1000.jpg
image.blob.ix.co.za/Used/8118947/1/ 308 KB
308 KB 507ms
497ms Image
image/jpeg 102.130.121.238
Host-Africa-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://image.blob.ix.co.za/Used/8118947/1/2024-BROWN-Renault-Kiger-10T-Intens-CVT-8118947-1-1000x1000.jpg
Requested by: Host: cqty1.bhuefbfrvbn.workers.dev
URL: https://cqty1.bhuefbfrvbn.workers.dev/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 102.130.121.238 , South Africa, ASN328364 (Host-Africa-AS, ZA),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: 1f7e5cdad9d492f7a468f1301c6443bfa386e66ef7b6a2789569152ec37fff32

Request headers

Referer: https://cqty1.bhuefbfrvbn.workers.dev/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Mon, 08 Jul 2024 13:55:46 GMT
last-modified: Wed, 22 May 2024 14:37:31 GMT
server: Microsoft-IIS/10.0
etag: "2197299455acda1:0"
x-powered-by: ASP.NET
content-type: image/jpeg
access-control-allow-origin: *
accept-ranges: bytes
content-length: 314931

GET
H2 200 2022-SILVER-Volkswagen-T-Cross-10-TSI-Highline-DSG-85kW-8071272-1-1000x1000.jpg
image.blob.ix.co.za/Used/8071272/1/ 357 KB
0 7ms
7ms Image
image/jpeg 102.130.121.238
Host-Africa-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://image.blob.ix.co.za/Used/8071272/1/2022-SILVER-Volkswagen-T-Cross-10-TSI-Highline-DSG-85kW-8071272-1-1000x1000.jpg
Requested by: Host: cqty1.bhuefbfrvbn.workers.dev
URL: https://cqty1.bhuefbfrvbn.workers.dev/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 102.130.121.238 , South Africa, ASN328364 (Host-Africa-AS, ZA),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: e2f78c68fc3d26045673e4daad5a261874d25cc3256ffaaf0a82194440daca03

Request headers

Referer: https://cqty1.bhuefbfrvbn.workers.dev/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Mon, 08 Jul 2024 13:55:45 GMT
last-modified: Thu, 28 Mar 2024 13:53:12 GMT
server: Microsoft-IIS/10.0
etag: "2c5a12461781da1:0"
x-powered-by: ASP.NET
content-type: image/jpeg
access-control-allow-origin: *
accept-ranges: bytes
content-length: 365710

GET
H2 200 2021-SILVER-Toyota-Corolla-Quest-18-Exclusive-8101331-1-1000x1000.jpg
image.blob.ix.co.za/Used/8101331/1/ 401 KB
0 7ms
7ms Image
image/jpeg 102.130.121.238
Host-Africa-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://image.blob.ix.co.za/Used/8101331/1/2021-SILVER-Toyota-Corolla-Quest-18-Exclusive-8101331-1-1000x1000.jpg
Requested by: Host: cqty1.bhuefbfrvbn.workers.dev
URL: https://cqty1.bhuefbfrvbn.workers.dev/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 102.130.121.238 , South Africa, ASN328364 (Host-Africa-AS, ZA),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: e3921e972d6cf890bf16129c336fecd293cc26265d7952a080ae91e888fb1a7f

Request headers

Referer: https://cqty1.bhuefbfrvbn.workers.dev/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Mon, 08 Jul 2024 13:55:45 GMT
last-modified: Fri, 03 May 2024 10:40:58 GMT
server: Microsoft-IIS/10.0
etag: "b52b162469dda1:0"
x-powered-by: ASP.NET
content-type: image/jpeg
access-control-allow-origin: *
accept-ranges: bytes
content-length: 410632

GET
H2 200 2022-WHITE-Toyota-Corolla-Cross-18-Xi-CVT-8156488-1-1000x1000.jpg
image.blob.ix.co.za/Used/8156488/1/ 333 KB
334 KB 513ms
504ms Image
image/jpeg 102.130.121.238
Host-Africa-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://image.blob.ix.co.za/Used/8156488/1/2022-WHITE-Toyota-Corolla-Cross-18-Xi-CVT-8156488-1-1000x1000.jpg
Requested by: Host: cqty1.bhuefbfrvbn.workers.dev
URL: https://cqty1.bhuefbfrvbn.workers.dev/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 102.130.121.238 , South Africa, ASN328364 (Host-Africa-AS, ZA),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: 44b1354c3c7c116ad99b90645b5bbc0228874f0af0a630d52b19eb09a7723231

Request headers

Referer: https://cqty1.bhuefbfrvbn.workers.dev/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Mon, 08 Jul 2024 13:55:46 GMT
last-modified: Thu, 27 Jun 2024 09:40:39 GMT
server: Microsoft-IIS/10.0
etag: "6c8d111276c8da1:0"
x-powered-by: ASP.NET
content-type: image/jpeg
access-control-allow-origin: *
accept-ranges: bytes
content-length: 341264

GET
H2 200 2023-MetallicSilver-Renault-Triber-Express-10-Express-LCV-8062679-14-3072x3072.jpg
image.blob.ix.co.za/Used/8062679/14/ 1 MB
0 908ms
899ms Image
image/jpeg 102.130.121.238
Host-Africa-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://image.blob.ix.co.za/Used/8062679/14/2023-MetallicSilver-Renault-Triber-Express-10-Express-LCV-8062679-14-3072x3072.jpg
Requested by: Host: cqty1.bhuefbfrvbn.workers.dev
URL: https://cqty1.bhuefbfrvbn.workers.dev/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 102.130.121.238 , South Africa, ASN328364 (Host-Africa-AS, ZA),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash

Request headers

Referer: https://cqty1.bhuefbfrvbn.workers.dev/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Mon, 08 Jul 2024 13:55:46 GMT
last-modified: Sat, 16 Mar 2024 09:13:25 GMT
server: Microsoft-IIS/10.0
etag: "3880cc338277da1:0"
x-powered-by: ASP.NET
content-type: image/jpeg
access-control-allow-origin: *
accept-ranges: bytes
content-length: 4000192

GET
H2 200 2022-Blue-Renault-Triber-Express-10-Express-LCV-8062672-1-1157x1157.jpg
image.blob.ix.co.za/Used/8062672/1/ 540 KB
540 KB 1069ms
1061ms Image
image/jpeg 102.130.121.238
Host-Africa-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://image.blob.ix.co.za/Used/8062672/1/2022-Blue-Renault-Triber-Express-10-Express-LCV-8062672-1-1157x1157.jpg
Requested by: Host: cqty1.bhuefbfrvbn.workers.dev
URL: https://cqty1.bhuefbfrvbn.workers.dev/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 102.130.121.238 , South Africa, ASN328364 (Host-Africa-AS, ZA),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: 0a6b74bbb5dd724f2734337433562f22e30f88d946199379c8072b261340f623

Request headers

Referer: https://cqty1.bhuefbfrvbn.workers.dev/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Mon, 08 Jul 2024 13:55:46 GMT
last-modified: Mon, 18 Mar 2024 08:00:44 GMT
server: Microsoft-IIS/10.0
etag: "ad2fee60a79da1:0"
x-powered-by: ASP.NET
content-type: image/jpeg
access-control-allow-origin: *
accept-ranges: bytes
content-length: 552583

GET
H2 200 2024-BLUEZANSKAR-Renault-Kwid-10-DYNAMIQUE-5DR-AMT-8062627-1-1000x1000.jpg
image.blob.ix.co.za/Used/8062627/1/ 382 KB
382 KB 1089ms
1081ms Image
image/jpeg 102.130.121.238
Host-Africa-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://image.blob.ix.co.za/Used/8062627/1/2024-BLUEZANSKAR-Renault-Kwid-10-DYNAMIQUE-5DR-AMT-8062627-1-1000x1000.jpg
Requested by: Host: cqty1.bhuefbfrvbn.workers.dev
URL: https://cqty1.bhuefbfrvbn.workers.dev/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 102.130.121.238 , South Africa, ASN328364 (Host-Africa-AS, ZA),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: 19fcad6bfec509ce8ea225bdc8a508bcf7aa15b0dcf74ff9f1503a01b35cd433

Request headers

Referer: https://cqty1.bhuefbfrvbn.workers.dev/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Mon, 08 Jul 2024 13:55:46 GMT
last-modified: Mon, 18 Mar 2024 09:16:18 GMT
server: Microsoft-IIS/10.0
etag: "e313fef1479da1:0"
x-powered-by: ASP.NET
content-type: image/jpeg
access-control-allow-origin: *
accept-ranges: bytes
content-length: 391230

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 89A8 42 B
65 B 235ms
234ms Fetch
image/gif 172.217.18.2
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjss99HgA1XbJHw8du8nkhFj5iKf1V55yaEiZJFCSP1Yhwm2qF-bgwyUAaAjd-U5LmxTZG-Ed7H_vDZTxhwTraWuka2tQ62So94J7_pbwlxURC3hpUVBnKwNi99_BQ4g7WHKIPcePULMKQ88bcN_AQ3qrL8COqDrKpr0F5MYcn0QJDYE&sig=Cg0ArKJSzLL8pWJLdOdIEAE&id=lidar2&mcvt=1000&p=190,1426,886,1600&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20240701&bin=7&avms=nio&bs=1600,1200&mc=1&vu=1&app=0&itpl=3&adk=2185212989&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&vs=4&r=v&co=1637974500&rst=1720446945595&rpt=367&isd=0&lsd=0&met=mue&wmsd=0&pbe=0&fle=0&vae=0&spb=0&sfl=0&ffslot=0&reach=8&io2=0

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ufs_web_display.js

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.18.2 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s22-in-f2.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://cqty1.bhuefbfrvbn.workers.dev/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 08 Jul 2024 13:55:47 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 108D 42 B
65 B 234ms
234ms Fetch
image/gif 172.217.18.2
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjssVOv_4zeGsLslrkIfBST7lBBBh-yVQujTEdMnCt3qgFUfDsqWi9nARMZ3FZogmDF2fgdDGwY9dlK9mzveQAdQhIafVsxLMwie6ifaz4LAd0013ZJOogJE_AeP29i2sTHFiIJYZAS7RT3BY2USUJBYxzF6Tj5qjlqzou3BRKlpRBLs&sig=Cg0ArKJSzKPQxK7NRHW0EAE&id=lidar2&mcvt=1000&p=454,1074,704,1374&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20240701&bin=7&avms=nio&bs=1600,1200&mc=1&vu=1&app=0&itpl=3&adk=435244622&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&vs=4&r=v&co=1637974600&rst=1720446945617&rpt=453&isd=0&lsd=0&met=mue&wmsd=0&pbe=0&fle=0&vae=0&spb=0&sfl=0&ffslot=0&reach=8&io2=0

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ufs_web_display.js

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.18.2 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s22-in-f2.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://cqty1.bhuefbfrvbn.workers.dev/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 08 Jul 2024 13:55:47 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 7DDE 42 B
65 B 233ms
233ms Fetch
image/gif 172.217.18.2
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjssSkPsBkGfwaU_Rf79Wu89xaJVvfTk1MM5c6CoAoE-bultMzuq5cIlsEvBb3IQse-MiLqpaW764-YCaKPiT_gJXczFmzdpb9ryLMu3vYCvCXRsbgff3QktKr5cTn88rUAZL1kmPyvsTuB_L9HMX4UxokJnLYuzBx6k-8twhbjcgDJQ&sig=Cg0ArKJSzO3omZeDwReLEAE&id=lidar2&mcvt=1001&p=190,0,886,174&mtos=1001,1001,1001,1001,1001&tos=1001,0,0,0,0&v=20240701&bin=7&avms=nio&bs=1600,1200&mc=1&vu=1&app=0&itpl=3&adk=979567663&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&vs=4&r=v&co=1637974600&rst=1720446945580&rpt=557&isd=0&lsd=0&met=mue&wmsd=0&pbe=0&fle=0&vae=0&spb=0&sfl=0&ffslot=0&reach=8&io2=0

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ufs_web_display.js

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.18.2 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s22-in-f2.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://cqty1.bhuefbfrvbn.workers.dev/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 08 Jul 2024 13:55:47 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 7E64 42 B
65 B 233ms
233ms Fetch
image/gif 172.217.18.2
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsszXmbQhHSusCg3a5QNTS8ReMvTrfIIHlStGur_QBMEp2g9TG6orhVJm9lOcvctclAh_po_E_0K-ASRKQV0bLU7_lDVghBXL5aUTuk7KpwCEeihe68w8bd69vNqj3dRjyjvxVt7pyU4DyYyOQ0H6PYOQ54TYUUloQY1F5L-ahXhGzg&sig=Cg0ArKJSzMo_H0-lrS50EAE&id=lidar2&mcvt=1003&p=99,436,189,1164&mtos=1003,1003,1003,1003,1003&tos=1003,0,0,0,0&v=20240701&bin=7&avms=nio&bs=1600,1200&mc=1&vu=1&app=0&itpl=3&adk=2558534381&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&vs=4&r=v&co=1637974600&rst=1720446945607&rpt=563&isd=0&lsd=0&met=mue&wmsd=0&pbe=0&fle=0&vae=0&spb=0&sfl=0&ffslot=0&reach=8&io2=0

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ufs_web_display.js

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.18.2 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s22-in-f2.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://cqty1.bhuefbfrvbn.workers.dev/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 08 Jul 2024 13:55:47 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 1791 42 B
65 B 234ms
234ms Fetch
image/gif 172.217.18.2
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsvtdZw0EAxApGGopOzBay0emcl0Ta38S9sBxwGCQyVukBVQmW6TyosiYXIqS0wWbzZ_87yiDL2o5t8Ev3YgdBeY9roaEHV2z2IDirP7lU65FQEz5eNV-M9izj6ij-ASjsxNOn3gzrCj6OrpDxMN_MTvPMiJgQSdP4v7_y0ZOo7CGu4&sig=Cg0ArKJSzCag3Zwl-_nPEAE&id=lidar2&mcvt=1004&p=719,1074,969,1374&mtos=1004,1004,1004,1004,1004&tos=1004,0,0,0,0&v=20240701&bin=7&avms=nio&bs=1600,1200&mc=1&vu=1&app=0&itpl=3&adk=302933537&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&vs=4&r=v&co=1637974600&rst=1720446945628&rpt=564&isd=0&lsd=0&met=mue&wmsd=0&pbe=0&fle=0&vae=0&spb=0&sfl=0&ffslot=0&reach=8&io2=0

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ufs_web_display.js

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.18.2 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s22-in-f2.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://cqty1.bhuefbfrvbn.workers.dev/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 08 Jul 2024 13:55:47 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 1B55 42 B
65 B 234ms
234ms Fetch
image/gif 172.217.18.2
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsubx0j9pKxFLvY3f6vWM_fXJCysSqAmmKHBHAD5QO85doTNTAozOMiD3_EyntllzNxONBFkYOv7cjI8zF8ShlbE4Ag3pTYlVgXXDHut9TQgeNuHQx5qgiY09E2YZW3nBdxK90zYWApOwaPYFBeM4yKx3aMeESgEVmOmN_IBXI7ja5w&sig=Cg0ArKJSzHWm8AkeFxzkEAE&id=lidar2&mcvt=1000&p=1110,436,1200,1164&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20240701&bin=7&avms=nio&bs=1600,1200&mc=1&vu=1&app=0&itpl=3&adk=25877906&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&vs=4&r=v&co=1637974600&rst=1720446945868&rpt=448&isd=0&lsd=0&met=mue&wmsd=0&pbe=0&fle=0&vae=0&spb=0&sfl=0&ffslot=0&reach=8&io2=0

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ufs_web_display.js

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.18.2 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s22-in-f2.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://cqty1.bhuefbfrvbn.workers.dev/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 08 Jul 2024 13:55:47 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Verdicts & Comments Add Verdict or Comment

101 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

7 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.bhuefbfrvbn.workers.dev/	1970-01-21 00:03:42	Name: _gcl_au Value: 1.1.1945906829.1720446945
.criteo.com/	1970-01-21 07:15:42	Name: receive-cookie-deprecation Value: 1
.bhuefbfrvbn.workers.dev/	1970-01-20 21:55:33	Name: _gid Value: GA1.3.257934053.1720446945
.bhuefbfrvbn.workers.dev/	1970-01-20 21:54:07	Name: _gat_gtag_UA_11411975_1 Value: 1
.bhuefbfrvbn.workers.dev/	1970-01-21 07:30:06	Name: _ga_KYLBT1M2BJ Value: GS1.1.1720446945.1.0.1720446945.60.0.0
.bhuefbfrvbn.workers.dev/	1970-01-21 07:30:06	Name: _ga Value: GA1.1.505424223.1720446945
.doubleclick.net/	1970-01-20 21:54:07	Name: test_cookie Value: CheckForPermission

1 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
javascript	warning	URL: https://cqty1.bhuefbfrvbn.workers.dev/(Line 2101) Message: A parser-blocking, cross site (i.e. different eTLD+1) script, https://highburyads.co.za/www/delivery/ajs.php?zoneid=1599&cb=40944892961&charset=UTF-8&loc=https%3A//cqty1.bhuefbfrvbn.workers.dev/, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

buttons-config.sharethis.com
c2fee64726ff3dcf87809d402f7ffa1b.safeframe.googlesyndication.com
cdn.taboola.com
cqty1.bhuefbfrvbn.workers.dev
dctboyojy.578333.xyz
fonts.googleapis.com
fonts.gstatic.com
googleads.g.doubleclick.net
gum.criteo.com
highburyads.co.za
image.blob.ix.co.za
l.sharethis.com
pagead2.googlesyndication.com
platform-api.sharethis.com
region1.analytics.google.com
securepubads.g.doubleclick.net
static.cloudflareinsights.com
stats.g.doubleclick.net
tpc.googlesyndication.com
www.google-analytics.com
www.google.com
www.google.nl
www.googleadservices.com
www.googletagmanager.com
www.googletagservices.com
102.130.121.238
142.250.181.227
142.250.185.162
142.250.186.100
142.250.186.130
151.101.129.44
151.101.65.44
172.217.16.194
172.217.18.2
172.67.216.21
188.114.96.3
2001:4860:4802:32::36
2600:9000:2127:e800:c:abe:f440:93a1
2606:4700:3033::6815:4e37
2606:4700::6810:4f49
2a00:1450:4001:803::200a
2a00:1450:4001:809::2002
2a00:1450:4001:80b::2001
2a00:1450:4001:80b::2008
2a00:1450:4001:827::2003
2a00:1450:4001:82a::200e
2a00:1450:4001:82b::2001
2a00:1450:4001:82f::2003
2a00:1450:400c:c04::9c
2a02:2638:3::c
3.69.40.101
65.9.95.36
014010751394eb4042ba71e6262ef497028912a287eaa01fa9fa82c96db3742d
038bd21e20a795956bc2d76c39c26c38247beb41cb859a05aaea1c76e027ebae
066bf781659af09bb40a24a7d87dd2310c2324c9619e347c6d6d05c00ffeb182
0a6b74bbb5dd724f2734337433562f22e30f88d946199379c8072b261340f623
0c7178cc6ca34fb18e30f070a5e7a1c287b2d7ccfcba2cfdf06e0f46eda55740
0f92e4e91880af852e0f5d85dec5e0bd99a3452bb57cb9843735b5075a86f385
112748ae973bead369b416cd0ba70c9aced54c043c4be5b43401e998426580b7
122fac0ffbb44fb8bba0388baa11afc67faec3b223a06871a40dbcab4c6cc787
16e665c3ab8d60d214580dbdce0cd84d27cdad903593a86574d230efe90c4952
189b8ed64093b12937354b2ef71ccf1df59690d90432241a10fe1cb25000acba
19fcad6bfec509ce8ea225bdc8a508bcf7aa15b0dcf74ff9f1503a01b35cd433
1d0bed49d934e674865b67fa29c984cba773316390c25a2831c88073da58dc2d
1e3fa10dc820a119caefb5ee3860acce7f3c2cdf78cb80b73fca89094abb24c1
1f7e5cdad9d492f7a468f1301c6443bfa386e66ef7b6a2789569152ec37fff32
1fca89b20705c6970617e9f5a3c18bdfd40ae1dd066d645deaaab856f91a1f3f
21061765237c66c10b48e236063a3497c22d33629e98f8654d1a3b860fa48700
25068766bea3ae98004f63d12d9145633c4916f32ce252431ac10406725dbd74
2567b63dccdb21c400fd427937bf5b58893b4d17d1e5c047c308f3f5fea0de37
2866e98ae386469948188b57264807622938fd4c2f1a251b93473669c03497b1
28bfbe8a58027f433d124e1ded7ea900d08a5f73354359775626a9deed907386
2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe
2b5c6fefbc9cf825ebc533e5debfff5fb482c831e783d79198f1c1b6946fcce2
2c908805bb93ed91ca0f9fcd6cb213315d350d3dd826fac4e31e268d96a80b63
2d72616ad0a367087e407d65b6eaa0df759a4c5f1c36cfb6d4899307f155c81a
2e0c66741dfec2c3002fe92915499f6808da0a9ce99d34916bd9e7883d0f8074
30eba624890629f7fb30b4fc8a361b0dc3a7b161e9acf0330d2ac47bbf1006c3
31b9a64530ca997b6bcc15ed933a677acb8659fd3d75c6f54736657bbf69c18e
32e593a2d68a24dda32f9c841233d5ac706fc575f582350fe26e043ff7bb1783
3442ff60c2a33c78c7b8a655b78d1ab757c6122a5cbfe9b84473f073805c709c
34d0c43ac6f03c6acee53f2edc211517edc33a6f1ef06ececc83d6eca33c608c
35825e2b5d8f38b406c8c0555ee5f6414956898641b7bedb67bbd8f776946748
3636633f563460288a9b022b599a1d204dfdb7cde5bd399ed23ce3850105b7e6
3a05703fc249f3bf3f44cb427cfbfbd8460c05692880495ef7f62db393218156
3caea22bb39112951c5f10b8c6b94149f08e48dcbe3b23619adf6a02bc8e2da7
3d49b5d25b23f62d9db04b5bfb11a3aa5d443eb278eb55c2cbdd8da81c64523a
3e37441765bb9324e2af8077194a2f0185d0c821ab2996edde7bc8328bf92d29
40c5a3816b27d87a187ffaabaef1a4d162f5510c51215f77da2ec281aaa2060a
4200e8df2c5f52c2bf9bd2f41ed424edd48c54b7534071a9e61f5ee4602b742f
42128027b82394dddc5828393482b9699e126249f79f647f28a249e39b029607
42e3aa6d662901ad9a1a467a06d2ea7514451ad93b1fda75bc093374aba78290
432eb81d99e6c7f947e6e9f30ca98503157b92ae8fdf6e21a2da6ea143fbf3f9
4416286665bbc024eb7d80114a57625e9f57ea495844950d060293b230599af5
44b1354c3c7c116ad99b90645b5bbc0228874f0af0a630d52b19eb09a7723231
476f713d39d370558402964f702894f0514a83e744c32f8c05bcda27bb118bca
4a213644824687bdb789ed24531180f6b9a91f80482a980f91c60547a09c3258
4afb07a576ad56e9e95c56167d9334061db42900677bef2585a33df4d4e28aba
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
4e6ce5444c7f396cef0eb1fa3611034151e485dd06fbe5573a5583e1eebc98c3
5012542ef03c024f84bb5d2b0413fa110fd14533fb2a6473cd264b4df145cd44
50af957b9bedb343bf0cea4f4dc08b16aef7861d2890324adea73189105cd978
5274f11e6fb32ae0cf2dfb9f8043272865c397a7c4223b4cfa7d50ea52fbde89
5473248018f348cf42cd64f7768873a9b3deac3ca579e8c3a9d69feb0a4deb3b
5ad9bd21fb6717d406acb28c063cb8ff0969564cb1c3cf5089496f2ea4f0fbb1
5b627bc5ed3197d1eea12ffd9de8536c5bdab9ed3cc307ff4f51a081d4c6dba2
5b9f9afe7621ec465573f58064f5bef3a229e5e19362351168fd211f6a28bb5c
5cd160f0761224389d0794a6ba6838ba8c260a15bb32ab82d20e8d8cddaf849b
6130cfa42d00cf9223a5bbc4310619eb81201bce28922cef573fdb8ebb95e2ee
6165e152a8800f0fac70adf9d459535cee60a2fb561c98f87db892d973c911e8
647f9f85c5c0cbe0e6cc412225e043fc7abe5227cd1f148e39cb4ae560fb148a
65d43fc1d47bdab6bb9a4f5add734f8b9d059f9e773c431a350b3804bfe38a7f
664940e70b22e4179c97dd19ebbe17ea6758e543de6160bcb189fbe8cb4bf4a4
66e9bf446316f6eec5eaefa7098592bbd2144a60eb38c481db233a6ca8b8d94a
679e233357e93a4f4d15bc2e62d33e0048a978a5ddd57a78ad1203d614b0773a
68e41b1cf2b6d00eedaa9ec57a7311a481d2bc03b8665bf44f3580943ea8a11a
6dcd4d59cb7a9228d46fa021bd9e71a27f5e523262af8ed404cacf23a646080d
70619499e4709f4bc53d884a45e4895660c497295228bc928ae17ae694494c48
716cb523fa841c30059a51fb52757884a4e5ddaaf9fdd33bd4fe4b6561421fe0
72dab8d6edb1639e61c4ff09a24320a00ea663afb9798941973c4485ef7c5b99
744267d0ad832cbc545f4f9bd5cecd0cf51a0ed600fcca68883255dd0fc55591
754eb49a3151007ffe99db087e166fc6637651c12f614ac8696fbe76e7dca78e
77caa92f758f70c4f5953180bba818d10ace096b8ceeb84a0e0bdc86c2fc5fd4
78fbbffad8fe3133860095eb3648454c538d8343c106df9da38c0255c233457a
7dec8257bc2f97f66b8e9b2bc91bb6b73304596fd9c0e6693dd857ffa1b23d9f
7e262106f82cc52663e403f5b73795bbeab9ca0630c33c03579354fbcd4fae1e
8352b5b204ffd4c0f6946891dc9210b0973c001401e74f8f84d850d42e601726
8a18d13015336bc184819a5a768447462202ef3105ec511bf42ed8304a7ed94f
8bb57fcb37c5f411c45ac7ceef54cebe0e8550e0f766052e6f001b64f279f3ce
9642e72ab2d4621ecd3ebdfbc35330a9dfbd7356fd5343b022d3ce1c4d30783c
98496a884fd063ea8c90a862cee44986f6c945b33748f5967a775f01a65fd570
98cecf88a23542fa047ce46eedb650b5c5128761ed4386c0977b847094ddfa20
98d32b00fca86fc6994df33302e051a6ad03461a43ff5797d5b10ace4cf4772f
9efbb9bc93157ded8e59a37cc2c3786fe95706201a488692fdac00b8579662f1
9f83d55dba8d6d1b574e5c34d4bca4548520c8fdaefcf860f44af33ca0258b11
a0008eb2109ddfca588c1a7a7f4e68bfc3aa1462c894d05f885c3be21e12e4be
a26e6e117c00f30f956ccd72eb6af343ca68e42e10be4800ccbfe8abf96d32df
a3c900b1f74a688dce1d47b538040ea7c8b243ae8a3e25de58482041b6feb2b8
a5149b5a78e38c4c320ad29c3da824fb90741c8baff03cb322895316467d1a96
acf855a10023b75eaa51024dbcca5294e93b2af1cde2217194e98706824e6d7d
b352e35f5413292120165ce13962b3cead65738da4191b43286c6592d81e3a9e
b47ff5860c7ae685f8910dd1ca023c517603c8f3f408d83da450db63868a8bef
b8a2eb068a42de22eee0dfb6173e802bbdb065b2cbe08c926952d8f11a22dd4f
b9a5013374693c76df7c594affb3623b73d5df88bcbf925971e62186298ca9d2
b9c8443e144d95f5b8823da366dd8dae7ca048aef8a795f2409549a64f3e3952
ba502317dc356ef143de5cd60838339f7dc5f235d5441b9fb5eb4c15855c6f69
bb18cfce09669017a9ff75a912366a897f654d0c32f4b2ecb7112efe3f68c7cf
bb886e109d443b03c41bfed1c276a7ca5de30bbe60949d7c23b54c0bb6af2337
bfbb02b2f82750344aa2bc6329085a7550de92926a22a951db6f1629fab862f0
c1438b7405eba426d534e4fb05a5dac264bc2d6b4e9cd05f7b8af32d225170ce
c1b0f6dee1e2b4b439e62daffe536db30431a1ca3d0628aa134b6ed7d689b91b
c239fbd2387ceff073b22f05559eb6a3a9425ccde003eccb22a998429465302f
c69f5786e5a533373cb05708984f7a43045904d333bcbb50fb754659eaeddef4
c946c4a4f654d511da76e9710ad22adc8fe9b5e9f424b14ce4a2265923c98802
cb6f2d32c49d1c2b25e9ffc9aaafa3f83075346c01bcd4ae6eb187392a4292cf
d6c6f0dedaa5f80bc141cdf9f6ba2b085ecd8781e6fa2e163ad33ed51c4b565a
dc61af77cc90e826ea655c43ef6ff9e28bd219e02ce269c60ddb4dc57ca741dd
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
dea3c2d66b0679ee2db67a21c0a434f3e14d6ac8a2af06877a711151fc32b56d
df2dbe77839fc3cb86552ed81b59456e25e95c65882976aa5fa7280e2f734f3a
dfdd48303056a9528b872d9555ac33db34c7ce114b8e3dd0e93e56fbc956821c
e1ce0ead5458e276a5ebd4ee30d8042e95108571cd3dcb208bea93bbaac3de71
e2f78c68fc3d26045673e4daad5a261874d25cc3256ffaaf0a82194440daca03
e3921e972d6cf890bf16129c336fecd293cc26265d7952a080ae91e888fb1a7f
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e8a700630a179fb4e70f040a3dcb2334833dce7788f25a09f64542557615d41e
e8ecef3343b1c3ef1af65add1ac283278f80aa021cdc4a12f746bd77bdc96c10
ea175c29224a838ddf9e61be79276ffd6cee40df20566b647be41ac0c326bdcd
ee243c73addc0685d8bf52fe27cf4483488a8445f727e1cd4ddc3bd0fda866f1
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f55c1dbc04d02e68da4ad12c1b703a08b9582e56154f5d18ee1ff792cf0648a0
f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
f678ed2950ff009ba4f69d27138a40f8e926a177618583a04195774cb2ffc0c6
f8b0220980de4339ca04d32bc5656435847fecb3a47f2eac38e33277e18eddc8
f928af9ebf371d1f0a1063fe35b1d8c9635e9166452bbc1eb6fd9c2118c81acf
fa8d490fd9b2d65029f9c3ffd4e5fc299fbb9e4e3106c03adf81d24e9973d378
fc609c8f86bcf6bdcdbb981b7cd50421337712a899c0e0ab721d152406245314
fedf79d11b2327ae2d35d7c0e3390f86b3a07036cec89f65c1e9293130c9b033

cqty1.bhuefbfrvbn.workers.dev Open in urlscan Pro 188.114.96.3 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

206 Requests

99 %HTTPS

52 %IPv6

18 Domains

25 Subdomains

27 IPs

6 Countries

7231 kBTransfer

15423 kBSize

7 Cookies

67 Outgoing links

Redirected requests

206 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 9 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

cqty1.bhuefbfrvbn.workers.dev Open in urlscan Pro
188.114.96.3 Public Scan

Screenshot
Live screenshot

Full Image

206
Requests

99 %
HTTPS

52 %
IPv6

18
Domains

25
Subdomains

27
IPs

6
Countries

7231 kB
Transfer

15423 kB
Size

7
Cookies

206 HTTP transactions
9 data transactions