foxybot.win Open in urlscan Pro
2606:4700:3032::ac43:c61d Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://foxybot.win/
Effective URL:
https://foxybot.win/
Submission: On November 15 via api (November 15th 2024, 12:55:27 am UTC) from US — Scanned from DE

Summary HTTP 49 Redirects Links 12 Behaviour Indicators

Summary

This website contacted 11 IPs in 2 countries across 9 domains to perform 49 HTTP transactions. The main IP is 2606:4700:3032::ac43:c61d, located in United States and belongs to . The main domain is foxybot.win.
TLS certificate: Issued by WE1 on September 29th 2024. Valid for: 3 months.

This is the only time foxybot.win was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
20	2606:4700:303... 2606:4700:3032::ac43:c61d	() ()
1	2a00:1450:400... 2a00:1450:4001:827::2008	15169 (GOOGLE) (GOOGLE)
1	2606:4700::68... 2606:4700::6811:190e	13335 (CLOUDFLAR...) (CLOUDFLARENET)
8	2a00:1450:400... 2a00:1450:4001:813::2002	15169 (GOOGLE) (GOOGLE)
1	2606:4700::68... 2606:4700::6810:4f49	13335 (CLOUDFLAR...) (CLOUDFLARENET)
7	2a00:1450:400... 2a00:1450:4001:806::200a	15169 (GOOGLE) (GOOGLE)
6	2a00:1450:400... 2a00:1450:4001:80b::2003	15169 (GOOGLE) (GOOGLE)
1	2001:4860:480... 2001:4860:4802:32::36	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:80e::2002	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:831::2001	15169 (GOOGLE) (GOOGLE)
49	11

20 2606:4700:3032::ac43:c61d (United States)

ASN- ()

foxybot.win	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:827::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6811:190e (United States)

ASN13335 (CLOUDFLARENET, US)

cdnjs.cloudflare.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 2a00:1450:4001:813::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6810:4f49 (United States)

ASN13335 (CLOUDFLARENET, US)

static.cloudflareinsights.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2a00:1450:4001:806::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a00:1450:4001:80b::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2001:4860:4802:32::36 (United States)

ASN15169 (GOOGLE, US)

region1.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:80e::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

ep1.adtrafficquality.google	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:831::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

ep2.adtrafficquality.google	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
20	foxybot.win foxybot.win	17 MB
8	googlesyndication.com pagead2.googlesyndication.com — Cisco Umbrella Rank: 127	196 KB
7	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 55	4 KB
6	gstatic.com fonts.gstatic.com	67 KB
3	adtrafficquality.google ep1.adtrafficquality.google — Cisco Umbrella Rank: 530 ep2.adtrafficquality.google — Cisco Umbrella Rank: 539	19 KB
1	google-analytics.com region1.google-analytics.com — Cisco Umbrella Rank: 2944
1	cloudflareinsights.com static.cloudflareinsights.com — Cisco Umbrella Rank: 743	7 KB
1	cloudflare.com cdnjs.cloudflare.com — Cisco Umbrella Rank: 275	11 KB
1	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 64	109 KB
49	9

	Domain	Requested by
20	foxybot.win	foxybot.win static.cloudflareinsights.com
8	pagead2.googlesyndication.com	foxybot.win pagead2.googlesyndication.com
7	fonts.googleapis.com	foxybot.win
6	fonts.gstatic.com	fonts.googleapis.com
2	ep2.adtrafficquality.google	pagead2.googlesyndication.com ep2.adtrafficquality.google
1	ep1.adtrafficquality.google	pagead2.googlesyndication.com
1	region1.google-analytics.com	www.googletagmanager.com
1	static.cloudflareinsights.com	foxybot.win
1	cdnjs.cloudflare.com	foxybot.win
1	www.googletagmanager.com	foxybot.win
49	10

This site contains links to these domains. Also see Links.

Domain
discord.gg
twitter.com
instagram.com
youtube.com
www.tiktok.com
github.com
cakeyfox.live

Subject Issuer	Validity	Valid
foxybot.win WE1	`2024-09-29` - `2024-12-28`	3 months	crt.sh
*.google-analytics.com WR2	`2024-10-21` - `2025-01-13`	3 months	crt.sh
cdnjs.cloudflare.com WE1	`2024-09-28` - `2024-12-27`	3 months	crt.sh
*.g.doubleclick.net WR2	`2024-10-21` - `2025-01-13`	3 months	crt.sh
cloudflareinsights.com WE1	`2024-11-01` - `2025-01-30`	3 months	crt.sh
upload.video.google.com WR2	`2024-10-21` - `2025-01-13`	3 months	crt.sh
*.gstatic.com WR2	`2024-10-21` - `2025-01-13`	3 months	crt.sh
adtrafficquality.google WR2	`2024-10-21` - `2025-01-13`	3 months	crt.sh

This page contains 8 frames:

Primary Page: https://foxybot.win/
Frame ID: 6EFDC7A52AFA14A852711110AD3F5723
Requests: 42 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/html/r20241112/r20190131/zrt_lookup_fy2021.html
Frame ID: 05E59CDD0D13425D657269AC4313CADE
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/ads?client=ca-pub-7726590371480649&output=html&adk=1812271804&adf=3025194257&abgtt=6&lmt=1731632110&plaf=1%3A2%2C2%3A2%2C7%3A2&plat=1%3A128%2C2%3A128%2C3%3A128%2C4%3A128%2C8%3A128%2C9%3A134250504%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&format=0x0&url=https%3A%2F%2Ffoxybot.win%2F&pra=5&wgl=1&aihb=0&aiof=4&asro=0&ailel=1~2~4~6~7~8~9~10~11~12~13~14~15~16~17~18~19~20~21~24~29~30~34&aiael=1~2~3~4~6~7~8~9~10~11~12~13~14~15~16~17~18~19~20~21~24~29~30~34&aicel=33~38&aifxl=29_18~30_19&aiixl=29_5~30_6&aiict=1&aifgd=1&aipaq=1&itsi=-1&aiombap=1&aiopts=1&aief=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1731632110256&bpp=2&bdt=865&idt=105&shv=r20241112&mjsv=m202411070101&ptt=9&saldr=aa&abxe=1&eoidce=1&nras=1&correlator=4508325097976&frm=20&pv=2&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=95344188%2C95335247%2C95345966&oid=2&pvsid=2112051726392885&tmod=199718754&uas=0&nvt=1&fsapi=1&fc=1920&brdim=1570%2C1170%2C1570%2C1170%2C1600%2C0%2C1600%2C1285%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&bz=1&td=1&tdf=2&nt=1&ifi=1&uci=a!1&fsb=1&dtd=142
Frame ID: FB3B56183EC676D64605DC1C19119622
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/ads?client=ca-pub-7726590371480649&output=html&h=280&slotname=9688545926&adk=944291198&adf=1795251393&pi=t.ma~as.9688545926&w=1200&abgtt=6&fwrn=4&fwrnh=100&lmt=1731632110&rafmt=1&format=1200x280&url=https%3A%2F%2Ffoxybot.win%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1731632110258&bpp=4&bdt=867&idt=345&shv=r20241112&mjsv=m202411070101&ptt=9&saldr=aa&abxe=1&eoidce=1&prev_fmts=0x0&nras=1&correlator=4508325097976&frm=20&pv=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=610&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=95344188%2C95335247%2C95345966&oid=2&pvsid=2112051726392885&tmod=199718754&uas=0&nvt=1&fc=1920&brdim=1570%2C1170%2C1570%2C1170%2C1600%2C0%2C1600%2C1285%2C1600%2C1200&vis=1&rsz=%7C%7CEe%7C&abl=CS&pfx=0&fu=128&bc=31&bz=1&td=1&tdf=2&nt=1&ifi=2&uci=a!2&fsb=1&dtd=351
Frame ID: 446B2DD7B1D07A7B60675EA0D9A420D5
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/ads?client=ca-pub-7726590371480649&output=html&h=200&slotname=3945709430&adk=3002260463&adf=289864595&pi=t.ma~as.3945709430&w=600&abgtt=6&lmt=1731632110&format=600x200&url=https%3A%2F%2Ffoxybot.win%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1731632110262&bpp=1&bdt=871&idt=360&shv=r20241112&mjsv=m202411070101&ptt=9&saldr=aa&abxe=1&eoidce=1&prev_fmts=0x0%2C1200x280&nras=1&correlator=4508325097976&frm=20&pv=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=500&ady=1352&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=95344188%2C95335247%2C95345966&oid=2&pvsid=2112051726392885&tmod=199718754&uas=0&nvt=1&fc=1920&brdim=1570%2C1170%2C1570%2C1170%2C1600%2C0%2C1600%2C1285%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=0&bc=31&bz=1&td=1&tdf=2&nt=1&ifi=3&uci=a!3&btvi=1&fsb=1&dtd=362
Frame ID: A9D5827ADF1DB04510E053DD021B8B24
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/ads?client=ca-pub-7726590371480649&output=html&h=200&slotname=4422816610&adk=3636437647&adf=2973209031&pi=t.ma~as.4422816610&w=600&abgtt=6&lmt=1731632110&format=600x200&url=https%3A%2F%2Ffoxybot.win%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1731632110263&bpp=1&bdt=872&idt=370&shv=r20241112&mjsv=m202411070101&ptt=9&saldr=aa&abxe=1&eoidce=1&prev_fmts=0x0%2C1200x280%2C600x200&nras=1&correlator=4508325097976&frm=20&pv=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=500&ady=1968&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=95344188%2C95335247%2C95345966&oid=2&pvsid=2112051726392885&tmod=199718754&uas=0&nvt=1&fc=1920&brdim=1570%2C1170%2C1570%2C1170%2C1600%2C0%2C1600%2C1285%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=0&bc=31&bz=1&td=1&tdf=2&nt=1&ifi=4&uci=a!4&btvi=2&fsb=1&dtd=372
Frame ID: 5B039641C62B09EC02C5731D66DDD9B2
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/ads?client=ca-pub-7726590371480649&output=html&h=200&slotname=1511117782&adk=469732602&adf=1905706653&pi=t.ma~as.1511117782&w=600&abgtt=6&lmt=1731632110&format=600x200&url=https%3A%2F%2Ffoxybot.win%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1731632110263&bpp=1&bdt=872&idt=380&shv=r20241112&mjsv=m202411070101&ptt=9&saldr=aa&abxe=1&eoidce=1&prev_fmts=0x0%2C1200x280%2C600x200%2C600x200&nras=1&correlator=4508325097976&frm=20&pv=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=500&ady=2610&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=95344188%2C95335247%2C95345966&oid=2&pvsid=2112051726392885&tmod=199718754&uas=0&nvt=1&fc=1920&brdim=1570%2C1170%2C1570%2C1170%2C1600%2C0%2C1600%2C1285%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=0&bc=31&bz=1&td=1&tdf=2&nt=1&ifi=5&uci=a!5&btvi=3&fsb=1&dtd=383
Frame ID: 7379187A7A2B5D6E0F877FC8BDCB4919
Requests: 1 HTTP requests in this frame

Frame: https://ep2.adtrafficquality.google/sodar/sodar2/232/runner.html
Frame ID: 70C370ECD56F1CC1748D3320A69B7392
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Um simples bot multiuso para o Discord

Page URL History Show full URLs

http://foxybot.win/ HTTP 307
https://foxybot.win/ Page URL

Detected technologies

React (JavaScript Frameworks) Expand

Overall confidence: 100%
Detected patterns

<[^>]+data-react

Cloudflare Browser Insights (Analytics) Expand

Overall confidence: 100%
Detected patterns

static\.cloudflareinsights\.com/beacon(?:\.min)?\.js

Font Awesome (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]*?(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtag/js

Page Statistics

49
Requests

98 %
HTTPS

100 %
IPv6

9
Domains

10
Subdomains

11
IPs

2
Countries

17479 kB
Transfer

18186 kB
Size

4
Cookies

12 Outgoing links

These are links going to different origins than the main page.

URL: https://discord.gg/cafofodaduda
Title: Cafofo da Duda

Search URL Search Domain Scan URL

URL: https://discord.gg/fhany
Title: Servidor da Fhany

Search URL Search Domain Scan URL

URL: https://discord.gg/Q9BzXvHbpb
Title: Cafeteria do Sally

Search URL Search Domain Scan URL

URL: https://discord.gg/station-coffee-772182631798276158
Title: Station Coffee

Search URL Search Domain Scan URL

URL: https://discord.gg/gMz858Zahf
Title: Red Dead Brasil

Search URL Search Domain Scan URL

URL: https://twitter.com/FoxyDiscordBot

Search URL Search Domain Scan URL

URL: https://instagram.com/foxydiscordbot

Search URL Search Domain Scan URL

URL: https://youtube.com/@foxydiscordbot

Search URL Search Domain Scan URL

URL: https://www.tiktok.com/@foxydiscordbot

Search URL Search Domain Scan URL

URL: https://github.com/FoxyTheBot

Search URL Search Domain Scan URL

URL: https://discord.gg/6mG2xDtuZD

Search URL Search Domain Scan URL

URL: https://cakeyfox.live/
Title: CakeyFox

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://foxybot.win/ HTTP 307
https://foxybot.win/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

49 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H3

200

Primary Request / Show response
foxybot.win/
Redirect Chain

http://foxybot.win/
https://foxybot.win/

29 KB
13 KB

651ms
624ms

Document
text/html

2606:4700:3032::ac43:c61d

General

Check archive.org

Show headers Download Go to

Full URL: https://foxybot.win/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3032::ac43:c61d , United States, ASN (),
Reverse DNS
Software: cloudflare / Express
Resource Hash: 6f55a2469c2c16679b88a3d331658972902ce6ea336022e1072f6f5a8c9f8388

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

alt-svc: h3=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 8e2b4627b968dc58-FRA
content-encoding: zstd
content-type: text/html; charset=utf-8
date: Fri, 15 Nov 2024 00:55:09 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
priority: u=0,i
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=lkz3qRmXNpSJ%2FFjSZoytbNc8y6cVbo1xtQNf3L8ieGIMRmK7z%2FYBP0zxq2AS72lS1hDHNroVAEGJAxLfHwjFrb5KkYACeasw0CLdoLSYBVdjDjFV1hAH4hC1B2S6KOjEwOgiDhlpTn9RkQ%3D%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
server-timing: cfCacheStatus;desc="DYNAMIC" cfL4;desc="?proto=QUIC&rtt=10895&sent=12&recv=11&lost=0&retrans=0&sent_bytes=4186&recv_bytes=4473&delivery_rate=874&cwnd=12000&unsent_bytes=0&cid=0d9fb3045a0cae08&ts=633&x=1" cfExtPri cfHdrFlush;dur=0
x-powered-by: Express

Redirect headers

Location: https://foxybot.win/
Non-Authoritative-Reason: HttpsUpgrades

GET
H3 200 header.css
foxybot.win/styles/ 6 KB
3 KB 652ms
652ms Stylesheet
text/css 2606:4700:3032::ac43:c61d

General

Check archive.org

Show headers Download Go to

Full URL: https://foxybot.win/styles/header.css
Requested by: Host: foxybot.win
URL: https://foxybot.win/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3032::ac43:c61d , United States, ASN (),
Reverse DNS
Software: cloudflare / Express
Resource Hash: f029955f3501d766312e30d97b674eb61ba357a9f95ae0d6ebf1abb1fc741f41

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://foxybot.win/

Response headers

content-encoding: zstd
cf-cache-status: EXPIRED
etag: W/"1959-1932caf4bd0"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=X4DBGEHzdsP58JINX7%2FEu%2BMKVIT4Ck466kwTG%2Fi0dTDsXhlUIic%2FHE8lH30uzJXYJ1Hc77BKQDA1KymH7RCXt4YDPHl1CXMY7bZvHbYRaztt1Ub4ywNKqFf7Vde2d57eYJb%2Bgd32xBtChw%3D%3D"}],"group":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=8800&sent=35&recv=27&lost=0&retrans=0&sent_bytes=24378&recv_bytes=7252&delivery_rate=1026837&cwnd=12000&unsent_bytes=0&cid=0d9fb3045a0cae08&ts=1300&x=1", cfExtPri, cfHdrFlush;dur=0
date: Fri, 15 Nov 2024 00:55:10 GMT
content-type: text/css; charset=UTF-8
vary: Accept-Encoding
last-modified: Thu, 14 Nov 2024 21:58:26 GMT
priority: u=0,i=?0
cache-control: public, max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 8e2b462bbd91dc58-FRA
x-powered-by: Express
server: cloudflare

GET
H3 200 footer.css
foxybot.win/styles/ 4 KB
2 KB 639ms
638ms Stylesheet
text/html 2606:4700:3032::ac43:c61d

General

Check archive.org

Show headers Download Go to

Full URL: https://foxybot.win/styles/footer.css
Requested by: Host: foxybot.win
URL: https://foxybot.win/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3032::ac43:c61d , United States, ASN (),
Reverse DNS
Software: cloudflare / Express
Resource Hash: 99bbfeaa6a117a1af3439875d7adce2f0072f519dae7e7271ecc29d85f71e2ab

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://foxybot.win/

Response headers

server: cloudflare
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding: zstd
cf-cache-status: EXPIRED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=45vINBEVvKMLA9GatSVQZ1eAqoeAA%2BQZouPSVCnN5Qs44CnVwQHM7JGC1LuXK7UQIttj0Z94Ps51I7VskOlMNx7x5iDy4Gsk4TfWZZDti0RfOQeNGb%2FXnGGTaYwcQp6joor5WUZLWdYz6A%3D%3D"}],"group":"cf-nel","max_age":604800}
cf-ray: 8e2b462bbd93dc58-FRA
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=8577&sent=28&recv=22&lost=0&retrans=0&sent_bytes=18691&recv_bytes=6657&delivery_rate=70544&cwnd=12000&unsent_bytes=0&cid=0d9fb3045a0cae08&ts=1286&x=1", cfExtPri, cfHdrFlush;dur=0
date: Fri, 15 Nov 2024 00:55:10 GMT
content-type: text/html; charset=utf-8
x-powered-by: Express
vary: Accept-Encoding
priority: u=0,i=?0

GET
H3 200 main.css
foxybot.win/styles/ 10 KB
3 KB 642ms
642ms Stylesheet
text/css 2606:4700:3032::ac43:c61d

General

Check archive.org

Show headers Download Go to

Full URL: https://foxybot.win/styles/main.css
Requested by: Host: foxybot.win
URL: https://foxybot.win/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3032::ac43:c61d , United States, ASN (),
Reverse DNS
Software: cloudflare / Express
Resource Hash: 0ed035ca2b218c2e2f52ec259e4c093f7d73af317beccaa3f1bbdfbdf9e6f052

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://foxybot.win/

Response headers

content-encoding: zstd
cf-cache-status: EXPIRED
etag: W/"2734-1932d0518a8"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=OpR%2BMWUdCSmhPPCTejSRdvIdxCv66F0DmGb3%2FrU%2BZG1S1kTXYKQigZRK186Th7pai7De6i6vmBYNTqn1Hw4tFI96ywB%2Bb7LJN0Q4uAWBeKPeW%2BhPSliOzpg6p0EZQH%2BCAJIzEktiPP%2BwgA%3D%3D"}],"group":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=8577&sent=30&recv=22&lost=0&retrans=0&sent_bytes=20897&recv_bytes=6657&delivery_rate=70544&cwnd=12000&unsent_bytes=0&cid=0d9fb3045a0cae08&ts=1291&x=1", cfExtPri, cfHdrFlush;dur=0
date: Fri, 15 Nov 2024 00:55:10 GMT
content-type: text/css; charset=UTF-8
vary: Accept-Encoding
last-modified: Thu, 14 Nov 2024 23:32:09 GMT
priority: u=0,i=?0
cache-control: public, max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 8e2b462bbd94dc58-FRA
x-powered-by: Express
server: cloudflare

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 326 KB
109 KB 76ms
32ms Script
application/javascript 2a00:1450:4001:827::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-E3J7N4BP8L

Requested by

Host: foxybot.win
URL: https://foxybot.win/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

25dcf66bc9074ffe8c6e064c4ad6ca3faf53e5e80104cb35d21b3b6882f9e839

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://foxybot.win/

Response headers

content-encoding: br
report-to: {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcycc:838:0"}],}
expires: Fri, 15 Nov 2024 00:55:10 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Fri, 15 Nov 2024 00:55:10 GMT
content-type: application/javascript; charset=UTF-8
vary: Accept-Encoding
access-control-allow-headers: Cache-Control
strict-transport-security: max-age=31536000; includeSubDomains
cache-control: private, max-age=900
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcycc:838:0
access-control-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to=coop_reporting
content-length: 110410
x-xss-protection: 0
server: Google Tag Manager

GET
H3 200 all.min.css
cdnjs.cloudflare.com/ajax/libs/font-awesome/5.15.4/css/ 58 KB
11 KB 30ms
19ms Stylesheet
text/css 2606:4700::6811:190e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/font-awesome/5.15.4/css/all.min.css

Requested by

Host: foxybot.win
URL: https://foxybot.win/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6811:190e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

99464ceb71bc9bbdcc72275faefe44f98eb5cbb6b5d8ee665b87b35376f1a96e

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://foxybot.win/

Response headers

cf-cdnjs-via: cfworker/kv
content-encoding: br
cf-cache-status: HIT
etag: "613fa20b-28de"
age: 25441
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=zHlpYnlo7hRxlvQioegrouCMtg6WWXlcR6zPsE3riZb%2BajuvBmJPTQ2UXREPRDriSxnfxovBRDhZmjr07CqFrFB9a1DiNXOZCitFOPndj7wrwX27sXk%2BB0Tq%2BteSOlaOksxd%2FsPV87IKe1U03igU5Nlv"}],"group":"cf-nel","max_age":604800}
x-content-type-options: nosniff
expires: Wed, 05 Nov 2025 00:55:09 GMT
alt-svc: h3=":443"; ma=86400
date: Fri, 15 Nov 2024 00:55:09 GMT
content-type: text/css; charset=utf-8
last-modified: Mon, 13 Sep 2021 19:10:03 GMT
vary: Accept-Encoding
strict-transport-security: max-age=15780000
cache-control: public, max-age=30672000
timing-allow-origin: *
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
cross-origin-resource-policy: cross-origin
cf-ray: 8e2b462bcedfd29a-FRA
accept-ranges: bytes
access-control-allow-origin: *
content-length: 10462
server: cloudflare

GET
H3 200 Foxy.png
foxybot.win/assets/images/ 4 MB
4 MB 938ms
937ms Image
image/png 2606:4700:3032::ac43:c61d

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://foxybot.win/assets/images/Foxy.png
Requested by: Host: foxybot.win
URL: https://foxybot.win/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3032::ac43:c61d , United States, ASN (),
Reverse DNS
Software: cloudflare / Express
Resource Hash: f6f0abde7b7d6eeb5d0f283e96f1dc5bba701395b9956f5bea3ec2be807a1a08

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://foxybot.win/

Response headers

cf-cache-status: EXPIRED
etag: W/"392b87-193223be6c0"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=sIAGEGak0883u%2BhAcxtriMIbwOOtdPFDKRMKop%2B6w3oImCo1Er100%2Bm7aW0PoEl9GIYt4a21ZNImdJE0%2FIylFvthzfd42%2B3UCMOZZm3b5QYnYQdQ31IetNQrAFe7EIasd9GwYNJBB6xpEg%3D%3D"}],"group":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=8473&sent=41&recv=40&lost=0&retrans=0&sent_bytes=27203&recv_bytes=11988&delivery_rate=414822&cwnd=12000&unsent_bytes=0&cid=0d9fb3045a0cae08&ts=1584&x=1", cfExtPri, cfHdrFlush;dur=0
date: Fri, 15 Nov 2024 00:55:10 GMT
content-type: image/png
vary: Accept-Encoding
last-modified: Tue, 12 Nov 2024 21:16:11 GMT
priority: u=2,i
cache-control: public, max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 8e2b462bbd97dc58-FRA
accept-ranges: bytes
content-length: 3746695
x-powered-by: Express
server: cloudflare

GET
H3 200 HeaderMobile.js Show response
foxybot.win/js/ 507 B
948 B 638ms
637ms Script
application/javascript 2606:4700:3032::ac43:c61d

General

Check archive.org

Show headers Download Go to

Full URL: https://foxybot.win/js/HeaderMobile.js
Requested by: Host: foxybot.win
URL: https://foxybot.win/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3032::ac43:c61d , United States, ASN (),
Reverse DNS
Software: cloudflare / Express
Resource Hash: d08f3e1c08d4e6fa13a4f9de737a8554974e862e54786aef6a655c4c676ac731

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://foxybot.win/

Response headers

content-encoding: zstd
cf-cache-status: EXPIRED
etag: W/"1fb-193223be724"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=mt32TobfCqvOV9r4KriRgFXbTQnHuy6omvRoZ6Ta9jpUUos8SYX%2BK52QphdQJXfmk%2BUOeSdMK3L%2Bs%2F7Q9fJUEBhYpXXRDS5Rsl2j3IvzAIbyLTmRM82pWzVv0pTQehRbHvToCm8j9b9lrg%3D%3D"}],"group":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=8577&sent=26&recv=22&lost=0&retrans=0&sent_bytes=17696&recv_bytes=6657&delivery_rate=70544&cwnd=12000&unsent_bytes=0&cid=0d9fb3045a0cae08&ts=1286&x=1", cfExtPri, cfHdrFlush;dur=0
date: Fri, 15 Nov 2024 00:55:10 GMT
content-type: application/javascript; charset=UTF-8
vary: Accept-Encoding
last-modified: Tue, 12 Nov 2024 21:16:11 GMT
priority: u=2,i=?0
cache-control: public, max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 8e2b462bbd99dc58-FRA
x-powered-by: Express
server: cloudflare

GET
H3 200 logo.png
foxybot.win/assets/images/ 67 KB
67 KB 948ms
947ms Image
image/png 2606:4700:3032::ac43:c61d

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://foxybot.win/assets/images/logo.png
Requested by: Host: foxybot.win
URL: https://foxybot.win/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3032::ac43:c61d , United States, ASN (),
Reverse DNS
Software: cloudflare / Express
Resource Hash: a1d10a232070671d1974be0e2b99396cb55054a8f77c36a654ff51649bb6fbd7

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://foxybot.win/

Response headers

cf-cache-status: MISS
etag: W/"10aa4-193223be71c"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Dq9HQaJHvFNYo69eGe81g7%2ByregJgOzJAWmzQmaS8LAuYIyb2JD81kK7nR8jkWqxWnwd5RSIvdx5jsad%2B%2FzcG8giPyuurqHjQUgv57Aco5Bq%2B4wMNkbTOHQo3oH%2Frshw8uRqqPLTYC03Ow%3D%3D"}],"group":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=8743&sent=950&recv=149&lost=4&retrans=4&sent_bytes=1105948&recv_bytes=16876&delivery_rate=891666&cwnd=185640&unsent_bytes=0&cid=0d9fb3045a0cae08&ts=2233&x=1", cfExtPri, cfHdrFlush;dur=6
date: Fri, 15 Nov 2024 00:55:10 GMT
content-type: image/png
vary: Accept-Encoding
last-modified: Tue, 12 Nov 2024 21:16:11 GMT
priority: u=2,i
cache-control: public, max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 8e2b462fb977dc58-FRA
accept-ranges: bytes
content-length: 68260
x-powered-by: Express
server: cloudflare

GET
H3 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 157 KB
52 KB 55ms
22ms Script
text/javascript 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-7726590371480649

Requested by

Host: foxybot.win
URL: https://foxybot.win/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

939451157664c9db28a95e88c65be3117ac6dd6ef0199035123ae18d2daff494

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin: https://foxybot.win
Referer: https://foxybot.win/

Response headers

content-encoding: br
etag: 4629111946008342781
x-content-type-options: nosniff
expires: Fri, 15 Nov 2024 00:55:10 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
date: Fri, 15 Nov 2024 00:55:10 GMT
content-type: text/javascript; charset=UTF-8
vary: Accept-Encoding
content-disposition: attachment; filename="f.txt"
link: <https://googleads.g.doubleclick.net>; rel="preconnect"; crossorigin
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
content-length: 53455
x-xss-protection: 0
server: cafe

GET
H3 200 tropadaduda.gif
foxybot.win/assets/icons/ 5 MB
5 MB 962ms
961ms Image
image/gif 2606:4700:3032::ac43:c61d

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://foxybot.win/assets/icons/tropadaduda.gif
Requested by: Host: foxybot.win
URL: https://foxybot.win/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3032::ac43:c61d , United States, ASN (),
Reverse DNS
Software: cloudflare / Express
Resource Hash: d2675484259ca192bf6fadb7d1a4ae98f48c2705ef34f0d3f084e26fbe2e55d8

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://foxybot.win/

Response headers

cf-cache-status: MISS
etag: W/"4ff329-193223be6a4"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=2qMkDU1zjzwQmrqp2QRC79IjlhsvXhqezTRJYEw9sT%2FapyptzZegffz8YmB7oWdNdsQ19yUio6BVO%2Fr053l41ugLcch%2FLex7V3y%2BFRju2PZWrwOAc7DPJJXR1mXrEohky3tSyuFS43s8lA%3D%3D"}],"group":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=7066&sent=1354&recv=211&lost=55&retrans=55&sent_bytes=1573445&recv_bytes=19774&delivery_rate=9790502&cwnd=131147&unsent_bytes=0&cid=0d9fb3045a0cae08&ts=2326&x=1", cfExtPri, cfHdrFlush;dur=0
date: Fri, 15 Nov 2024 00:55:11 GMT
content-type: image/gif
vary: Accept-Encoding
last-modified: Tue, 12 Nov 2024 21:16:11 GMT
priority: u=2,i
cache-control: public, max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 8e2b463039f3dc58-FRA
accept-ranges: bytes
content-length: 5239593
x-powered-by: Express
server: cloudflare

GET
H3 200 fhany.png
foxybot.win/assets/icons/ 376 KB
377 KB 1074ms
1065ms Image
image/png 2606:4700:3032::ac43:c61d

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://foxybot.win/assets/icons/fhany.png
Requested by: Host: foxybot.win
URL: https://foxybot.win/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3032::ac43:c61d , United States, ASN (),
Reverse DNS
Software: cloudflare / Express
Resource Hash: 3ae62b7f7140f1d31a5951271b4fb00c57b28af99695e66463fc036d8d2236ea

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://foxybot.win/

Response headers

cf-cache-status: MISS
etag: W/"5dfe5-193223be5d4"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=2blk2yulD25N9SHPcI5E%2BQPr2tEl6JldPhcPVmDC00xEYWSYqYzpDB%2Fb4ato0zggeAhUa3Ijv5nXW0NJyty%2F7wLsJTutqFJZ9IDqcmqtCUOlqKWxvv1LOxg93Ma1f0%2BiTTEOL23d2d5VQg%3D%3D"}],"group":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=6598&sent=1692&recv=235&lost=55&retrans=55&sent_bytes=1974216&recv_bytes=20856&delivery_rate=19886727&cwnd=132347&unsent_bytes=0&cid=0d9fb3045a0cae08&ts=2438&x=1", cfExtPri, cfHdrFlush;dur=2
date: Fri, 15 Nov 2024 00:55:11 GMT
content-type: image/png
vary: Accept-Encoding
last-modified: Tue, 12 Nov 2024 21:16:11 GMT
priority: u=2,i
cache-control: public, max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 8e2b463049fddc58-FRA
accept-ranges: bytes
content-length: 384997
x-powered-by: Express
server: cloudflare

GET
H3 200 sally.gif
foxybot.win/assets/icons/ 2 MB
2 MB 962ms
952ms Image
image/gif 2606:4700:3032::ac43:c61d

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://foxybot.win/assets/icons/sally.gif
Requested by: Host: foxybot.win
URL: https://foxybot.win/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3032::ac43:c61d , United States, ASN (),
Reverse DNS
Software: cloudflare / Express
Resource Hash: a75acc5a42e1d9fdb50bc2f2b89427a52988089d6480f1c71aa799cb191f0e81

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://foxybot.win/

Response headers

cf-cache-status: MISS
etag: W/"208b23-193223be5f0"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=n9FHDT2VmCCQroDUjem9dsF8YEDx%2BPTk7pRgay7ZhnAHe1oj%2FbkJpW2gzeYaRqX%2Fej8XFSr4LMbFUi%2FG945x%2F%2BWpt7sVVpcIS8eElRCD9lH%2FTeuxAW4lLbcHSyE7HHZR%2FLcmX%2FWoNSK7Ng%3D%3D"}],"group":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=7066&sent=1381&recv=211&lost=55&retrans=55&sent_bytes=1605530&recv_bytes=19774&delivery_rate=9790502&cwnd=131147&unsent_bytes=0&cid=0d9fb3045a0cae08&ts=2327&x=1", cfExtPri, cfHdrFlush;dur=0
date: Fri, 15 Nov 2024 00:55:11 GMT
content-type: image/gif
vary: Accept-Encoding
last-modified: Tue, 12 Nov 2024 21:16:11 GMT
priority: u=3,i
cache-control: public, max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 8e2b46304a01dc58-FRA
accept-ranges: bytes
content-length: 2132771
x-powered-by: Express
server: cloudflare

GET
H3 200 stationcoffee.gif
foxybot.win/assets/icons/ 4 MB
4 MB 1088ms
1078ms Image
image/gif 2606:4700:3032::ac43:c61d

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://foxybot.win/assets/icons/stationcoffee.gif
Requested by: Host: foxybot.win
URL: https://foxybot.win/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3032::ac43:c61d , United States, ASN (),
Reverse DNS
Software: cloudflare / Express
Resource Hash: f39e7e24cc8c7e11bda80a9666b52ff8e02a3033a4cb958a36165d4989cfa87d

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://foxybot.win/

Response headers

cf-cache-status: MISS
etag: W/"4029ed-193223be64c"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=6zpdzQNAnpFxtH4rcW5RrAGxI2nvtVHMiumD24xSPMn6xxz9QyYNxzK%2BHjxDUsP4Vl%2FIAfHmBMxGSsrawrWLjHKbxLpbAWIrTeKvmD05%2BKtoT4%2FjwywsIAb%2FvJE9VeWf%2BpoRkP3J%2BFQJtA%3D%3D"}],"group":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=6658&sent=1673&recv=233&lost=55&retrans=55&sent_bytes=1951416&recv_bytes=20766&delivery_rate=20180752&cwnd=132347&unsent_bytes=0&cid=0d9fb3045a0cae08&ts=2436&x=1", cfExtPri, cfHdrFlush;dur=2
date: Fri, 15 Nov 2024 00:55:11 GMT
content-type: image/gif
vary: Accept-Encoding
last-modified: Tue, 12 Nov 2024 21:16:11 GMT
priority: u=3,i
cache-control: public, max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 8e2b46304a03dc58-FRA
accept-ranges: bytes
content-length: 4205037
x-powered-by: Express
server: cloudflare

GET
H3 200 raposas.png
foxybot.win/assets/icons/ 163 KB
164 KB 1065ms
1055ms Image
image/png 2606:4700:3032::ac43:c61d

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://foxybot.win/assets/icons/raposas.png
Requested by: Host: foxybot.win
URL: https://foxybot.win/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3032::ac43:c61d , United States, ASN (),
Reverse DNS
Software: cloudflare / Express
Resource Hash: eb405e51e2cb60541d8d14745dae6f87a1ac7986fc223510b160188f049f0687

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://foxybot.win/

Response headers

cf-cache-status: EXPIRED
etag: W/"28b42-193223be5dc"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=DQpLSXSBL6JVnEeud6SMFTih2iuAPVqBW47oGA1ascT5gPlm3%2BeysEAq2mtZJ7mYS8b2PG%2FDCLFQ8fOND1J2Y%2BfL5Rd%2BBoZV8IM10zciPP5UExaCm3KGLkRsTKjiWM8JZxaerKlGbZrNxg%3D%3D"}],"group":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=6699&sent=1561&recv=222&lost=55&retrans=55&sent_bytes=1819069&recv_bytes=20276&delivery_rate=17906316&cwnd=131147&unsent_bytes=0&cid=0d9fb3045a0cae08&ts=2429&x=1", cfExtPri, cfHdrFlush;dur=3
date: Fri, 15 Nov 2024 00:55:11 GMT
content-type: image/png
vary: Accept-Encoding
last-modified: Tue, 12 Nov 2024 21:16:11 GMT
priority: u=3,i
cache-control: public, max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 8e2b46304a06dc58-FRA
accept-ranges: bytes
content-length: 166722
x-powered-by: Express
server: cloudflare

GET
H3 200 entertainment.png
foxybot.win/assets/images/features/ 17 KB
18 KB 784ms
775ms Image
image/png 2606:4700:3032::ac43:c61d

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://foxybot.win/assets/images/features/entertainment.png
Requested by: Host: foxybot.win
URL: https://foxybot.win/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3032::ac43:c61d , United States, ASN (),
Reverse DNS
Software: cloudflare / Express
Resource Hash: c93e92fcbd8d6142769e3410e70137ea2fb9e5b010a58770b2226f0ecbbc61be

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://foxybot.win/

Response headers

cf-cache-status: MISS
etag: W/"4478-193223be708"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=B7y2TRvJ7LnuuNa0%2FauTc6I8qHfGbRxFpy1LhzdMPs%2B4nIomyVllIjBgDfzosNeGOz9rFcOS89rEl3RxHnnI1YeZwHTsLDoF%2FGn%2F9uRk6q9r%2F8V2QkRIv74cwREwJDvkVidSFsk5E8CDrg%3D%3D"}],"group":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=9679&sent=774&recv=143&lost=0&retrans=0&sent_bytes=897039&recv_bytes=16598&delivery_rate=6725149&cwnd=265200&unsent_bytes=0&cid=0d9fb3045a0cae08&ts=2151&x=1", cfExtPri, cfHdrFlush;dur=0
date: Fri, 15 Nov 2024 00:55:10 GMT
content-type: image/png
vary: Accept-Encoding
last-modified: Tue, 12 Nov 2024 21:16:11 GMT
priority: u=3,i
cache-control: public, max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 8e2b46304a07dc58-FRA
accept-ranges: bytes
content-length: 17528
x-powered-by: Express
server: cloudflare

GET
H3 200 automod.png
foxybot.win/assets/images/features/ 15 KB
16 KB 895ms
886ms Image
image/png 2606:4700:3032::ac43:c61d

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://foxybot.win/assets/images/features/automod.png
Requested by: Host: foxybot.win
URL: https://foxybot.win/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3032::ac43:c61d , United States, ASN (),
Reverse DNS
Software: cloudflare / Express
Resource Hash: ba013e7bfbd6f4511b4ce936b459c28b7e07d36f9bf1f7fcf32b57a74148447a

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://foxybot.win/

Response headers

cf-cache-status: MISS
etag: W/"3b9f-193223be708"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=bFH%2BV0v6N6cBtoupxP5JVQIOFt%2B9Yr6PH9aCe6pnIaZCjRUC1l2igtSX5Jg4%2BJM%2FinsQTccbYP1q7FaNHVYCK4dzkK0OQADWsDzzmkrDifzLWIs3d0OJsN9%2F3XV0jjavKliAlGM0EpNq1g%3D%3D"}],"group":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=8743&sent=950&recv=149&lost=4&retrans=4&sent_bytes=1105948&recv_bytes=16876&delivery_rate=891666&cwnd=185640&unsent_bytes=0&cid=0d9fb3045a0cae08&ts=2235&x=1", cfExtPri, cfHdrFlush;dur=4
date: Fri, 15 Nov 2024 00:55:10 GMT
content-type: image/png
vary: Accept-Encoding
last-modified: Tue, 12 Nov 2024 21:16:11 GMT
priority: u=3,i
cache-control: public, max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 8e2b46304a08dc58-FRA
accept-ranges: bytes
content-length: 15263
x-powered-by: Express
server: cloudflare

GET
H3 200 profile.png
foxybot.win/assets/images/features/ 15 KB
16 KB 899ms
889ms Image
image/png 2606:4700:3032::ac43:c61d

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://foxybot.win/assets/images/features/profile.png
Requested by: Host: foxybot.win
URL: https://foxybot.win/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3032::ac43:c61d , United States, ASN (),
Reverse DNS
Software: cloudflare / Express
Resource Hash: 16abca0f366e3ab7ee649e7f11c95dcddebc43214ed62ee0c0a82b8cc6d8953e

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://foxybot.win/

Response headers

cf-cache-status: MISS
etag: W/"3ccb-193223be708"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=BtfRMJQFztIv9BC60lyZcvziKRF6mClgrHmp3qqf80Hv3H1lcRlL2mMImOT8oVVF468PSNChAn7ZBWd%2Fp%2FcUN1T1yFrBh8TCzmTRFYdTKzeH%2BJOW6xh%2FbK8Qg1mERIkqwP6or5Aytp060A%3D%3D"}],"group":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=8743&sent=950&recv=149&lost=4&retrans=4&sent_bytes=1105948&recv_bytes=16876&delivery_rate=891666&cwnd=185640&unsent_bytes=0&cid=0d9fb3045a0cae08&ts=2235&x=1", cfExtPri, cfHdrFlush;dur=4
date: Fri, 15 Nov 2024 00:55:10 GMT
content-type: image/png
vary: Accept-Encoding
last-modified: Tue, 12 Nov 2024 21:16:11 GMT
priority: u=3,i
cache-control: public, max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 8e2b46304a09dc58-FRA
accept-ranges: bytes
content-length: 15563
x-powered-by: Express
server: cloudflare

GET
H3 200 economy.png
foxybot.win/assets/images/features/ 20 KB
21 KB 860ms
850ms Image
image/png 2606:4700:3032::ac43:c61d

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://foxybot.win/assets/images/features/economy.png
Requested by: Host: foxybot.win
URL: https://foxybot.win/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3032::ac43:c61d , United States, ASN (),
Reverse DNS
Software: cloudflare / Express
Resource Hash: 4edf0fa9a4b28899de32bc3658132c50e3df9e49a6d8b5fdb6cffaa560280d44

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://foxybot.win/

Response headers

cf-cache-status: MISS
etag: W/"4fa9-193223be708"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=hFUfKfIr4spksMLvN6NadRKa8Z%2FyFwtulP0Me5SBUGVo3lg1uVzE98p%2FTXFPs2gesVV46DjIktrm%2FycAPO7KENL31ggef3p5KnhJOwDn8cNvKkAF2A6zvyyo6bCHfC2%2FEYJuCnhqsfVsqg%3D%3D"}],"group":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=8743&sent=821&recv=149&lost=4&retrans=4&sent_bytes=952585&recv_bytes=16876&delivery_rate=891666&cwnd=185640&unsent_bytes=0&cid=0d9fb3045a0cae08&ts=2226&x=1", cfExtPri, cfHdrFlush;dur=0
date: Fri, 15 Nov 2024 00:55:10 GMT
content-type: image/png
vary: Accept-Encoding
last-modified: Tue, 12 Nov 2024 21:16:11 GMT
priority: u=3,i
cache-control: public, max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 8e2b46304a0bdc58-FRA
accept-ranges: bytes
content-length: 20393
x-powered-by: Express
server: cloudflare

GET
H3 200 your-server.png
foxybot.win/assets/images/features/ 14 KB
15 KB 858ms
848ms Image
image/png 2606:4700:3032::ac43:c61d

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://foxybot.win/assets/images/features/your-server.png
Requested by: Host: foxybot.win
URL: https://foxybot.win/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3032::ac43:c61d , United States, ASN (),
Reverse DNS
Software: cloudflare / Express
Resource Hash: 628ddc684c245a2ebb06fcb20a61d35195d67ca53f84160d4baaad108ab80056

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://foxybot.win/

Response headers

cf-cache-status: EXPIRED
etag: W/"38a2-193223be708"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=1I9GZnLlxs3bKYpJFbxXDfQ9jU1EdXk8KzCU1RJ38%2Bo2sWm3lzJql4TVJeH9F9Bl132QHo%2BXFYVtPFj%2B6YIPLBgzRGc1dr76Bs377ugVB2bKY9C%2F2dSZ6q2Cszm%2Fz53sTfVxHxuvFiqJ%2Fw%3D%3D"}],"group":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=8743&sent=794&recv=149&lost=4&retrans=4&sent_bytes=920308&recv_bytes=16876&delivery_rate=891666&cwnd=185640&unsent_bytes=0&cid=0d9fb3045a0cae08&ts=2225&x=1", cfExtPri, cfHdrFlush;dur=0
date: Fri, 15 Nov 2024 00:55:10 GMT
content-type: image/png
vary: Accept-Encoding
last-modified: Tue, 12 Nov 2024 21:16:11 GMT
priority: u=3,i
cache-control: public, max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 8e2b46304a0cdc58-FRA
accept-ranges: bytes
content-length: 14498
x-powered-by: Express
server: cloudflare

GET
H2 200 vcd15cbe7772f49c399c6a5babf22c1241717689176015 Show response
static.cloudflareinsights.com/beacon.min.js/ 19 KB
7 KB 60ms
23ms Script
text/javascript 2606:4700::6810:4f49
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://static.cloudflareinsights.com/beacon.min.js/vcd15cbe7772f49c399c6a5babf22c1241717689176015
Requested by: Host: foxybot.win
URL: https://foxybot.win/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6810:4f49 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8a18d13015336bc184819a5a768447462202ef3105ec511bf42ed8304a7ed94f

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin: https://foxybot.win
Referer: https://foxybot.win/

Response headers

cache-control: public, max-age=86400
content-encoding: gzip
etag: W/"2024.6.1"
cross-origin-resource-policy: cross-origin
cf-ray: 8e2b463078391965-FRA
access-control-allow-origin: *
date: Fri, 15 Nov 2024 00:55:10 GMT
content-type: text/javascript;charset=UTF-8
last-modified: Thu, 06 Jun 2024 15:52:56 GMT
vary: Accept-Encoding
server: cloudflare

GET
H2 200 css
fonts.googleapis.com/ 2 KB
691 B 51ms
18ms Stylesheet
text/css 2a00:1450:4001:806::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto:500

Requested by

Host: foxybot.win
URL: https://foxybot.win/styles/main.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

71277bd4c49ab6711d6263b019b28c27ee3b6c932e12c8b4775e7d1b679bd46e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://foxybot.win/

Response headers

content-encoding: gzip
x-content-type-options: nosniff
expires: Fri, 15 Nov 2024 00:55:10 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Fri, 15 Nov 2024 00:55:10 GMT
content-type: text/css; charset=utf-8
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
last-modified: Fri, 15 Nov 2024 00:35:26 GMT
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=31536000
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
x-xss-protection: 0
server: ESF

GET
H2 200 css2
fonts.googleapis.com/ 2 KB
662 B 50ms
18ms Stylesheet
text/css 2a00:1450:4001:806::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Oswald&display=swap

Requested by

Host: foxybot.win
URL: https://foxybot.win/styles/main.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

cac8b9784ba1bb5d7a7b66f0cec55d996907b73ce993138ab998d8b05b11ffea

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://foxybot.win/

Response headers

content-encoding: gzip
x-content-type-options: nosniff
expires: Fri, 15 Nov 2024 00:55:10 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Fri, 15 Nov 2024 00:55:10 GMT
content-type: text/css; charset=utf-8
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
last-modified: Fri, 15 Nov 2024 00:35:30 GMT
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=31536000
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
x-xss-protection: 0
server: ESF

GET
H2 200 css2
fonts.googleapis.com/ 1 KB
568 B 51ms
19ms Stylesheet
text/css 2a00:1450:4001:806::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Muli&display=swap

Requested by

Host: foxybot.win
URL: https://foxybot.win/styles/main.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

7e113a81dfe19cf1728fcf791c43b8b1ddcf36947a560ea77b51884c7c2f9a48

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://foxybot.win/

Response headers

content-encoding: gzip
x-content-type-options: nosniff
expires: Fri, 15 Nov 2024 00:55:10 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Fri, 15 Nov 2024 00:55:10 GMT
content-type: text/css; charset=utf-8
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
last-modified: Fri, 15 Nov 2024 00:55:10 GMT
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=31536000
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
x-xss-protection: 0
server: ESF

GET
H2 200 css2
fonts.googleapis.com/ 400 B
379 B 51ms
19ms Stylesheet
text/css 2a00:1450:4001:806::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Cookie&display=swap

Requested by

Host: foxybot.win
URL: https://foxybot.win/styles/main.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

f15f6eb9119d50eb6208f6f30873c80c99dac08bd3ec16a77f602daa0dea83bc

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://foxybot.win/

Response headers

content-encoding: gzip
x-content-type-options: nosniff
expires: Fri, 15 Nov 2024 00:55:10 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Fri, 15 Nov 2024 00:55:10 GMT
content-type: text/css; charset=utf-8
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
last-modified: Fri, 15 Nov 2024 00:33:56 GMT
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=31536000
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
x-xss-protection: 0
server: ESF

GET
H2 200 css2
fonts.googleapis.com/ 3 KB
924 B 50ms
17ms Stylesheet
text/css 2a00:1450:4001:806::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Poppins:wght@300;400;500;600&display=swap

Requested by

Host: foxybot.win
URL: https://foxybot.win/styles/main.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

0fa0659c1b40c0189485f6a1825743d0e4f35e4232a0ada5f752924e679dd17b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://foxybot.win/

Response headers

content-encoding: gzip
x-content-type-options: nosniff
expires: Fri, 15 Nov 2024 00:55:10 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Fri, 15 Nov 2024 00:55:10 GMT
content-type: text/css; charset=utf-8
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
last-modified: Fri, 15 Nov 2024 00:27:51 GMT
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=31536000
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
x-xss-protection: 0
server: ESF

GET
H2 200 css2
fonts.googleapis.com/ 2 KB
649 B 45ms
26ms Stylesheet
text/css 2a00:1450:4001:806::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Pacifico&display=swap

Requested by

Host: foxybot.win
URL: https://foxybot.win/styles/header.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

10d21f220be03362ae3ba40a5471d7626aee30ed40b546f369ad1e2645fe7d9e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://foxybot.win/

Response headers

content-encoding: gzip
x-content-type-options: nosniff
expires: Fri, 15 Nov 2024 00:55:10 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Fri, 15 Nov 2024 00:55:10 GMT
content-type: text/css; charset=utf-8
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
last-modified: Fri, 15 Nov 2024 00:29:12 GMT
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=31536000
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
x-xss-protection: 0
server: ESF

GET
H2 200 css2
fonts.googleapis.com/ 818 B
477 B 46ms
26ms Stylesheet
text/css 2a00:1450:4001:806::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Lato&display=swap

Requested by

Host: foxybot.win
URL: https://foxybot.win/styles/header.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

83a9c509e17d3de7efdb3110dd529a539c1c46a5577fbad177ca57584b7ec851

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://foxybot.win/

Response headers

content-encoding: gzip
x-content-type-options: nosniff
expires: Fri, 15 Nov 2024 00:55:10 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Fri, 15 Nov 2024 00:55:10 GMT
content-type: text/css; charset=utf-8
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
last-modified: Fri, 15 Nov 2024 00:30:26 GMT
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=31536000
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
x-xss-protection: 0
server: ESF

GET
H3 200 background.png
foxybot.win/assets/images/ 1 MB
1 MB 1078ms
1076ms Image
image/png 2606:4700:3032::ac43:c61d

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://foxybot.win/assets/images/background.png
Requested by: Host: foxybot.win
URL: https://foxybot.win/styles/main.css
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3032::ac43:c61d , United States, ASN (),
Reverse DNS
Software: cloudflare / Express
Resource Hash: bd9b4d79d9483249e2350bdb53b00670dd50597e51810b2e959cd2c2a0756fcc

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://foxybot.win/styles/main.css

Response headers

cf-cache-status: EXPIRED
etag: W/"157e20-193223be708"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=7%2F9PubGq3W38pnq%2FN%2FmV8i%2BzzOuUkj4LUg7d2aFVVuDvoSRedv2ycUpz9Ql5DY05x1wOTlfZ8SLYOYCW0m3aqkzG1uV%2F0BZ5axVJwi2vkoW8fIFMKSx7ICNXXgPI2ucTCf7hHgJANtt42g%3D%3D"}],"group":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=6576&sent=1663&recv=232&lost=55&retrans=55&sent_bytes=1940034&recv_bytes=20721&delivery_rate=18429302&cwnd=132347&unsent_bytes=0&cid=0d9fb3045a0cae08&ts=2434&x=1", cfExtPri, cfHdrFlush;dur=0
date: Fri, 15 Nov 2024 00:55:11 GMT
content-type: image/png
vary: Accept-Encoding
last-modified: Tue, 12 Nov 2024 21:16:11 GMT
priority: u=3,i
cache-control: public, max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 8e2b46304a0ddc58-FRA
accept-ranges: bytes
content-length: 1408544
x-powered-by: Express
server: cloudflare

GET
H3 200 TK3_WkUHHAIjg75cFRf3bXL8LICs1_FvsUZiZQ.woff2
fonts.gstatic.com/s/oswald/v53/ 12 KB
12 KB 42ms
20ms Font
font/woff2 2a00:1450:4001:80b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/oswald/v53/TK3_WkUHHAIjg75cFRf3bXL8LICs1_FvsUZiZQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Oswald&display=swap

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

24df88e7e15c4b0b11eccc139235e04384513c803b5221485375b7acee755bac

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin: https://foxybot.win
Referer: https://fonts.googleapis.com/

Response headers

age: 120251
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
x-content-type-options: nosniff
expires: Thu, 13 Nov 2025 15:30:59 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Wed, 13 Nov 2024 15:30:59 GMT
last-modified: Tue, 15 Aug 2023 18:49:41 GMT
content-type: font/woff2
cache-control: public, max-age=31536000
timing-allow-origin: *
cross-origin-opener-policy: same-origin; report-to="apps-themes"
cross-origin-resource-policy: cross-origin
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
accept-ranges: bytes
access-control-allow-origin: *
content-length: 12276
x-xss-protection: 0
server: sffe

GET
H3 200 pxiByp8kv8JHgFVrLGT9Z1xlFQ.woff2
fonts.gstatic.com/s/poppins/v21/ 8 KB
8 KB 43ms
21ms Font
font/woff2 2a00:1450:4001:80b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/poppins/v21/pxiByp8kv8JHgFVrLGT9Z1xlFQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Poppins:wght@300;400;500;600&display=swap

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

cd36de204aca2d5fa263a731f7c20009b5e3d754ba1f1e03c33e93a48f3e7446

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin: https://foxybot.win
Referer: https://fonts.googleapis.com/

Response headers

age: 119896
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
x-content-type-options: nosniff
expires: Thu, 13 Nov 2025 15:36:54 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Wed, 13 Nov 2024 15:36:54 GMT
last-modified: Fri, 22 Mar 2024 00:01:14 GMT
content-type: font/woff2
cache-control: public, max-age=31536000
timing-allow-origin: *
cross-origin-opener-policy: same-origin; report-to="apps-themes"
cross-origin-resource-policy: cross-origin
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
accept-ranges: bytes
access-control-allow-origin: *
content-length: 7748
x-xss-protection: 0
server: sffe

GET
H3 200 syky-y18lb0tSbf9kgqS.woff2
fonts.gstatic.com/s/cookie/v21/ 14 KB
14 KB 44ms
22ms Font
font/woff2 2a00:1450:4001:80b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/cookie/v21/syky-y18lb0tSbf9kgqS.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Cookie&display=swap

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4e8b3c170321fd6a38ad24b7df1aebf59b19d9f07fada7beef10f7e5664b13f9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin: https://foxybot.win
Referer: https://fonts.googleapis.com/

Response headers

age: 131036
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
x-content-type-options: nosniff
expires: Thu, 13 Nov 2025 12:31:14 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Wed, 13 Nov 2024 12:31:14 GMT
last-modified: Thu, 24 Aug 2023 20:12:41 GMT
content-type: font/woff2
cache-control: public, max-age=31536000
timing-allow-origin: *
cross-origin-opener-policy: same-origin; report-to="apps-themes"
cross-origin-resource-policy: cross-origin
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
accept-ranges: bytes
access-control-allow-origin: *
content-length: 14456
x-xss-protection: 0
server: sffe

GET
H3 200 pxiByp8kv8JHgFVrLEj6Z1xlFQ.woff2
fonts.gstatic.com/s/poppins/v21/ 8 KB
8 KB 33ms
11ms Font
font/woff2 2a00:1450:4001:80b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/poppins/v21/pxiByp8kv8JHgFVrLEj6Z1xlFQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Poppins:wght@300;400;500;600&display=swap

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f4e80d9dfd374d02989b87a27b5ed4cb78fbb177c27f1478e9a8b0afb7513149

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin: https://foxybot.win
Referer: https://fonts.googleapis.com/

Response headers

age: 118720
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
x-content-type-options: nosniff
expires: Thu, 13 Nov 2025 15:56:30 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Wed, 13 Nov 2024 15:56:30 GMT
last-modified: Fri, 22 Mar 2024 00:00:59 GMT
content-type: font/woff2
cache-control: public, max-age=31536000
timing-allow-origin: *
cross-origin-opener-policy: same-origin; report-to="apps-themes"
cross-origin-resource-policy: cross-origin
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
accept-ranges: bytes
access-control-allow-origin: *
content-length: 8000
x-xss-protection: 0
server: sffe

GET
H3 200 KFOlCnqEu92Fr1MmEU9fBBc4.woff2
fonts.gstatic.com/s/roboto/v32/ 18 KB
18 KB 34ms
13ms Font
font/woff2 2a00:1450:4001:80b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v32/KFOlCnqEu92Fr1MmEU9fBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:500

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ae0e442895406e9922237108496c2cd60f4947649a826463e2da9860b5c25dd6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin: https://foxybot.win
Referer: https://fonts.googleapis.com/

Response headers

age: 47512
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
x-content-type-options: nosniff
expires: Fri, 14 Nov 2025 11:43:18 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Thu, 14 Nov 2024 11:43:18 GMT
last-modified: Thu, 01 Aug 2024 20:41:24 GMT
content-type: font/woff2
cache-control: public, max-age=31536000
timing-allow-origin: *
cross-origin-opener-policy: same-origin; report-to="apps-themes"
cross-origin-resource-policy: cross-origin
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
accept-ranges: bytes
access-control-allow-origin: *
content-length: 18588
x-xss-protection: 0
server: sffe

GET
H3 200 pxiEyp8kv8JHgFVrJJfecg.woff2
fonts.gstatic.com/s/poppins/v21/ 8 KB
8 KB 36ms
14ms Font
font/woff2 2a00:1450:4001:80b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/poppins/v21/pxiEyp8kv8JHgFVrJJfecg.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Poppins:wght@300;400;500;600&display=swap

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7d93459d86585bfcdbb7e0376056226adb25821ee54b96236fe2123e9560929f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin: https://foxybot.win
Referer: https://fonts.googleapis.com/

Response headers

age: 263888
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
x-content-type-options: nosniff
expires: Tue, 11 Nov 2025 23:37:02 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Mon, 11 Nov 2024 23:37:02 GMT
last-modified: Fri, 22 Mar 2024 00:00:38 GMT
content-type: font/woff2
cache-control: public, max-age=31536000
timing-allow-origin: *
cross-origin-opener-policy: same-origin; report-to="apps-themes"
cross-origin-resource-policy: cross-origin
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
accept-ranges: bytes
access-control-allow-origin: *
content-length: 7884
x-xss-protection: 0
server: sffe

GET
H3 200 show_ads_impl_with_ama_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202411070101/ 433 KB
144 KB 45ms
44ms Script
text/javascript 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202411070101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-7726590371480649&plah=foxybot.win

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-7726590371480649

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

488a5b75c001326b5929b91feebdad6fad837717e56cafc850d23f4b3e5d8840

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://foxybot.win/

Response headers

content-encoding: br
etag: 9594622398767667366
x-content-type-options: nosniff
expires: Fri, 15 Nov 2024 00:55:10 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
date: Fri, 15 Nov 2024 00:55:10 GMT
content-type: text/javascript; charset=UTF-8
vary: Accept-Encoding
content-disposition: attachment; filename="f.txt"
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-length: 147349
x-xss-protection: 0
server: cafe

POST
H2 204 collect
region1.google-analytics.com/g/ 0
0 48ms
15ms Fetch
text/plain 2001:4860:4802:32::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.google-analytics.com/g/collect?v=2&tid=G-E3J7N4BP8L&gtm=45je4bc0v9196017673za200&_p=1731632110105&gcd=13l3l3l2l1l1&npa=1&dma_cps=syphamo&dma=1&tag_exp=101925629~102067555~102067808~102077855&cid=963497328.1731632110&ul=de-de&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&are=1&frm=0&pscdl=noapi&_s=1&sid=1731632110&sct=1&seg=0&dl=https%3A%2F%2Ffoxybot.win%2F&dt=Um%20simples%20bot%20multiuso%20para%20o%20Discord&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1&tfd=1622
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-E3J7N4BP8L
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://foxybot.win/

Response headers

cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsggc:86:0
report-to: {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsggc:86:0"}],}
expires: Fri, 01 Jan 1990 00:00:00 GMT
access-control-allow-origin: https://foxybot.win
cross-origin-opener-policy-report-only: same-origin; report-to=coop_reporting
content-length: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Fri, 15 Nov 2024 00:55:10 GMT
content-type: text/plain
server: Golfe2

GET
H3 200 zrt_lookup_fy2021.html
pagead2.googlesyndication.com/pagead/html/r20241112/r20190131/ Frame 05E5 0
0 20ms
6ms Document
text/html 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/html/r20241112/r20190131/zrt_lookup_fy2021.html

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202411070101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-7726590371480649&plah=foxybot.win

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://foxybot.win/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

age: 40422
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4134
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 14 Nov 2024 13:41:28 GMT
etag: 4475648825157136472
expires: Thu, 28 Nov 2024 13:41:28 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 ads
pagead2.googlesyndication.com/pagead/ Frame FB3B 0
0 60ms
59ms Document
text/html 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/ads?client=ca-pub-7726590371480649&output=html&adk=1812271804&adf=3025194257&abgtt=6&lmt=1731632110&plaf=1%3A2%2C2%3A2%2C7%3A2&plat=1%3A128%2C2%3A128%2C3%3A128%2C4%3A128%2C8%3A128%2C9%3A134250504%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&format=0x0&url=https%3A%2F%2Ffoxybot.win%2F&pra=5&wgl=1&aihb=0&aiof=4&asro=0&ailel=1~2~4~6~7~8~9~10~11~12~13~14~15~16~17~18~19~20~21~24~29~30~34&aiael=1~2~3~4~6~7~8~9~10~11~12~13~14~15~16~17~18~19~20~21~24~29~30~34&aicel=33~38&aifxl=29_18~30_19&aiixl=29_5~30_6&aiict=1&aifgd=1&aipaq=1&itsi=-1&aiombap=1&aiopts=1&aief=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1731632110256&bpp=2&bdt=865&idt=105&shv=r20241112&mjsv=m202411070101&ptt=9&saldr=aa&abxe=1&eoidce=1&nras=1&correlator=4508325097976&frm=20&pv=2&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=95344188%2C95335247%2C95345966&oid=2&pvsid=2112051726392885&tmod=199718754&uas=0&nvt=1&fsapi=1&fc=1920&brdim=1570%2C1170%2C1570%2C1170%2C1600%2C0%2C1600%2C1285%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&bz=1&td=1&tdf=2&nt=1&ifi=1&uci=a!1&fsb=1&dtd=142

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://foxybot.win/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 15 Nov 2024 00:55:10 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 ads
pagead2.googlesyndication.com/pagead/ Frame 446B 0
0 218ms
215ms Document
text/html 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/ads?client=ca-pub-7726590371480649&output=html&h=280&slotname=9688545926&adk=944291198&adf=1795251393&pi=t.ma~as.9688545926&w=1200&abgtt=6&fwrn=4&fwrnh=100&lmt=1731632110&rafmt=1&format=1200x280&url=https%3A%2F%2Ffoxybot.win%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1731632110258&bpp=4&bdt=867&idt=345&shv=r20241112&mjsv=m202411070101&ptt=9&saldr=aa&abxe=1&eoidce=1&prev_fmts=0x0&nras=1&correlator=4508325097976&frm=20&pv=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=610&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=95344188%2C95335247%2C95345966&oid=2&pvsid=2112051726392885&tmod=199718754&uas=0&nvt=1&fc=1920&brdim=1570%2C1170%2C1570%2C1170%2C1600%2C0%2C1600%2C1285%2C1600%2C1200&vis=1&rsz=%7C%7CEe%7C&abl=CS&pfx=0&fu=128&bc=31&bz=1&td=1&tdf=2&nt=1&ifi=2&uci=a!2&fsb=1&dtd=351

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://foxybot.win/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding: br
content-length: 307
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 15 Nov 2024 00:55:10 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 ads
pagead2.googlesyndication.com/pagead/ Frame A9D5 0
0 128ms
127ms Document
text/html 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/ads?client=ca-pub-7726590371480649&output=html&h=200&slotname=3945709430&adk=3002260463&adf=289864595&pi=t.ma~as.3945709430&w=600&abgtt=6&lmt=1731632110&format=600x200&url=https%3A%2F%2Ffoxybot.win%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1731632110262&bpp=1&bdt=871&idt=360&shv=r20241112&mjsv=m202411070101&ptt=9&saldr=aa&abxe=1&eoidce=1&prev_fmts=0x0%2C1200x280&nras=1&correlator=4508325097976&frm=20&pv=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=500&ady=1352&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=95344188%2C95335247%2C95345966&oid=2&pvsid=2112051726392885&tmod=199718754&uas=0&nvt=1&fc=1920&brdim=1570%2C1170%2C1570%2C1170%2C1600%2C0%2C1600%2C1285%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=0&bc=31&bz=1&td=1&tdf=2&nt=1&ifi=3&uci=a!3&btvi=1&fsb=1&dtd=362

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://foxybot.win/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding: br
content-length: 307
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 15 Nov 2024 00:55:10 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 ads
pagead2.googlesyndication.com/pagead/ Frame 5B03 0
0 174ms
174ms Document
text/html 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/ads?client=ca-pub-7726590371480649&output=html&h=200&slotname=4422816610&adk=3636437647&adf=2973209031&pi=t.ma~as.4422816610&w=600&abgtt=6&lmt=1731632110&format=600x200&url=https%3A%2F%2Ffoxybot.win%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1731632110263&bpp=1&bdt=872&idt=370&shv=r20241112&mjsv=m202411070101&ptt=9&saldr=aa&abxe=1&eoidce=1&prev_fmts=0x0%2C1200x280%2C600x200&nras=1&correlator=4508325097976&frm=20&pv=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=500&ady=1968&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=95344188%2C95335247%2C95345966&oid=2&pvsid=2112051726392885&tmod=199718754&uas=0&nvt=1&fc=1920&brdim=1570%2C1170%2C1570%2C1170%2C1600%2C0%2C1600%2C1285%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=0&bc=31&bz=1&td=1&tdf=2&nt=1&ifi=4&uci=a!4&btvi=2&fsb=1&dtd=372

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://foxybot.win/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding: br
content-length: 307
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 15 Nov 2024 00:55:10 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 ads
pagead2.googlesyndication.com/pagead/ Frame 7379 0
0 158ms
158ms Document
text/html 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/ads?client=ca-pub-7726590371480649&output=html&h=200&slotname=1511117782&adk=469732602&adf=1905706653&pi=t.ma~as.1511117782&w=600&abgtt=6&lmt=1731632110&format=600x200&url=https%3A%2F%2Ffoxybot.win%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1731632110263&bpp=1&bdt=872&idt=380&shv=r20241112&mjsv=m202411070101&ptt=9&saldr=aa&abxe=1&eoidce=1&prev_fmts=0x0%2C1200x280%2C600x200%2C600x200&nras=1&correlator=4508325097976&frm=20&pv=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=500&ady=2610&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=95344188%2C95335247%2C95345966&oid=2&pvsid=2112051726392885&tmod=199718754&uas=0&nvt=1&fc=1920&brdim=1570%2C1170%2C1570%2C1170%2C1600%2C0%2C1600%2C1285%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=0&bc=31&bz=1&td=1&tdf=2&nt=1&ifi=5&uci=a!5&btvi=3&fsb=1&dtd=383

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://foxybot.win/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding: br
content-length: 305
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 15 Nov 2024 00:55:10 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 sodar Show response
ep1.adtrafficquality.google/getconfig/ 17 KB
13 KB 49ms
23ms XHR
application/json 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ep1.adtrafficquality.google/getconfig/sodar?sv=200&tid=gda&tv=r20241112&st=env

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

238921cad69872a26e54f1602c262ca40edf87bc026bc984471fef6550259ab9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://foxybot.win/

Response headers

timing-allow-origin: *
content-encoding: br
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
access-control-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-length: 12898
date: Fri, 15 Nov 2024 00:55:16 GMT
x-xss-protection: 0
content-type: application/json; charset=UTF-8
content-disposition: attachment; filename="f.txt"
server: cafe

POST
H3 204 rum Show response
foxybot.win/cdn-cgi/ 0
138 B 11ms
10ms XHR
text/plain 2606:4700:3032::ac43:c61d

General

Check archive.org

Show headers Download Go to

Full URL

https://foxybot.win/cdn-cgi/rum?

Requested by

Host: static.cloudflareinsights.com
URL: https://static.cloudflareinsights.com/beacon.min.js/vcd15cbe7772f49c399c6a5babf22c1241717689176015

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3032::ac43:c61d , United States, ASN (),

Reverse DNS

Software

cloudflare /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
content-type: application/json
Referer: https://foxybot.win/

Response headers

access-control-max-age: 86400
access-control-allow-credentials: true
access-control-allow-methods: POST,OPTIONS
x-content-type-options: nosniff
cf-ray: 8e2b4655d9c2dc58-FRA
access-control-allow-origin: https://foxybot.win
date: Fri, 15 Nov 2024 00:55:16 GMT
vary: Origin
server: cloudflare
x-frame-options: DENY

GET
H3 200 foxycake.png
foxybot.win/assets/images/ 3 KB
4 KB 635ms
634ms Other
image/png 2606:4700:3032::ac43:c61d

General

Check archive.org

Show headers Download Go to

Full URL: https://foxybot.win/assets/images/foxycake.png
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3032::ac43:c61d , United States, ASN (),
Reverse DNS
Software: cloudflare / Express
Resource Hash: a51120f899af52f356aec7263538bd80c7248a3bef1cd5fd9e811cd4b8eff625

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://foxybot.win/

Response headers

cf-cache-status: EXPIRED
etag: W/"b90-193223be718"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=gyoghohbW7vjTJzqan0t1BLq6q2MOjIBfskpksmC9leQChmPTtYY8cDDf42Q7wgp9a2otJMA3jOujyrw4v%2BNH9DM66zQaXSYncAptUDBpq7w9LJ265WuVjnERkz4qnDKwUfJ%2B7uiljU42g%3D%3D"}],"group":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=6443&sent=15238&recv=1705&lost=122&retrans=122&sent_bytes=18013528&recv_bytes=90272&delivery_rate=14383&cwnd=83185&unsent_bytes=0&cid=0d9fb3045a0cae08&ts=8070&x=1", cfExtPri, cfHdrFlush;dur=0
date: Fri, 15 Nov 2024 00:55:16 GMT
content-type: image/png
vary: Accept-Encoding
last-modified: Tue, 12 Nov 2024 21:16:11 GMT
priority: u=1,i
cache-control: public, max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 8e2b46562a1cdc58-FRA
accept-ranges: bytes
content-length: 2960
x-powered-by: Express
server: cloudflare

GET
H2 200 sodar2.js Show response
ep2.adtrafficquality.google/sodar/ 18 KB
7 KB 44ms
17ms Script
text/javascript 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ep2.adtrafficquality.google/sodar/sodar2.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ff3de130872fe0fb5b770dfa2bc9f0daf8ab320403a34a60d089436f08d24f99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://foxybot.win/

Response headers

content-encoding: gzip
etag: "1727224258380615"
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
x-content-type-options: nosniff
expires: Fri, 15 Nov 2024 00:55:16 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Fri, 15 Nov 2024 00:55:16 GMT
content-type: text/javascript
vary: Accept-Encoding
cache-control: private, max-age=3000
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
content-length: 6445
x-xss-protection: 0
server: sffe

GET
H2 200 runner.html
ep2.adtrafficquality.google/sodar/sodar2/232/ Frame 70C3 0
0 25ms
8ms Document
text/html 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ep2.adtrafficquality.google/sodar/sodar2/232/runner.html

Requested by

Host: ep2.adtrafficquality.google
URL: https://ep2.adtrafficquality.google/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://foxybot.win/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

accept-ranges: bytes
age: 2825
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=3000
content-encoding: gzip
content-length: 5005
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Fri, 15 Nov 2024 00:08:11 GMT
expires: Fri, 15 Nov 2024 00:58:11 GMT
last-modified: Mon, 23 Sep 2024 18:12:21 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET sodar
ep1.adtrafficquality.google/pagead/ 0
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: ep1.adtrafficquality.google
URL: https://ep1.adtrafficquality.google/pagead/sodar?id=sodar2&v=232&t=2&li=gda_r20241112&jk=2112051726392885&bg=!t7SltPvNAAY7_TBtG_07ADQBe5WfOHcXXrz1AgRQN74jib3Smn6GsO90zq4MoCFf8PLxneTW6d7jWEf2hNP5svsllUaZAgAAAEtSAAAAAmgBB34ANsyVt7DYBgTsbHmzWG8s8rlPLh0UOD33FfnRSGdfeZlV6rAMOID91fGVNjyc2Ko_Liwz99qrywoADGiTqmcxPdqwEYMzIZkCiFUm2QSClEeHL1muxtDFikGhzZuDsdm6GeXUXY2WEGNwJFYTKHDDwVj9oD-_tiBkFhF2OjnYT7xGw3dybUNoqIgRudakgisxRwT4THiMUzsr6UqgZkFIcqYhiYCEQ6vC7CtVk4ACSOiSvOOrrO03Btxx8PE9EAxLtDmwYleLukRJJM9Tz1Q7a0sD5H9tT9Yk6ZHyQmOs1KKprHoYQxMWw9l1C-POcYMCsQ4gXLcKj_RuuSIeKabvqetWvbzbT4Qu8sm3NZuB0FKbiC-RXQFydHabEvYuCQSb4tO_NRiauZbcBHZlnvI9NgXD3rYgCqaX21b-VsdV5zhwAqbb8i8PB7pc4YvVSUpEUOe1xbJzh4nfu-y7hbBihUCCAhsrrLPAQwcsy9dAUNYPJjWCXPU150q96FzY0BhVi3ujMkEoyStjxdvD0o8Jgud6_uF8FmLq272R1hHzvAI6WRy5SwyLgw-LuB1j00wPGZa779F_cTccc28GVedd2kwqYEhpxKzx7kR1uRGcDFq7EWmxMjsbqFVCtPfHPDPo6vbauwyu66o9lNJz0ClzXJ4pwVUDQ7Lj5ReLgKnMcF5cuvz0DLhII6P-EjE8-fl4RYAtjIntiUqM6CLnpqbAoQx3I62-oacS30GeTB9Z6ZYotQZHuYf0y7R6ttWMGZnLTL2ThbaUHx27sI-bq2zNbL1GYBLZPinH5EyVHYG7j_WT15orErZSiIdG5IiYry70EhZSPey0JOCML2dMgiHdz9KTpNpxr787_HENvnfysM2vy3dVpSUSfqLK9MQly4ejiy2vtaczQnYURGx2NrlpW0NIj24BPCL_xB65s9mo6AqJ-OXYW8Ctu9PLjajgqx0mdg

Verdicts & Comments Add Verdict or Comment

47 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

4 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
foxybot.win/	1970-01-21 01:10:36	Name: connect.sid Value: s%3AiWDoNYoLllBj-FK6hoAuzj0DBuEUnZO5.UcI7setDA99XBD5BYnOqzlv%2BDvnSZFwtwryegkWX4zk
.foxybot.win/	1970-01-21 10:36:32	Name: _ga_E3J7N4BP8L Value: GS1.1.1731632110.1.0.1731632110.0.0.0
.foxybot.win/	1970-01-21 10:36:32	Name: _ga Value: GA1.1.963497328.1731632110
.foxybot.win/	1970-01-21 05:19:44	Name: __eoi Value: ID=27dcb84b74a5aec8:T=1731632110:RT=1731632110:S=AA-AfjbXXjHpNHbjhD0ggUQjMzCR

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

cdnjs.cloudflare.com
ep1.adtrafficquality.google
ep2.adtrafficquality.google
fonts.googleapis.com
fonts.gstatic.com
foxybot.win
pagead2.googlesyndication.com
region1.google-analytics.com
static.cloudflareinsights.com
www.googletagmanager.com
ep1.adtrafficquality.google
2001:4860:4802:32::36
2606:4700:3032::ac43:c61d
2606:4700::6810:4f49
2606:4700::6811:190e
2a00:1450:4001:806::200a
2a00:1450:4001:80b::2003
2a00:1450:4001:80e::2002
2a00:1450:4001:813::2002
2a00:1450:4001:827::2008
2a00:1450:4001:831::2001
0ed035ca2b218c2e2f52ec259e4c093f7d73af317beccaa3f1bbdfbdf9e6f052
0fa0659c1b40c0189485f6a1825743d0e4f35e4232a0ada5f752924e679dd17b
10d21f220be03362ae3ba40a5471d7626aee30ed40b546f369ad1e2645fe7d9e
16abca0f366e3ab7ee649e7f11c95dcddebc43214ed62ee0c0a82b8cc6d8953e
238921cad69872a26e54f1602c262ca40edf87bc026bc984471fef6550259ab9
24df88e7e15c4b0b11eccc139235e04384513c803b5221485375b7acee755bac
25dcf66bc9074ffe8c6e064c4ad6ca3faf53e5e80104cb35d21b3b6882f9e839
3ae62b7f7140f1d31a5951271b4fb00c57b28af99695e66463fc036d8d2236ea
488a5b75c001326b5929b91feebdad6fad837717e56cafc850d23f4b3e5d8840
4e8b3c170321fd6a38ad24b7df1aebf59b19d9f07fada7beef10f7e5664b13f9
4edf0fa9a4b28899de32bc3658132c50e3df9e49a6d8b5fdb6cffaa560280d44
628ddc684c245a2ebb06fcb20a61d35195d67ca53f84160d4baaad108ab80056
6f55a2469c2c16679b88a3d331658972902ce6ea336022e1072f6f5a8c9f8388
71277bd4c49ab6711d6263b019b28c27ee3b6c932e12c8b4775e7d1b679bd46e
7d93459d86585bfcdbb7e0376056226adb25821ee54b96236fe2123e9560929f
7e113a81dfe19cf1728fcf791c43b8b1ddcf36947a560ea77b51884c7c2f9a48
83a9c509e17d3de7efdb3110dd529a539c1c46a5577fbad177ca57584b7ec851
8a18d13015336bc184819a5a768447462202ef3105ec511bf42ed8304a7ed94f
939451157664c9db28a95e88c65be3117ac6dd6ef0199035123ae18d2daff494
99464ceb71bc9bbdcc72275faefe44f98eb5cbb6b5d8ee665b87b35376f1a96e
99bbfeaa6a117a1af3439875d7adce2f0072f519dae7e7271ecc29d85f71e2ab
a1d10a232070671d1974be0e2b99396cb55054a8f77c36a654ff51649bb6fbd7
a51120f899af52f356aec7263538bd80c7248a3bef1cd5fd9e811cd4b8eff625
a75acc5a42e1d9fdb50bc2f2b89427a52988089d6480f1c71aa799cb191f0e81
ae0e442895406e9922237108496c2cd60f4947649a826463e2da9860b5c25dd6
ba013e7bfbd6f4511b4ce936b459c28b7e07d36f9bf1f7fcf32b57a74148447a
bd9b4d79d9483249e2350bdb53b00670dd50597e51810b2e959cd2c2a0756fcc
c93e92fcbd8d6142769e3410e70137ea2fb9e5b010a58770b2226f0ecbbc61be
cac8b9784ba1bb5d7a7b66f0cec55d996907b73ce993138ab998d8b05b11ffea
cd36de204aca2d5fa263a731f7c20009b5e3d754ba1f1e03c33e93a48f3e7446
d08f3e1c08d4e6fa13a4f9de737a8554974e862e54786aef6a655c4c676ac731
d2675484259ca192bf6fadb7d1a4ae98f48c2705ef34f0d3f084e26fbe2e55d8
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
eb405e51e2cb60541d8d14745dae6f87a1ac7986fc223510b160188f049f0687
f029955f3501d766312e30d97b674eb61ba357a9f95ae0d6ebf1abb1fc741f41
f15f6eb9119d50eb6208f6f30873c80c99dac08bd3ec16a77f602daa0dea83bc
f39e7e24cc8c7e11bda80a9666b52ff8e02a3033a4cb958a36165d4989cfa87d
f4e80d9dfd374d02989b87a27b5ed4cb78fbb177c27f1478e9a8b0afb7513149
f6f0abde7b7d6eeb5d0f283e96f1dc5bba701395b9956f5bea3ec2be807a1a08
ff3de130872fe0fb5b770dfa2bc9f0daf8ab320403a34a60d089436f08d24f99

foxybot.win Open in urlscan Pro 2606:4700:3032::ac43:c61d Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

49 Requests

98 %HTTPS

100 %IPv6

9 Domains

10 Subdomains

11 IPs

2 Countries

17479 kBTransfer

18186 kBSize

4 Cookies

12 Outgoing links

Page URL History

Redirected requests

49 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

foxybot.win Open in urlscan Pro
2606:4700:3032::ac43:c61d Public Scan

Screenshot
Live screenshot

Full Image

49
Requests

98 %
HTTPS

100 %
IPv6

9
Domains

10
Subdomains

11
IPs

2
Countries

17479 kB
Transfer

18186 kB
Size

4
Cookies

49 HTTP transactions
0 data transactions