framed.wtf Open in urlscan Pro
2606:4700:20::681a:b59 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://framed.wtf/
Submission: On June 13 via api (June 13th 2023, 10:53:44 am UTC) from FI — Scanned from FI

Summary HTTP 64 Redirects Links 1 Behaviour Indicators

Summary

This website contacted 31 IPs in 4 countries across 21 domains to perform 64 HTTP transactions. The main IP is 2606:4700:20::681a:b59, located in United States and belongs to CLOUDFLARENET, US. The main domain is framed.wtf. The Cisco Umbrella rank of the primary domain is 197985.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on February 22nd 2023. Valid for: a year.

This is the only time framed.wtf was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
21	2606:4700:20:... 2606:4700:20::681a:b59	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2606:4700::68... 2606:4700::6810:3865	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a00:1450:400... 2a00:1450:4001:806::200a	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:813::2003	15169 (GOOGLE) (GOOGLE)
1	2600:9000:215... 2600:9000:2156:d200:f:458e:2a80:93a1	16509 (AMAZON-02) (AMAZON-02)
1	2606:4700:20:... 2606:4700:20::ac43:4560	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2600:9000:225... 2600:9000:225b:cc00:9:46dc:4700:93a1	16509 (AMAZON-02) (AMAZON-02)
1	23.213.164.238 23.213.164.238	16625 (AKAMAI-AS) (AKAMAI-AS)
3	2a00:1450:400... 2a00:1450:4001:82a::2002	15169 (GOOGLE) (GOOGLE)
2	2606:4700:440... 2606:4700:4400::ac40:99f6	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2606:4700:20:... 2606:4700:20::ac43:4686	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3	108.138.1.25 108.138.1.25	16509 (AMAZON-02) (AMAZON-02)
1	23.52.123.144 23.52.123.144	16625 (AKAMAI-AS) (AKAMAI-AS)
1	52.15.219.226 52.15.219.226	16509 (AMAZON-02) (AMAZON-02)
1	52.9.11.252 52.9.11.252	16509 (AMAZON-02) (AMAZON-02)
2	2606:4700:20:... 2606:4700:20::ac43:4513	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	172.217.18.6 172.217.18.6	15169 (GOOGLE) (GOOGLE)
1	2620:116:800d... 2620:116:800d:21:ef75:8280:f209:5ba1	16509 (AMAZON-02) (AMAZON-02)
1	2600:9000:225... 2600:9000:225b:4800:3:a4cd:8380:93a1	16509 (AMAZON-02) (AMAZON-02)
2	130.211.23.194 130.211.23.194	15169 (GOOGLE) (GOOGLE)
1	2600:9000:20c... 2600:9000:20c3:e000:6:44e3:f8c0:93a1	16509 (AMAZON-02) (AMAZON-02)
3	2600:9000:223... 2600:9000:223d:3800:9:46dc:4700:93a1	16509 (AMAZON-02) (AMAZON-02)
1	108.138.9.235 108.138.9.235	16509 (AMAZON-02) (AMAZON-02)
1	185.64.189.226 185.64.189.226	62713 (AS-PUBMATIC) (AS-PUBMATIC)
1	18.157.97.173 18.157.97.173	16509 (AMAZON-02) (AMAZON-02)
4	2a00:1450:400... 2a00:1450:4001:82f::2008	15169 (GOOGLE) (GOOGLE)
1	2001:4860:480... 2001:4860:4802:32::36	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:400c:c02::9c	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:80f::2003	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:806::200e	15169 (GOOGLE) (GOOGLE)
64	31

21 2606:4700:20::681a:b59 (United States)

ASN13335 (CLOUDFLARENET, US)

framed.wtf	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6810:3865 (United States)

ASN13335 (CLOUDFLARENET, US)

static.cloudflareinsights.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:806::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:813::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:2156:d200:f:458e:2a80:93a1 (United States)

ASN16509 (AMAZON-02, US)

cdn.thisiswaldo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:20::ac43:4560 (United States)

ASN13335 (CLOUDFLARENET, US)

region.framed.wtf	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2600:9000:225b:cc00:9:46dc:4700:93a1 (United States)

ASN16509 (AMAZON-02, US)

quantcast.mgr.consensu.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 23.213.164.238 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-213-164-238.deploy.static.akamaitechnologies.com

ads.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:82a::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

securepubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700:4400::ac40:99f6 (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.confiant-integrations.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:20::ac43:4686 (United States)

ASN13335 (CLOUDFLARENET, US)

btloader.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 108.138.1.25 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-108-138-1-25.fra56.r.cloudfront.net

c.amazon-adsystem.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 23.52.123.144 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-52-123-144.deploy.static.akamaitechnologies.com

a.teads.tv	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.15.219.226 (Columbus, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-15-219-226.us-east-2.compute.amazonaws.com

thisiswaldo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.9.11.252 (San Jose, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-9-11-252.us-west-1.compute.amazonaws.com

ipfind.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700:20::ac43:4513 (United States)

ASN13335 (CLOUDFLARENET, US)

ad-delivery.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 172.217.18.6 (United States)

ASN15169 (GOOGLE, US)
PTR: fra15s28-in-f6.1e100.net

ad.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2620:116:800d:21:ef75:8280:f209:5ba1 (United States)

ASN16509 (AMAZON-02, US)

secure.quantserve.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:225b:4800:3:a4cd:8380:93a1 (United States)

ASN16509 (AMAZON-02, US)

test.cmp.quantcast.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 130.211.23.194 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 194.23.211.130.bc.googleusercontent.com

api.btloader.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:20c3:e000:6:44e3:f8c0:93a1 (United States)

ASN16509 (AMAZON-02, US)

rules.quantcount.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2600:9000:223d:3800:9:46dc:4700:93a1 (United States)

ASN16509 (AMAZON-02, US)

cmp.quantcast.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 108.138.9.235 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-108-138-9-235.fra56.r.cloudfront.net

aax.amazon-adsystem.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.64.189.226 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)

t.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.157.97.173 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-157-97-173.eu-central-1.compute.amazonaws.com

audit-tcfv2.cmp.quantcast.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:82f::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2001:4860:4802:32::36 (United States)

ASN15169 (GOOGLE, US)

region1.analytics.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400c:c02::9c (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:80f::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.no	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:806::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
22	framed.wtf framed.wtf — Cisco Umbrella Rank: 197985 region.framed.wtf	202 KB
5	quantcast.com test.cmp.quantcast.com — Cisco Umbrella Rank: 10241 cmp.quantcast.com — Cisco Umbrella Rank: 3242 audit-tcfv2.cmp.quantcast.com — Cisco Umbrella Rank: 11867	142 KB
5	doubleclick.net securepubads.g.doubleclick.net — Cisco Umbrella Rank: 218 ad.doubleclick.net — Cisco Umbrella Rank: 182 stats.g.doubleclick.net — Cisco Umbrella Rank: 121	151 KB
4	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 75	136 KB
4	amazon-adsystem.com c.amazon-adsystem.com — Cisco Umbrella Rank: 353 aax.amazon-adsystem.com — Cisco Umbrella Rank: 443	61 KB
3	btloader.com btloader.com — Cisco Umbrella Rank: 1063 api.btloader.com — Cisco Umbrella Rank: 1168	13 KB
2	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 57	21 KB
2	ad-delivery.net ad-delivery.net — Cisco Umbrella Rank: 1143	1 KB
2	confiant-integrations.net cdn.confiant-integrations.net — Cisco Umbrella Rank: 1528	98 KB
2	pubmatic.com ads.pubmatic.com — Cisco Umbrella Rank: 541 t.pubmatic.com — Cisco Umbrella Rank: 3611	76 KB
2	consensu.org quantcast.mgr.consensu.org — Cisco Umbrella Rank: 4677	46 KB
2	thisiswaldo.com cdn.thisiswaldo.com — Cisco Umbrella Rank: 70571 thisiswaldo.com — Cisco Umbrella Rank: 63928	147 KB
1	google.no www.google.no — Cisco Umbrella Rank: 24112	408 B
1	google.com region1.analytics.google.com — Cisco Umbrella Rank: 3028	250 B
1	quantcount.com rules.quantcount.com — Cisco Umbrella Rank: 1130	642 B
1	quantserve.com secure.quantserve.com — Cisco Umbrella Rank: 1195	9 KB
1	ipfind.co ipfind.co — Cisco Umbrella Rank: 94301	430 B
1	teads.tv a.teads.tv — Cisco Umbrella Rank: 1474	4 KB
1	gstatic.com fonts.gstatic.com	17 KB
1	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 67	962 B
1	cloudflareinsights.com static.cloudflareinsights.com — Cisco Umbrella Rank: 1114	7 KB
64	21

	Domain	Requested by
21	framed.wtf	framed.wtf static.cloudflareinsights.com
4	www.googletagmanager.com	framed.wtf www.googletagmanager.com
3	cmp.quantcast.com	quantcast.mgr.consensu.org
3	c.amazon-adsystem.com	framed.wtf c.amazon-adsystem.com
3	securepubads.g.doubleclick.net	cdn.thisiswaldo.com securepubads.g.doubleclick.net
2	www.google-analytics.com	www.googletagmanager.com www.google-analytics.com
2	api.btloader.com	btloader.com
2	ad-delivery.net	framed.wtf
2	cdn.confiant-integrations.net	cdn.thisiswaldo.com cdn.confiant-integrations.net
2	quantcast.mgr.consensu.org	cdn.thisiswaldo.com quantcast.mgr.consensu.org
1	www.google.no
1	stats.g.doubleclick.net	www.googletagmanager.com
1	region1.analytics.google.com	www.googletagmanager.com
1	audit-tcfv2.cmp.quantcast.com	cmp.quantcast.com
1	t.pubmatic.com	ads.pubmatic.com
1	aax.amazon-adsystem.com	c.amazon-adsystem.com
1	rules.quantcount.com	secure.quantserve.com
1	test.cmp.quantcast.com	quantcast.mgr.consensu.org
1	secure.quantserve.com	quantcast.mgr.consensu.org
1	ad.doubleclick.net	framed.wtf
1	ipfind.co	cdn.thisiswaldo.com
1	thisiswaldo.com	cdn.thisiswaldo.com
1	a.teads.tv	cdn.thisiswaldo.com
1	btloader.com	cdn.thisiswaldo.com
1	ads.pubmatic.com	cdn.thisiswaldo.com
1	region.framed.wtf	framed.wtf
1	cdn.thisiswaldo.com	framed.wtf
1	fonts.gstatic.com	fonts.googleapis.com
1	fonts.googleapis.com	framed.wtf
1	static.cloudflareinsights.com	framed.wtf
64	30

This site contains links to these domains. Also see Links.

Domain
shotdeck.com

Subject Issuer	Validity	Valid
framed.wtf Cloudflare Inc ECC CA-3	`2023-02-22` - `2024-02-22`	a year	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2023-04-10` - `2024-04-09`	a year	crt.sh
upload.video.google.com GTS CA 1C3	`2023-05-22` - `2023-08-14`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2023-05-22` - `2023-08-14`	3 months	crt.sh
cdn.thisiswaldo.com Go Daddy Secure Certificate Authority - G2	`2023-06-12` - `2024-03-09`	9 months	crt.sh
cmp.quantcast.com R3	`2023-04-14` - `2023-07-13`	3 months	crt.sh
*.pubmatic.com DigiCert TLS RSA SHA256 2020 CA1	`2023-01-25` - `2024-01-24`	a year	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2023-05-22` - `2023-08-14`	3 months	crt.sh
confiant-integrations.net GTS CA 1P5	`2023-05-25` - `2023-08-23`	3 months	crt.sh
c.amazon-adsystem.com Amazon RSA 2048 M01	`2023-02-28` - `2024-02-17`	a year	crt.sh
teads.tv R3	`2023-05-11` - `2023-08-09`	3 months	crt.sh
thisiswaldo.com R3	`2023-04-15` - `2023-07-14`	3 months	crt.sh
ipfind.co Amazon RSA 2048 M01	`2023-02-10` - `2024-01-02`	a year	crt.sh
*.doubleclick.net GTS CA 1C3	`2023-05-22` - `2023-08-14`	3 months	crt.sh
*.quantserve.com DigiCert TLS RSA SHA256 2020 CA1	`2022-08-09` - `2023-09-09`	a year	crt.sh
api.btloader.com GTS CA 1D4	`2023-06-13` - `2023-09-11`	3 months	crt.sh
quantserve.com R3	`2023-04-14` - `2023-07-13`	3 months	crt.sh
aax-dtb-mobile-cf.amazon-adsystem.com Amazon RSA 2048 M01	`2023-03-16` - `2024-03-08`	a year	crt.sh
*.google-analytics.com GTS CA 1C3	`2023-05-22` - `2023-08-14`	3 months	crt.sh
*.google.no GTS CA 1C3	`2023-05-22` - `2023-08-14`	3 months	crt.sh

This page contains 1 frames:

Primary Page: https://framed.wtf/
Frame ID: 0F7EE121D36216CD031756A22A4D8A6D
Requests: 66 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Framed - The daily movie guessing game

Detected technologies

React (JavaScript Frameworks) Expand

Overall confidence: 100%
Detected patterns

<[^>]+data-react

Cloudflare Browser Insights (Analytics) Expand

Overall confidence: 100%
Detected patterns

static\.cloudflareinsights\.com/beacon(?:\.min)?\.js

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtag/js

PubMatic (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.pubmatic\.com

Quantcast Choice (Cookie compliance) Expand

Overall confidence: 100%
Detected patterns

quantcast\.mgr\.consensu\.org

Quantcast Measure (Analytics) Expand

Overall confidence: 100%
Detected patterns

\.quantserve\.com/quant\.js

Page Statistics

64
Requests

100 %
HTTPS

67 %
IPv6

21
Domains

30
Subdomains

31
IPs

4
Countries

1133 kB
Transfer

3733 kB
Size

7
Cookies

1 Outgoing links

These are links going to different origins than the main page.

URL: https://shotdeck.com/?ref=framed

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

64 HTTP transactions
2 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request / Show response
framed.wtf/ 7 KB
3 KB 211ms
98ms Document
text/html 2606:4700:20::681a:b59
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://framed.wtf/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:b59 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

212430d4bc6924381fdc0c0124c79926ac98c71136d748d601bc09c4dd730a24

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36
accept-language: fi-FI,fi;q=0.9

Response headers

access-control-allow-origin: *
cache-control: public, max-age=0, must-revalidate
cf-cache-status: DYNAMIC
cf-ray: 7d69ca736c23fe28-HEL
content-encoding: br
content-type: text/html; charset=utf-8
date: Tue, 13 Jun 2023 10:53:37 GMT
link: </_next/static/css/23a1cdbad9811c34.css>; rel="preload"; as=style
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
referrer-policy: strict-origin-when-cross-origin
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ha0i1bz%2FYzOfV8epsZ5%2FSImH8N4P5xBEZXkmGjGuvux7m%2F1Rbazga07P%2Fw2afQBGQLmI6JRXK%2FFl4GWQCXBAi7FuYGQ%2FkQC%2FeiSWRfFOEploM9k%2Bs7aBsyHOLmVU9r8NmckdXkcOr8jw"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
x-content-type-options: nosniff

GET
H2 200 23a1cdbad9811c34.css
framed.wtf/_next/static/css/ 14 KB
4 KB 59ms
58ms Stylesheet
text/css 2606:4700:20::681a:b59
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://framed.wtf/_next/static/css/23a1cdbad9811c34.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:b59 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

79b5314a5461a1753087755b422bd062f49da4ab633607f0a3d68e0e0e8f521e

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://framed.wtf/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date: Tue, 13 Jun 2023 10:53:37 GMT
content-encoding: br
referrer-policy: strict-origin-when-cross-origin
x-content-type-options: nosniff
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-cache-status: HIT
age: 5757
etag: W/"c8a3008ab7c5cab3382c455e03ef8482"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=YDoxwxM%2F%2Fbv0L29WyyRwjl8jHHtLdw0AXufOqfrxbL8ROCJvREhlMX2wmB74TOl0sWD8KrOTKndIqBOFkT9pD1xWRukYL6B57r0xmAet7vgWi2RsFZehMlYy30x24ijHk9a72HF3CZDi"}],"group":"cf-nel","max_age":604800}
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=14400, must-revalidate
cf-ray: 7d69ca740d25fe28-HEL

GET
H2 200 webpack-7d46d66fc23d30f0.js Show response
framed.wtf/_next/static/chunks/ 4 KB
2 KB 67ms
67ms Script
application/javascript 2606:4700:20::681a:b59
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://framed.wtf/_next/static/chunks/webpack-7d46d66fc23d30f0.js

Requested by

Host: framed.wtf
URL: https://framed.wtf/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:b59 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

7ff7a1e09335213898d5ab2fec1227875beb70f19294b6e8557d6e78c16426f8

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://framed.wtf/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date: Tue, 13 Jun 2023 10:53:37 GMT
content-encoding: br
referrer-policy: strict-origin-when-cross-origin
x-content-type-options: nosniff
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-cache-status: HIT
age: 5757
etag: W/"18b103dfd66710f199fa33990b8e6b22"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=aCtJz7t1qCaAdwrvC9PNueCpdSo%2BVqzqYoveGs%2Fhnz%2B9TP9PvG8F04IYNPQpgwvPRx3BzDkqt3Rp5fp9BKAkKJQPCx76yaXnKHFWx9VRg%2BFfnNvQrF2gbryGYOUB"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=14400, must-revalidate
cf-ray: 7d69ca740d27fe28-HEL

GET
H2 200 framework-5f4595e5518b5600.js Show response
framed.wtf/_next/static/chunks/ 127 KB
42 KB 121ms
117ms Script
application/javascript 2606:4700:20::681a:b59
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://framed.wtf/_next/static/chunks/framework-5f4595e5518b5600.js

Requested by

Host: framed.wtf
URL: https://framed.wtf/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:b59 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

8e89e1175a6145d737446d673ffa073f4c469c8fe3972f5287b1e7e9b241282b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://framed.wtf/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date: Tue, 13 Jun 2023 10:53:37 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 5014
referrer-policy: strict-origin-when-cross-origin
server: cloudflare
etag: W/"5a6c48d6423442bc08036acfd6279f76"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=MsBD2k2jXt2sH7dLjGi23WJqAsAYp310nXUvSCXcvcXSj3mmnVA9btGzTGTsMxga7Di01ljyqJtmRhJopiHs%2Fx38lKkgfqOt6SujYZN9G3eZVqjP76NJiIuV%2BehxvdzqLzAHb76Sf6OA"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=14400, must-revalidate
cf-ray: 7d69ca741d3dfe28-HEL

GET
H2 200 main-63b79767fca3418f.js Show response
framed.wtf/_next/static/chunks/ 98 KB
27 KB 74ms
70ms Script
application/javascript 2606:4700:20::681a:b59
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://framed.wtf/_next/static/chunks/main-63b79767fca3418f.js

Requested by

Host: framed.wtf
URL: https://framed.wtf/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:b59 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

a637e596681ed9976af5267d2e8b7f07c3bef2d0e8404160c46ab14b99c317cf

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://framed.wtf/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date: Tue, 13 Jun 2023 10:53:37 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 5757
referrer-policy: strict-origin-when-cross-origin
server: cloudflare
etag: W/"d36f10025abd57cb51eb9a7c546c939c"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=DPM6OQyg5soMu0f1gawN4ELODmmFXWNiiDwVSrTLlcXqmNv4AajqoVRV4h9FP823wx7Uz1iFRF7RlAdVvpPV5TSqOO8R3XhqdKk8MU8sBJqNet6Ms7rL1B7YhXlvVRNp4iXRMsoVkBld"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=14400, must-revalidate
cf-ray: 7d69ca741d41fe28-HEL

GET
H2 200 _app-8f41e9d0c348b7b0.js Show response
framed.wtf/_next/static/chunks/pages/ 6 KB
2 KB 69ms
65ms Script
application/javascript 2606:4700:20::681a:b59
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://framed.wtf/_next/static/chunks/pages/_app-8f41e9d0c348b7b0.js

Requested by

Host: framed.wtf
URL: https://framed.wtf/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:b59 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

4fc02f14aa10f1b176ebb90d4caf54a2d16a096d3305454f568c0909ea5b965a

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://framed.wtf/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date: Tue, 13 Jun 2023 10:53:37 GMT
content-encoding: br
referrer-policy: strict-origin-when-cross-origin
x-content-type-options: nosniff
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-cache-status: HIT
age: 5757
etag: W/"c13b15fc09d06468ba54b4536d15614d"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=aF1lo1pVNGziP1pTg6LEFaskPCepi5fICednyOofz36D7E3TwK%2BL%2FRvC5m12Ei%2FpKDETRIoCOvDhdrvnOy6laERwEgThAaz7FWbZ5yXAmgvzqDxIRxDsKl5D1pXg"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=14400, must-revalidate
cf-ray: 7d69ca741d45fe28-HEL

GET
H2 200 696-1c1678e6fc8ea82d.js Show response
framed.wtf/_next/static/chunks/ 55 KB
19 KB 112ms
108ms Script
application/javascript 2606:4700:20::681a:b59
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://framed.wtf/_next/static/chunks/696-1c1678e6fc8ea82d.js

Requested by

Host: framed.wtf
URL: https://framed.wtf/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:b59 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b4b11ee38f98f7278a93b6e22cdd23237cab116c97cc85593aeefe5f2a259f50

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://framed.wtf/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date: Tue, 13 Jun 2023 10:53:37 GMT
content-encoding: br
referrer-policy: strict-origin-when-cross-origin
x-content-type-options: nosniff
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-cache-status: HIT
age: 5014
etag: W/"0fe8f31255334231db39327f0ef739ea"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2FagQvLT7gOpKt%2BPA5kV4v%2FWazdApawHYmHa6btj8MIsygqwOEsQaG2cLztlNfKvedcJrnrPOekrIRRGGUYpKP9NwGp5iyYXVlYP%2BE0kG5Mugu9vVQSJCI%2B05ur758OyGWongoA3NXk4N"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=14400, must-revalidate
cf-ray: 7d69ca741d46fe28-HEL

GET
H2 200 873-594cf5dc15fe89a4.js Show response
framed.wtf/_next/static/chunks/ 15 KB
4 KB 66ms
63ms Script
application/javascript 2606:4700:20::681a:b59
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://framed.wtf/_next/static/chunks/873-594cf5dc15fe89a4.js

Requested by

Host: framed.wtf
URL: https://framed.wtf/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:b59 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d02a1fed015940d48089a8e7a766fe732e642a339e65ba94522254dd22658363

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://framed.wtf/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date: Tue, 13 Jun 2023 10:53:37 GMT
content-encoding: br
referrer-policy: strict-origin-when-cross-origin
x-content-type-options: nosniff
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-cache-status: HIT
age: 5757
etag: W/"0523f59f1ef3c447fb96ad2decf7a97f"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=k6robOIf0Mgk%2B57bGWkIGIsaVerclnBh2qMv6QjBcAd%2BtFPUYjGY7dhtyUehJNsbOzlrok0d%2Fsa1Y0rOy%2FGso4DVQk0PwiOgneGMe0U9100z2RCdewvki2BALT7%2B"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=14400, must-revalidate
cf-ray: 7d69ca741d49fe28-HEL

GET
H2 200 index-5096d101a504e2a9.js Show response
framed.wtf/_next/static/chunks/pages/ 2 KB
1 KB 63ms
59ms Script
application/javascript 2606:4700:20::681a:b59
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://framed.wtf/_next/static/chunks/pages/index-5096d101a504e2a9.js

Requested by

Host: framed.wtf
URL: https://framed.wtf/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:b59 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c9f3b05de37e4c887008c4bded268f1d73b3ff97212735465f17dfa65d056d74

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://framed.wtf/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date: Tue, 13 Jun 2023 10:53:37 GMT
content-encoding: br
referrer-policy: strict-origin-when-cross-origin
x-content-type-options: nosniff
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-cache-status: HIT
age: 5757
etag: W/"c669d6e0ea1c0af7f3fd378f56657eaf"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=0jV6vdeiGFJK2YAHG%2FNEl2MBo66RHsgm%2Bihrj1ds%2Fqiz9qcuRmnpJ%2B%2FiYVrEbUfjNCJAcOFzizf7lWZGLiQ8gL4lSdHHLAe8DwidyayIrQJ%2FQu6PbQ0FNOu5O0RO"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=14400, must-revalidate
cf-ray: 7d69ca741d4afe28-HEL

GET
H2 200 _buildManifest.js Show response
framed.wtf/_next/static/19S52fqQJ79pnomZV0KwY/ 1 KB
795 B 64ms
61ms Script
application/javascript 2606:4700:20::681a:b59
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://framed.wtf/_next/static/19S52fqQJ79pnomZV0KwY/_buildManifest.js

Requested by

Host: framed.wtf
URL: https://framed.wtf/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:b59 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

7dbabaf62fe02ab4f86d8195936b37dc5fb2476f23691b5ae167d67356865b36

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://framed.wtf/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date: Tue, 13 Jun 2023 10:53:37 GMT
content-encoding: br
referrer-policy: strict-origin-when-cross-origin
x-content-type-options: nosniff
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-cache-status: HIT
age: 5757
etag: W/"cf5fa591369c0ed4b4f9c7804d883ea4"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=DMXPQBPji4YXuQ9pju%2F0NIDiJaFg1KgGiqMyotRrjAtkI8wmxTB4%2FedxuJPTLJjoaTq3MpWe2HZ6e8bn8L250VPNP2JmnOm6mKRbGeS9hWcXiwLYaye6uMyVHpM%2F"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=14400, must-revalidate
cf-ray: 7d69ca741d4bfe28-HEL

GET
H2 200 _ssgManifest.js Show response
framed.wtf/_next/static/19S52fqQJ79pnomZV0KwY/ 77 B
340 B 69ms
66ms Script
application/javascript 2606:4700:20::681a:b59
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://framed.wtf/_next/static/19S52fqQJ79pnomZV0KwY/_ssgManifest.js

Requested by

Host: framed.wtf
URL: https://framed.wtf/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:b59 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

6f5b4aa00d2f8d6aed9935b471806bf7acef464d0c1d390260e5fe27f800c67e

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://framed.wtf/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date: Tue, 13 Jun 2023 10:53:37 GMT
content-encoding: br
referrer-policy: strict-origin-when-cross-origin
x-content-type-options: nosniff
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-cache-status: HIT
age: 5757
etag: W/"99dfad1d4dc538d0f87b1326c3f89efb"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Cl9CCLJG4WnFZb8hvu2Y69MAS5lgbxAqblL6a2ZFPuqxwIZ%2Fcve8poqK89y2TjGYLizVMzXDe3eKsPtm4PkcAT63Uf4keDfWRbtQwxWbFMuHbnZFjGLUVa5wMdo9"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=14400, must-revalidate
cf-ray: 7d69ca742d4ffe28-HEL

GET
H2 200 _middlewareManifest.js Show response
framed.wtf/_next/static/19S52fqQJ79pnomZV0KwY/ 92 B
502 B 71ms
68ms Script
application/javascript 2606:4700:20::681a:b59
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://framed.wtf/_next/static/19S52fqQJ79pnomZV0KwY/_middlewareManifest.js

Requested by

Host: framed.wtf
URL: https://framed.wtf/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:b59 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

de5341313a4dc5d982ca50ae4a491e84bc5e80b0f439d87f05fc3973c1b7e59a

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://framed.wtf/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date: Tue, 13 Jun 2023 10:53:37 GMT
content-encoding: br
referrer-policy: strict-origin-when-cross-origin
x-content-type-options: nosniff
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-cache-status: HIT
age: 5757
etag: W/"da720783325824640d5868af4b16024d"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ug2okhLi1zJGR%2BFIsNWYNIw9EHY0Nl0ickXD%2B9T1uJVJykADpcJMQY1mcyYCWHth2OkxnFT0q3%2FXSUqNqCkrviiDYdUT8HlWhc44Ghd8B9ds8tkcAzyx5ddOKR8O"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=14400, must-revalidate
cf-ray: 7d69ca742d50fe28-HEL

GET
H2 200 v52afc6f149f6479b8c77fa569edb01181681764108816 Show response
static.cloudflareinsights.com/beacon.min.js/ 19 KB
7 KB 235ms
97ms Script
text/javascript 2606:4700::6810:3865
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://static.cloudflareinsights.com/beacon.min.js/v52afc6f149f6479b8c77fa569edb01181681764108816
Requested by: Host: framed.wtf
URL: https://framed.wtf/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6810:3865 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 13a548e040a1ec08f77911fed1d559b95e5daae0ee227e632140e003c7268e7b

Request headers

Referer: https://framed.wtf/
Origin: https://framed.wtf
accept-language: fi-FI,fi;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date: Tue, 13 Jun 2023 10:53:37 GMT
content-encoding: gzip
last-modified: Mon, 17 Apr 2023 20:41:48 GMT
server: cloudflare
etag: W/2023.4.2
vary: Accept-Encoding
content-type: text/javascript;charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
cf-ray: 7d69ca74fb2a0b65-OSL

GET
DATA 200
OK truncated
/ 78 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: eb485281714afc47547b0bfee38e7bf4a8bb241b305cbff75557dc716e52f297

Request headers

accept-language: fi-FI,fi;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 42 B
0 Image
image/gif

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language: fi-FI,fi;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

Content-Type: image/gif

GET
H2 200 css2
fonts.googleapis.com/ 3 KB
962 B 271ms
92ms Stylesheet
text/css 2a00:1450:4001:806::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Anton&family=Quicksand:wght@500;600&display=swap

Requested by

Host: framed.wtf
URL: https://framed.wtf/_next/static/css/23a1cdbad9811c34.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

49d6174e19c308ad03bddca717433becd4687822be76d878632d4dea279b0ff3

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://framed.wtf/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Tue, 13 Jun 2023 10:53:37 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Tue, 13 Jun 2023 10:53:37 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Tue, 13 Jun 2023 10:53:37 GMT

GET
H2 200 221-e4795a4c78c2cdda.js Show response
framed.wtf/_next/static/chunks/ 15 KB
6 KB 63ms
62ms Script
application/javascript 2606:4700:20::681a:b59
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://framed.wtf/_next/static/chunks/221-e4795a4c78c2cdda.js

Requested by

Host: framed.wtf
URL: https://framed.wtf/_next/static/chunks/webpack-7d46d66fc23d30f0.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:b59 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

1cc56ef5e6370f0c2e2ac0272704937b04ed33f53f8ebac203ea252f8fdb13db

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://framed.wtf/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date: Tue, 13 Jun 2023 10:53:37 GMT
content-encoding: br
referrer-policy: strict-origin-when-cross-origin
x-content-type-options: nosniff
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-cache-status: HIT
age: 5757
etag: W/"64664a7033f794785208b326656dae8f"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=nmlo3Q2AyLkJ3H%2BLO2wuV3TeDzS9fZpMWCSwEnR%2BSpGGLkBCklE4MFZD5wXw5q5j0ypjvw4qIIn1FaKy%2F%2FDzfcxiEiPrbjDjYKZx%2BxCgzQlsopjjAz%2FH0X9%2B7H%2FciFEfdKM1PUUF%2Fjl6"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=14400, must-revalidate
cf-ray: 7d69ca7668c7fe28-HEL

GET
H2 200 834-cf4edc5ebf336170.js Show response
framed.wtf/_next/static/chunks/ 18 KB
7 KB 61ms
60ms Script
application/javascript 2606:4700:20::681a:b59
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://framed.wtf/_next/static/chunks/834-cf4edc5ebf336170.js

Requested by

Host: framed.wtf
URL: https://framed.wtf/_next/static/chunks/webpack-7d46d66fc23d30f0.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:b59 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

35d7a10c60b92f311e04ec76ad5863fd1fe99a20f33e23549c5688afcc785585

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://framed.wtf/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date: Tue, 13 Jun 2023 10:53:37 GMT
content-encoding: br
referrer-policy: strict-origin-when-cross-origin
x-content-type-options: nosniff
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-cache-status: HIT
age: 5757
etag: W/"07c8e41b5f72dfcb4b5e0d5d1a114bf0"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=UU4zrKavhT82%2FHhvWGFBum8ITqCf3m1MJjzAyQvLNnMG9R5meY0BzhvLounczFgQ2CpkSkYewux6100TFSNU2WL3gC5L%2BG4UJWyS1O6h37u9hoLL0vKJclEX5XNz"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=14400, must-revalidate
cf-ray: 7d69ca7668c9fe28-HEL

GET
H2 200 300-559423bc89dc2f78.js Show response
framed.wtf/_next/static/chunks/ 74 KB
29 KB 65ms
64ms Script
application/javascript 2606:4700:20::681a:b59
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://framed.wtf/_next/static/chunks/300-559423bc89dc2f78.js

Requested by

Host: framed.wtf
URL: https://framed.wtf/_next/static/chunks/webpack-7d46d66fc23d30f0.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:b59 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

732a360a6616b08ed9a67f4b9c9cdbdae1af78476b90582b0ec42a67af1ef887

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://framed.wtf/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date: Tue, 13 Jun 2023 10:53:37 GMT
content-encoding: br
referrer-policy: strict-origin-when-cross-origin
x-content-type-options: nosniff
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-cache-status: HIT
age: 5757
etag: W/"9497ddb6d8487941d85e6e8ff175413e"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ssG8WfC2YSfbfREMmnFDLVU9ydJyUxFr4ktKiIV8qufBruVdE9zLkGdOdLecP4ueLsVVy91pFC5SeOq9jVfEHfH2VsS8%2FBmt9JVZAAZvEjWRVaqYbnVW556W%2BxH3"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=14400, must-revalidate
cf-ray: 7d69ca7668cafe28-HEL

GET
H2 200 561.e2d91d295372a083.js Show response
framed.wtf/_next/static/chunks/ 5 KB
2 KB 63ms
63ms Script
application/javascript 2606:4700:20::681a:b59
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://framed.wtf/_next/static/chunks/561.e2d91d295372a083.js

Requested by

Host: framed.wtf
URL: https://framed.wtf/_next/static/chunks/webpack-7d46d66fc23d30f0.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:b59 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

3d9ea53510f4f57752ad1c35fd126af58e1cea8acd7c47411ebce9b1dd1dee02

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://framed.wtf/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date: Tue, 13 Jun 2023 10:53:37 GMT
content-encoding: br
referrer-policy: strict-origin-when-cross-origin
x-content-type-options: nosniff
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-cache-status: HIT
age: 5014
etag: W/"5b07d4f223e808eea49e90484391ce5a"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=oaNdcEgCf2pMGMRklOr%2BWo1aha0wVTHV6aW42AhnCHX5CpmyT6W4PNhJzWlWYA5PG5FuD3T2dgGpuydMBijrvURnvzYSWLtX3d%2BVuv%2F4oG33F%2BSyQ5e63VIgMtJgkZiuP1vc7jCJAWT1"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=14400, must-revalidate
cf-ray: 7d69ca7668cefe28-HEL

GET
H2 200 1Ptgg87LROyAm3Kz-C8.woff2
fonts.gstatic.com/s/anton/v23/ 17 KB
17 KB 245ms
78ms Font
font/woff2 2a00:1450:4001:813::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/anton/v23/1Ptgg87LROyAm3Kz-C8.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Anton&family=Quicksand:wght@500;600&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

feb9617bd3fcda1a52cbf8539985fddac2aaab0e6df8dbdac21ec3e9a179a4be

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://framed.wtf
accept-language: fi-FI,fi;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date: Fri, 09 Jun 2023 16:51:32 GMT
x-content-type-options: nosniff
age: 324125
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 17020
x-xss-protection: 0
last-modified: Tue, 19 Apr 2022 18:51:08 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 08 Jun 2024 16:51:32 GMT

GET
H2 200 13746.js Show response
cdn.thisiswaldo.com/static/js/ 457 KB
146 KB 336ms
75ms Script
application/javascript 2600:9000:2156:d200:f:458e:2a80:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.thisiswaldo.com/static/js/13746.js

Requested by

Host: framed.wtf
URL: https://framed.wtf/_next/static/chunks/main-63b79767fca3418f.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2156:d200:f:458e:2a80:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Apache/2.4.29 (Ubuntu) /

Resource Hash

60176f6380052ca24480bdca1ddeb058e12d16fac9add17f700184e4aa9ee717

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://framed.wtf/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date: Mon, 12 Jun 2023 15:34:08 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Fri, 09 Jun 2023 15:11:12 GMT
server: Apache/2.4.29 (Ubuntu)
via: 1.1 f7b7cf90592cf6a380fd34cc45e9c4b4.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA50-C1
etag: "722dd-5fdb3c787feec-gzip"
age: 69569
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
accept-ranges: bytes
x-amz-cf-id: qxa97PfltlicykRfSUEFvMSvR1Ia7vIiaZ4R2ohoaYDjv7o-Pg9-gQ==

GET
H2 200 / Show response
region.framed.wtf/ 42 B
504 B 212ms
64ms Fetch
application/json 2606:4700:20::ac43:4560
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://region.framed.wtf/
Requested by: Host: framed.wtf
URL: https://framed.wtf/_next/static/chunks/pages/_app-8f41e9d0c348b7b0.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:4560 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6daa89bc6f4ee34d514de66b6cf932a6f2df1b8ef55039774ef23e4760c5e924

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://framed.wtf/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date: Tue, 13 Jun 2023 10:53:37 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
access-control-max-age: 86400
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=xZUHHMZ5Ecgesr6t3lBd4h9ZqekWbqOkN%2BARqQVsIeMAtVqOu9oXAMBiUXl87E2DKCECC%2FjGk3wsT2ZfEJV4hY9LVqcD%2Bz0IrB7h4UqbtJDy72IyFw8pJIkv3y9xDx6CXYcDXokkJuyiFGHFChMQ"}],"group":"cf-nel","max_age":604800}
access-control-allow-methods: GET,OPTIONS
access-control-allow-origin: *
content-type: application/json
vary: Accept-Encoding
cf-ray: 7d69ca776f18d94f-HEL
content-length: 42

GET
H2 200 shotdeck.png
framed.wtf/ 1 KB
2 KB 58ms
57ms Image
image/png 2606:4700:20::681a:b59
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://framed.wtf/shotdeck.png?w=96&q=75

Requested by

Host: framed.wtf
URL: https://framed.wtf/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:b59 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

77b373cbc8ce1c3f064c48149f341ef7b7f8a468712aaf633a41de5fdfb9a5fe

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://framed.wtf/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date: Tue, 13 Jun 2023 10:53:37 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 5387
content-length: 1380
referrer-policy: strict-origin-when-cross-origin
server: cloudflare
etag: "7601d5db97199c32893d53413c9c3aa7"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=4kQWqf%2B67twUatHH89StNH9cFWkqqs62IOCfdENJGmCwWsP1dBavUt2Gd1C995SkE8UJODHSqFOw5x%2B%2BUAYayxxSMtnSMDplgef26mawAQc3Gjkvbq1pMGTNrlguTIuLF%2BC3bCVYy8yc"}],"group":"cf-nel","max_age":604800}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=14400, must-revalidate
accept-ranges: bytes
cf-ray: 7d69ca769931fe28-HEL

GET
H2 200 archive-b0364595e60cabf1.js
framed.wtf/_next/static/chunks/pages/ 0
2 KB 69ms
68ms Other
application/javascript 2606:4700:20::681a:b59
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://framed.wtf/_next/static/chunks/pages/archive-b0364595e60cabf1.js

Requested by

Host: framed.wtf
URL: https://framed.wtf/_next/static/chunks/main-63b79767fca3418f.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:b59 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://framed.wtf/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date: Tue, 13 Jun 2023 10:53:37 GMT
content-encoding: br
referrer-policy: strict-origin-when-cross-origin
x-content-type-options: nosniff
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-cache-status: HIT
age: 5697
etag: W/"93829d30f861b26fdfd54d9f1ee45321"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ws7SN%2FHpa%2BmyJTE3oDZNMVrRHi%2FCygnoqiARDjfR0fluoo0kb6QqO53TAJhNnc%2F92%2F4h%2BOC7J0UXqNZW6Y7IEjUNMLmL%2B3DIB1tv8Mhdquszam0GrX9Xp5DwAv0n"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=14400, must-revalidate
cf-ray: 7d69ca769936fe28-HEL

GET
H2 200 001.jpeg
framed.wtf/images/464/ 46 KB
46 KB 71ms
71ms Image
image/jpeg 2606:4700:20::681a:b59
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://framed.wtf/images/464/001.jpeg?w=1920&q=75

Requested by

Host: framed.wtf
URL: https://framed.wtf/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:b59 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

5ae4ba063d8d54442a473ed736ebd385459b210dd7f1cf42ae5a143c94209d45

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://framed.wtf/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date: Tue, 13 Jun 2023 10:53:37 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 2555
content-length: 47147
referrer-policy: strict-origin-when-cross-origin
cf-bgj: h2pri
server: cloudflare
etag: "971279248a69d6c95a37450d91d29085"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=GOBp%2F5yIZs0h8YTLU%2BxR1claa96ZVyhS5Qbj9XGPcxea1A%2B9oGwvQSRH2P5p28t%2BR6%2FnEojk2a4sS6b39bIFOJyDQHdWoMLJC0JSgQTH4409qe63l3sbosamd1lb"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=14400, must-revalidate
accept-ranges: bytes
cf-ray: 7d69ca76fa3afe28-HEL

GET
H2 200 archive-b0364595e60cabf1.js Show response
framed.wtf/_next/static/chunks/pages/ 5 KB
2 KB 86ms
86ms Script
application/javascript 2606:4700:20::681a:b59
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://framed.wtf/_next/static/chunks/pages/archive-b0364595e60cabf1.js

Requested by

Host: framed.wtf
URL: https://framed.wtf/_next/static/chunks/main-63b79767fca3418f.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:b59 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

15cb71b86724787bf7b4a1928c410925e5d563328f78de4c618d1e56dac00e25

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://framed.wtf/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date: Tue, 13 Jun 2023 10:53:37 GMT
content-encoding: br
referrer-policy: strict-origin-when-cross-origin
x-content-type-options: nosniff
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-cache-status: HIT
age: 5697
etag: W/"93829d30f861b26fdfd54d9f1ee45321"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ws7SN%2FHpa%2BmyJTE3oDZNMVrRHi%2FCygnoqiARDjfR0fluoo0kb6QqO53TAJhNnc%2F92%2F4h%2BOC7J0UXqNZW6Y7IEjUNMLmL%2B3DIB1tv8Mhdquszam0GrX9Xp5DwAv0n"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=14400, must-revalidate
cf-ray: 7d69ca772a85fe28-HEL

GET
H2 200 choice.js Show response
quantcast.mgr.consensu.org/choice/fTfJtcPmQDwZG/framed.wtf/ 4 KB
2 KB 296ms
101ms Script
application/javascript 2600:9000:225b:cc00:9:46dc:4700:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://quantcast.mgr.consensu.org/choice/fTfJtcPmQDwZG/framed.wtf/choice.js
Requested by: Host: cdn.thisiswaldo.com
URL: https://cdn.thisiswaldo.com/static/js/13746.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:225b:cc00:9:46dc:4700:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 4a843829d2a7a6784b64936438383030b3161521367b2420441ad0c860f3e80d

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://framed.wtf/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date: Tue, 13 Jun 2023 10:53:38 GMT
content-encoding: gzip
via: 1.1 ae6c2eb8d653982f5df6a91a4b14b518.cloudfront.net (CloudFront)
last-modified: Thu, 11 Aug 2022 00:44:37 GMT
server: AmazonS3
x-amz-cf-pop: MUC50-P1
age: 33
x-amz-server-side-encryption: AES256
etag: W/"828fc36b31632f34b4cf3eeb0e9c996d"
vary: Access-Control-Request-Headers,Access-Control-Request-Method,Origin,Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: max-age=3600
cross-origin-resource-policy: cross-origin
x-amz-cf-id: dtyeaH4-IJ2z5j41KZr0UEEAk4TVX62iNNuHuCtJzXYjucw4x07f6g==

GET
H2 200 pwt.js Show response
ads.pubmatic.com/AdServer/js/pwt/160082/7676/ 226 KB
76 KB 251ms
83ms Script
application/javascript 23.213.164.238
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.pubmatic.com/AdServer/js/pwt/160082/7676/pwt.js
Requested by: Host: cdn.thisiswaldo.com
URL: https://cdn.thisiswaldo.com/static/js/13746.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.213.164.238 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-213-164-238.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: 0af3dcbf2695e8b9ac3117f4a698bbb06121901b1d06e7a6377fa87d02d0d29e

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://framed.wtf/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date: Tue, 13 Jun 2023 10:53:38 GMT
content-encoding: gzip
last-modified: Sat, 29 Apr 2023 01:08:05 GMT
server: Apache
vary: Accept-Encoding
content-type: application/javascript
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control: max-age=153440
accept-ranges: bytes
content-length: 76767
expires: Thu, 15 Jun 2023 05:30:58 GMT

GET
H2 200 gpt.js Show response
securepubads.g.doubleclick.net/tag/js/ 76 KB
25 KB 355ms
163ms Script
text/javascript 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/tag/js/gpt.js

Requested by

Host: cdn.thisiswaldo.com
URL: https://cdn.thisiswaldo.com/static/js/13746.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

703db27a92b765d36e0f292cdc4f81081501b7c03fccd127bf8bec4ae0e528ef

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://framed.wtf/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date: Tue, 13 Jun 2023 10:53:38 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 25305
x-xss-protection: 0
server: cafe
etag: 953 / 19521 / m202306060101 / config-hash: 10374218712375929169
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
expires: Tue, 13 Jun 2023 10:53:38 GMT

GET
H2 200 config.js Show response
cdn.confiant-integrations.net/x0z5MxKG38JhHvRnq2EER8cBuec/gpt_and_prebid/ 97 KB
22 KB 212ms
74ms Script
text/javascript 2606:4700:4400::ac40:99f6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.confiant-integrations.net/x0z5MxKG38JhHvRnq2EER8cBuec/gpt_and_prebid/config.js
Requested by: Host: cdn.thisiswaldo.com
URL: https://cdn.thisiswaldo.com/static/js/13746.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:4400::ac40:99f6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8fd5496aa414f1c4e584eb3b82d01dec50bd48d4df0bc2bb75c6e6822f2d1ab0

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://framed.wtf/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date: Tue, 13 Jun 2023 10:53:38 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Tue, 13 Jun 2023 07:00:39 GMT
server: cloudflare
x-amz-request-id: N4M29T2PPRKSYP8D
age: 668
etag: W/"5d2654608c104348dd79fadae5bd726d"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=900, stale-while-revalidate=3600
cf-ray: 7d69ca7ac903b521-OSL
alt-svc: h3=":443"; ma=86400
x-amz-id-2: /gUc1uFzLtvRi+w+9QKJyzSVHZZHwONgv8RnnEql3FLuvm6BkrblQt+QWz+7s+5CB2/JA6uyAoPpVyZrIa7rXi9zxiC3cKSrYbJ0uyzFxQY=

GET
H2 200 tag Show response
btloader.com/ 44 KB
12 KB 190ms
79ms Script
application/javascript 2606:4700:20::ac43:4686
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://btloader.com/tag?o=5665063362887680&upapi=true
Requested by: Host: cdn.thisiswaldo.com
URL: https://cdn.thisiswaldo.com/static/js/13746.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:4686 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3546f27355969aecbb535c8bf97abd08fcb1438028b73058cf1639e03bc0cb1d

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://framed.wtf/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date: Tue, 13 Jun 2023 10:53:38 GMT
via: 1.1 google
content-encoding: br
cf-cache-status: HIT
last-modified: Tue, 13 Jun 2023 10:46:38 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 198
etag: W/"9e3e03346af0e202088dad410fd9c118"
vary: Origin, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=BmtGEl02AfR38wKk3ycPtV5QpffPmVSkgrLeqDzCLPXdMyp9mCA2SmW9Ueqawjie4FI34PYXvkM2lO2bIrnA6NIg%2FnOaH8GqIPw3l5nlJ8wHpivsrXQtBxlh%2BYeLza%2BAOndF0LHogJDYzg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: public, max-age=300, must-revalidate, stale-if-error=3600, stale-while-revalidate=300
cf-ray: 7d69ca7a9cb1d916-HEL

GET
H2 200 apstag.js Show response
c.amazon-adsystem.com/aax2/ 235 KB
57 KB 548ms
200ms Script
application/javascript 108.138.1.25
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c.amazon-adsystem.com/aax2/apstag.js
Requested by: Host: framed.wtf
URL: https://framed.wtf/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.138.1.25 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-138-1-25.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: b17f4c082b272213f4da075af5c73893db6c70f060c8441ff6e70f7251324ff9

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://framed.wtf/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date: Tue, 13 Jun 2023 10:16:51 GMT
content-encoding: gzip
via: 1.1 ec1ac21acdbd36c971eca9d6b61d0744.cloudfront.net (CloudFront), 1.1 5c0a79476717d213b9c559bafee1c65e.cloudfront.net (CloudFront)
last-modified: Thu, 08 Jun 2023 19:47:47 GMT
server: AmazonS3
x-amz-cf-pop: FRA60-P1, FRA56-P6
age: 2207
x-amz-server-side-encryption: AES256
etag: W/"22e740da4e2336def33bbd74ea6796a6"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: public, max-age=3600
x-amz-cf-id: mWpufDq7ZiPWHr0PyLCh9MDBfYqg8QWoIovCx2aVTC7Oo_Vd4el0lg==

GET
H2 200 tag.js Show response
a.teads.tv/analytics/ 11 KB
4 KB 356ms
83ms Script
text/javascript 23.52.123.144
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://a.teads.tv/analytics/tag.js
Requested by: Host: cdn.thisiswaldo.com
URL: https://cdn.thisiswaldo.com/static/js/13746.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.52.123.144 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-52-123-144.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 221e69003af87e6e8f934828ab416477126f3c062500e3bcb636bb9d87bf9b06

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://framed.wtf/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

x-amz-version-id: Y6qsPmt0o95KDo3Ibo2euzqSnxQebNV8
date: Tue, 13 Jun 2023 10:53:38 GMT
content-encoding: br
last-modified: Wed, 02 Nov 2022 09:38:15 GMT
x-amz-request-id: FNC470FQVZBFRCZH
etag: "6ddfb3a828a563a7719081ff9aeedaba"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
content-type: text/javascript;charset=utf-8
cache-control: private, max-age=3600
accept-ranges: bytes
content-length: 3391
x-amz-id-2: leunHFYGSp1B7jyYTwkfVmo4Tx6S1daxdpwny5PGjufvKAzvpOe/KuXUy/fMs0KO5VteVtWpya4=

POST
H/1.1 200
OK track-impression Show response
thisiswaldo.com/js/ 1 B
376 B 768ms
434ms XHR
application/json 52.15.219.226
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://thisiswaldo.com/js/track-impression

Requested by

Host: cdn.thisiswaldo.com
URL: https://cdn.thisiswaldo.com/static/js/13746.js

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

52.15.219.226 Columbus, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-15-219-226.us-east-2.compute.amazonaws.com

Software

Apache/2.4.29 (Ubuntu) /

Resource Hash

6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b

Security Headers

Name	Value
X-Content-Type-Options	nosniff, nosniff

Request headers

Referer: https://framed.wtf/
accept-language: fi-FI,fi;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36
Content-type: application/x-www-form-urlencoded

Response headers

Date: Tue, 13 Jun 2023 10:53:38 GMT
X-Content-Type-Options: nosniff, nosniff
Server: Apache/2.4.29 (Ubuntu)
Content-Type: application/json
Access-Control-Allow-Origin: *
Cache-Control: no-cache, must-revalidate
Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
Content-Length: 1
Expires: Sun, 19 Nov 1978 05:00:00 GMT

GET
H2 200 me Show response
ipfind.co/ 324 B
430 B 678ms
240ms XHR
application/json 52.9.11.252
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://ipfind.co/me?auth=3757a9b9-5759-4813-bc1a-7fa0b8ba94c1
Requested by: Host: cdn.thisiswaldo.com
URL: https://cdn.thisiswaldo.com/static/js/13746.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.9.11.252 San Jose, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-9-11-252.us-west-1.compute.amazonaws.com
Software: Apache/2.4.18 (Ubuntu) /
Resource Hash: 061cfc42d390654ac68caaf03fc43e5c01828bab6a33548cfd4a69badfd0fa5b

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://framed.wtf/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date: Tue, 13 Jun 2023 10:53:38 GMT
content-encoding: gzip
server: Apache/2.4.18 (Ubuntu)
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: https://framed.wtf
cache-control: no-cache, private
access-control-allow-credentials: true
content-length: 212

GET
H2 200 px.gif
ad-delivery.net/ 43 B
341 B 177ms
65ms Image
image/gif 2606:4700:20::ac43:4513
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ad-delivery.net/px.gif?ch=2
Requested by: Host: framed.wtf
URL: https://framed.wtf/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:4513 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://framed.wtf/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date: Tue, 13 Jun 2023 10:53:38 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 46380
x-guploader-uploadid: ADPycdsMR7uQsL5ls8vodZ2xBaxCxI-PoFWwUt0V3on_LVHMLpY1homxGS_ImrpiqlbKVvdtO3oNPV8t1Eb_dYZzezi56w
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 5
x-goog-stored-content-encoding: identity
content-length: 43
last-modified: Wed, 05 May 2021 19:25:32 GMT
server: cloudflare
etag: "ad4b0f606e0f8465bc4c4c170b37e1a3"
vary: Accept-Encoding
x-goog-generation: 1620242732037093
content-type: image/gif
access-control-allow-origin: *
x-goog-hash: crc32c=cpEfJQ==, md5=rUsPYG4PhGW8TEwXCzfhow==
access-control-expose-headers: *, Content-Length, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
cache-control: public, max-age=86400
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Vt67Hvlo9MFyMlvetMRb1faZ0OixAj0gazO8zYRDVbPjQv%2BTcqbYCDUJWiasYmv59XaTRxGZgvvj9anfc1Fe7K1%2F14rg8GmNM%2BoayRHZjFDHVwzhQDjy%2B2SOWx%2F3vFQVqPXt3VzynC11vdb8dQ%3D%3D"}],"group":"cf-nel","max_age":604800}
x-goog-stored-content-length: 43
accept-ranges: bytes
cf-ray: 7d69ca7bde8ed97b-HEL
expires: Mon, 12 Jun 2023 22:57:55 GMT

GET
H2 200 favicon.ico
ad.doubleclick.net/ 1 KB
571 B 266ms
81ms Image
image/x-icon 172.217.18.6
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ad.doubleclick.net/favicon.ico?ad=300x250&ad_box_=1&adnet=1&showad=1&size=250x250

Requested by

Host: framed.wtf
URL: https://framed.wtf/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.18.6 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra15s28-in-f6.1e100.net

Software

sffe /

Resource Hash

d961b08e4321250926de6f79087594975fe20ad1518de8f91eb711af5d1a6ef8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://framed.wtf/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date: Mon, 12 Jun 2023 18:29:56 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 59022
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 104
x-xss-protection: 0
last-modified: Tue, 08 May 2012 13:08:06 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/x-icon
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Tue, 13 Jun 2023 18:29:56 GMT

GET
H2 200 px.gif
ad-delivery.net/ 43 B
934 B 168ms
57ms Image
image/gif 2606:4700:20::ac43:4513
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ad-delivery.net/px.gif?ch=1&e=0.2598419776589602
Requested by: Host: framed.wtf
URL: https://framed.wtf/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:4513 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://framed.wtf/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date: Tue, 13 Jun 2023 10:53:38 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 46380
x-guploader-uploadid: ADPycdsMR7uQsL5ls8vodZ2xBaxCxI-PoFWwUt0V3on_LVHMLpY1homxGS_ImrpiqlbKVvdtO3oNPV8t1Eb_dYZzezi56w
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 5
x-goog-stored-content-encoding: identity
content-length: 43
last-modified: Wed, 05 May 2021 19:25:32 GMT
server: cloudflare
etag: "ad4b0f606e0f8465bc4c4c170b37e1a3"
vary: Accept-Encoding
x-goog-generation: 1620242732037093
content-type: image/gif
access-control-allow-origin: *
x-goog-hash: crc32c=cpEfJQ==, md5=rUsPYG4PhGW8TEwXCzfhow==
access-control-expose-headers: *, Content-Length, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
cache-control: public, max-age=86400
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=t4VHMQ2nMMa2vir8db9xj6OOpSBpPPtOAVbPFp%2B0FWYe8%2BMO%2BW00E3k1370jH9llJFd%2FmtkJVy%2F%2FDuI6D6srunjViByG%2B5%2B0srZ%2Fr53G5yyXNShOVbC7GkJJe6ZgAwyeNc5SW2fLXmFKhZCveQ%3D%3D"}],"group":"cf-nel","max_age":604800}
x-goog-stored-content-length: 43
accept-ranges: bytes
cf-ray: 7d69ca7bde94d97b-HEL
expires: Mon, 12 Jun 2023 22:57:55 GMT

GET
H2 200 wrap.js Show response
cdn.confiant-integrations.net/gptprebidnative/202305161109/ 247 KB
76 KB 75ms
74ms Script
application/javascript 2606:4700:4400::ac40:99f6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.confiant-integrations.net/gptprebidnative/202305161109/wrap.js
Requested by: Host: cdn.confiant-integrations.net
URL: https://cdn.confiant-integrations.net/x0z5MxKG38JhHvRnq2EER8cBuec/gpt_and_prebid/config.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:4400::ac40:99f6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a9b8757ef83403b67a3f6d10da0c8f4259179fe48a775020aeb65ab9e1791cc3

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://framed.wtf/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date: Tue, 13 Jun 2023 10:53:38 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Tue, 16 May 2023 15:12:41 GMT
server: cloudflare
x-amz-request-id: SGAZR1X4VE4V0XM8
age: 2399492
etag: W/"c445da83949e16f2c7f56d37a9f719f0"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=31536000
cf-ray: 7d69ca7b59ccb521-OSL
alt-svc: h3=":443"; ma=86400
x-amz-id-2: i4TFtCtcg4zxHd7iXzahKafee/JVsc88Qrco7FDQLJBG/LML0IP+p07Tg0FzRBORDo1v3l7K+Jw=

GET
H2 200 quant.js Show response
secure.quantserve.com/ 22 KB
9 KB 280ms
82ms Script
application/javascript 2620:116:800d:21:ef75:8280:f209:5ba1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://secure.quantserve.com/quant.js
Requested by: Host: quantcast.mgr.consensu.org
URL: https://quantcast.mgr.consensu.org/choice/fTfJtcPmQDwZG/framed.wtf/choice.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2620:116:800d:21:ef75:8280:f209:5ba1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: e23decabee8464b650d1d0241283ba0c469806e14a2199efc5bb41771cb673c1

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://framed.wtf/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date: Tue, 13 Jun 2023 10:53:38 GMT
content-encoding: gzip
etag: "sLp6xTjO7svFVaOemhLWUQ=="
vary: Accept-Encoding
content-type: application/javascript
cache-control: private, max-age=604800
accept-ranges: bytes
expires: Tue, 20 Jun 2023 10:53:38 GMT

GET
H2 200 cmp2.js Show response
quantcast.mgr.consensu.org/tcfv2/ 178 KB
44 KB 105ms
105ms Script
text/javascript 2600:9000:225b:cc00:9:46dc:4700:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://quantcast.mgr.consensu.org/tcfv2/cmp2.js?referer=framed.wtf
Requested by: Host: quantcast.mgr.consensu.org
URL: https://quantcast.mgr.consensu.org/choice/fTfJtcPmQDwZG/framed.wtf/choice.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:225b:cc00:9:46dc:4700:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: eb644f290f0fb1ea074d5a52e431e49cf9fa4adc1b345e7719d0d27a3fe78c9a

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://framed.wtf/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date: Tue, 13 Jun 2023 10:22:38 GMT
content-encoding: br
via: 1.1 ae6c2eb8d653982f5df6a91a4b14b518.cloudfront.net (CloudFront)
x-amz-cf-pop: MUC50-P1
age: 1909
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-amz-storage-class: INTELLIGENT_TIERING
last-modified: Fri, 19 May 2023 14:04:40 GMT
server: AmazonS3
etag: W/"f95487cc7143663d91de3ec4a26c4beb"
access-control-max-age: 86400
access-control-allow-methods: GET
content-type: text/javascript;charset=UTF-8
access-control-allow-origin: *
cache-control: max-age=3600
x-amz-meta-qc-ineu: True
vary: Accept-Encoding
x-amz-cf-id: -LLQdSeL5zH3KJMxKqrp_cMXhH_3mqqR1bnwauf4cnIF3OdOQvRerA==

GET
H2 200 pubads_impl.js Show response
securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202306060101/ 404 KB
125 KB 82ms
81ms Script
text/javascript 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202306060101/pubads_impl.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0c384e9f5a0511e6e45bbaf26eba3f51edf331b05e20efa57f243d87ad4c452e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://framed.wtf/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date: Mon, 12 Jun 2023 14:04:02 GMT
content-encoding: br
x-content-type-options: nosniff
age: 74976
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 127303
x-xss-protection: 0
server: cafe
etag: 14748094856067035890
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, immutable, max-age=31536000
timing-allow-origin: *
expires: Tue, 11 Jun 2024 14:04:02 GMT

GET
H3 200 ppub_config Show response
securepubads.g.doubleclick.net/pagead/ 177 B
133 B 297ms
132ms XHR
application/json 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/ppub_config?ippd=framed.wtf

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

46054d8b0d6157518aad0e237ef28330257e74310617d8d30cfbee4b1103b552

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://framed.wtf/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date: Tue, 13 Jun 2023 10:53:38 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private, max-age=3600, stale-while-revalidate=3600
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 108
x-xss-protection: 0
expires: Tue, 13 Jun 2023 10:53:38 GMT

GET
H2 200 cmp-list.json Show response
test.cmp.quantcast.com/GVL-v2/ 10 KB
3 KB 280ms
85ms XHR
application/json 2600:9000:225b:4800:3:a4cd:8380:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://test.cmp.quantcast.com/GVL-v2/cmp-list.json
Requested by: Host: quantcast.mgr.consensu.org
URL: https://quantcast.mgr.consensu.org/tcfv2/cmp2.js?referer=framed.wtf
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:225b:4800:3:a4cd:8380:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 8e88e89ec7f96d859ce3759fd72e6a3f7dd2c48b38aa722e140843fe1cf9e080

Request headers

Accept: application/json, text/plain, */*
Referer: https://framed.wtf/
accept-language: fi-FI,fi;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date: Tue, 13 Jun 2023 03:00:41 GMT
x-amz-version-id: 2_3SYD6kTuAbDz.oUYjfM9PxanupdX__
content-encoding: br
via: 1.1 66ce4848bcf993e3c57b596461cd0b82.cloudfront.net (CloudFront)
x-amz-cf-pop: MUC50-P1
age: 28378
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
last-modified: Mon, 29 May 2023 19:52:29 GMT
server: AmazonS3
etag: W/"beb8778e0e566e6dd95b9e0584ecdf5d"
access-control-max-age: 86400
access-control-allow-methods: GET
content-type: application/json
access-control-allow-origin: *
cache-control: max-age=172800
vary: Accept-Encoding
x-amz-cf-id: eLme60-Mytlh1WSRBo5wzqsFe-L1XKOd05BVIQr-92oFGBFPZkK1aw==

GET
H2 200 country Show response
api.btloader.com/ 16 B
194 B 295ms
174ms Fetch
application/json 130.211.23.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://api.btloader.com/country
Requested by: Host: btloader.com
URL: https://btloader.com/tag?o=5665063362887680&upapi=true
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 130.211.23.194 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 194.23.211.130.bc.googleusercontent.com
Software: /
Resource Hash: 0276c38bdce11b6761cc269e4ad45e261b186650699db6a481c7df95173d04e9

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://framed.wtf/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date: Tue, 13 Jun 2023 10:53:38 GMT
via: 1.1 google
vary: Origin
content-type: application/json
access-control-allow-origin: *
cache-control: private, max-age=300, stale-while-revalidate=600, stale-if-error=600
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 16

GET
H2 204 pv Show response
api.btloader.com/ 0
66 B 295ms
175ms XHR
text/plain 130.211.23.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://api.btloader.com/pv?tid=x3ZPxgUYrC&w=6309467195441152&o=5665063362887680&cv=2.1.12-7-gb1eec29&r=false&vr=1600x1200&pageURL=https%3A%2F%2Fframed.wtf%2F&sid=s4WY5UNs1&upapi=true
Requested by: Host: btloader.com
URL: https://btloader.com/tag?o=5665063362887680&upapi=true
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 130.211.23.194 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 194.23.211.130.bc.googleusercontent.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://framed.wtf/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

access-control-allow-origin: *
date: Tue, 13 Jun 2023 10:53:38 GMT
cache-control: no-cache, no-store, must-revalidate
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
vary: Origin

GET
H2 200 rules-p-fTfJtcPmQDwZG.js Show response
rules.quantcount.com/ 160 B
642 B 287ms
89ms Script
application/javascript 2600:9000:20c3:e000:6:44e3:f8c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://rules.quantcount.com/rules-p-fTfJtcPmQDwZG.js
Requested by: Host: secure.quantserve.com
URL: https://secure.quantserve.com/quant.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:20c3:e000:6:44e3:f8c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 922b0d2d4adb5ed473a915258165047db5642276b6edad0dc15a0d47ed4ea19c

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://framed.wtf/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date: Tue, 13 Jun 2023 10:01:06 GMT
via: 1.1 56abe0fedc00b031003c08f0306dae62.cloudfront.net (CloudFront)
x-amz-cf-pop: MUC50-C1
age: 3450
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
cross-origin-resource-policy: cross-origin
content-length: 160
last-modified: Fri, 14 Oct 2022 06:30:36 GMT
server: AmazonS3
etag: "65712c30333d33050e268b43b70b60ea"
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=3600
accept-ranges: bytes
x-amz-cf-id: KE6xdX-0lIAU-NhTvFiXnmAZGXwGCflZf_A0HCs9_UPtAKiLZRs9RQ==

GET
H2 204 config Show response
c.amazon-adsystem.com/cdn/prod/ 0
306 B 167ms
166ms XHR
text/plain 108.138.1.25
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c.amazon-adsystem.com/cdn/prod/config?src=600&u=https%3A%2F%2Fframed.wtf&pubid=094e2c86-72d9-47d6-a647-d95ce39ad4c7
Requested by: Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.138.1.25 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-138-1-25.fra56.r.cloudfront.net
Software: Server /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://framed.wtf/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date: Tue, 13 Jun 2023 10:12:26 GMT
via: 1.1 5c0a79476717d213b9c559bafee1c65e.cloudfront.net (CloudFront)
server: Server
x-amz-cf-pop: FRA56-P6
age: 2472
x-cache: Hit from cloudfront
access-control-allow-origin: https://framed.wtf
cache-control: max-age=21550, s-maxage=21600
access-control-allow-credentials: true
x-amz-cf-id: PfVtaCF8J3iJPxOXDwGmern9NZN23zLmTqg3dUq1Bc17lWhgMRqcoA==

GET
H2 200 aps_csm.js Show response
c.amazon-adsystem.com/bao-csm/aps-comm/ 6 KB
3 KB 238ms
80ms XHR
application/javascript 108.138.1.25
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c.amazon-adsystem.com/bao-csm/aps-comm/aps_csm.js
Requested by: Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.138.1.25 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-138-1-25.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://framed.wtf/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

x-amz-version-id: Zm_tZQQ808JKRizBfXGgSN2OWn8Z6JUU
content-encoding: gzip
via: 1.1 7b20af4202adb6ef25a7920ed74908dc.cloudfront.net (CloudFront)
date: Mon, 12 Jun 2023 15:27:06 GMT
x-amz-cf-pop: FRA56-P6
age: 69994
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
last-modified: Fri, 26 May 2023 01:35:48 GMT
server: AmazonS3
etag: W/"a4d296427fc806b21335359e398c025c"
access-control-max-age: 3000
access-control-allow-methods: GET
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
vary: Accept-Encoding,Origin
x-amz-cf-id: M12Z5jYthoyEgqVg-wb-jcjUvKMt7NChcZOvCSeDE6o5fUY1wxkT6w==

GET
H2 200 cmp2ui-en.js Show response
cmp.quantcast.com/tcfv2/47/ 248 KB
61 KB 275ms
93ms Script
text/javascript 2600:9000:223d:3800:9:46dc:4700:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cmp.quantcast.com/tcfv2/47/cmp2ui-en.js
Requested by: Host: quantcast.mgr.consensu.org
URL: https://quantcast.mgr.consensu.org/tcfv2/cmp2.js?referer=framed.wtf
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:223d:3800:9:46dc:4700:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 6b814d02958e339eaad22839ea7a29d3ade9071a5e9df9ce065def22ab595936

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://framed.wtf/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date: Mon, 12 Jun 2023 14:56:34 GMT
content-encoding: br
via: 1.1 9e1b24b39ac8b669f996f1e7907eb696.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P3
age: 71826
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-amz-storage-class: INTELLIGENT_TIERING
cross-origin-resource-policy: cross-origin
last-modified: Fri, 19 May 2023 14:04:10 GMT
server: AmazonS3
etag: W/"556bc7ca21432cc0628ff6f67a5e09bc"
access-control-max-age: 604800
access-control-allow-methods: GET
content-type: text/javascript;charset=UTF-8
access-control-allow-origin: *
cache-control: max-age=172800
vary: Accept-Encoding
x-amz-cf-id: HVWU4M13s61wplxwrSfDadudakkGP6F2_fAO_3UYFnAsCsQlNFr_uw==

GET
H2 200 bid Show response
aax.amazon-adsystem.com/e/dtb/ 23 B
457 B 316ms
117ms XHR
text/javascript 108.138.9.235
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://aax.amazon-adsystem.com/e/dtb/bid?src=600&u=https%3A%2F%2Fframed.wtf%2F&pid=yQ8W9QhsFscW8&cb=0&ws=1600x1200&v=23.605.2213&t=2000&slots=%5B%7B%22sd%22%3A%22waldo-tag-13760%22%2C%22s%22%3A%5B%22728x90%22%5D%2C%22sn%22%3A%22124067137%2C22803128949%2Fframed728x90FS_1%22%7D%5D&pubid=094e2c86-72d9-47d6-a647-d95ce39ad4c7&gdpre=1&gdprl=%7B%22status%22%3A%22tcfv2-success%22%7D

Requested by

Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

108.138.9.235 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-108-138-9-235.fra56.r.cloudfront.net

Software

Server /

Resource Hash

745a085b52b8371ec6705413fca70a28c6d8bff0db480e6b124bd08c54e95ef8

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://framed.wtf/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date: Tue, 13 Jun 2023 10:53:39 GMT
strict-transport-security: max-age=47474747; includeSubDomains; preload
via: 1.1 0ece2d48b2ca1badca11fa675b7785ea.cloudfront.net (CloudFront)
server: Server
x-amz-cf-pop: FRA56-P6
x-amz-rid: 88561E4G3X3VWVPV8Z4B
vary: Accept-Encoding,User-Agent
x-cache: Miss from cloudfront
content-type: text/javascript;charset=UTF-8
access-control-allow-origin: https://framed.wtf
access-control-allow-credentials: true
timing-allow-origin: *
content-length: 23
x-amz-cf-id: SDYyJoShmRPdHQsm0b8auRrxasJ4X_wTXoDcvtfQtHg87pKcAfnb9g==

GET
H2 200 vendor-list-trimmed-v1-tmp.json Show response
cmp.quantcast.com/GVL-v2/ 353 KB
43 KB 260ms
89ms XHR
application/json 2600:9000:223d:3800:9:46dc:4700:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cmp.quantcast.com/GVL-v2/vendor-list-trimmed-v1-tmp.json
Requested by: Host: quantcast.mgr.consensu.org
URL: https://quantcast.mgr.consensu.org/tcfv2/cmp2.js?referer=framed.wtf
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:223d:3800:9:46dc:4700:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: d0f3143f3ecea93e92391e08de3461a779d9c5094241779ccf1b57665a081133

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://framed.wtf/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date: Tue, 13 Jun 2023 03:00:36 GMT
content-encoding: br
via: 1.1 bafba29f1325f15932567e0ae2d444a4.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P3
age: 28384
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-amz-storage-class: INTELLIGENT_TIERING
last-modified: Fri, 19 May 2023 13:17:10 GMT
server: AmazonS3
etag: W/"3bbcdaed7cdab54742c76eb6b3acaff4"
access-control-max-age: 3000
access-control-allow-methods: GET
content-type: application/json
access-control-allow-origin: *
cache-control: max-age=172800
access-control-allow-credentials: true
vary: Accept-Encoding,Access-Control-Request-Headers,Access-Control-Request-Method
x-amz-cf-id: BPpgav2BEl6aXdI6cQTXyxXfIuTUQuoNLwYYzcsE7YozWHSPf6qlsg==

GET
H2 200 google-atp-list.json Show response
cmp.quantcast.com/tcfv2/ 151 KB
35 KB 342ms
174ms XHR
application/json 2600:9000:223d:3800:9:46dc:4700:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cmp.quantcast.com/tcfv2/google-atp-list.json
Requested by: Host: quantcast.mgr.consensu.org
URL: https://quantcast.mgr.consensu.org/tcfv2/cmp2.js?referer=framed.wtf
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:223d:3800:9:46dc:4700:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 31d1a8b234ef7e3fcd967fe38bb63298be8faf869e0dcd5352c330ed5c18964b

Request headers

Accept: application/json, text/plain, */*
Referer: https://framed.wtf/
accept-language: fi-FI,fi;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date: Tue, 13 Jun 2023 03:00:28 GMT
content-encoding: br
via: 1.1 bafba29f1325f15932567e0ae2d444a4.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P3
age: 28392
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
last-modified: Tue, 13 Jun 2023 03:00:26 GMT
server: AmazonS3
etag: W/"1dbfd79d4ea7f69c0c42a2f6065532e7"
access-control-max-age: 3000
access-control-allow-methods: GET
content-type: application/json
access-control-allow-origin: *
cache-control: max-age=172800
access-control-allow-credentials: true
vary: Accept-Encoding,Access-Control-Request-Headers,Access-Control-Request-Method
x-amz-cf-id: bxldpk10FVEs34f2UJLd2QzLQAH97VYB03GyuCAbXyCFxqat2QXNBw==

POST
H2 200 wl Show response
t.pubmatic.com/ 17 B
178 B 276ms
82ms XHR
text/plain 185.64.189.226
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://t.pubmatic.com/wl?pubid=160082
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/pwt/160082/7676/pwt.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.189.226 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: /
Resource Hash: 0d111d61901004eafd87c672f12f6cd54b3c376513aa672bf58100506dfe76f5

Request headers

Referer: https://framed.wtf/
accept-language: fi-FI,fi;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

pragma: no-cache
date: Tue, 13 Jun 2023 10:53:39 GMT
content-type: text/plain; charset=utf-8
access-control-allow-origin: https://framed.wtf
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
content-length: 17
expires: 0

GET
H2 200 / Show response
audit-tcfv2.cmp.quantcast.com/ 2 B
101 B 264ms
80ms XHR
text/plain 18.157.97.173
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://audit-tcfv2.cmp.quantcast.com/?log=%7B%22accountId%22%3A%22fTfJtcPmQDwZG%22%2C%22domain%22%3A%22framed.wtf%22%2C%22publisher%22%3A%22%22%2C%22cmpId%22%3A10%2C%22cmpVersion%22%3A%222.47%22%2C%22displayType%22%3A%22tcfui%3Amandatory%22%2C%22configurationHashCode%22%3A%227bnWU4gIqL1lnVt05b%2BUng%22%2C%22clientTimestamp%22%3A1686653619414%2C%22operationType%22%3A%22init%22%2C%22sessionId%22%3A%22GDPR-cvoxfvcg6vhm9ylserwg%22%7D
Requested by: Host: cmp.quantcast.com
URL: https://cmp.quantcast.com/tcfv2/47/cmp2ui-en.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.157.97.173 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-157-97-173.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: 565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3

Request headers

Accept: application/json, text/plain, */*
Referer: https://framed.wtf/
accept-language: fi-FI,fi;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

access-control-allow-origin: *
date: Tue, 13 Jun 2023 10:53:39 GMT
content-length: 2
content-type: text/plain; charset=utf-8

POST
H2 204 rum Show response
framed.wtf/cdn-cgi/ 0
178 B 109ms
108ms XHR
text/plain 2606:4700:20::681a:b59
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://framed.wtf/cdn-cgi/rum?

Requested by

Host: static.cloudflareinsights.com
URL: https://static.cloudflareinsights.com/beacon.min.js/v52afc6f149f6479b8c77fa569edb01181681764108816

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:b59 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Referer: https://framed.wtf/
accept-language: fi-FI,fi;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36
content-type: application/json

Response headers

date: Tue, 13 Jun 2023 10:53:39 GMT
x-content-type-options: nosniff
server: cloudflare
vary: Origin
access-control-max-age: 86400
access-control-allow-methods: POST,OPTIONS
access-control-allow-origin: https://framed.wtf
x-frame-options: DENY
access-control-allow-credentials: true
cf-ray: 7d69ca81cce1fe28-HEL

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 254 KB
88 KB 268ms
97ms Script
application/javascript 2a00:1450:4001:82f::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-S57DN4M8WD

Requested by

Host: framed.wtf
URL: https://framed.wtf/_next/static/chunks/main-63b79767fca3418f.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

b51649258c8bf1b905f92aba9e7a8ec0aa4024ea5d28cc9aa9bed5e8b5e65474

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://framed.wtf/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date: Tue, 13 Jun 2023 10:53:39 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 89731
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Tue, 13 Jun 2023 10:53:39 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 124 KB
48 KB 97ms
97ms Script
application/javascript 2a00:1450:4001:82f::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=UA-242572032-1&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-S57DN4M8WD

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

4e517e38f4f50b63131ee5a9fc2f5e203891fad8750802b37743b84bf1d8d348

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://framed.wtf/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date: Tue, 13 Jun 2023 10:53:39 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 49244
x-xss-protection: 0
last-modified: Tue, 13 Jun 2023 09:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Tue, 13 Jun 2023 10:53:39 GMT

POST
H2 204 collect
region1.analytics.google.com/g/ 0
250 B 193ms
66ms Ping
text/plain 2001:4860:4802:32::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.analytics.google.com/g/collect?v=2&tid=G-S57DN4M8WD&gtm=45je36c0&_p=1552590435&_gaz=1&cid=1839858038.1686653620&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=1&sid=1686653619&sct=1&seg=0&dl=https%3A%2F%2Fframed.wtf%2F&dt=Framed%20-%20The%20daily%20movie%20guessing%20game&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-S57DN4M8WD
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://framed.wtf/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 13 Jun 2023 10:53:40 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://framed.wtf
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 collect
stats.g.doubleclick.net/g/ 0
250 B 258ms
83ms Ping
text/plain 2a00:1450:400c:c02::9c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://stats.g.doubleclick.net/g/collect?v=2&tid=G-S57DN4M8WD&cid=1839858038.1686653620&gtm=45je36c0&aip=1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-S57DN4M8WD
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:400c:c02::9c Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://framed.wtf/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 13 Jun 2023 10:53:40 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://framed.wtf
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.no/ads/ 42 B
408 B 286ms
108ms Image
image/gif 2a00:1450:4001:80f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.no/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-S57DN4M8WD&cid=1839858038.1686653620&gtm=45je36c0&aip=1&z=333752133

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://framed.wtf/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 13 Jun 2023 10:53:40 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 a
www.googletagmanager.com/ 0
59 B 97ms
96ms Image
text/html 2a00:1450:4001:82f::2008
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.googletagmanager.com/a?v=3&t=l&pid=1414949942&rv=36c0&cid=94104434&qi=0&l=94104434.EC2.TC0.HTC0~*~*~GA487.495

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://framed.wtf/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date: Tue, 13 Jun 2023 10:53:40 GMT
server: Google Tag Manager
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
content-type: text/html

GET
H2 200 a
www.googletagmanager.com/ 0
49 B 104ms
103ms Image
text/html 2a00:1450:4001:82f::2008
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.googletagmanager.com/a?v=3&t=l&pid=302872747&rv=36c0&cid=G-S57DN4M8WD&qi=0&l=G-S57DN4M8WD.L2421.S4.Y3.E43.EC6.TC16.HTC0~gtm.init.S0.TS5ogt1pdatav2.TE3.TS5ccdgalast.TE0.TS5ccdautoredact.TE0.TS5ccdconversionmarking.TE0.TS5ccdemvideo.TE0.TS5ccdemsitesearch.TE1.TS5ccdemscroll.TE0.TS5ccdempageview.TE0.TS5ccdemoutboundclick.TE0.TS5ccdemdownload.TE1.TS5ccdgaregscope.TE0.TS5ogtgooglesignals.TE0.TS5setproductsettings.TE0.TS5ccdgafirst.TE0~gtm.js.S0.TS5gct.TE0.TS5zone.TE2~gtm.dom.S0.E10~gtm.load.S0.E9~gtm.scrollDepth.S0~gtm.init_consent.S1.E32

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://framed.wtf/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date: Tue, 13 Jun 2023 10:53:40 GMT
server: Google Tag Manager
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
content-type: text/html

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 51 KB
21 KB 254ms
81ms Script
text/javascript 2a00:1450:4001:806::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-242572032-1&l=dataLayer&cx=c

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

e7b90d32907f89c49e9e2a2ccca95133277f756f13a14187936d9b948ff67b44

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://framed.wtf/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Tue, 13 Jun 2023 10:35:27 GMT
last-modified: Mon, 17 Apr 2023 22:36:01 GMT
server: Golfe2
age: 1093
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20737
expires: Tue, 13 Jun 2023 12:35:27 GMT

POST
H2 200 collect Show response
www.google-analytics.com/j/ 1 B
202 B 88ms
88ms XHR
text/plain 2a00:1450:4001:806::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j100&a=1552590435&t=pageview&_s=1&dl=https%3A%2F%2Fframed.wtf%2F&ul=en-us&de=UTF-8&dt=Framed%20-%20The%20daily%20movie%20guessing%20game&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YADAAUABAAAAACAAI~&jid=241042515&gjid=1239855048&cid=1839858038.1686653620&tid=UA-242572032-1&_gid=689570320.1686653620&_r=1&gtm=457e36c0&jsscut=1&z=935861447

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://framed.wtf/
accept-language: fi-FI,fi;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Tue, 13 Jun 2023 10:53:40 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://framed.wtf
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1
expires: Fri, 01 Jan 1990 00:00:00 GMT

Verdicts & Comments Add Verdict or Comment

165 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

7 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
framed.wtf/	1970-01-20 14:40:29	Name: waldo_country Value: FI
framed.wtf/	1970-01-20 14:40:29	Name: waldo_continent Value: EU
framed.wtf/	1970-01-20 14:40:29	Name: waldo_region Value: 01
.framed.wtf/	1970-01-20 22:06:53	Name: _ga_S57DN4M8WD Value: GS1.1.1686653619.1.0.1686653619.60.0.0
.framed.wtf/	1970-01-20 22:06:53	Name: _ga Value: GA1.2.1839858038.1686653620
.framed.wtf/	1970-01-20 12:32:20	Name: _gid Value: GA1.2.689570320.1686653620
.framed.wtf/	1970-01-20 12:30:53	Name: _gat_gtag_UA_242572032_1 Value: 1

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
X-Content-Type-Options	nosniff

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

a.teads.tv
aax.amazon-adsystem.com
ad-delivery.net
ad.doubleclick.net
ads.pubmatic.com
api.btloader.com
audit-tcfv2.cmp.quantcast.com
btloader.com
c.amazon-adsystem.com
cdn.confiant-integrations.net
cdn.thisiswaldo.com
cmp.quantcast.com
fonts.googleapis.com
fonts.gstatic.com
framed.wtf
ipfind.co
quantcast.mgr.consensu.org
region.framed.wtf
region1.analytics.google.com
rules.quantcount.com
secure.quantserve.com
securepubads.g.doubleclick.net
static.cloudflareinsights.com
stats.g.doubleclick.net
t.pubmatic.com
test.cmp.quantcast.com
thisiswaldo.com
www.google-analytics.com
www.google.no
www.googletagmanager.com
108.138.1.25
108.138.9.235
130.211.23.194
172.217.18.6
18.157.97.173
185.64.189.226
2001:4860:4802:32::36
23.213.164.238
23.52.123.144
2600:9000:20c3:e000:6:44e3:f8c0:93a1
2600:9000:2156:d200:f:458e:2a80:93a1
2600:9000:223d:3800:9:46dc:4700:93a1
2600:9000:225b:4800:3:a4cd:8380:93a1
2600:9000:225b:cc00:9:46dc:4700:93a1
2606:4700:20::681a:b59
2606:4700:20::ac43:4513
2606:4700:20::ac43:4560
2606:4700:20::ac43:4686
2606:4700:4400::ac40:99f6
2606:4700::6810:3865
2620:116:800d:21:ef75:8280:f209:5ba1
2a00:1450:4001:806::200a
2a00:1450:4001:806::200e
2a00:1450:4001:80f::2003
2a00:1450:4001:813::2003
2a00:1450:4001:82a::2002
2a00:1450:4001:82f::2008
2a00:1450:400c:c02::9c
52.15.219.226
52.9.11.252
0276c38bdce11b6761cc269e4ad45e261b186650699db6a481c7df95173d04e9
061cfc42d390654ac68caaf03fc43e5c01828bab6a33548cfd4a69badfd0fa5b
06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844
0af3dcbf2695e8b9ac3117f4a698bbb06121901b1d06e7a6377fa87d02d0d29e
0c384e9f5a0511e6e45bbaf26eba3f51edf331b05e20efa57f243d87ad4c452e
0d111d61901004eafd87c672f12f6cd54b3c376513aa672bf58100506dfe76f5
13a548e040a1ec08f77911fed1d559b95e5daae0ee227e632140e003c7268e7b
15cb71b86724787bf7b4a1928c410925e5d563328f78de4c618d1e56dac00e25
1cc56ef5e6370f0c2e2ac0272704937b04ed33f53f8ebac203ea252f8fdb13db
212430d4bc6924381fdc0c0124c79926ac98c71136d748d601bc09c4dd730a24
221e69003af87e6e8f934828ab416477126f3c062500e3bcb636bb9d87bf9b06
31d1a8b234ef7e3fcd967fe38bb63298be8faf869e0dcd5352c330ed5c18964b
3546f27355969aecbb535c8bf97abd08fcb1438028b73058cf1639e03bc0cb1d
35d7a10c60b92f311e04ec76ad5863fd1fe99a20f33e23549c5688afcc785585
3d9ea53510f4f57752ad1c35fd126af58e1cea8acd7c47411ebce9b1dd1dee02
46054d8b0d6157518aad0e237ef28330257e74310617d8d30cfbee4b1103b552
49d6174e19c308ad03bddca717433becd4687822be76d878632d4dea279b0ff3
4a843829d2a7a6784b64936438383030b3161521367b2420441ad0c860f3e80d
4e517e38f4f50b63131ee5a9fc2f5e203891fad8750802b37743b84bf1d8d348
4fc02f14aa10f1b176ebb90d4caf54a2d16a096d3305454f568c0909ea5b965a
565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3
5ae4ba063d8d54442a473ed736ebd385459b210dd7f1cf42ae5a143c94209d45
60176f6380052ca24480bdca1ddeb058e12d16fac9add17f700184e4aa9ee717
6b814d02958e339eaad22839ea7a29d3ade9071a5e9df9ce065def22ab595936
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
6daa89bc6f4ee34d514de66b6cf932a6f2df1b8ef55039774ef23e4760c5e924
6f5b4aa00d2f8d6aed9935b471806bf7acef464d0c1d390260e5fe27f800c67e
703db27a92b765d36e0f292cdc4f81081501b7c03fccd127bf8bec4ae0e528ef
732a360a6616b08ed9a67f4b9c9cdbdae1af78476b90582b0ec42a67af1ef887
745a085b52b8371ec6705413fca70a28c6d8bff0db480e6b124bd08c54e95ef8
77b373cbc8ce1c3f064c48149f341ef7b7f8a468712aaf633a41de5fdfb9a5fe
79b5314a5461a1753087755b422bd062f49da4ab633607f0a3d68e0e0e8f521e
7dbabaf62fe02ab4f86d8195936b37dc5fb2476f23691b5ae167d67356865b36
7ff7a1e09335213898d5ab2fec1227875beb70f19294b6e8557d6e78c16426f8
8e88e89ec7f96d859ce3759fd72e6a3f7dd2c48b38aa722e140843fe1cf9e080
8e89e1175a6145d737446d673ffa073f4c469c8fe3972f5287b1e7e9b241282b
8fd5496aa414f1c4e584eb3b82d01dec50bd48d4df0bc2bb75c6e6822f2d1ab0
922b0d2d4adb5ed473a915258165047db5642276b6edad0dc15a0d47ed4ea19c
a637e596681ed9976af5267d2e8b7f07c3bef2d0e8404160c46ab14b99c317cf
a9b8757ef83403b67a3f6d10da0c8f4259179fe48a775020aeb65ab9e1791cc3
b17f4c082b272213f4da075af5c73893db6c70f060c8441ff6e70f7251324ff9
b4b11ee38f98f7278a93b6e22cdd23237cab116c97cc85593aeefe5f2a259f50
b51649258c8bf1b905f92aba9e7a8ec0aa4024ea5d28cc9aa9bed5e8b5e65474
c9f3b05de37e4c887008c4bded268f1d73b3ff97212735465f17dfa65d056d74
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
d02a1fed015940d48089a8e7a766fe732e642a339e65ba94522254dd22658363
d0f3143f3ecea93e92391e08de3461a779d9c5094241779ccf1b57665a081133
d961b08e4321250926de6f79087594975fe20ad1518de8f91eb711af5d1a6ef8
de5341313a4dc5d982ca50ae4a491e84bc5e80b0f439d87f05fc3973c1b7e59a
e23decabee8464b650d1d0241283ba0c469806e14a2199efc5bb41771cb673c1
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e7b90d32907f89c49e9e2a2ccca95133277f756f13a14187936d9b948ff67b44
eb485281714afc47547b0bfee38e7bf4a8bb241b305cbff75557dc716e52f297
eb644f290f0fb1ea074d5a52e431e49cf9fa4adc1b345e7719d0d27a3fe78c9a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
feb9617bd3fcda1a52cbf8539985fddac2aaab0e6df8dbdac21ec3e9a179a4be

framed.wtf Open in urlscan Pro 2606:4700:20::681a:b59 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

64 Requests

100 %HTTPS

67 %IPv6

21 Domains

30 Subdomains

31 IPs

4 Countries

1133 kBTransfer

3733 kBSize

7 Cookies

1 Outgoing links

Redirected requests

64 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 2 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

framed.wtf Open in urlscan Pro
2606:4700:20::681a:b59 Public Scan

Screenshot
Live screenshot

Full Image

64
Requests

100 %
HTTPS

67 %
IPv6

21
Domains

30
Subdomains

31
IPs

4
Countries

1133 kB
Transfer

3733 kB
Size

7
Cookies

64 HTTP transactions
2 data transactions