rqgourxmjie.click Open in urlscan Pro
2606:4700:3030::ac43:9d78 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://www.rqgourxmjie.click/
Effective URL:
https://rqgourxmjie.click/
Submission: On July 14 via api (July 14th 2024, 10:58:20 pm UTC) from US — Scanned from DE

Summary HTTP 27 Redirects Behaviour Indicators

Summary

This website contacted 8 IPs in 2 countries across 7 domains to perform 27 HTTP transactions. The main IP is 2606:4700:3030::ac43:9d78, located in United States and belongs to CLOUDFLARENET, US. The main domain is rqgourxmjie.click.
TLS certificate: Issued by GTS CA 1P5 on May 26th 2024. Valid for: 3 months.

This is the only time rqgourxmjie.click was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 2	2606:4700:303... 2606:4700:3030::ac43:9d78	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3	2a00:1450:400... 2a00:1450:4001:808::200a	15169 (GOOGLE) (GOOGLE)
1 16	172.67.157.120 172.67.157.120	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a04:4e42:400... 2a04:4e42:400::485	54113 (FASTLY) (FASTLY)
2 3	2606:4700::68... 2606:4700::6811:f9cb	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2a03:2880:f08... 2a03:2880:f084:105:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK)
2	2a00:1450:400... 2a00:1450:4001:829::2003	15169 (GOOGLE) (GOOGLE)
2	2a03:2880:f17... 2a03:2880:f177:185:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK)
27	8

2 2606:4700:3030::ac43:9d78 (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

www.rqgourxmjie.click	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
rqgourxmjie.click	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:808::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

16 172.67.157.120 (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

rqgourxmjie.click	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a04:4e42:400::485 (United States)

ASN54113 (FASTLY, US)

cdn.jsdelivr.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2606:4700::6811:f9cb (United States) 2 redirects

ASN13335 (CLOUDFLARENET, US)

unpkg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f084:105:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:829::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f177:185:face:b00c:0:25de (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
18	rqgourxmjie.click 2 redirects www.rqgourxmjie.click rqgourxmjie.click	314 KB
3	unpkg.com 2 redirects unpkg.com — Cisco Umbrella Rank: 889	157 KB
3	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 74	3 KB
2	facebook.com www.facebook.com — Cisco Umbrella Rank: 116	3 KB
2	gstatic.com fonts.gstatic.com	29 KB
2	facebook.net connect.facebook.net — Cisco Umbrella Rank: 191	72 KB
1	jsdelivr.net cdn.jsdelivr.net — Cisco Umbrella Rank: 352	52 KB
27	7

	Domain	Requested by
17	rqgourxmjie.click	1 redirects rqgourxmjie.click
3	unpkg.com	2 redirects rqgourxmjie.click
3	fonts.googleapis.com	rqgourxmjie.click client
2	www.facebook.com	rqgourxmjie.click
2	fonts.gstatic.com	fonts.googleapis.com
2	connect.facebook.net	rqgourxmjie.click connect.facebook.net
1	cdn.jsdelivr.net	rqgourxmjie.click
1	www.rqgourxmjie.click	1 redirects
27	8

This site contains no links.

Subject Issuer	Validity	Valid
rqgourxmjie.click GTS CA 1P5	`2024-05-26` - `2024-08-24`	3 months	crt.sh
upload.video.google.com WR2	`2024-06-24` - `2024-09-16`	3 months	crt.sh
jsdelivr.net GlobalSign Atlas R3 DV TLS CA 2023 Q3	`2023-09-27` - `2024-10-28`	a year	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2024-04-23` - `2024-07-22`	3 months	crt.sh
*.gstatic.com WR2	`2024-06-24` - `2024-09-16`	3 months	crt.sh

This page contains 2 frames:

Primary Page: https://rqgourxmjie.click/
Frame ID: F3FF37269047697E4F1C8B5EAFC2FE98
Requests: 25 HTTP requests in this frame

Frame: https://rqgourxmjie.click/cdn-cgi/challenge-platform/h/g/scripts/jsd/7a55c9ccbaaa/main.js
Frame ID: 057A7938CF6C713B945B4A4704D46B5E
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

ChatGPT bot

Page URL History Show full URLs

http://www.rqgourxmjie.click/ HTTP 307
https://www.rqgourxmjie.click/ HTTP 301
http://rqgourxmjie.click/ HTTP 307
https://rqgourxmjie.click/ Page URL

Detected technologies

Vue.js (JavaScript Frameworks) Expand

Overall confidence: 100%
Detected patterns

(?:/([\d.]+))?/vue(?:\.min)?\.js

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

//connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]([\d.]*\d)[^/]*\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

jsDelivr (CDN) Expand

Overall confidence: 100%
Detected patterns

<link [^>]*?href="?[a-zA-Z]*?:?//cdn\.jsdelivr\.net/
//cdn\.jsdelivr\.net/

Page Statistics

27
Requests

93 %
HTTPS

88 %
IPv6

7
Domains

8
Subdomains

8
IPs

2
Countries

628 kB
Transfer

2095 kB
Size

3
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://www.rqgourxmjie.click/ HTTP 307
https://www.rqgourxmjie.click/ HTTP 301
http://rqgourxmjie.click/ HTTP 307
https://rqgourxmjie.click/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 6

https://unpkg.com/vue@2 HTTP 302
https://unpkg.com/vue@2.7.16 HTTP 302
https://unpkg.com/vue@2.7.16/dist/vue.js

Request Chain 23

https://rqgourxmjie.click/cdn-cgi/challenge-platform/scripts/jsd/main.js HTTP 302
https://rqgourxmjie.click/cdn-cgi/challenge-platform/h/g/scripts/jsd/7a55c9ccbaaa/main.js

27 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request / Show response
rqgourxmjie.click/
Redirect Chain

http://www.rqgourxmjie.click/
https://www.rqgourxmjie.click/
http://rqgourxmjie.click/
https://rqgourxmjie.click/

4 KB
2 KB

725ms
708ms

Document
text/html

2606:4700:3030::ac43:9d78
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://rqgourxmjie.click/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3030::ac43:9d78 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

27a6ac0da39fc346d8f7420588ecbc39986207b7b2fd24158d29d33a44849770

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

alt-svc: h3=":443"; ma=86400
cache-control: max-age=14400
cf-cache-status: REVALIDATED
cf-ray: 8a351dcbbd093828-FRA
content-encoding: br
content-type: text/html; charset=utf-8
date: Sun, 14 Jul 2024 22:58:15 GMT
last-modified: Sun, 07 Apr 2024 22:30:45 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=TdOOPsWzoHonenvmmThzbpvy8gf814BpvVVPiBuAkHOOC9UFRz%2Bn%2FmemAn5t3Rj7MJiXOJJICvJv%2FBZf8zcr9DiK0SFUdbXyHOy831jBvfNWQVB9G3A9RhXiFMkLv2ET7zhQuVsxIbaXRRBQfOvteQ%3D%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
strict-transport-security: max-age=31536000; includeSubDomains
vary: Origin Accept-Encoding
x-amz-version-id: 749b2102-5a49-4d02-8703-a97e4e9f61e6
x-content-type-options: nosniff
x-form-version-id: 0b6bb1e6-805a-4a7e-841d-febbb14d10af
x-xss-protection: 1; mode=block

Redirect headers

Location: https://rqgourxmjie.click/
Non-Authoritative-Reason: HttpsUpgrades

GET
H2 200 css2
fonts.googleapis.com/ 2 KB
981 B 141ms
48ms Stylesheet
text/css 2a00:1450:4001:808::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Montserrat:wght@700&display=swap

Requested by

Host: rqgourxmjie.click
URL: https://rqgourxmjie.click/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

350782cf30c54fdd0e12bbcfa291a4da65ad1548a55b8a97958e00f26438919f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://rqgourxmjie.click/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Sun, 14 Jul 2024 22:58:15 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Sun, 14 Jul 2024 21:07:24 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sun, 14 Jul 2024 22:58:15 GMT

GET
H3 200 main.css
rqgourxmjie.click/css/ 16 KB
5 KB 429ms
428ms Stylesheet
text/css 172.67.157.120
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://rqgourxmjie.click/css/main.css

Requested by

Host: rqgourxmjie.click
URL: https://rqgourxmjie.click/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.67.157.120 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

515a7ac0444476659e6e971f647bb40d28a7e452e086dc1841cbf125ae205811

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://rqgourxmjie.click/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Sun, 14 Jul 2024 22:58:16 GMT
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
x-amz-version-id: 5df833e1-3336-42d6-a578-5174df3dcdb4
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-cache-status: MISS
content-encoding: br
x-form-version-id: 0b6bb1e6-805a-4a7e-841d-febbb14d10af
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
last-modified: Sun, 07 Apr 2024 22:30:45 GMT
server: cloudflare
etag: W/"4a622738d2f38f4e9a99ed856946e8b0"
vary: Origin, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=y3y8VzvESpwC%2FFwlYs2b3V%2F8pFu2EUXTzNLrIfSGCBrTkXqQS%2BOtAf7isoTIzd9jJYPmPksqKBhkIwJ2Btp%2BuQlyZ9NT%2BtUs6tMmCMZLT0T1%2Ba%2BzNeTWn4mcMY3H%2B1lOQm8Seg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css; charset=utf-8
cache-control: max-age=14400
cf-ray: 8a351dd0395b1e50-FRA

GET
H3 200 form.css
rqgourxmjie.click/css/ 3 KB
1 KB 375ms
374ms Stylesheet
text/css 172.67.157.120
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://rqgourxmjie.click/css/form.css

Requested by

Host: rqgourxmjie.click
URL: https://rqgourxmjie.click/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.67.157.120 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

12cf74844a93e14c76a076c334bfa1027ac11b4bc4f19247829145cde9d63aac

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://rqgourxmjie.click/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Sun, 14 Jul 2024 22:58:16 GMT
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
x-amz-version-id: b25014c0-b2ce-4023-8c20-781ff1595eeb
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-cache-status: MISS
content-encoding: br
x-form-version-id: 0b6bb1e6-805a-4a7e-841d-febbb14d10af
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
last-modified: Sun, 07 Apr 2024 22:30:45 GMT
server: cloudflare
etag: W/"e38d5b8459b45f8adcfdc7669ae91185"
vary: Origin, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=cj%2BG6fNvi2qq%2F1rAAFbvZoZgWKvw0WlGz2wQ9oE5UXTjn8b2DGm1FSRuI0ppjpkYBc8pdzAivHoQJVVqGTOs05RE18rTVzprI7uvyYyIrYlAe1XnkzRAgQSyRJMMqlsJQt9PRQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css; charset=utf-8
cache-control: max-age=14400
cf-ray: 8a351dd0395e1e50-FRA

GET
H2 200 css
fonts.googleapis.com/ 13 KB
964 B 142ms
50ms Stylesheet
text/css 2a00:1450:4001:808::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto:100,300,400,500,700,900

Requested by

Host: rqgourxmjie.click
URL: https://rqgourxmjie.click/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

4680f0242ae53304a6bf932234579ecf1100b3473bd822857943a3e5a2e01f8d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://rqgourxmjie.click/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Sun, 14 Jul 2024 22:58:15 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Sun, 14 Jul 2024 21:54:17 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sun, 14 Jul 2024 22:58:15 GMT

GET
H2 200 materialdesignicons.min.css
cdn.jsdelivr.net/npm/@mdi/font@6.x/css/ 317 KB
52 KB 155ms
47ms Stylesheet
text/css 2a04:4e42:400::485
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/@mdi/font@6.x/css/materialdesignicons.min.css

Requested by

Host: rqgourxmjie.click
URL: https://rqgourxmjie.click/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a04:4e42:400::485 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

29e461b3a66dfb905a602e4c0ea68a1e541100deee2cb8f385f15607f162f914

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://rqgourxmjie.click/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Sun, 14 Jul 2024 22:58:15 GMT
x-content-type-options: nosniff
content-encoding: br
age: 7217
x-jsd-version: 6.9.96
x-cache: HIT, HIT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 52730
x-served-by: cache-fra-etou8220087-FRA, cache-mxp6955-MXP
x-jsd-version-type: version
etag: W/"4f282-1D6weazFksruMlqwFpRkFFnIKFM"
vary: Accept-Encoding
content-type: text/css; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=604800, s-maxage=43200
accept-ranges: bytes
timing-allow-origin: *

GET
H3 200 geo.js Show response
rqgourxmjie.click/ 390 B
740 B 76ms
76ms Script
application/javascript 172.67.157.120
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://rqgourxmjie.click/geo.js
Requested by: Host: rqgourxmjie.click
URL: https://rqgourxmjie.click/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.157.120 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 14a5671a39d511379efffa503cd9e9bcdaa4f0588d8ea22113e50955e4388370

Request headers

Referer: https://rqgourxmjie.click/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Sun, 14 Jul 2024 22:58:15 GMT
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
country_code: DE
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Xilq%2BsQ8vDwdSpurTWDbxHC9OYS7SBNrooMPCOJfuH8GKP8DuXjXkclCJekPYQCTQ9ZxXPE1dzO4qSjS20GhlodFzZnEU3BrfaMqWB3gLnJtWhUhBoSoHrk0LzNeqDILl%2FM11Q%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
country_name: Germany
city_name: UNKNOWN
x-form-version-id: 0b6bb1e6-805a-4a7e-841d-febbb14d10af
cf-ray: 8a351dd039601e50-FRA
alt-svc: h3=":443"; ma=86400

GET
H2

200

vue.js Show response
unpkg.com/vue@2.7.16/dist/
Redirect Chain

https://unpkg.com/vue@2
https://unpkg.com/vue@2.7.16
https://unpkg.com/vue@2.7.16/dist/vue.js

425 KB
156 KB

54ms
54ms

Script
application/javascript

2606:4700::6811:f9cb
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://unpkg.com/vue@2.7.16/dist/vue.js

Requested by

Host: rqgourxmjie.click
URL: https://rqgourxmjie.click/

Protocol

Server

2606:4700::6811:f9cb , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

36b10d3b4920592a4ec26c064c429e9a3dfb4689235fdfc91e1736b681c76786

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://rqgourxmjie.click/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Sun, 14 Jul 2024 22:58:15 GMT
content-encoding: gzip
via: 1.1 fly.io
cf-cache-status: HIT
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
age: 10653910
last-modified: Sat, 26 Oct 1985 08:15:00 GMT
fly-request-id: 01HRW74416VR62GG2BSDART6VP-fra
server: cloudflare
etag: "6a2b7-buf7VCmnnkwlKXAm8TvVUJOx0PI"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 8a351dd17c22194b-FRA

Redirect headers

date: Sun, 14 Jul 2024 22:58:15 GMT
content-encoding: gzip
via: 1.1 fly.io
cf-cache-status: HIT
fly-request-id: 01HRWM63SAK5JJ140J9S7QGEHH-fra
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
age: 10640215
server: cloudflare
vary: Accept, Accept-Encoding
content-type: text/plain; charset=utf-8
access-control-allow-origin: *
location: /vue@2.7.16/dist/vue.js
cache-control: public, max-age=31536000
cf-ray: 8a351dd12bcf194b-FRA

GET
H3 200 reg-form.min.js Show response
rqgourxmjie.click/regform/ 490 KB
136 KB 143ms
143ms Script
application/javascript 172.67.157.120
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://rqgourxmjie.click/regform/reg-form.min.js
Requested by: Host: rqgourxmjie.click
URL: https://rqgourxmjie.click/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.157.120 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 00ec236a500d137326b05af24d0e076d5f90fd78f44ae7e184a9556e899b534a

Request headers

Referer: https://rqgourxmjie.click/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Sun, 14 Jul 2024 22:58:15 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Tue, 30 Apr 2024 12:34:36 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"6630e55c-7a70f"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=dy5E8AxGuR64jRrT2o5E7EW429heoXwCANXC%2FwmmgMPEFOYR6NdEKsMMNYnrZCbAx28IpRnMJS1zS4X3yMGSoRIqgmgGFDl2zGcUT2gnIHde6qhF3zp9GzeXCoLFPZVtbVzMzg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=14400
x-form-version-id: 0b6bb1e6-805a-4a7e-841d-febbb14d10af
cf-ray: 8a351dd039621e50-FRA
alt-svc: h3=":443"; ma=86400

GET
H3 200 logo.webp
rqgourxmjie.click/images/ 784 B
1 KB 619ms
618ms Image
image/webp 172.67.157.120
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://rqgourxmjie.click/images/logo.webp

Requested by

Host: rqgourxmjie.click
URL: https://rqgourxmjie.click/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.67.157.120 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

446408ef19b0db2835e59668476ba548c11c4f93fced6061ffebc5cbda8f110b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://rqgourxmjie.click/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Sun, 14 Jul 2024 22:58:16 GMT
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
x-amz-version-id: c733f305-920e-445a-b14b-b0bdb3dbde42
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-cache-status: MISS
x-form-version-id: 0b6bb1e6-805a-4a7e-841d-febbb14d10af
alt-svc: h3=":443"; ma=86400
content-length: 784
x-xss-protection: 1; mode=block
last-modified: Sun, 07 Apr 2024 22:30:45 GMT
server: cloudflare
etag: "07c8d302effbe4e64c1631b041a18bc6"
vary: Origin, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=ZNWxPZt3JUQh7jLoi9U85jscoLIoO4eV%2FCmAzEDhldxDPEXn0tk7Tc4X9E1TNGfa0b6goDwtvuP4EaHO4jWCsyyNT%2FV8XeSgvSAl3OjYFx30vWycYBOCx60u5awSfR1llVKHJg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 8a351dd039651e50-FRA

GET
H3 200 jquery-3.6.0.min.js Show response
rqgourxmjie.click/js/ 164 KB
42 KB 912ms
912ms Script
application/javascript 172.67.157.120
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://rqgourxmjie.click/js/jquery-3.6.0.min.js

Requested by

Host: rqgourxmjie.click
URL: https://rqgourxmjie.click/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.67.157.120 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

08588a48dc554716172416f033d98ad07f92315987fafbd81c17569e352f402f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://rqgourxmjie.click/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Sun, 14 Jul 2024 22:58:16 GMT
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
x-amz-version-id: 20867ddf-142f-4938-b67a-87f13ac337bf
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-cache-status: MISS
content-encoding: br
x-form-version-id: 0b6bb1e6-805a-4a7e-841d-febbb14d10af
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
last-modified: Sun, 07 Apr 2024 22:30:45 GMT
server: cloudflare
etag: W/"2e488838f36301b2db2954f9319ea228"
vary: Origin, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=ylbaC7eOj6N8lNkz%2Frv%2BTjOoIWxp2iX05RKUknztAWDMXHxd0vHS6lWFKjMpryRsgx6Cc2yVTC30wgu%2FP8XQJsd9llVm96ZPyYyJkiz4dcwyZ%2BdXMvdYhwtuCn4BcuazByTORQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
cache-control: max-age=14400
cf-ray: 8a351dd039661e50-FRA

GET
H3 200 psl.min.js Show response
rqgourxmjie.click/js/ 244 KB
43 KB 597ms
596ms Script
application/javascript 172.67.157.120
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://rqgourxmjie.click/js/psl.min.js

Requested by

Host: rqgourxmjie.click
URL: https://rqgourxmjie.click/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.67.157.120 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e0fb42308470c09b39d7f26c36aa1efcbe792af7ed5f08aca20de4dc9eb793a7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://rqgourxmjie.click/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Sun, 14 Jul 2024 22:58:16 GMT
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
x-amz-version-id: 8940175f-e99a-4596-9ac1-708778ece6ca
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-cache-status: MISS
content-encoding: br
x-form-version-id: 0b6bb1e6-805a-4a7e-841d-febbb14d10af
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
last-modified: Sun, 07 Apr 2024 22:30:45 GMT
server: cloudflare
etag: W/"4d0a082eb16b60bc3b84e0fb9603e80f"
vary: Origin, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=o1WlZ6vDxh2nBsHs2LiAB0VntdJBAmsSahwohLaGKAWNVeP5n%2BtItYM28%2FmXwhCwbRrSQkejmjdS5E%2BJM9FqIWxXWNBB1IO3xn5Uf%2BjqpVdv3nYMv7%2BQf4r41heJ5Nz59ojEBQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
cache-control: max-age=14400
cf-ray: 8a351dd38ce41e50-FRA

GET
H3 200 main.js Show response
rqgourxmjie.click/js/ 21 KB
4 KB 764ms
763ms Script
application/javascript 172.67.157.120
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://rqgourxmjie.click/js/main.js

Requested by

Host: rqgourxmjie.click
URL: https://rqgourxmjie.click/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.67.157.120 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

7ab6823bf841623f37dc42b3c1f65adb78aec12b60a8d62c0a557b32edb98a92

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://rqgourxmjie.click/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Sun, 14 Jul 2024 22:58:16 GMT
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
x-amz-version-id: a2bddc23-24ae-4eb8-a593-99d698d59e88
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-cache-status: MISS
content-encoding: br
x-form-version-id: 0b6bb1e6-805a-4a7e-841d-febbb14d10af
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
last-modified: Sun, 07 Apr 2024 22:30:45 GMT
server: cloudflare
etag: W/"d7340247ea8b7987c56337c8bd7bdcc6"
vary: Origin, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=kr8IBlXyWgdPfjnpEvNJeIqhNzlWtw9e29iu9ct7pOgPnsfL5nabWiV2xmyNIfQcIlnX%2BtS4km2VUKoNlwoAvMBgQW%2BiKEtOeY8ho0zWbNcg%2Bpvt2FaumiZmcpskypB1zLBFDw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
cache-control: max-age=14400
cf-ray: 8a351dd38ce61e50-FRA

GET
H3 200 pixel.js Show response
rqgourxmjie.click/ 572 B
769 B 66ms
66ms XHR
text/plain 172.67.157.120
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://rqgourxmjie.click/pixel.js
Requested by: Host: rqgourxmjie.click
URL: https://rqgourxmjie.click/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.157.120 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 76da2180173353505308ddab868345148c49b7714538296cb412a775bf187831

Request headers

Referer: https://rqgourxmjie.click/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Sun, 14 Jul 2024 22:58:16 GMT
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=pDVWM8vTohgMVw8IJw0jtS8gev2Bw64ETABhtiw8ypQfY7Vy9r0ORMJ67Ntew8StiL8BUveqzDEet4ZK02v1RMM5KeRomDh4NlHtGVJfkQn%2FIv%2F%2Fwh%2B8Pyi4V5fDbfyCLiC3Iw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/plain; charset=utf-8
x-form-version-id: 0b6bb1e6-805a-4a7e-841d-febbb14d10af
cf-ray: 8a351dd31c5b1e50-FRA
alt-svc: h3=":443"; ma=86400

GET
H2 200 fbevents.js Show response
connect.facebook.net/en_US/ 223 KB
60 KB 129ms
42ms Script
application/x-javascript 2a03:2880:f084:105:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Host: rqgourxmjie.click
URL: https://rqgourxmjie.click/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f084:105:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

c4832b19dd5406ac0855426096610e532861e94c65819651ada45299002455de

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' data: blob: facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;script-src .fbcdn.net .facebook.net 'unsafe-inline' blob: data: 'self' 'unsafe-eval';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net wss://.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Referer: https://rqgourxmjie.click/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

content-security-policy: default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src *.fbcdn.net *.facebook.net 'unsafe-inline' blob: data: 'self' 'unsafe-eval';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Sun, 14 Jul 2024 22:58:16 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 58653
x-xss-protection: 0
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
x-fb-connection-quality: EXCELLENT; q=0.9, rtt=38, rtx=0, c=12, mss=1297, tbw=2787, tp=-1, tpl=-1, uplat=0, ullat=-1
pragma: public
x-fb-debug: MvC3B+fY5VTekrV1HUM5qTXR6bnsXb6g1Hdv6482DV8oZqPXvqHBebktc71hfc/Ji94o3zWMdfhQHVtUD1flBQ==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
cross-origin-opener-policy: same-origin-allow-popups;report-to="coop_report"
vary: Accept-Encoding
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
content-type: application/x-javascript; charset=utf-8
x-frame-options: DENY
origin-agent-cluster: ?0
cache-control: public, max-age=1200
permissions-policy: accelerometer=(), attribution-reporting=(), autoplay=(), battery=(self), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), usb-unrestricted=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
timing-allow-origin: *
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H3 200 background.webp
rqgourxmjie.click/images/ 13 B
610 B 612ms
611ms Image
image/webp 172.67.157.120
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://rqgourxmjie.click/images/background.webp

Requested by

Host: rqgourxmjie.click
URL: https://rqgourxmjie.click/css/main.css

Protocol

Security

QUIC, , AES_128_GCM

Server

172.67.157.120 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://rqgourxmjie.click/css/main.css
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Sun, 14 Jul 2024 22:58:16 GMT
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
x-amz-version-id: 3e8d005e-8c35-4b27-9190-32476cef0492
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-cache-status: MISS
x-form-version-id: 0b6bb1e6-805a-4a7e-841d-febbb14d10af
alt-svc: h3=":443"; ma=86400
content-length: 13
x-xss-protection: 1; mode=block
last-modified: Sun, 07 Apr 2024 22:30:45 GMT
server: cloudflare
etag: "0c07e94d60bf81dd84c35092d9c243a7"
vary: Origin, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=cs%2FRFEfWxa98oOk8jnkWDMl3GRgqm0UtMEQgzqanOJ0l0Fp8f9VsJdrI2yK%2BCuWCGyAEQuGQ9JhnwBaN19cYwBPeTQEBJ7HLuGOgCKDlWpdVCdsXHGfUwyrKbUbY%2FE3%2BB9h67A%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 8a351dd38ce71e50-FRA

GET
H2 200 css2
fonts.googleapis.com/ 7 KB
806 B 48ms
47ms Stylesheet
text/css 2a00:1450:4001:808::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Inter:wght@400;500;700&display=swap

Requested by

Host: client
URL: about:client

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

1539fef7bca2990ec60bbc31d0e5d41630e4bab997fcbeee701b14df9e9ad13c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://rqgourxmjie.click/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Sun, 14 Jul 2024 22:58:16 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Sun, 14 Jul 2024 21:50:48 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sun, 14 Jul 2024 22:58:16 GMT

GET
H3 200 bj.webp
rqgourxmjie.click/images/ 3 KB
3 KB 465ms
465ms Image
image/webp 172.67.157.120
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://rqgourxmjie.click/images/bj.webp

Requested by

Host: rqgourxmjie.click
URL: https://rqgourxmjie.click/css/main.css

Protocol

Security

QUIC, , AES_128_GCM

Server

172.67.157.120 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

0ef25bc2c012c29d0387e58e9ecbaca05b0c69f838bb419d5947ac032f4f8efa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://rqgourxmjie.click/css/main.css
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Sun, 14 Jul 2024 22:58:16 GMT
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
x-amz-version-id: bd38271a-007e-4b5f-8ca7-00e66a0bcd8e
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-cache-status: MISS
x-form-version-id: 0b6bb1e6-805a-4a7e-841d-febbb14d10af
alt-svc: h3=":443"; ma=86400
content-length: 2698
x-xss-protection: 1; mode=block
last-modified: Sun, 07 Apr 2024 22:30:45 GMT
server: cloudflare
etag: "edc9544dda487d363ebec6d5529b7faa"
vary: Origin, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=ewl%2BhyYCa9%2FiPEhu6jYsAOdUvgjiIvF3ujgqB41ixXn2T8QBc92o1%2FwViYSBgAUKOPYyq9a6950G6FhaHjix4LzYxwR8OsLqTBVR7SqqbivGyUWVbY6Ap4NNFV8ZEWMbOJzYMw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 8a351dd3ad041e50-FRA

GET
H3 200 flags.f73aa829.png
rqgourxmjie.click/regform/img/ 69 KB
70 KB 105ms
105ms Image
image/png 172.67.157.120
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://rqgourxmjie.click/regform/img/flags.f73aa829.png
Requested by: Host: rqgourxmjie.click
URL: https://rqgourxmjie.click/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.157.120 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0a012cf808a24573168308916092d2d4bd3f2b4af8e16b59167013cc77acee55

Request headers

Referer: https://rqgourxmjie.click/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Sun, 14 Jul 2024 22:58:16 GMT
cf-cache-status: MISS
last-modified: Tue, 30 Apr 2024 12:34:42 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "6630e562-114c9"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=9b4sa86yBVZCjYhSbg3UdOLlhn%2F0XUMHYblo6snK%2BzzGnFNM7MySTdjfzZJfnfH7nCSG3wVW0jNUJQxNGHK1FYGdmvb58l%2Bfn1M2bGd%2BzbM%2FQ2jPkelwlPcQSnChWO63oxv9Pw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=14400
x-form-version-id: 0b6bb1e6-805a-4a7e-841d-febbb14d10af
accept-ranges: bytes
cf-ray: 8a351dd3ad061e50-FRA
alt-svc: h3=":443"; ma=86400
content-length: 70857

GET
H2 200 JTUHjIg1_i6t8kCHKm4532VJOt5-QNFgpCuM73w5aXo.woff2
fonts.gstatic.com/s/montserrat/v26/ 15 KB
15 KB 131ms
40ms Font
font/woff2 2a00:1450:4001:829::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/montserrat/v26/JTUHjIg1_i6t8kCHKm4532VJOt5-QNFgpCuM73w5aXo.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Montserrat:wght@700&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a60b1ba9daa11468bf1b846e8515e51b97023f341f2962a9623b9d8aaa7904ad

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://rqgourxmjie.click
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Tue, 09 Jul 2024 14:59:39 GMT
x-content-type-options: nosniff
age: 460717
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15240
x-xss-protection: 0
last-modified: Wed, 13 Sep 2023 22:45:17 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 09 Jul 2025 14:59:39 GMT

GET
H2 200 JTUHjIg1_i6t8kCHKm4532VJOt5-QNFgpCuM73w3aXpsog.woff2
fonts.gstatic.com/s/montserrat/v26/ 13 KB
14 KB 142ms
50ms Font
font/woff2 2a00:1450:4001:829::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/montserrat/v26/JTUHjIg1_i6t8kCHKm4532VJOt5-QNFgpCuM73w3aXpsog.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Montserrat:wght@700&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d1acaf21dbcf20a10a1638489f511c1031a198e0a0c4031099b9c1791fc534ad

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://rqgourxmjie.click
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Tue, 09 Jul 2024 10:16:22 GMT
x-content-type-options: nosniff
age: 477714
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 13792
x-xss-protection: 0
last-modified: Wed, 13 Sep 2023 22:42:19 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 09 Jul 2025 10:16:22 GMT

GET
H2 200 1801871363590185 Show response
connect.facebook.net/signals/config/ 58 KB
12 KB 256ms
256ms Script
application/x-javascript 2a03:2880:f084:105:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/1801871363590185?v=2.9.161&r=stable&domain=rqgourxmjie.click&hme=e67e7d148043b3a377ad0eb1c82669792a67ba5e3bb5734b69e611ae38f939ca&ex_m=68%2C115%2C102%2C106%2C59%2C3%2C95%2C67%2C15%2C92%2C85%2C49%2C52%2C163%2C166%2C178%2C174%2C175%2C177%2C28%2C96%2C51%2C74%2C176%2C158%2C161%2C171%2C172%2C179%2C124%2C39%2C33%2C136%2C14%2C48%2C184%2C183%2C126%2C17%2C38%2C1%2C41%2C63%2C64%2C65%2C69%2C89%2C16%2C13%2C91%2C88%2C87%2C103%2C50%2C105%2C37%2C104%2C29%2C25%2C159%2C162%2C133%2C27%2C10%2C11%2C12%2C5%2C6%2C24%2C21%2C22%2C55%2C60%2C62%2C72%2C97%2C26%2C73%2C8%2C7%2C77%2C46%2C20%2C99%2C98%2C100%2C93%2C9%2C19%2C18%2C82%2C54%2C80%2C32%2C71%2C0%2C90%2C31%2C79%2C84%2C45%2C44%2C83%2C36%2C4%2C86%2C78%2C42%2C34%2C81%2C2%2C35%2C61%2C40%2C101%2C43%2C76%2C66%2C107%2C58%2C57%2C30%2C94%2C56%2C53%2C47%2C75%2C70%2C23%2C108

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f084:105:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

64e31b71b96debbf8fa794bd4aa815253e8581301c97b8e4d7178120ba5af211

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' data: blob: facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;script-src .fbcdn.net .facebook.net 'unsafe-inline' blob: data: 'self' 'unsafe-eval';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net wss://.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Referer: https://rqgourxmjie.click/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

content-security-policy: default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src *.fbcdn.net *.facebook.net 'unsafe-inline' blob: data: 'self' 'unsafe-eval';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Sun, 14 Jul 2024 22:58:16 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-xss-protection: 0
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
x-fb-connection-quality: EXCELLENT; q=0.9, rtt=45, rtx=0, c=65, mss=1297, tbw=64195, tp=-1, tpl=-1, uplat=216, ullat=0
pragma: public
x-fb-debug: i5vvScem2mcMOkb06n4ZMap45Fu84FA1DscsqwkfpXtm4Jkabi5zaHSFULpe6uzQH8oPOqFQUEeRv8PbQZhT2w==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
cross-origin-opener-policy: same-origin-allow-popups;report-to="coop_report"
vary: Accept-Encoding
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
content-type: application/x-javascript; charset=utf-8
x-frame-options: DENY
origin-agent-cluster: ?0
cache-control: public, max-age=1200
permissions-policy: accelerometer=(), attribution-reporting=(), autoplay=(), battery=(self), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), usb-unrestricted=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
timing-allow-origin: *
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 /
www.facebook.com/tr/ 0
274 B 127ms
39ms Image
text/plain 2a03:2880:f177:185:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=1801871363590185&ev=PageView&dl=https%3A%2F%2Frqgourxmjie.click%2F&rl=&if=false&ts=1720997896729&sw=1600&sh=1200&v=2.9.161&r=stable&ec=0&o=4126&fbp=fb.1.1720997896727.820348185796991946&ler=empty&cdl=API_unavailable&it=1720997896456&coo=false&rqm=GET

Requested by

Host: rqgourxmjie.click
URL: https://rqgourxmjie.click/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f177:185:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://rqgourxmjie.click/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

x-fb-connection-quality: EXCELLENT; q=0.9, rtt=38, rtx=0, c=10, mss=1297, tbw=2813, tp=-1, tpl=-1, uplat=0, ullat=0
strict-transport-security: max-age=31536000; includeSubDomains
date: Sun, 14 Jul 2024 22:58:16 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0

GET
H2 200 /
www.facebook.com/privacy_sandbox/pixel/register/trigger/ 67 B
3 KB 298ms
210ms Image
image/png 2a03:2880:f177:185:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/privacy_sandbox/pixel/register/trigger/?id=1801871363590185&ev=PageView&dl=https%3A%2F%2Frqgourxmjie.click%2F&rl=&if=false&ts=1720997896729&sw=1600&sh=1200&v=2.9.161&r=stable&ec=0&o=4126&fbp=fb.1.1720997896727.820348185796991946&ler=empty&cdl=API_unavailable&it=1720997896456&coo=false&rqm=FGET

Requested by

Host: rqgourxmjie.click
URL: https://rqgourxmjie.click/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f177:185:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

aa7b6c81e85551eeb5c4809f1e683efa0b780c33d12ddfc2067a1b136803e45a

Security Headers

Name	Value
Content-Security-Policy	default-src data: blob: 'self' https://.fbsbx.com 'unsafe-inline' .facebook.com .fbcdn.net 'unsafe-eval';script-src .facebook.com .fbcdn.net 'unsafe-inline' blob: data: 'self' 'unsafe-eval';style-src .fbcdn.net data: .facebook.com 'unsafe-inline';connect-src .facebook.com facebook.com .fbcdn.net wss://.facebook.com:* wss://.fbcdn.net attachment.fbsbx.com blob: .cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ .fbsbx.com;font-src data: .facebook.com .fbcdn.net .fbsbx.com;img-src .fbcdn.net .facebook.com data: https://.fbsbx.com facebook.com .cdninstagram.com fbsbx.com fbcdn.net blob: android-webview-video-poster: .oculuscdn.com;media-src .cdninstagram.com blob: .fbcdn.net .fbsbx.com www.facebook.com .facebook.com data:;frame-src .facebook.com .fbsbx.com fbsbx.com data: .fbcdn.net;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Referer: https://rqgourxmjie.click/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

attribution-reporting-register-trigger: {"event_trigger_data":[{"trigger_data":"0"}],"aggregatable_trigger_data":[{"key_piece":"0x16659fe2aa473904","source_keys":["1","2"]},{"key_piece":"0x5d5f957702eb0697","source_keys":["1","2"]}],"aggregatable_values":{"1":1}}
content-encoding: zstd
x-content-type-options: nosniff
content-security-policy: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net 'unsafe-eval';script-src *.facebook.com *.fbcdn.net 'unsafe-inline' blob: data: 'self' 'unsafe-eval';style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net wss://*.facebook.com:* wss://*.fbcdn.net attachment.fbsbx.com blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ *.fbsbx.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net blob: android-webview-video-poster: *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data:;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: *.fbcdn.net;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
strict-transport-security: max-age=15552000; preload
document-policy: force-load-at-top
date: Sun, 14 Jul 2024 22:58:16 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-xss-protection: 0
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", default="https://www.facebook.com/ajax/browser_error_reports/?device_level=unknown&brsid=7391629680660132574", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
x-fb-connection-quality: EXCELLENT; q=0.9, rtt=38, rtx=0, c=12, mss=1297, tbw=3131, tp=-1, tpl=-1, uplat=168, ullat=0
pragma: no-cache
x-fb-debug: CgrvFRjriX9jpb0n6wnKgxA9nc/lNnmzSsn8ZDU5NDwq7W+uQHhG5uAQjcP9WnlFx2mxLNhYQ0Dh8jqu3wH+Sw==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
cross-origin-opener-policy: same-origin-allow-popups;report-to="coop_report"
vary: Accept-Encoding
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown&brsid=7391629680660132574"}]}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
content-type: image/png
x-frame-options: DENY
origin-agent-cluster: ?0
cache-control: private, no-store, no-cache, must-revalidate
permissions-policy: accelerometer=(), attribution-reporting=(self), autoplay=(), battery=(self), bluetooth=(), camera=(self), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(self), clipboard-write=(self), compute-pressure=(), display-capture=(self), encrypted-media=(self), fullscreen=(self), gamepad=*, geolocation=(self), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(self), midi=(), otp-credentials=(), payment=(), picture-in-picture=(self), private-state-token-issuance=(), publickey-credentials-get=(self), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), usb-unrestricted=(), unload=(self), window-management=(), xr-spatial-tracking=(self);report-to="permissions_policy"
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H3

200

main.js Show response
rqgourxmjie.click/cdn-cgi/challenge-platform/h/g/scripts/jsd/7a55c9ccbaaa/ Frame 057A
Redirect Chain

https://rqgourxmjie.click/cdn-cgi/challenge-platform/scripts/jsd/main.js
https://rqgourxmjie.click/cdn-cgi/challenge-platform/h/g/scripts/jsd/7a55c9ccbaaa/main.js?

8 KB
4 KB

46ms
46ms

Script
application/javascript

172.67.157.120
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://rqgourxmjie.click/cdn-cgi/challenge-platform/h/g/scripts/jsd/7a55c9ccbaaa/main.js?

Protocol

Server

172.67.157.120 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

6d8a3d795fa8fa1e99a491c5b92f47e128184daa8498eaf475d456bc1725f70a

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Sun, 14 Jul 2024 22:58:17 GMT
content-encoding: br
x-content-type-options: nosniff
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=xgI1%2FpjSQRYG0v1WpR3Z8147Vbb2FJjdnHzUsZrdmKxF8ljzO33eiHegpjmrA6TR5a4g%2F4ZuwOnCwyofgARcV7WPGnhQiyvER86sqzqUyQfQYxs7lrMgny3bbJHGz7U27M9v2Q%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=UTF-8
cache-control: max-age=14400, public
x-form-version-id: 0b6bb1e6-805a-4a7e-841d-febbb14d10af
cf-ray: 8a351dd8ba061e50-FRA
alt-svc: h3=":443"; ma=86400

Redirect headers

date: Sun, 14 Jul 2024 22:58:17 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=JuUmRI2FPk4q9SqD%2Flld9FSEeTS%2FAqFs646OD4%2FuA70d82f4MqBbkLZACj4YXmXRyNIOakc863dPZAFGbteXydDmRLQ3O3%2FdfGrCDlHZHZI4WE8LWK4k9UNi7X9mbPHlmiU%2BhQ%3D%3D"}],"group":"cf-nel","max_age":604800}
location: /cdn-cgi/challenge-platform/h/g/scripts/jsd/7a55c9ccbaaa/main.js?
access-control-allow-origin: *
cache-control: max-age: 300, public
x-form-version-id: 0b6bb1e6-805a-4a7e-841d-febbb14d10af
cf-ray: 8a351dd869bf1e50-FRA
alt-svc: h3=":443"; ma=86400
content-length: 0

GET
H3 404 favicon.ico
rqgourxmjie.click/ 139 B
552 B 476ms
476ms Other
text/html 172.67.157.120
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://rqgourxmjie.click/favicon.ico
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.157.120 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 30dbd7b5e633819b6e4610d1b2b1307c613621adf423dbf5437e95de95d3aa17

Request headers

Referer: https://rqgourxmjie.click/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Sun, 14 Jul 2024 22:58:17 GMT
content-encoding: br
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=XnfJe4x2%2FLGtKy7tCWjy9Up%2BMZIKT%2FRlVSjDt7BW%2Fn2dRq2EOFPX3kaUNiFTgVeCDGgklvx%2BRSNqq7g8Q6C%2FweWsVMim6yS36cIJBdhXun7qOebCG1aKf1Zdixf1z7hoAASAaQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/html
cache-control: max-age=14400
x-form-version-id: 0b6bb1e6-805a-4a7e-841d-febbb14d10af
cf-ray: 8a351dd889df1e50-FRA
alt-svc: h3=":443"; ma=86400

POST
H3 200 8a351dcbbd093828 Show response
rqgourxmjie.click/cdn-cgi/challenge-platform/h/g/jsd/r/ Frame 057A 0
697 B 61ms
55ms XHR
text/plain 172.67.157.120
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://rqgourxmjie.click/cdn-cgi/challenge-platform/h/g/jsd/r/8a351dcbbd093828
Requested by: Host: rqgourxmjie.click
URL: https://rqgourxmjie.click/cdn-cgi/challenge-platform/scripts/jsd/main.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.157.120 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Content-Type: application/json

Response headers

date: Sun, 14 Jul 2024 22:58:17 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=PrYp%2FyAD%2FvDB%2FKtYwVoA6Nr5w8Y5zqMpecZ%2FBpqsRWBdnAjzhSSXxx0lhyIN%2FnBFgoqhou%2B3FImIjBdPFeJ2V3r4KcGG6UjpV%2B7UIczF6qtsV4u7f01WeIXDE0l4CnnBwG63Ow%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/plain; charset=UTF-8
cf-ray: 8a351dd96aab1e50-FRA
alt-svc: h3=":443"; ma=86400
content-length: 0

Verdicts & Comments Add Verdict or Comment

12 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

3 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.rqgourxmjie.click/	1970-01-20 22:46:29	Name: tr_uuid Value: f9fdd4cd-f6b0-4694-843d-37dd10d15bad
.rqgourxmjie.click/	1970-01-21 00:12:53	Name: _fbp Value: fb.1.1720997896727.820348185796991946
.rqgourxmjie.click/	1970-01-21 06:48:53	Name: cf_clearance Value: NAv1HFILtqILByWbVWT7Vl_lqWrnFRl_Rc_PVqFrBBw-1720997897-1.0.1.1-YLX7pY7dHN3YaVQvznWJok45o82gbE_t3RvprRCOFbCKA7SgwJmW5cxqNG.RxI4PKzgGcDGOWcWKyLwlc_jejQ

1 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://rqgourxmjie.click/favicon.ico Message: Failed to load resource: the server responded with a status of 404 ()

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

cdn.jsdelivr.net
connect.facebook.net
fonts.googleapis.com
fonts.gstatic.com
rqgourxmjie.click
unpkg.com
www.facebook.com
www.rqgourxmjie.click
172.67.157.120
2606:4700:3030::ac43:9d78
2606:4700::6811:f9cb
2a00:1450:4001:808::200a
2a00:1450:4001:829::2003
2a03:2880:f084:105:face:b00c:0:3
2a03:2880:f177:185:face:b00c:0:25de
2a04:4e42:400::485
00ec236a500d137326b05af24d0e076d5f90fd78f44ae7e184a9556e899b534a
08588a48dc554716172416f033d98ad07f92315987fafbd81c17569e352f402f
0a012cf808a24573168308916092d2d4bd3f2b4af8e16b59167013cc77acee55
0ef25bc2c012c29d0387e58e9ecbaca05b0c69f838bb419d5947ac032f4f8efa
12cf74844a93e14c76a076c334bfa1027ac11b4bc4f19247829145cde9d63aac
14a5671a39d511379efffa503cd9e9bcdaa4f0588d8ea22113e50955e4388370
1539fef7bca2990ec60bbc31d0e5d41630e4bab997fcbeee701b14df9e9ad13c
27a6ac0da39fc346d8f7420588ecbc39986207b7b2fd24158d29d33a44849770
29e461b3a66dfb905a602e4c0ea68a1e541100deee2cb8f385f15607f162f914
30dbd7b5e633819b6e4610d1b2b1307c613621adf423dbf5437e95de95d3aa17
350782cf30c54fdd0e12bbcfa291a4da65ad1548a55b8a97958e00f26438919f
36b10d3b4920592a4ec26c064c429e9a3dfb4689235fdfc91e1736b681c76786
446408ef19b0db2835e59668476ba548c11c4f93fced6061ffebc5cbda8f110b
4680f0242ae53304a6bf932234579ecf1100b3473bd822857943a3e5a2e01f8d
515a7ac0444476659e6e971f647bb40d28a7e452e086dc1841cbf125ae205811
64e31b71b96debbf8fa794bd4aa815253e8581301c97b8e4d7178120ba5af211
6d8a3d795fa8fa1e99a491c5b92f47e128184daa8498eaf475d456bc1725f70a
76da2180173353505308ddab868345148c49b7714538296cb412a775bf187831
7ab6823bf841623f37dc42b3c1f65adb78aec12b60a8d62c0a557b32edb98a92
a60b1ba9daa11468bf1b846e8515e51b97023f341f2962a9623b9d8aaa7904ad
aa7b6c81e85551eeb5c4809f1e683efa0b780c33d12ddfc2067a1b136803e45a
c4832b19dd5406ac0855426096610e532861e94c65819651ada45299002455de
d1acaf21dbcf20a10a1638489f511c1031a198e0a0c4031099b9c1791fc534ad
e0fb42308470c09b39d7f26c36aa1efcbe792af7ed5f08aca20de4dc9eb793a7
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

rqgourxmjie.click Open in urlscan Pro 2606:4700:3030::ac43:9d78 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

27 Requests

93 %HTTPS

88 %IPv6

7 Domains

8 Subdomains

8 IPs

2 Countries

628 kBTransfer

2095 kBSize

3 Cookies

0 Outgoing links

Page URL History

Redirected requests

27 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

rqgourxmjie.click Open in urlscan Pro
2606:4700:3030::ac43:9d78 Public Scan

Screenshot
Live screenshot

Full Image

27
Requests

93 %
HTTPS

88 %
IPv6

7
Domains

8
Subdomains

8
IPs

2
Countries

628 kB
Transfer

2095 kB
Size

3
Cookies

27 HTTP transactions
0 data transactions