ertrytj94.threeapples.workers.dev Open in urlscan Pro
2606:4700:3033::6815:490b Public Scan

Go To Rescan
Add Verdict Report

URL:
https://ertrytj94.threeapples.workers.dev/
Submission: On October 16 via api (October 16th 2024, 12:29:10 pm UTC) from US — Scanned from DE

Summary HTTP 143 Redirects Links 100 Behaviour Indicators

Summary

This website contacted 25 IPs in 6 countries across 17 domains to perform 143 HTTP transactions. The main IP is 2606:4700:3033::6815:490b, located in United States and belongs to CLOUDFLARENET, US. The main domain is ertrytj94.threeapples.workers.dev.
TLS certificate: Issued by WE1 on September 27th 2024. Valid for: 3 months.

This is the only time ertrytj94.threeapples.workers.dev was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
2	2606:4700:303... 2606:4700:3033::6815:490b	13335 (CLOUDFLAR...) (CLOUDFLARENET)
19	2a06:98c1:312... 2a06:98c1:3120::3	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2.19.225.248 2.19.225.248	16625 (AKAMAI-AS) (AKAMAI-AS)
2	2a00:1450:400... 2a00:1450:4001:81c::2008	15169 (GOOGLE) (GOOGLE)
2	157.240.253.1 157.240.253.1	32934 (FACEBOOK) (FACEBOOK)
29	163.181.92.181 163.181.92.181	24429 (TAOBAO Zh...) (TAOBAO Zhejiang Taobao Network Co.)
1	172.67.136.235 172.67.136.235	13335 (CLOUDFLAR...) (CLOUDFLARENET)
12	188.114.96.3 188.114.96.3	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	172.217.16.195 172.217.16.195	15169 (GOOGLE) (GOOGLE)
3	172.217.16.130 172.217.16.130	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:82b::200e	15169 (GOOGLE) (GOOGLE)
1	2001:4860:480... 2001:4860:4802:32::36	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:400c:c00::9a	15169 (GOOGLE) (GOOGLE)
1	172.217.18.99 172.217.18.99	15169 (GOOGLE) (GOOGLE)
1	2a03:2880:f17... 2a03:2880:f177:185:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK)
8	2a00:1450:400... 2a00:1450:4001:82f::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:806::2001	15169 (GOOGLE) (GOOGLE)
6	2a00:1450:400... 2a00:1450:4001:812::2001	15169 (GOOGLE) (GOOGLE)
24	142.250.181.226 142.250.181.226	15169 (GOOGLE) (GOOGLE)
7	2.17.190.130 2.17.190.130	16625 (AKAMAI-AS) (AKAMAI-AS)
1 5	47.243.203.231 47.243.203.231	45102 (ALIBABA-C...) (ALIBABA-CN-NET Alibaba US Technology Co.)
1	159.138.232.14 159.138.232.14	136907 (HWCLOUDS-...) (HWCLOUDS-AS-AP HUAWEI CLOUDS)
2	184.28.88.244 184.28.88.244	16625 (AKAMAI-AS) (AKAMAI-AS)
1	35.214.136.108 35.214.136.108	15169 (GOOGLE) (GOOGLE)
143	25

2 2606:4700:3033::6815:490b (United States)

ASN13335 (CLOUDFLARENET, US)

ertrytj94.threeapples.workers.dev	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

19 2a06:98c1:3120::3 (United States)

ASN13335 (CLOUDFLARENET, US)

bbbb.airnasusa.cf	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2.19.225.248 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a2-19-225-248.deploy.static.akamaitechnologies.com

s7.addthis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:81c::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 157.240.253.1 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)
PTR: xx-fbcdn-shv-02-fra5.fbcdn.net

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

29 163.181.92.181 (Frankfurt am Main, Germany)

ASN24429 (TAOBAO Zhejiang Taobao Network Co.,Ltd, CN)

fs.mingpao.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 172.67.136.235 (United States)

ASN13335 (CLOUDFLARENET, US)

ertrytj94.threeapples.workers.dev	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

12 188.114.96.3 (Amsterdam, Netherlands)

ASN13335 (CLOUDFLARENET, US)

bbbb.airnasusa.cf	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 172.217.16.195 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s08-in-f3.1e100.net

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 172.217.16.130 (United States)

ASN15169 (GOOGLE, US)
PTR: zrh04s06-in-f130.1e100.net

securepubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:82b::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2001:4860:4802:32::36 (United States)

ASN15169 (GOOGLE, US)

region1.analytics.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400c:c00::9a (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 172.217.18.99 (United States)

ASN15169 (GOOGLE, US)
PTR: zrh04s05-in-f99.1e100.net

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a03:2880:f177:185:face:b00c:0:25de (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 2a00:1450:4001:82f::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:806::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

5751df832b90a0a09a676a4b506e5c1e.safeframe.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a00:1450:4001:812::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

24 142.250.181.226 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s56-in-f2.1e100.net

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2.17.190.130 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a2-17-190-130.deploy.static.akamaitechnologies.com

cdn.innity.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
media.innity.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
ssl-avd.innity.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
avd.innity.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 47.243.203.231 (Hong Kong, Hong Kong) 1 redirects

ASN45102 (ALIBABA-CN-NET Alibaba US Technology Co., Ltd., CN)

avd.innity.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 159.138.232.14 (Chon Buri, Thailand)

ASN136907 (HWCLOUDS-AS-AP HUAWEI CLOUDS, HK)
PTR: ecs-159-138-232-14.compute.hwclouds-dns.com

as.innity.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 184.28.88.244 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a184-28-88-244.deploy.static.akamaitechnologies.com

ads.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.214.136.108 (Groningen, Netherlands)

ASN15169 (GOOGLE, US)
PTR: 108.136.214.35.bc.googleusercontent.com

x.bidswitch.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
39	googlesyndication.com pagead2.googlesyndication.com — Cisco Umbrella Rank: 116 5751df832b90a0a09a676a4b506e5c1e.safeframe.googlesyndication.com tpc.googlesyndication.com — Cisco Umbrella Rank: 163	379 KB
31	airnasusa.cf bbbb.airnasusa.cf	766 KB
29	mingpao.com fs.mingpao.com — Cisco Umbrella Rank: 395129	2 MB
7	innity.net cdn.innity.net — Cisco Umbrella Rank: 44699 media.innity.net — Cisco Umbrella Rank: 86438 ssl-avd.innity.net — Cisco Umbrella Rank: 64836 avd.innity.net — Cisco Umbrella Rank: 47433	20 KB
6	innity.com 1 redirects avd.innity.com — Cisco Umbrella Rank: 35731 as.innity.com — Cisco Umbrella Rank: 26579 optimize2.innity.com Failed	5 KB
4	doubleclick.net securepubads.g.doubleclick.net — Cisco Umbrella Rank: 215 stats.g.doubleclick.net — Cisco Umbrella Rank: 136	182 KB
3	workers.dev ertrytj94.threeapples.workers.dev	22 KB
2	pubmatic.com ads.pubmatic.com — Cisco Umbrella Rank: 557	3 KB
2	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 34	22 KB
2	facebook.net connect.facebook.net — Cisco Umbrella Rank: 180	83 KB
2	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 39	184 KB
1	bidswitch.net x.bidswitch.net — Cisco Umbrella Rank: 399	183 B
1	facebook.com www.facebook.com — Cisco Umbrella Rank: 113
1	google.de www.google.de — Cisco Umbrella Rank: 11271	63 B
1	google.com region1.analytics.google.com — Cisco Umbrella Rank: 4401
1	gstatic.com www.gstatic.com
1	addthis.com s7.addthis.com — Cisco Umbrella Rank: 4785
143	17

	Domain	Requested by
32	pagead2.googlesyndication.com	securepubads.g.doubleclick.net ertrytj94.threeapples.workers.dev pagead2.googlesyndication.com
31	bbbb.airnasusa.cf	ertrytj94.threeapples.workers.dev bbbb.airnasusa.cf
29	fs.mingpao.com	ertrytj94.threeapples.workers.dev
6	tpc.googlesyndication.com	securepubads.g.doubleclick.net tpc.googlesyndication.com ertrytj94.threeapples.workers.dev
5	avd.innity.com	1 redirects cdn.innity.net ertrytj94.threeapples.workers.dev
3	cdn.innity.net	securepubads.g.doubleclick.net cdn.innity.net ertrytj94.threeapples.workers.dev
3	securepubads.g.doubleclick.net	bbbb.airnasusa.cf securepubads.g.doubleclick.net
3	ertrytj94.threeapples.workers.dev	ertrytj94.threeapples.workers.dev
2	ads.pubmatic.com	ertrytj94.threeapples.workers.dev ads.pubmatic.com
2	ssl-avd.innity.net	ertrytj94.threeapples.workers.dev
2	www.google-analytics.com	www.googletagmanager.com www.google-analytics.com
2	connect.facebook.net	ertrytj94.threeapples.workers.dev connect.facebook.net
2	www.googletagmanager.com	ertrytj94.threeapples.workers.dev www.googletagmanager.com
1	x.bidswitch.net	ertrytj94.threeapples.workers.dev
1	avd.innity.net	ssl-avd.innity.net
1	media.innity.net	as.innity.com
1	as.innity.com	cdn.innity.net
1	5751df832b90a0a09a676a4b506e5c1e.safeframe.googlesyndication.com	securepubads.g.doubleclick.net
1	www.facebook.com	connect.facebook.net
1	www.google.de	ertrytj94.threeapples.workers.dev
1	stats.g.doubleclick.net	www.googletagmanager.com
1	region1.analytics.google.com	www.googletagmanager.com
1	www.gstatic.com	bbbb.airnasusa.cf
1	s7.addthis.com	ertrytj94.threeapples.workers.dev
0	optimize2.innity.com Failed	ertrytj94.threeapples.workers.dev
143	25

This site contains links to these domains. Also see Links.

Domain
member.mingpao.com
bbbb.airnasusa.cf
facebook.com
fs.mingpao.com
www.mingpao.com

Subject Issuer	Validity	Valid
threeapples.workers.dev WE1	`2024-09-27` - `2024-12-26`	3 months	crt.sh
airnasusa.cf WE1	`2024-09-11` - `2024-12-10`	3 months	crt.sh
odc-addthis-prod-01.oracle.com DigiCert TLS RSA SHA256 2020 CA1	`2023-12-09` - `2024-12-11`	a year	crt.sh
*.google-analytics.com WR2	`2024-09-30` - `2024-12-23`	3 months	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2024-07-25` - `2024-10-23`	3 months	crt.sh
*.mingpao.com Go Daddy Secure Certificate Authority - G2	`2023-10-21` - `2024-11-21`	a year	crt.sh
*.gstatic.com WR2	`2024-09-30` - `2024-12-23`	3 months	crt.sh
*.g.doubleclick.net WR2	`2024-09-30` - `2024-12-23`	3 months	crt.sh
*.google.de WR2	`2024-09-30` - `2024-12-23`	3 months	crt.sh
tpc.googlesyndication.com WR2	`2024-09-30` - `2024-12-23`	3 months	crt.sh
*.innity.net DigiCert TLS RSA SHA256 2020 CA1	`2023-12-29` - `2025-01-03`	a year	crt.sh
*.innity.com Sectigo RSA Domain Validation Secure Server CA	`2023-12-05` - `2025-01-04`	a year	crt.sh
*.pubmatic.com DigiCert TLS RSA SHA256 2020 CA1	`2023-11-26` - `2024-11-26`	a year	crt.sh

This page contains 13 frames:

Primary Page: https://ertrytj94.threeapples.workers.dev/
Frame ID: F4F76B75D5E490FEB28F1805F604B748
Requests: 94 HTTP requests in this frame

Frame: https://www.facebook.com/v6.0/plugins/page.php?adapt_container_width=true&app_id=881937541953801&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df6d843fd305fefb5e%26domain%3Dertrytj94.threeapples.workers.dev%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Fertrytj94.threeapples.workers.dev%252Ffaf8305b469649e42%26relation%3Dparent.parent&container_width=300&height=130&hide_cover=false&href=https%3A%2F%2Fwww.facebook.com%2Fmingpaomonthly&locale=zh_TW&sdk=joey&show_facepile=false&small_header=false&tabs=timeline&width=
Frame ID: F0520E808AD28371A0933CB0E4FA9158
Requests: 1 HTTP requests in this frame

Frame: https://5751df832b90a0a09a676a4b506e5c1e.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: 1B10071E9818134020229A5EAFF0DBF3
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pcs/view?xai=AKAOjsvL8RCD97cZVCjxCqTM-aXcBspOV06PAq5zOCj8o9VoIU_IrR1zZh9Gcf0QLGWx3pLtNfgCeRNJOceoZFLzxKo15HtpvgK9IvC-hS6H2D77vO93xHorB8u37gQZTDfxQqX_N9faKub6-mgRaxTZIbjprNy5EtcNuMa83ayDj1ASTRIzvTargrocK0D1tUU2YHQ0xmKrYtqGxmw71olR3_p6q-wq55Agtz3DzTeRHXFYe7FYX6SfLIhDbW5FJPo-BYf9Ww0gIfEx7wybHDY_HJdKjLmUQezfR40XNvC-p_Zv_sbWfJKFF4tCV0PZGwhEsnuifPyFyujj8Cjsj0S_TG2oOjDdbAlzaL691ldfZ2yUBOEoQiNnT8hWHhE4pFpG3aTP8uz31ufvqh2791LM7XZDlbPjyen3rjOO-tjEtDykiQBXKAYDWcnzwRyYRD5gIpYYSCg&sig=Cg0ArKJSzFuT9K3cZ3UCEAE&uach_m=%5BUACH%5D&urlfix=1&adurl=
Frame ID: FD7BF4C456B585065A50AEA6747B1991
Requests: 8 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pcs/view?xai=AKAOjst3hYj0mJSeL9_y_zt7kS3tgrw-CwBvGsLxGGsQCO4FOzglcWEc3x7GNjCgAbaNluRGJSKsXOpxMeHQJLciehNbTq2HPBDJ5b-PNhc4cJxVOf5na4OGPFTDmxR4H3j9vtzoK5cmnqIEG3iISchTut_WCwH-PU_9hVaF2cCrUL0fOcI7fKZ9KqGl30lv1hpgAlt9Yx6IAhOfkeznbpfKvoZJ3YuIxFlNN-kR0hvV9YOuGlKJIkd5eqHQXZOPldIg7-SOuBKP2uOisIoyRA8ulMs4r1c_0rhZYUn6dU1g-qsKOzGzscToov02Q44U16PUX6NvWGqnlOVKETutjAI2mUTTJiG0jnbL4KA5zbDmmppRMzKRUa6XUpe3e1e2xWg1BHG8VBcLEw6Ge_11rifMIGfMCdH-V8aZV5l26u8_3D1MSKmmYJn2cBOG25UHC-Vu0_s98wk5v0QgwHDQwC9KOOno4OWFkHAl_pJQMv99&sig=Cg0ArKJSzJZnmD_uFtX3EAE&uach_m=%5BUACH%5D&urlfix=1&adurl=
Frame ID: 9D6EA4B845F0ED8ACA04734DA68C829B
Requests: 10 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/232/runner.html
Frame ID: 456662E034DC58611F2F77AEF8EF4E41
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pcs/view?xai=AKAOjsvrW-mSx9TV0-Gp5H1X8tSN41uvZnI7crZmL4I0PQVdUex8ATDRZVRo_5vubUL1HkDVZwvW1mPO-Os4I8OZlFEN2Qdke8LSTgG5uHSUWQm2k-yHMtcZZHPuEycgA24ghBRFbIm4z3XaiBM-E_9hjxTr2o0SWaLnl48yAl7q_pCig5n05shkM2M39ma5R59sHEdS0_vwXNJRKuTuktJydm_wcUHBWlQS7lmZ9SvNlyCs_KtA0OlxtkCq9t73drrdOhrndlugZ_YrvUZsVrmoDfC_gtcPwBXoekPvNAaP3grvE0ZUy161IwwDqBdJ5A6rLf3dk84W8gt09RULRLkS0u5_yc0fxUdvANEkfeqMjc3lcFrytr_dYPxxubDjFpUADX1ONT-aExJJHj-kCzObIdDONp6zGjZbLulMKgDNvaRf2od60HLZr0xvX3PAMG2XU96Tg7zky322B3yb86FgX71bVsrZ33ugV7G7&sig=Cg0ArKJSzI7RG233RBJyEAE&uach_m=%5BUACH%5D&urlfix=1&adurl=
Frame ID: 9ECF047FEA433629C6E940F6DCDF582E
Requests: 7 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pcs/view?xai=AKAOjsvWtd9xswQuR7suQ9UlRrGlQzHHDaoiQQ3MbgQuCzli8PIKGcnnPwvefXjvtKhbKyRkz95EW-GmbePmGj4Y2k6-_TtgBrmF-ItkzB1_1VQM3OGOMKMvOIJKQ9g40DFF_doNZTMGUuiSE2sS2Z8sGpF2Uq9xTJA2KSABdEIiigms02n8DB56WYdd89Et3acbiefmlDHD1g7j0Ce7WURzpz5OR9Buf1lFO1AjpZpyeI8m81iEZ1XEyHTflTrA8S3Xo3eEh40b4xfCpz2JKFmu0K9yTDamprICUh7wPiwloS7MlLoK1YnGFah-nZOvtsvPxi3ouje3XNOJpGpxpO7g-ddaNRRQjsqblM-P8dM-qIO1_CloUq57Vl3_-QuSrUvqP9B1KFoNiKRjARTZzeAQz24E57QD3ovm9poDDTFUrvrRGp7_tilMQPl4a69NYtP4tV2YsCr0W4f6YUkMLPGOr-AiVMOHqMxK&sig=Cg0ArKJSzCxyEi9H9fFcEAE&uach_m=%5BUACH%5D&adurl=
Frame ID: CF1E1CC41A6463C733E3CB84BEC2E6B3
Requests: 9 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pcs/view?xai=AKAOjsu34pebeTfKFH-Xy2AWG2WFIws8lvT6BURT1N34bAp0F1m_tshY7ZLsngZollLnzqMf5kSYjIMh-TYRE4xtujAkm_PGd4EADiRcdrH9AfX-wPL0XvwN7k0BZrP4C-zA4L2Zz9hmQ9CUpaD5grA8i_A2MkBXM5YGqxGpDubGOmvV_jjuyooGgG1CvcejokkH_ai0y5XEW3YYALjavcAzhDamuCxCT5mZAy1vuXkw0pCFkzsVjvbxiO8pouMoKEtgI3XhakpgI0fTS-NBfnLvDZ30h67Rbg0jWUF24RrbR7ROpGi2U4Kf9Bh4uqrytrXP8HurC3U8iZgLN4jVUvZasd_73_Rask9tKXNQdtXZ5UwScVHgIOU82Xk07S0Z9J3yTjcMyM2PIyDmHOAMr_DliN2wRp3pkfmJGC_Kv09V56zGXO8sN9kp0XsMGfQIhUlpLzzJo5h34FQjHYF_GyFZQJRUPX_zwbOvdGgv&sig=Cg0ArKJSzCXiDAMMfHJqEAE&uach_m=%5BUACH%5D&urlfix=1&adurl=
Frame ID: E670CB8461581DB8DE293C645F2272C5
Requests: 7 HTTP requests in this frame

Frame: https://ssl-avd.innity.net/1/container_576b5a051c51b1c0244bca09.js
Frame ID: C12C205663C5EF3702729FD4579C50D3
Requests: 5 HTTP requests in this frame

Frame: https://ssl-avd.innity.net/1/container_549927e79bd1fa1a040041a9.js
Frame ID: DDCF9E8576BD406BA8CDB24C11C83C0E
Requests: 1 HTTP requests in this frame

Frame: https://avd.innity.com/uidsync/init/?idsr=https%3A%2F%2Floadus.exelator.com%2Fload%2F%3Fp%3D1381%26g%3D204%26j%3D0&c=HK&itmcb=1729081748834
Frame ID: 6C6720538F01A2ADF0289F2A4B0312D9
Requests: 2 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&SPug=true&p=163515&s=&predirect=https%3A%2F%2Favd.innity.com%2Fuidsync%2Fmapuid%2F%3Fpid%3D1056%26puuid%3D(PM_UID)&userIdMacro=(PM_UID)&gdpr_consent=&gdpr=0&us_privacy=&
Frame ID: C8F9D8430E3DCDD98A99264B12612C0C
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

明報月刊

Detected technologies

Bootstrap (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]*?bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.css
bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js

AddThis (Widgets) Expand

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

//connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

Font Awesome (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+(?:([\d.]+)/)?(?:css/)?font-awesome(?:\.min)?\.css
<link[^>]* href=[^>]*?(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtag/js

Osano (Cookie compliance) Expand

Overall confidence: 100%
Detected patterns

cookieconsent\.min\.js

PubMatic (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.pubmatic\.com

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

143
Requests

92 %
HTTPS

42 %
IPv6

17
Domains

25
Subdomains

25
IPs

6
Countries

3734 kB
Transfer

6640 kB
Size

21
Cookies

100 Outgoing links

These are links going to different origins than the main page.

URL: https://member.mingpao.com/cfm/privacy1.cfm
Title: 了解更多

Search URL Search Domain Scan URL

URL: https://bbbb.airnasusa.cf/article/details/%E5%8D%B7%E9%A6%96%E8%AA%9E/2024-10/1727405778032/%E5%9F%B9%E9%A4%8A%E6%88%B2%E8%BF%B7%E6%92%90%E8%B5%B7%E7%B2%B5%E5%8A%87%EF%BC%88%E9%99%B3%E9%8C%A6%E5%BC%B7%EF%BC%89
Title: 培養戲迷撐起粵劇（陳錦強）

Search URL Search Domain Scan URL

URL: https://facebook.com/mingpaomonthly

Search URL Search Domain Scan URL

URL: https://bbbb.airnasusa.cf/

Search URL Search Domain Scan URL

URL: https://bbbb.airnasusa.cf/login
Title: 訂戶登入

Search URL Search Domain Scan URL

URL: https://bbbb.airnasusa.cf/register
Title: 新登記

Search URL Search Domain Scan URL

URL: https://bbbb.airnasusa.cf/article/issuelist
Title: 《明報月刊》

Search URL Search Domain Scan URL

URL: https://bbbb.airnasusa.cf/article/category/%E5%B0%88%E9%A1%8C%EF%BC%8E%E7%89%B9%E8%BC%AF
Title: 專題．特輯

Search URL Search Domain Scan URL

URL: https://bbbb.airnasusa.cf/article/category/%E7%89%B9%E7%A8%BF%EF%BC%8F%E5%B0%88%E7%A8%BF
Title: 特稿／專稿

Search URL Search Domain Scan URL

URL: https://bbbb.airnasusa.cf/article/category/%E5%8D%B7%E9%A6%96%E8%AA%9E
Title: 卷首語

Search URL Search Domain Scan URL

URL: https://bbbb.airnasusa.cf/article/category/%E6%89%B9%E8%A9%95%E8%88%87%E5%9B%9E%E6%87%89
Title: 批評與回應

Search URL Search Domain Scan URL

URL: https://bbbb.airnasusa.cf/article/category/%E4%BA%BA%E7%94%9F%E5%B0%8F%E8%AA%9E
Title: 人生小語

Search URL Search Domain Scan URL

URL: https://bbbb.airnasusa.cf/article/category/%E7%A4%BE%E6%9C%83%EF%BC%8E%E6%99%82%E4%BA%8B
Title: 社會．時事

Search URL Search Domain Scan URL

URL: https://bbbb.airnasusa.cf/article/category/%E5%BF%83%E7%94%B0%E9%9B%86
Title: 心田集

Search URL Search Domain Scan URL

URL: https://bbbb.airnasusa.cf/article/category/%E6%96%87%E5%AD%B8%EF%BC%8E%E8%97%9D%E8%A1%93
Title: 文學．藝術

Search URL Search Domain Scan URL

URL: https://bbbb.airnasusa.cf/article/category/%E6%80%9D%E6%BD%AE%EF%BC%8E%E5%8B%95%E5%90%91
Title: 思潮．動向

Search URL Search Domain Scan URL

URL: https://bbbb.airnasusa.cf/article/category/%E6%AD%B7%E5%8F%B2%EF%BC%8E%E4%BA%BA%E7%89%A9
Title: 歷史．人物

Search URL Search Domain Scan URL

URL: https://bbbb.airnasusa.cf/article/category/%E7%94%9F%E6%B4%BB%EF%BC%8E%E8%B3%87%E8%A8%8A
Title: 生活．資訊

Search URL Search Domain Scan URL

URL: https://bbbb.airnasusa.cf/article/category/%E8%AA%9E%E6%96%87%EF%BC%8E%E6%9B%B8%E8%A9%B1
Title: 語文．書話

Search URL Search Domain Scan URL

URL: https://bbbb.airnasusa.cf/article/category/%E5%AD%B8%E8%8B%91%E6%98%A5%E7%A7%8B
Title: 學苑春秋

Search URL Search Domain Scan URL

URL: https://bbbb.airnasusa.cf/article/category/%E6%96%B0%E6%9B%B8%E8%A8%8A
Title: 新書訊

Search URL Search Domain Scan URL

URL: https://bbbb.airnasusa.cf/article/category/%E6%96%87%E5%8C%96%E7%B6%B2%E7%B5%A1
Title: 文化網絡

Search URL Search Domain Scan URL

URL: https://bbbb.airnasusa.cf/article/category/%E9%99%84%E5%86%8A%EF%BC%9A%E6%98%8E%E6%9C%88%E7%81%A3%E5%8D%80
Title: 附冊：明月灣區

Search URL Search Domain Scan URL

URL: https://bbbb.airnasusa.cf/author
Title: 作者

Search URL Search Domain Scan URL

URL: https://bbbb.airnasusa.cf/emagazine
Title: 《明報月刊》Emag

Search URL Search Domain Scan URL

URL: https://bbbb.airnasusa.cf/gbaspecials
Title: 報章專頁

Search URL Search Domain Scan URL

URL: https://bbbb.airnasusa.cf/gbaculture
Title: 文化附冊

Search URL Search Domain Scan URL

URL: https://bbbb.airnasusa.cf/article/details/%E6%96%87%E5%AD%B8%EF%BC%8E%E8%97%9D%E8%A1%93/2024-10/1727408586154/%E6%AF%9B%E4%BF%8A%E8%BC%9D%E7%9A%84%E9%A6%99%E6%B8%AF%E6%83%85%E6%87%B7%EF%BC%88%E8%91%89%E5%9C%8B%E5%A8%81%E8%A8%AA%E5%95%8F%E3%80%81%E6%95%B4%E7%90%86%EF%BC%89

Search URL Search Domain Scan URL

URL: https://bbbb.airnasusa.cf/article/details/%E6%96%87%E5%AD%B8%EF%BC%8E%E8%97%9D%E8%A1%93/2024-10/1727422094650/%E3%80%8C%E8%B1%A1%E5%A4%96%E4%B9%8B%E5%A2%83%E3%80%8D%E6%B0%B4%E5%A2%A8%E9%87%91%E5%BA%B8%E5%80%8B%E5%B1%95%EF%BC%88%E6%9D%8E%E5%BF%97%E6%B8%85%EF%BC%89

Search URL Search Domain Scan URL

URL: https://bbbb.airnasusa.cf/article/details/%E6%96%87%E5%AD%B8%EF%BC%8E%E8%97%9D%E8%A1%93/2024-10/1727422335209/%E5%BF%83%E9%9D%88%E7%9A%84%E9%A2%A8%E6%99%AF%E2%80%94%E2%80%94%E6%9D%8E%E5%AD%90%E7%8E%89%E9%A6%99%E6%B8%AF%E7%95%AB%E5%B1%95%EF%BC%88%E6%A5%8A%E6%9B%89%E9%9B%AF%EF%BC%89

Search URL Search Domain Scan URL

URL: https://bbbb.airnasusa.cf/article/details/%E6%AD%B7%E5%8F%B2%EF%BC%8E%E4%BA%BA%E7%89%A9/2024-10/1727409794655/%E6%AD%8C%E8%AA%AA%E5%9B%9B%E5%B1%86%E4%BA%9E%E6%B4%B2%E5%BD%B1%E5%90%8E%E2%80%94%E2%80%94%E6%9E%97%E9%BB%9B%EF%BC%88%E8%89%BE%E5%8A%9B%EF%BC%89

Search URL Search Domain Scan URL

URL: https://fs.mingpao.com/mpm/settings/s00036/924540c0b24be315fb9b9f7b6688baad.pdf

Search URL Search Domain Scan URL

URL: https://fs.mingpao.com/mpm/settings/s00037/50dbc07fadf0ffc44b5ec3c67adb5e70.pdf

Search URL Search Domain Scan URL

URL: https://bbbb.airnasusa.cf/promotion/details/1591167623471

Search URL Search Domain Scan URL

URL: https://bbbb.airnasusa.cf/promotion/details/1600051171135

Search URL Search Domain Scan URL

URL: https://bbbb.airnasusa.cf/promotion/details/1592186879452

Search URL Search Domain Scan URL

URL: https://bbbb.airnasusa.cf/promotion/details/1660203740689

Search URL Search Domain Scan URL

URL: https://bbbb.airnasusa.cf/author/details/%E9%99%B3%E9%8C%A6%E5%BC%B7
Title: 陳錦強

Search URL Search Domain Scan URL

URL: https://bbbb.airnasusa.cf/article/details/%E7%A4%BE%E6%9C%83%EF%BC%8E%E6%99%82%E4%BA%8B/2024-10/1727408271240/%E9%A6%99%E6%B8%AF%E6%94%B9%E9%9D%A9%E7%9A%84%E7%AA%81%E7%A0%B4%E5%8F%A3%E5%9C%A8%E5%93%AA%E8%A3%8F%EF%BC%9F%EF%BC%88%E9%AD%8F%E9%96%8B%E6%98%9F%EF%BC%89

Search URL Search Domain Scan URL

URL: https://bbbb.airnasusa.cf/author/details/%E9%AD%8F%E9%96%8B%E6%98%9F
Title: 魏開星

Search URL Search Domain Scan URL

URL: https://bbbb.airnasusa.cf/article/details/%E7%A4%BE%E6%9C%83%EF%BC%8E%E6%99%82%E4%BA%8B/2024-10/1727408807888/%E4%B8%AD%E5%9C%8B%E7%89%B9%E8%89%B2%E7%A4%BE%E6%9C%83%E4%B8%BB%E7%BE%A9%E7%8F%BE%E4%BB%A3%E5%8C%96%E7%9A%84%E9%A6%99%E6%B8%AF%EF%BC%88%E7%B4%80%E7%A2%A9%E9%B3%B4%EF%BC%89
Title: 中國特色社會主義現代化的香港（紀碩鳴）

Search URL Search Domain Scan URL

URL: https://bbbb.airnasusa.cf/article/details/%E7%A4%BE%E6%9C%83%EF%BC%8E%E6%99%82%E4%BA%8B/2024-10/1727409499145/%E8%AA%B0%E6%98%AF%E6%B5%B7%E5%A4%96%E5%93%88%E8%96%A9%E5%85%8B%E4%BA%BA%EF%BC%9F%E2%80%94%E2%80%94%E7%94%9F%E6%B4%BB%E5%9C%A8%E5%90%8C%E9%A1%9E%E7%95%B6%E4%B8%AD%E7%9A%84%E3%80%8C%E7%95%B0%E9%A1%9E%E3%80%8D%EF%BC%88%E7%B4%8D%E6%89%8E%E7%88%BE%E6%8B%9C%EF%BC%8E%E8%91%89%E7%88%BE%E8%82%AF%EF%BC%89
Title: 誰是海外哈薩克人？——生活在同類當中的「異類」（納扎爾拜．葉爾肯）

Search URL Search Domain Scan URL

URL: https://bbbb.airnasusa.cf/article/details/%E7%A4%BE%E6%9C%83%EF%BC%8E%E6%99%82%E4%BA%8B/2024-10/1727409986132/%E9%98%BF%E9%87%8C%E5%B7%B4%E5%B7%B4%E6%95%B4%E9%A0%93%E6%94%B9%E9%9D%A9%E5%AE%8C%E6%88%90%E7%9A%84%E5%95%9F%E7%A4%BA%EF%BC%88%E6%9B%BE%E6%B7%B5%E6%BB%84%EF%BC%89
Title: 阿里巴巴整頓改革完成的啟示（曾淵滄）

Search URL Search Domain Scan URL

URL: https://bbbb.airnasusa.cf/article/details/%E7%A4%BE%E6%9C%83%EF%BC%8E%E6%99%82%E4%BA%8B/2024-10/1727410200289/%E8%AB%87%E3%80%8C%E5%BE%B7%E6%8B%89%E5%90%89%E5%A0%B1%E5%91%8A%E3%80%8D%E2%80%94%E2%80%94%E6%AD%90%E6%B4%B2%E5%85%B1%E5%90%8C%E5%B8%82%E5%A0%B4%E7%9A%84%E7%8F%BE%E5%AF%A6%E8%88%87%E6%9C%AA%E4%BE%86%EF%BC%88%E9%99%B3%E5%81%89%E4%BF%A1%EF%BC%89
Title: 談「德拉吉報告」——歐洲共同市場的現實與未來（陳偉信）

Search URL Search Domain Scan URL

URL: https://bbbb.airnasusa.cf/article/details/%E7%A4%BE%E6%9C%83%EF%BC%8E%E6%99%82%E4%BA%8B/2024-10/1727410513314/%E6%B3%B0%E5%BC%8F%E6%94%BF%E6%B2%BB%E5%8A%87%E2%80%94%E2%80%94%E4%BB%96%E4%BF%A1%E8%88%87%E8%BB%8D%E6%96%B9%E4%BF%9D%E5%AE%88%E6%B4%BE%E5%8D%9A%E5%BC%88%E9%80%BE%E4%BA%8C%E5%8D%81%E8%BC%89%EF%BC%88%E8%95%AD%E5%81%89%E5%9F%BA%EF%BC%89
Title: 泰式政治劇——他信與軍方保守派博弈逾二十載（蕭偉基）

Search URL Search Domain Scan URL

URL: https://bbbb.airnasusa.cf/article/details/%E7%A4%BE%E6%9C%83%EF%BC%8E%E6%99%82%E4%BA%8B/2024-10/1727410637040/%E9%8C%A6%E6%9D%BE%E6%BC%AB%E8%A9%95%EF%BC%88%E7%8E%8B%E9%8C%A6%E6%9D%BE%EF%BC%89
Title: 錦松漫評（王錦松）

Search URL Search Domain Scan URL

URL: https://bbbb.airnasusa.cf/article/details/%E7%A4%BE%E6%9C%83%EF%BC%8E%E6%99%82%E4%BA%8B/2024-10/1727410789448/%E9%A6%99%E6%B8%AF%E9%A0%88%E5%AF%A9%E6%85%8E%E6%87%89%E5%B0%8D%E7%BE%8E%E5%9C%8B%E7%B8%BD%E6%94%BB%E5%8B%A2%EF%BC%88%E5%8A%89%E9%8A%B3%E7%B4%B9%EF%BC%89
Title: 香港須審慎應對美國總攻勢（劉銳紹）

Search URL Search Domain Scan URL

URL: https://bbbb.airnasusa.cf/article/details/%E7%A4%BE%E6%9C%83%EF%BC%8E%E6%99%82%E4%BA%8B/2024-10/1727418776124/%E7%89%BD%E5%88%B6%E6%97%A5%E6%9C%AC%E4%BB%8B%E5%85%A5%E5%8F%B0%E6%B5%B7%EF%BC%9F%E2%80%94%E2%80%94%E4%B8%AD%E5%9C%8B%E3%80%8C%E7%90%89%E7%90%83%E7%89%8C%E3%80%8D%E7%9A%84%E4%BE%86%E9%BE%8D%E5%8E%BB%E8%84%88%EF%BC%88%E4%B8%8A%EF%BC%89%EF%BC%88%E6%9E%97%E6%B3%89%E5%BF%A0%EF%BC%89
Title: 牽制日本介入台海？——中國「琉球牌」的來龍去脈（上）（林泉忠）

Search URL Search Domain Scan URL

URL: https://bbbb.airnasusa.cf/author/details/%E9%99%B3%E5%81%89%E4%BF%A1
Title: 陳偉信

Search URL Search Domain Scan URL

URL: https://bbbb.airnasusa.cf/author/details/%E6%9E%97%E6%B3%89%E5%BF%A0
Title: 林泉忠

Search URL Search Domain Scan URL

URL: https://bbbb.airnasusa.cf/author/details/%E9%87%91%E8%81%96%E8%8F%AF
Title: 金聖華

Search URL Search Domain Scan URL

URL: https://bbbb.airnasusa.cf/author/details/%E9%8D%BE%E7%8E%B2
Title: 鍾玲

Search URL Search Domain Scan URL

URL: https://bbbb.airnasusa.cf/author/details/%E5%BC%B5%E6%9B%89%E9%A2%A8
Title: 張曉風

Search URL Search Domain Scan URL

URL: https://bbbb.airnasusa.cf/author/details/%E9%99%B3%E5%BB%A3%E7%90%9B
Title: 陳廣琛

Search URL Search Domain Scan URL

URL: https://bbbb.airnasusa.cf/author/details/%E6%9D%8E%E5%BF%97%E6%B8%85
Title: 李志清

Search URL Search Domain Scan URL

URL: https://bbbb.airnasusa.cf/author/details/%E9%BB%83%E9%B3%B3%E7%A5%9D
Title: 黃鳳祝

Search URL Search Domain Scan URL

URL: https://bbbb.airnasusa.cf/author/details/%E6%9B%BE%E7%91%9E%E6%98%8E
Title: 曾瑞明

Search URL Search Domain Scan URL

URL: https://bbbb.airnasusa.cf/author/details/%E6%BD%98%E8%80%80%E6%98%8E
Title: 潘耀明

Search URL Search Domain Scan URL

URL: https://bbbb.airnasusa.cf/article/details/%E5%BF%83%E7%94%B0%E9%9B%86/2024-10/1727422558186/%E5%88%9D%E8%AD%98%E9%87%91%E9%8A%93%EF%BC%88%E9%8D%BE%E7%8E%B2%EF%BC%89

Search URL Search Domain Scan URL

URL: https://bbbb.airnasusa.cf/article/details/%E5%BF%83%E7%94%B0%E9%9B%86/2024-10/1727422681486/%E6%9C%80%E9%9B%A3%E5%BF%98%E6%87%B7%E9%82%A3%E4%BA%9B%E5%B9%B4%EF%BC%88%E4%B8%8A%EF%BC%89%EF%BC%88%E9%87%91%E8%81%96%E8%8F%AF%EF%BC%89
Title: 最難忘懷那些年（上）（金聖華）

Search URL Search Domain Scan URL

URL: https://bbbb.airnasusa.cf/article/details/%E5%BF%83%E7%94%B0%E9%9B%86/2024-10/1727422776856/%E4%BD%A0%E8%87%B3%E5%B0%91%E8%A6%81%E3%80%8C%E5%91%BD%E5%A5%BD%E3%80%8D%E5%88%B0%E2%80%A6%E2%80%A6%EF%BC%88%E5%BC%B5%E6%9B%89%E9%A2%A8%EF%BC%89
Title: 你至少要「命好」到……（張曉風）

Search URL Search Domain Scan URL

URL: https://bbbb.airnasusa.cf/article/details/%E6%96%87%E5%AD%B8%EF%BC%8E%E8%97%9D%E8%A1%93/2024-10/1727407590007/%E9%84%AD%E6%B7%B5%E6%BD%94%E7%9A%84%E7%AB%A5%E8%A9%B1%E8%88%87%E8%AB%B7%E5%96%BB%EF%BC%88%E9%9B%B7%E6%A8%82%E5%A4%A9%EF%BC%89

Search URL Search Domain Scan URL

URL: https://bbbb.airnasusa.cf/author/details/%E9%9B%B7%E6%A8%82%E5%A4%A9
Title: 雷樂天

Search URL Search Domain Scan URL

URL: https://bbbb.airnasusa.cf/article/details/%E6%96%87%E5%AD%B8%EF%BC%8E%E8%97%9D%E8%A1%93/2024-10/1727419303329/%E6%9C%B1%E4%B9%9D%E7%9C%9F%E7%9A%84%E3%80%8C%E5%A4%A7%E6%B1%9F%E6%9D%B1%E5%8E%BB%E5%B8%96%E3%80%8D%EF%BC%88%E9%82%B1%E5%81%A5%E6%81%A9%EF%BC%89
Title: 朱九真的「大江東去帖」（邱健恩）

Search URL Search Domain Scan URL

URL: https://bbbb.airnasusa.cf/article/details/%E6%96%87%E5%AD%B8%EF%BC%8E%E8%97%9D%E8%A1%93/2024-10/1727421194003/%E5%8F%A4%E5%85%B8%E9%BB%91%E8%86%A0%E5%8F%88%E4%B8%80%E6%98%A5%EF%BC%88%E4%B8%80%EF%BC%89%EF%BC%88%E9%99%B3%E5%BB%A3%E7%90%9B%EF%BC%89
Title: 古典黑膠又一春（一）（陳廣琛）

Search URL Search Domain Scan URL

URL: https://bbbb.airnasusa.cf/article/details/%E6%80%9D%E6%BD%AE%EF%BC%8E%E5%8B%95%E5%90%91/2024-10/1727409123741/%E5%B0%8F%E5%87%BA%E8%A3%95%E7%AB%A0%EF%BC%9A%E8%B3%87%E6%9C%AC%E4%B8%BB%E7%BE%A9%E5%BC%8F%E7%94%9F%E7%94%A2%E6%96%B9%E5%BC%8F%E5%BF%85%E9%A0%88%E5%BB%A2%E9%99%A4%E2%80%94%E2%80%94%E5%85%A8%E9%9D%A2%E7%9C%81%E5%AF%9F%E8%83%BD%E6%BA%90%E9%81%8E%E5%BA%A6%E6%B6%88%E8%B2%BB%E7%A4%BE%E6%9C%83%20%EF%BC%88%E2%80%82%E9%B9%BF%E9%87%8E%E5%81%A5%E4%B8%80%E3%80%80%E8%A8%AA%E5%95%8F%20%E2%80%82%E9%9F%93%E6%87%89%E9%A3%9B%E3%80%80%E7%BF%BB%E8%AD%AF%EF%BC%89

Search URL Search Domain Scan URL

URL: https://bbbb.airnasusa.cf/author/details/%E2%80%82%E9%B9%BF%E9%87%8E%E5%81%A5%E4%B8%80%EF%BC%9B%E9%9F%93%E6%87%89%E9%A3%9B
Title: 鹿野健一；韓應飛

Search URL Search Domain Scan URL

URL: https://bbbb.airnasusa.cf/article/details/%E6%80%9D%E6%BD%AE%EF%BC%8E%E5%8B%95%E5%90%91/2024-10/1727410972193/%E6%88%91%E5%80%91%E8%A9%B2%E6%80%8E%E6%A8%A3%E7%9C%8B%E5%BE%85%E6%A9%9F%E6%A2%B0%E4%BA%BA%EF%BC%9F%EF%BC%88%E6%9B%BE%E7%91%9E%E6%98%8E%EF%BC%89
Title: 我們該怎樣看待機械人？（曾瑞明）

Search URL Search Domain Scan URL

URL: https://bbbb.airnasusa.cf/article/details/%E6%80%9D%E6%BD%AE%EF%BC%8E%E5%8B%95%E5%90%91/2024-10/1727418055999/%E7%BE%8E%E5%9C%8B%E4%BE%8B%E5%A4%96%E8%AB%96%E8%88%87%E8%81%96%E6%88%B0%EF%BC%88%E9%BB%83%E9%B3%B3%E7%A5%9D%EF%BC%89
Title: 美國例外論與聖戰（黃鳳祝）

Search URL Search Domain Scan URL

URL: https://bbbb.airnasusa.cf/article/details/%E6%80%9D%E6%BD%AE%EF%BC%8E%E5%8B%95%E5%90%91/2024-10/1727418309444/%E9%BB%83%E6%98%A5%E6%98%8E%E2%80%94%E2%80%94%E6%96%87%E5%AD%B8%E9%81%93%E8%B7%AF%E4%B8%8A%E7%9A%84%E8%8B%A6%E8%A1%8C%E5%83%A7%EF%BC%88%E6%BD%98%E8%80%80%E6%98%8E%EF%BC%89
Title: 黃春明——文學道路上的苦行僧（潘耀明）

Search URL Search Domain Scan URL

URL: https://bbbb.airnasusa.cf/article/details/%E6%AD%B7%E5%8F%B2%EF%BC%8E%E4%BA%BA%E7%89%A9/2024-10/1727406344032/%E4%BA%BA%E7%94%9F%E8%8B%A5%E5%8F%AA%E5%A6%82%E5%88%9D%E8%A6%8B%E2%80%94%E2%80%94%E5%85%AD%E5%8D%81%E5%B9%B4%E5%89%8D%E7%9A%84%E5%B0%8F%E5%AD%B8%E5%90%8C%E5%AD%B8%E5%9B%9E%E6%86%B6%EF%BC%88%E6%B2%88%E5%90%91%E9%99%BD%EF%BC%89

Search URL Search Domain Scan URL

URL: https://bbbb.airnasusa.cf/author/details/%E6%B2%88%E5%90%91%E9%99%BD
Title: 沈向陽

Search URL Search Domain Scan URL

URL: https://bbbb.airnasusa.cf/article/details/%E6%AD%B7%E5%8F%B2%EF%BC%8E%E4%BA%BA%E7%89%A9/2024-10/1727407853988/%E7%99%BD%E9%A6%96%E7%9F%A5%E9%9D%92%E7%AD%94%E5%AE%A2%E9%9B%A3%EF%BC%88%E5%B4%94%E6%BF%9F%E5%93%B2%EF%BC%89
Title: 白首知青答客難（崔濟哲）

Search URL Search Domain Scan URL

URL: https://bbbb.airnasusa.cf/article/details/%E7%94%9F%E6%B4%BB%EF%BC%8E%E8%B3%87%E8%A8%8A/2024-10/1727418528708/%E4%B8%89%E6%98%9F%E6%B3%95%E5%BB%9A%E7%9A%84%E4%B8%AD%E8%8F%AF%E6%96%99%E7%90%86%EF%BC%88%E6%9D%8E%E6%98%82%EF%BC%89

Search URL Search Domain Scan URL

URL: https://bbbb.airnasusa.cf/author/details/%E6%9D%8E%E6%98%82
Title: 李昂

Search URL Search Domain Scan URL

URL: https://bbbb.airnasusa.cf/article/details/%E7%94%9F%E6%B4%BB%EF%BC%8E%E8%B3%87%E8%A8%8A/2024-10/1727419051251/%E3%80%8A%E9%A6%99%E6%B8%AF%E5%90%8D%E9%86%AB%E3%80%8B%EF%BC%88%E9%BB%83%E5%B2%90%EF%BC%89
Title: 《香港名醫》（黃岐）

Search URL Search Domain Scan URL

URL: https://bbbb.airnasusa.cf/article/details/%E7%94%9F%E6%B4%BB%EF%BC%8E%E8%B3%87%E8%A8%8A/2024-10/1727421429869/%E9%85%92%E7%AA%96%E8%A3%8F%E5%8E%9A%E5%8E%9A%E7%9A%84%E7%81%B0%E5%A1%B5%EF%BC%88%E9%A6%AE%E6%88%88%EF%BC%89
Title: 酒窖裏厚厚的灰塵（馮戈）

Search URL Search Domain Scan URL

URL: https://bbbb.airnasusa.cf/article/details/%E7%94%9F%E6%B4%BB%EF%BC%8E%E8%B3%87%E8%A8%8A/2024-10/1727421590874/%E6%99%AE%E7%BE%85%E6%97%BA%E6%96%AFGourt%20de%20%E2%80%86Mautens%20%E7%9A%84%E5%A4%A9%E4%B9%8B%E6%BC%8F%EF%BC%88%E9%99%B3%E5%A2%9E%E6%BF%A4%EF%BC%89
Title: 普羅旺斯Gourt de Mautens 的天之漏（陳增濤）

Search URL Search Domain Scan URL

URL: https://bbbb.airnasusa.cf/article/details/%E7%94%9F%E6%B4%BB%EF%BC%8E%E8%B3%87%E8%A8%8A/2024-10/1727421737859/%E9%87%91%E7%A7%8B%E5%A5%BD%E9%9F%BB%20%20%E7%88%90%E9%8A%9A%E8%88%88%E5%91%B3%EF%BC%88%E6%B1%A0%E5%AE%97%E6%86%B2%EF%BC%89
Title: 金秋好韻爐銚興味（池宗憲）

Search URL Search Domain Scan URL

URL: https://bbbb.airnasusa.cf/article/details/%E7%94%9F%E6%B4%BB%EF%BC%8E%E8%B3%87%E8%A8%8A/2024-10/1727421928306/%E8%8B%B1%E5%9C%8B%E6%A8%9E%E5%AF%86%E9%99%A2%E5%9C%A8%E9%99%B3%E6%9D%BE%E9%9D%92%E6%A1%88%E7%9A%84%E5%88%A4%E6%B1%BA%EF%BC%88%E8%83%A1%E6%80%9D%EF%BC%89
Title: 英國樞密院在陳松青案的判決（胡思）

Search URL Search Domain Scan URL

URL: https://bbbb.airnasusa.cf/article/details/%E8%AA%9E%E6%96%87%EF%BC%8E%E6%9B%B8%E8%A9%B1/2024-10/1727419598450/%E5%BE%9E%E3%80%8A%E7%A7%A6%E8%85%94%E3%80%8B%E8%8B%B1%E6%96%87%E5%8D%B7%E9%A6%96%E6%B7%BA%E6%9E%90%E5%90%88%E4%BD%9C%E7%BF%BB%E8%AD%AF%EF%BC%88%E7%99%BD%E7%AB%8B%E5%B9%B3%EF%BC%89

Search URL Search Domain Scan URL

URL: https://bbbb.airnasusa.cf/author/details/%E7%99%BD%E7%AB%8B%E5%B9%B3
Title: 白立平

Search URL Search Domain Scan URL

URL: https://bbbb.airnasusa.cf/article/details/%E8%AA%9E%E6%96%87%EF%BC%8E%E6%9B%B8%E8%A9%B1/2024-10/1727419983844/%E8%A6%AA%E5%AD%90%E5%82%BE%E5%81%88%E5%B8%AB%E2%80%94%E2%80%94%E5%A6%82%E4%BD%95%E6%96%BD%E5%B1%95%E8%AA%9E%E8%A8%80%E9%AD%94%E6%B3%95%E4%BF%83%E9%80%B2%E5%85%A9%E4%BB%A3%E6%BA%9D%E9%80%9A%EF%BC%88%E6%AD%90%E9%99%BD%E5%81%89%E8%B1%AA%EF%BC%89
Title: 親子傾偈師——如何施展語言魔法促進兩代溝通（歐陽偉豪）

Search URL Search Domain Scan URL

URL: https://bbbb.airnasusa.cf/article/details/%E6%96%87%E5%8C%96%E7%B6%B2%E7%B5%A1/2024-10/1727423009904/%E3%80%8A%E9%A6%99%E6%B8%AF%E7%B6%93%E5%85%B8%E3%80%80%E5%85%89%E5%BD%B1%E9%87%8D%E5%A1%91%E3%80%8B%20%E6%8F%9A%E5%A8%81%E5%A8%81%E5%B0%BC%E6%96%AF%20%EF%BC%88%E8%80%B6%E6%A0%BC%EF%BC%89

Search URL Search Domain Scan URL

URL: https://bbbb.airnasusa.cf/author/details/%E8%80%B6%E6%A0%BC
Title: 耶格

Search URL Search Domain Scan URL

URL: https://bbbb.airnasusa.cf/article/details/%E6%96%87%E5%8C%96%E7%B6%B2%E7%B5%A1/2024-10/1727423116379/%E9%A6%96%E5%B1%86%E9%A6%99%E6%B8%AF%E9%87%91%E9%BD%A1%E8%97%9D%E8%A1%93%E7%AF%80%E4%B9%9D%E6%9C%88%E9%96%8B%E9%91%BC%EF%BC%88%E6%BD%98%E6%B2%9B%E9%9B%AF%EF%BC%89
Title: 首屆香港金齡藝術節九月開鑼（潘沛雯）

Search URL Search Domain Scan URL

URL: https://bbbb.airnasusa.cf/article/details/%E6%96%87%E5%8C%96%E7%B6%B2%E7%B5%A1/2024-10/1727423204089/%E5%8D%91%E8%A9%A9%E7%9C%81%E6%AD%A1%E6%85%B6%E4%B8%AD%E8%8F%AF%E5%82%B3%E7%B5%B1%E6%96%87%E5%8C%96%E5%91%A8%20%EF%BC%88%E8%91%A3%E5%AD%98%E7%99%BC%EF%BC%89
Title: 卑詩省歡慶中華傳統文化周（董存發）

Search URL Search Domain Scan URL

URL: https://bbbb.airnasusa.cf/article/details/%E8%AA%9E%E6%96%87%EF%BC%8E%E6%9B%B8%E8%A9%B1/2020-01/1590997478453/%E3%80%8C%E9%9B%BB%E5%85%89%E7%9F%B3%E7%81%AB%E3%80%8D%E9%82%84%E6%98%AF%E3%80%8C%E9%9B%BB%E5%85%89%E7%81%AB%E7%9F%B3%E3%80%8D%EF%BC%9F%E2%94%80%E2%94%80%E5%85%BC%E8%AB%96%E4%B8%80%E4%BA%9B%E8%BC%83%E5%B8%B8%E8%A6%8B%E7%9A%84%E8%AA%9E%E8%A8%80%E6%96%87%E5%AD%97%E5%95%8F%E9%A1%8C%EF%BC%88%E5%96%AE%E5%91%A8%E5%A0%AF%EF%BC%89
Title: 「電光石火」還是「電光火石」？──兼論一些較常見的語言文字問題（單周堯）

Search URL Search Domain Scan URL

URL: https://bbbb.airnasusa.cf/article/details/%E7%94%9F%E6%B4%BB%EF%BC%8E%E8%B3%87%E8%A8%8A/2019-11/1590997493538/%E8%85%B9%E9%83%A8%E7%A1%AC%E5%A1%8A%EF%BC%88%E6%A5%8A%E6%97%A5%E8%8F%AF%EF%BC%89
Title: 腹部硬塊（楊日華）

Search URL Search Domain Scan URL

URL: https://bbbb.airnasusa.cf/article/details/%E8%AA%9E%E6%96%87%EF%BC%8E%E6%9B%B8%E8%A9%B1/2019-05/1590997542350/Comfort%20Food%E2%94%80%E2%94%80%E8%88%92%E7%9A%84%E6%98%AF%E5%BF%83%E9%82%84%E6%98%AF%E8%83%83%EF%BC%9F%EF%BC%88%E5%90%B3%E5%AF%8C%E5%BC%B7%EF%BC%89
Title: Comfort Food──舒的是心還是胃？（吳富強）

Search URL Search Domain Scan URL

URL: https://bbbb.airnasusa.cf/article/details/%E7%A4%BE%E6%9C%83%EF%BC%8E%E6%99%82%E4%BA%8B/2020-06/1591093247677/%E5%B0%8D%E7%BE%8E%E4%B8%89%E5%8A%8D%E5%AE%A2%E2%94%80%E2%94%80%E8%83%A1%E9%8C%AB%E9%80%B2%E3%80%81%E9%87%91%E7%87%A6%E6%A6%AE%E3%80%81%E5%96%AC%E8%89%AF%EF%BC%88%E9%A6%AC%E3%80%80%E7%8E%B2%EF%BC%89
Title: 對美三劍客──胡錫進、金燦榮、喬良（馬玲）

Search URL Search Domain Scan URL

URL: https://bbbb.airnasusa.cf/article/details/%E5%BF%83%E7%94%B0%E9%9B%86/2007-01/1590996702757/%E8%88%8A%E8%A1%A3%E5%86%A0%E3%80%80%EF%BC%88%E5%B0%8F%E6%80%9D%EF%BC%89
Title: 舊衣冠（小思）

Search URL Search Domain Scan URL

URL: https://bbbb.airnasusa.cf/article/details/%E5%B0%88%E9%A1%8C%EF%BC%8E%E7%89%B9%E8%BC%AF/2020-04/1590997446457/%E7%89%B9%E8%BC%AF%EF%BC%9A%E5%80%9F%E5%94%90%E5%A9%89%E4%B8%89%E5%AD%97%EF%BC%9A%E7%9E%9E%E3%80%81%E7%9E%9E%E3%80%81%E7%9E%9E%EF%BC%88%E5%9A%B4%E6%AD%8C%E8%8B%93%EF%BC%89
Title: 特輯：借唐婉三字：瞞、瞞、瞞（嚴歌苓）

Search URL Search Domain Scan URL

URL: https://bbbb.airnasusa.cf/article/details/%E5%BF%83%E7%94%B0%E9%9B%86/2008-03/1590996636972/%E8%A1%97%E9%81%93%E5%B0%8F%E5%BA%97%E7%9A%84%E6%87%B7%E5%BF%B5%E3%80%80%EF%BC%88%E5%B0%8F%20%E6%80%9D%EF%BC%89
Title: 街道小店的懷念（小思）

Search URL Search Domain Scan URL

URL: https://bbbb.airnasusa.cf/article/details/%E5%B0%88%E9%A1%8C%EF%BC%8E%E7%89%B9%E8%BC%AF/2020-03/1590997454553/%E7%89%B9%E8%BC%AF%EF%BC%9A%E7%B6%A0%E9%A8%8E%E5%A3%AB%E6%8A%97%E7%96%AB%E7%9F%AD%E8%A9%A9%E5%9C%96
Title: 特輯：綠騎士抗疫短詩圖

Search URL Search Domain Scan URL

URL: https://bbbb.airnasusa.cf/article/details/%E5%B0%88%E9%A1%8C%EF%BC%8E%E7%89%B9%E8%BC%AF/2016-11/1590997771940/%E7%B7%A8%E8%80%85%E7%9A%84%E8%A9%B1
Title: 編者的話

Search URL Search Domain Scan URL

URL: https://bbbb.airnasusa.cf/article/details/%E8%AA%9E%E6%96%87%EF%BC%8E%E6%9B%B8%E8%A9%B1/2019-02/1590997565891/%E3%80%8CPotluck%E3%80%8D%E2%94%80%E2%94%80%E9%8D%8B%E7%9A%84%E9%81%8B%E6%B0%A3%EF%BC%9F%EF%BC%88%E5%90%B3%E5%AF%8C%E5%BC%B7%EF%BC%89
Title: 「Potluck」──鍋的運氣？（吳富強）

Search URL Search Domain Scan URL

URL: http://www.mingpao.com/

Search URL Search Domain Scan URL

URL: https://bbbb.airnasusa.cf/static/summary
Title: 明月簡介

Search URL Search Domain Scan URL

URL: https://bbbb.airnasusa.cf/static/mpmandme
Title: 《明月》與我

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 140

https://avd.innity.com/uidsync/getuid/?idsr=https%3A%2F%2Fx.bidswitch.net%2Fsync%3Fssp%3Dinnity%26user_id%3D%24UID&itmcb=1729081748834 HTTP 302
https://x.bidswitch.net/sync?ssp=innity&user_id=1c917f9d8c4f4f54b4c330988592fe44

143 HTTP transactions
4 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request / Show response
ertrytj94.threeapples.workers.dev/ 95 KB
18 KB 2266ms
2214ms Document
text/html 2606:4700:3033::6815:490b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ertrytj94.threeapples.workers.dev/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3033::6815:490b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PHP/7.3.3
Resource Hash: 4b5f92a6011fae08bf5e0c019658022462b92269bb77aa107b00fb91b74385b6

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36

Response headers

alt-svc: h3=":443"; ma=86400
cache-control: no-store, no-cache, must-revalidate,private, must-revalidate
cf-cache-status: DYNAMIC
cf-ray: 8d380d408ce3972d-FRA
content-encoding: zstd
content-type: text/html; charset=UTF-8
date: Wed, 16 Oct 2024 12:29:00 GMT
expires: Thu, 19 Nov 1981 08:52:00 GMT,-1
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
pragma: no-cache,no-cache
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=GKAJS4cKNx4i4mUBI6hh71jQn2lE%2B5ufs%2BGQ1PBTVCIKndUrS7NOz5ldjtFj7nMwp8pA05rymDnL2t%2Bde9%2FLyuA3v%2Fp71ytxH2YMpTuB3meJRGE7RnWEd5QxW6z2h%2BoWRbo4psOU633%2FxPA9Yxk8C3NO0vRz%2FEKm7aOn30h2UkA%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
speculation-rules: "/cdn-cgi/speculation"
vary: Accept-Encoding
x-powered-by: PHP/7.3.3

GET
H2 200 speculation
ertrytj94.threeapples.workers.dev/cdn-cgi/ 128 B
505 B 22ms
19ms Other
application/speculationrules+json 2606:4700:3033::6815:490b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ertrytj94.threeapples.workers.dev/cdn-cgi/speculation
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3033::6815:490b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 11a2142988720cd49ff000e5d488493947b3d34821301c5a706b3495b8381f7d

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Origin: https://ertrytj94.threeapples.workers.dev
Referer: https://ertrytj94.threeapples.workers.dev/

Response headers

nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=c5q5z9oZbdyx9%2FD7yksKmXoAppdXiOltRjRuSVKwH3KGi3wQAcLjvcmjclJErENveQ5WG3QCT7iOQR5mXf%2B%2Fe1fMEfvwE6oDqu01OhM7JBJVayGHzgNXsBOhg6hASao6MVYxApoRpZVbB8VNqgDsJvi%2FKfeKLIYVFIBzPrB81Ew%3D"}],"group":"cf-nel","max_age":604800}
cf-ray: 8d380d4e7db9972d-FRA
access-control-allow-origin: https://ertrytj94.threeapples.workers.dev
alt-svc: h3=":443"; ma=86400
content-length: 128
date: Wed, 16 Oct 2024 12:29:00 GMT
content-type: application/speculationrules+json
vary: Origin, Accept-Encoding
server: cloudflare

GET
H2 200 bootstrap.min.css
bbbb.airnasusa.cf/static/css/ 118 KB
21 KB 1663ms
1352ms Stylesheet
text/css 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://bbbb.airnasusa.cf/static/css/bootstrap.min.css
Requested by: Host: ertrytj94.threeapples.workers.dev
URL: https://ertrytj94.threeapples.workers.dev/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 96344083f9b3ae5b3316d0e6963e519beade434c6e52977191222ee4ff9ce678

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://ertrytj94.threeapples.workers.dev/

Response headers

cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding: zstd
cf-cache-status: MISS
etag: W/"d3b8e981413ed61:0"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=ZVgCMkGANj95ZrQDPe9XcaWmRWdbde0s%2FR5nop1LH0QSPvbrsCVpavwN4QigeX7TgoqyvYIsglUiQmzyEWSqkwNS%2B8oQpPqLcxKSzQVG9lNr8nI%2FQMpy6O1icN0WbFPgp%2FZeBvKNkRfoJc6BU0tsqg%3D%3D"}],"group":"cf-nel","max_age":604800}
cf-ray: 8d380d505e779f12-FRA
alt-svc: h3=":443"; ma=86400
date: Wed, 16 Oct 2024 12:29:02 GMT
content-type: text/css
last-modified: Tue, 09 Jun 2020 09:36:52 GMT
vary: Accept-Encoding
server: cloudflare

GET
H2 200 font-awesome.min.css
bbbb.airnasusa.cf/static/css/font-awesome/css/ 30 KB
7 KB 1509ms
1199ms Stylesheet
text/css 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://bbbb.airnasusa.cf/static/css/font-awesome/css/font-awesome.min.css?v=4.7.0
Requested by: Host: ertrytj94.threeapples.workers.dev
URL: https://ertrytj94.threeapples.workers.dev/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 799aeb25cc0373fdee0e1b1db7ad6c2f6a0e058dfadaa3379689f583213190bd

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://ertrytj94.threeapples.workers.dev/

Response headers

cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding: zstd
cf-cache-status: MISS
etag: W/"80c67eed9330d21:0"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=wWC6cT0nx4VXj257N0ga1bba25XBB2A%2BDjEy%2F9IyAesPquHFegWPjtLWIZt7R761avtdABZ%2BsEKx6HFu%2FvMVJgkJIZmJcITsoOlJ6SfggMjP9NxmvHEJV34zLAVLuilmzoBpNVwcaczdTnVkB93wqg%3D%3D"}],"group":"cf-nel","max_age":604800}
cf-ray: 8d380d506e7e9f12-FRA
alt-svc: h3=":443"; ma=86400
date: Wed, 16 Oct 2024 12:29:02 GMT
content-type: text/css
last-modified: Thu, 27 Oct 2016 20:51:45 GMT
vary: Accept-Encoding
server: cloudflare

GET
H2 200 jquery.mcustomscrollbar.css
bbbb.airnasusa.cf/static/css/ 15 KB
3 KB 1325ms
1014ms Stylesheet
text/css 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://bbbb.airnasusa.cf/static/css/jquery.mcustomscrollbar.css
Requested by: Host: ertrytj94.threeapples.workers.dev
URL: https://ertrytj94.threeapples.workers.dev/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a937efd6f5160381fbf28854650a57f30fe43a2edfbaca9c05deba25cc3156b3

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://ertrytj94.threeapples.workers.dev/

Response headers

cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding: zstd
cf-cache-status: MISS
etag: W/"b9495e5bb2f6d51:0"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=gnznIjdHGkKAxUNdPY7zEmRxiNrmxVaY73mIZcTS%2B5vbZZB9xUAyB9nmOIrHKhXh%2B7IJ71GV%2FWtKzwJjoKTVanqXBfZjnEW7A8MlhluU0FevO%2FnizLg3afj129OVBKP3xx0xxoQxeSL4YZ4CIAmrYQ%3D%3D"}],"group":"cf-nel","max_age":604800}
cf-ray: 8d380d505e6f9f12-FRA
alt-svc: h3=":443"; ma=86400
date: Wed, 16 Oct 2024 12:29:01 GMT
content-type: text/css
last-modified: Tue, 10 Mar 2020 08:03:17 GMT
vary: Accept-Encoding
server: cloudflare

GET
H2 200 main.css
bbbb.airnasusa.cf/static/css/ 57 KB
12 KB 1694ms
1383ms Stylesheet
text/css 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://bbbb.airnasusa.cf/static/css/main.css?v=1.4
Requested by: Host: ertrytj94.threeapples.workers.dev
URL: https://ertrytj94.threeapples.workers.dev/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2287070089dd8219d7c57bde79bc7b6f9d5e6ac3c5d17de01b77087c4deba294

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://ertrytj94.threeapples.workers.dev/

Response headers

cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding: zstd
cf-cache-status: MISS
etag: W/"05e8a9a63b5da1:0"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=7pzxaNXFm3d1Md0%2FAcKNKAjkW%2F7PC0wVgUXgAuZk9Kbd%2FfRrlxDB6K8bEx%2BJYIgFqEQ76AIEV5rKc3BhqCG18m4i%2BHpQN%2F03dIe3s76IyMd9sEJyjABiTYKrZrxavp550fNe6%2Bp2cQLJ5ztWPFYRFw%3D%3D"}],"group":"cf-nel","max_age":604800}
cf-ray: 8d380d505e6d9f12-FRA
alt-svc: h3=":443"; ma=86400
date: Wed, 16 Oct 2024 12:29:02 GMT
content-type: text/css
last-modified: Mon, 03 Jun 2024 03:10:36 GMT
vary: Accept-Encoding
server: cloudflare

GET
H2 200 jquery.min.js Show response
bbbb.airnasusa.cf/static/js/ 94 KB
35 KB 1705ms
1394ms Script
application/javascript 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://bbbb.airnasusa.cf/static/js/jquery.min.js
Requested by: Host: ertrytj94.threeapples.workers.dev
URL: https://ertrytj94.threeapples.workers.dev/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ecb916133a9376911f10bc5c659952eb0031e457f5df367cde560edbfba38fb8

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://ertrytj94.threeapples.workers.dev/

Response headers

cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding: zstd
cf-cache-status: MISS
etag: W/"9730d35fb2f6d51:0"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=X3x0UrWn5YAunYP8fMIZ4a0D9ajydy8ObFsVHhhMg2QUmmCYidDE6cFgof9aHKF%2F9LJdH9ezEh%2FVDSBevRa8q8J5iUZr5sqBHIdfhU72bZjlkKJB93CYpS47uoIDpWYVKjE0QZF3%2B8bENZZT8Wb4Dw%3D%3D"}],"group":"cf-nel","max_age":604800}
cf-ray: 8d380d506e8c9f12-FRA
alt-svc: h3=":443"; ma=86400
date: Wed, 16 Oct 2024 12:29:02 GMT
content-type: application/javascript
last-modified: Tue, 10 Mar 2020 08:03:24 GMT
vary: Accept-Encoding
server: cloudflare

GET
H2 200 bootstrap.min.js Show response
bbbb.airnasusa.cf/static/js/ 36 KB
11 KB 1607ms
1296ms Script
application/javascript 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://bbbb.airnasusa.cf/static/js/bootstrap.min.js
Requested by: Host: ertrytj94.threeapples.workers.dev
URL: https://ertrytj94.threeapples.workers.dev/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 53964478a7c634e8dad34ecc303dd8048d00dce4993906de1bacf67f663486ef

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://ertrytj94.threeapples.workers.dev/

Response headers

cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding: zstd
cf-cache-status: MISS
etag: W/"2798085b2f6d51:0"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=gBvpU6qt2qndOlRpHbU39VPb7RWfTURvL2kdjtq1ym3aPEtwpi93e1AzebRH6GuwpNMnraWg0ElHkHYps2catih9wC%2BpfcI3J%2BT17hlC5tL%2F3foKr3maDAh%2BGrKuYQ4VdgKoeu5tQ98ehAsS3C1uUw%3D%3D"}],"group":"cf-nel","max_age":604800}
cf-ray: 8d380d506e829f12-FRA
alt-svc: h3=":443"; ma=86400
date: Wed, 16 Oct 2024 12:29:02 GMT
content-type: application/javascript
last-modified: Tue, 10 Mar 2020 08:04:28 GMT
vary: Accept-Encoding
server: cloudflare

GET
H2 200 j_autoflow.1.1.js Show response
bbbb.airnasusa.cf/static/js/ 3 KB
1 KB 1072ms
761ms Script
application/javascript 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://bbbb.airnasusa.cf/static/js/j_autoflow.1.1.js
Requested by: Host: ertrytj94.threeapples.workers.dev
URL: https://ertrytj94.threeapples.workers.dev/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 61576c8cea1c331ab39fbe1aba96c3c77f4b93caaa8441c4833d20114cd746f8

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://ertrytj94.threeapples.workers.dev/

Response headers

cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding: zstd
cf-cache-status: MISS
etag: W/"46d3959bf03d61:0"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=FLnQ7Jtw9i4AnbFriq6dl%2Bqw%2B3vDupAVxPKVUIolci66akiLwKgj9xqtaI%2BNa6XS2rsm%2FSMyt%2Fi%2FVDe8bar8qvQoELB64efNg6CPzdcyNslJnQriUEHzD4SVPXzVA3xFU4fMnp%2BOwaIfkmiiaFTNpw%3D%3D"}],"group":"cf-nel","max_age":604800}
cf-ray: 8d380d506e869f12-FRA
alt-svc: h3=":443"; ma=86400
date: Wed, 16 Oct 2024 12:29:01 GMT
content-type: application/javascript
last-modified: Fri, 27 Mar 2020 04:31:39 GMT
vary: Accept-Encoding
server: cloudflare

GET
H2 200 scrollbar.min.js Show response
bbbb.airnasusa.cf/static/js/ 25 KB
7 KB 1489ms
1179ms Script
application/javascript 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://bbbb.airnasusa.cf/static/js/scrollbar.min.js
Requested by: Host: ertrytj94.threeapples.workers.dev
URL: https://ertrytj94.threeapples.workers.dev/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: db06dcfa0112b05cef7abd20fadc5baf632a316515f07cfd4fceb436c8a0cb1b

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://ertrytj94.threeapples.workers.dev/

Response headers

cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding: zstd
cf-cache-status: MISS
etag: W/"3a7838bb2f6d51:0"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=qt3wqFz0lVAvZz2iirADuVMfla%2B%2FVeuVVR1TynFF%2FCsXbeRMjy9NcsrWKxtjHIqFDKZAY3bCm6vuBpqjcARy99G6%2B9gqqiMliPhozDKlccM47Pq5AlKxS1s2%2FSUYaXUkXOV%2Fxbpa3lHqxK0x8qlSjg%3D%3D"}],"group":"cf-nel","max_age":604800}
cf-ray: 8d380d506e859f12-FRA
alt-svc: h3=":443"; ma=86400
date: Wed, 16 Oct 2024 12:29:02 GMT
content-type: application/javascript
last-modified: Tue, 10 Mar 2020 08:04:38 GMT
vary: Accept-Encoding
server: cloudflare

GET
H2 200 common.js Show response
bbbb.airnasusa.cf/static/js/ 2 KB
1 KB 1098ms
787ms Script
application/javascript 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://bbbb.airnasusa.cf/static/js/common.js
Requested by: Host: ertrytj94.threeapples.workers.dev
URL: https://ertrytj94.threeapples.workers.dev/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a011b30df905e9a2368facf8900cc7499750a3a44df79e477a59cf35f2149996

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://ertrytj94.threeapples.workers.dev/

Response headers

cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding: zstd
cf-cache-status: MISS
etag: W/"8ddc1fe02b49d61:0"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=YXocMoebnVOsFnr6A56BcxvFjrTthMoKCU0UCKzGHXtauYGg5M51%2F6h4iKqkhusH7les09WVhKGz1zf3hcNSuqr%2BxRWO7OKCjFtX%2BNt8VbSvQ3hDgPlbyO680FGv6C0ltptzDEsjpsnQydCgQJrz%2FQ%3D%3D"}],"group":"cf-nel","max_age":604800}
cf-ray: 8d380d506e8b9f12-FRA
alt-svc: h3=":443"; ma=86400
date: Wed, 16 Oct 2024 12:29:01 GMT
content-type: application/javascript
last-modified: Tue, 23 Jun 2020 06:59:44 GMT
vary: Accept-Encoding
server: cloudflare

GET
H2 200 api.js Show response
bbbb.airnasusa.cf/static/js/ 912 B
934 B 1071ms
761ms Script
application/javascript 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://bbbb.airnasusa.cf/static/js/api.js
Requested by: Host: ertrytj94.threeapples.workers.dev
URL: https://ertrytj94.threeapples.workers.dev/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: bb4d049994d611c9ec103647ac7a9e201be9fe687bfbe646f1aa0217bfb30813

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://ertrytj94.threeapples.workers.dev/

Response headers

cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding: zstd
cf-cache-status: MISS
etag: W/"e3c9718787c5d71:0"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=SU7CXCJjlXre7kQEKKU0qr7Ezlb6W8ITJvJeLO6Wxc%2BmF%2FJ3p2TBahv6bET33s9%2FUWK4zklxJCvtG3gTeLs6OZUbNKFuZObvm1pFbH1AqbvB6XD7wMkLSHBvrfc4jeuEZ9ebcUE7eFifI%2BdawJking%3D%3D"}],"group":"cf-nel","max_age":604800}
cf-ray: 8d380d506e7f9f12-FRA
alt-svc: h3=":443"; ma=86400
date: Wed, 16 Oct 2024 12:29:01 GMT
content-type: application/javascript
last-modified: Wed, 20 Oct 2021 07:53:11 GMT
vary: Accept-Encoding
server: cloudflare

GET
H2 200 design.css
bbbb.airnasusa.cf/static/css/ 948 B
794 B 1065ms
755ms Stylesheet
text/css 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://bbbb.airnasusa.cf/static/css/design.css
Requested by: Host: ertrytj94.threeapples.workers.dev
URL: https://ertrytj94.threeapples.workers.dev/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 095c80bd8faf58bdabea00d7078dbc53555d9259c4e59057f7e3e057f8cc5174

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://ertrytj94.threeapples.workers.dev/

Response headers

cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding: zstd
cf-cache-status: MISS
etag: W/"aeb2ffb311f9d51:0"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=LBV9BvVBK6Cz9II8rxD%2FEpFQBbNxZih4vXVNrtafpLXwZJC9%2BV0sWmliM7TTZ0qRURf2r%2BSpvAVQPKNRIflbr%2BLqhSPFiEMXy2b99qUt4Jha%2B4TrtzqWTomTS%2B4pzWDJ%2FPt4jUoA74NOrn91bC2olQ%3D%3D"}],"group":"cf-nel","max_age":604800}
cf-ray: 8d380d505e709f12-FRA
alt-svc: h3=":443"; ma=86400
date: Wed, 16 Oct 2024 12:29:01 GMT
content-type: text/css
last-modified: Fri, 13 Mar 2020 08:30:50 GMT
vary: Accept-Encoding
server: cloudflare

GET
H2 200 all.css
bbbb.airnasusa.cf/static/css/ 68 KB
13 KB 1677ms
1367ms Stylesheet
text/css 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://bbbb.airnasusa.cf/static/css/all.css
Requested by: Host: ertrytj94.threeapples.workers.dev
URL: https://ertrytj94.threeapples.workers.dev/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: aab0b0752d39ebc070486d884cfe4328e9543dd6aa7d00cf03a31a35f5606961

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://ertrytj94.threeapples.workers.dev/

Response headers

cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding: zstd
cf-cache-status: MISS
etag: W/"deb8c45115f8d51:0"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=uV5BjR9J%2BaxA13haq17vTOJ1LoPV5MNs4uTyw8L%2BeG2EVQmdouRHOwuuG%2F6Ul6ac1DD%2Bub%2FRXX5L1j950AifVK873J3YguQEXStoHC7b4F99kVnA6a3blu63Y88AvMfJLCcQ7N70uJFH%2BjvjxWHakQ%3D%3D"}],"group":"cf-nel","max_age":604800}
cf-ray: 8d380d505e769f12-FRA
alt-svc: h3=":443"; ma=86400
date: Wed, 16 Oct 2024 12:29:02 GMT
content-type: text/css
last-modified: Thu, 12 Mar 2020 02:24:12 GMT
vary: Accept-Encoding
server: cloudflare

GET
H2 200 cookieconsent.min.css
bbbb.airnasusa.cf/static/css/ 5 KB
2 KB 1085ms
775ms Stylesheet
text/css 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://bbbb.airnasusa.cf/static/css/cookieconsent.min.css
Requested by: Host: ertrytj94.threeapples.workers.dev
URL: https://ertrytj94.threeapples.workers.dev/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: cd0d0b6e50ff01ff2f3a9a70d7cfb66a7c6cb9acf7a566325568be6d3bd31fc4

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://ertrytj94.threeapples.workers.dev/

Response headers

cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding: zstd
cf-cache-status: MISS
etag: W/"3d7845cb2f6d51:0"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=BKHRUNz9vM0EDFsutJwEhKvyPEDRoGuUY4eoesYdA0OeKzWVcbATo7HFjkIFYdFr6U1FUNOCG%2BEIFIuvZ4xsIrqne1L4gvhiyyydx%2FCVq%2F0J%2BOZG%2FOHjLERh7gM%2BuHpUqNHPCTF64xDg6LOU142ztA%3D%3D"}],"group":"cf-nel","max_age":604800}
cf-ray: 8d380d505e719f12-FRA
alt-svc: h3=":443"; ma=86400
date: Wed, 16 Oct 2024 12:29:01 GMT
content-type: text/css
last-modified: Tue, 10 Mar 2020 08:03:18 GMT
vary: Accept-Encoding
server: cloudflare

GET
H2 200 jquery.fancybox.css
bbbb.airnasusa.cf/static/js/fancybox/ 5 KB
2 KB 1068ms
758ms Stylesheet
text/css 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://bbbb.airnasusa.cf/static/js/fancybox/jquery.fancybox.css
Requested by: Host: ertrytj94.threeapples.workers.dev
URL: https://ertrytj94.threeapples.workers.dev/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 968a8e56e4adaf8c135199ebd7f6cc065424ca45974d4dfbeb5607e69fe72fcd

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://ertrytj94.threeapples.workers.dev/

Response headers

cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding: zstd
cf-cache-status: MISS
etag: W/"0c0edddf840d41:0"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=eguIMIgJ9L%2FG34HhiA2w6CUOg4E%2BvoGd8H3Tpsdl55gdPJN%2Bv5Sl%2FYVovu%2B21f8r5ye9XeJGzQfqAMmJ7hmmqG%2B%2Fmh0%2FsHyP3MBZ99uY1NZZ3DqW4CGw7ID4Un0aJCAE5T0AotNOMCD%2B3d9jWmSGhg%3D%3D"}],"group":"cf-nel","max_age":604800}
cf-ray: 8d380d505e739f12-FRA
alt-svc: h3=":443"; ma=86400
date: Wed, 16 Oct 2024 12:29:01 GMT
content-type: text/css
last-modified: Fri, 31 Aug 2018 07:04:32 GMT
vary: Accept-Encoding
server: cloudflare

GET
H2 200 jquery.fancybox-buttons.css
bbbb.airnasusa.cf/static/js/fancybox/helpers/ 2 KB
1 KB 1123ms
813ms Stylesheet
text/css 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://bbbb.airnasusa.cf/static/js/fancybox/helpers/jquery.fancybox-buttons.css
Requested by: Host: ertrytj94.threeapples.workers.dev
URL: https://ertrytj94.threeapples.workers.dev/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ae270bcb50f2d50d85d66e5fa909ad765d6a899b387bb6508d3d3e94bad43ec1

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://ertrytj94.threeapples.workers.dev/

Response headers

cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding: zstd
cf-cache-status: MISS
etag: W/"0c0edddf840d41:0"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=kDA9VnSrrqEtka%2FzBZXvfI4LI3Ss0TcGJLjPXqTGiqikn1WOh0H%2FXbJ3Bnj2PsIDchn76FrvaCJYJPLlKtnbYjoNf3rxkhiGAhcJ%2FyWnakKNT763qSXWDtuS6cZS37%2BvRtqx3VKyEg2EvQvpqY3iaA%3D%3D"}],"group":"cf-nel","max_age":604800}
cf-ray: 8d380d505e729f12-FRA
alt-svc: h3=":443"; ma=86400
date: Wed, 16 Oct 2024 12:29:01 GMT
content-type: text/css
last-modified: Fri, 31 Aug 2018 07:04:32 GMT
vary: Accept-Encoding
server: cloudflare

GET
H2 200 jquery.fancybox.js Show response
bbbb.airnasusa.cf/static/js/fancybox/ 50 KB
16 KB 1818ms
1508ms Script
application/javascript 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://bbbb.airnasusa.cf/static/js/fancybox/jquery.fancybox.js
Requested by: Host: ertrytj94.threeapples.workers.dev
URL: https://ertrytj94.threeapples.workers.dev/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2c0ef88e8ded0c3ea6f5b6369c6ed124da8041ab4a4ae1ca8926facf9a84c87b

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://ertrytj94.threeapples.workers.dev/

Response headers

cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding: zstd
cf-cache-status: MISS
etag: W/"0c0edddf840d41:0"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=gC7mvFxXcWDVbAx7EZ6mJFtqYzbklmJqnkwILtkBqJ%2BeUwrFE9TJze%2BDxK3XgUo0Y9fI9kkMnfyq2IOlEa2RAaKJGnyO1HPkfI3WfFEkQhC2a4TKrK1P3IsMIfkeoDnzqCMhBqyezBct%2Btuc8Y3PPg%3D%3D"}],"group":"cf-nel","max_age":604800}
cf-ray: 8d380d506e809f12-FRA
alt-svc: h3=":443"; ma=86400
date: Wed, 16 Oct 2024 12:29:02 GMT
content-type: application/javascript
last-modified: Fri, 31 Aug 2018 07:04:32 GMT
vary: Accept-Encoding
server: cloudflare

GET
H2 200 jquery.fancybox-buttons.js Show response
bbbb.airnasusa.cf/static/js/fancybox/helpers/ 3 KB
2 KB 1055ms
746ms Script
application/javascript 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://bbbb.airnasusa.cf/static/js/fancybox/helpers/jquery.fancybox-buttons.js
Requested by: Host: ertrytj94.threeapples.workers.dev
URL: https://ertrytj94.threeapples.workers.dev/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2d63b8ad7966c80ce51051da38da14f52b99cfb019aec650b2437fc74fac1560

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://ertrytj94.threeapples.workers.dev/

Response headers

cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding: zstd
cf-cache-status: MISS
etag: W/"0c0edddf840d41:0"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=A%2BdpcdHAfSpmAQHOFV7s%2BXT%2B5e3zGTA3Ar5IB03iGupYhibxiWtP86z5qdHj2WOoCZL7YbzoNcDiR%2FBrilW9Y3O3gHOT%2FckvZRO9yOzPyp6gFPTE3u0iTYFnpp8qNibwNWUxUtce%2BjJQpziChhWS7Q%3D%3D"}],"group":"cf-nel","max_age":604800}
cf-ray: 8d380d506e889f12-FRA
alt-svc: h3=":443"; ma=86400
date: Wed, 16 Oct 2024 12:29:01 GMT
content-type: application/javascript
last-modified: Fri, 31 Aug 2018 07:04:32 GMT
vary: Accept-Encoding
server: cloudflare

GET
H/1.1 500
Internal Server Error addthis_widget.js
s7.addthis.com/js/300/ 0
0 315ms
14ms Script
text/html 2.19.225.248
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://s7.addthis.com/js/300/addthis_widget.js
Requested by: Host: ertrytj94.threeapples.workers.dev
URL: https://ertrytj94.threeapples.workers.dev/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2.19.225.248 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-19-225-248.deploy.static.akamaitechnologies.com
Software: /
Resource Hash

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://ertrytj94.threeapples.workers.dev/

Response headers

Cache-Control: max-age=0, no-cache, no-store
Pragma: no-cache
Connection: keep-alive
Expires: Wed, 16 Oct 2024 12:29:00 GMT
Content-Length: 27
Date: Wed, 16 Oct 2024 12:29:00 GMT
AK-GRN: 0.1cd53e17.1729081740.1a1228b8
Content-Type: text/html

GET
H2 200 mpmadvert.js Show response
bbbb.airnasusa.cf/js/ 22 KB
5 KB 1511ms
1202ms Script
application/javascript 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://bbbb.airnasusa.cf/js/mpmadvert.js
Requested by: Host: ertrytj94.threeapples.workers.dev
URL: https://ertrytj94.threeapples.workers.dev/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 063691ce734d5091d648d33cf796fcbbb226685ff0aef818fa7a9e2d869c0016

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://ertrytj94.threeapples.workers.dev/

Response headers

cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding: zstd
cf-cache-status: MISS
etag: W/"2053deafa38bd81:0"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=bS0iCxzlFO3Flu3%2BnWy4m9CA5uheMelqN85W%2FTk0%2FUYTZVc3O1Gw89sXh82WTV4lK6jkn55U8bBsImmPNg7QRud0jsM8iYpUW4mToW2eyunbwRIfuuMi75%2BrZdEompHW61LblvQc0jJEE1qrjAfP3Q%3D%3D"}],"group":"cf-nel","max_age":604800}
cf-ray: 8d380d506e899f12-FRA
alt-svc: h3=":443"; ma=86400
date: Wed, 16 Oct 2024 12:29:02 GMT
content-type: application/javascript
last-modified: Wed, 29 Jun 2022 10:33:35 GMT
vary: Accept-Encoding
server: cloudflare

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 220 KB
79 KB 135ms
56ms Script
application/javascript 2a00:1450:4001:81c::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=UA-4717822-61

Requested by

Host: ertrytj94.threeapples.workers.dev
URL: https://ertrytj94.threeapples.workers.dev/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

c7a9b7c0c58029732ea3cf41cf2daf57ac122e2af2d76597225cd9061d488e12

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://ertrytj94.threeapples.workers.dev/

Response headers

content-encoding: br
report-to: {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcycc:838:0"}],}
expires: Wed, 16 Oct 2024 12:29:02 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Wed, 16 Oct 2024 12:29:02 GMT
content-type: application/javascript; charset=UTF-8
vary: Accept-Encoding
access-control-allow-headers: Cache-Control
strict-transport-security: max-age=31536000; includeSubDomains
cache-control: private, max-age=900
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcycc:838:0
access-control-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to=coop_reporting
content-length: 80357
x-xss-protection: 0
server: Google Tag Manager

GET
H3 200 sdk.js Show response
connect.facebook.net/zh_TW/ 3 KB
2 KB 35ms
9ms Script
application/x-javascript 157.240.253.1
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/zh_TW/sdk.js

Requested by

Host: ertrytj94.threeapples.workers.dev
URL: https://ertrytj94.threeapples.workers.dev/

Protocol

Security

QUIC, , AES_128_GCM

Server

157.240.253.1 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

xx-fbcdn-shv-02-fra5.fbcdn.net

Software

Resource Hash

d15c3163acc1e2ae7deffd9061e89913d5553912b0ddb32183e680dec6e15dfb

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Origin: https://ertrytj94.threeapples.workers.dev
Referer: https://ertrytj94.threeapples.workers.dev/

Response headers

content-md5: VzsTedFx7OmNaQKPvaOvbA==
access-control-expose-headers: X-FB-Content-MD5
content-encoding: gzip
etag: "ae3575d47ca7596273a65bc02e275eec"
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
x-content-type-options: nosniff
expires: Wed, 16 Oct 2024 12:30:04 GMT
alt-svc: h3=":443"; ma=86400
date: Wed, 16 Oct 2024 12:29:02 GMT
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
priority: u=3,i
x-frame-options: DENY
strict-transport-security: max-age=31536000; preload; includeSubDomains
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
x-fb-content-md5: c07f0825f67aec502db12b20610e0bff
cache-control: public,max-age=1200,stale-while-revalidate=3600
timing-allow-origin: *
cross-origin-opener-policy: same-origin-allow-popups
x-fb-connection-quality: EXCELLENT; q=0.9, rtt=6, rtx=0, c=23, mss=1232, tbw=4444, tp=9, tpl=0, uplat=1, ullat=-1
x-fb-debug: ljv9BjPXSzL9sc7I6IXppPYVqbls8MIkuhcD861Zl8qLm83k7RYLp1eR0bA+gZpYOCsNKi+98XurimnsOc7M5Q==
cross-origin-resource-policy: cross-origin
permissions-policy: accelerometer=(), attribution-reporting=(), autoplay=(), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
document-policy: force-load-at-top
access-control-allow-origin: *
cross-origin-opener-policy-report-only: restrict-properties;report-to="coop_report"
content-length: 1687
origin-agent-cluster: ?1

GET
H2 200 logo_8.png
bbbb.airnasusa.cf/static/images/ 81 KB
81 KB 1392ms
1391ms Image
image/png 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://bbbb.airnasusa.cf/static/images/logo_8.png
Requested by: Host: ertrytj94.threeapples.workers.dev
URL: https://ertrytj94.threeapples.workers.dev/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8534368733743a14a503307079a03d921c33943441346ffe2a83d2b1cba34e27

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://ertrytj94.threeapples.workers.dev/

Response headers

cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-cache-status: MISS
etag: "0586484a9f7d51:0"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=zHTFRb8KBcfg2kTffzjMZzUmg2%2FcwZmh6V09iNVzB3iyCEFupxN8D8%2FePez7vxN9HEosiL8BZx7mHzpfw5okCHed9WxARnFF4anTIDO8wGHbuLEMk3ljOxYJSiIaPBk3LrceD27YbvWTV32%2BkDxFqA%3D%3D"}],"group":"cf-nel","max_age":604800}
cf-ray: 8d380d506e8e9f12-FRA
accept-ranges: bytes
alt-svc: h3=":443"; ma=86400
content-length: 82871
date: Wed, 16 Oct 2024 12:29:02 GMT
content-type: image/png
last-modified: Wed, 11 Mar 2020 13:32:32 GMT
vary: Accept-Encoding
server: cloudflare

GET
H2 200 8a47a88eaf0317d6070794800093c6fd.jpg
fs.mingpao.com/mpm/settings/s00027/ 31 KB
32 KB 1000ms
426ms Image
image/jpeg 163.181.92.181
TAOBAO Zhejiang T...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://fs.mingpao.com/mpm/settings/s00027/8a47a88eaf0317d6070794800093c6fd.jpg
Requested by: Host: ertrytj94.threeapples.workers.dev
URL: https://ertrytj94.threeapples.workers.dev/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 163.181.92.181 Frankfurt am Main, Germany, ASN24429 (TAOBAO Zhejiang Taobao Network Co.,Ltd, CN),
Reverse DNS
Software: Tengine /
Resource Hash: 35da838272760682e73dbaba7976a429642bbe614de0cd007658c3f787bb52a4

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://ertrytj94.threeapples.workers.dev/

Response headers

etag: "b7e9aabeb12db1:0"
age: 0
x-cache: HIT TCP_REFRESH_HIT dirn:11:150247490
date: Wed, 16 Oct 2024 12:29:01 GMT
content-type: image/jpeg
last-modified: Mon, 30 Sep 2024 03:44:25 GMT
x-swift-cachetime: 3600
timing-allow-origin: *
via: ens-cache5.l2de3[403,404,304-0,H], ens-cache18.l2de3[405,0], ens-cache5.de5[409,408,200-0,H], ens-cache8.de5[415,0]
ali-swift-global-savetime: 1729081741
x-swift-savetime: Wed, 16 Oct 2024 12:29:01 GMT
accept-ranges: bytes
access-control-allow-origin: *
eagleid: a3b55c9c17290817411178351e
content-length: 31992
server: Tengine

GET
H3 200 slider-cover.png
ertrytj94.threeapples.workers.dev/static/images/ 3 KB
4 KB 797ms
797ms Image
image/png 172.67.136.235
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ertrytj94.threeapples.workers.dev/static/images/slider-cover.png
Requested by: Host: ertrytj94.threeapples.workers.dev
URL: https://ertrytj94.threeapples.workers.dev/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.136.235 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4dcef37cb13cff08822faed98d717a86e8df2364b33a4347695dd3502b5d4ff7

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://ertrytj94.threeapples.workers.dev/

Response headers

cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-cache-status: MISS
etag: "3ebb283c3cf8d51:0"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=WMKt0WF2Rc%2Fqn6F%2FnB%2BhUVGgM5daqmzwmQWWia%2B%2BLLeJ7V3%2FElompxvii19Mxo8zGzDgG4gXz8%2FzLs%2BPk05mFCj%2FYbzD50EFblWsKmYG1b8oO3aMzJAMtv8Sw6lmYDYLcvi08VouBL4r2AoPVn%2BNpX9hpe4%3D"}],"group":"cf-nel","max_age":604800}
cf-ray: 8d380d54bd4c9a1b-FRA
accept-ranges: bytes
alt-svc: h3=":443"; ma=86400
server-timing: cfExtPri
content-length: 3152
date: Wed, 16 Oct 2024 12:29:02 GMT
content-type: image/png
last-modified: Thu, 12 Mar 2020 07:02:46 GMT
vary: Accept-Encoding
server: cloudflare

GET
H2 200 8a4f8935f947c3555b0a132dd5c40278.jpg
fs.mingpao.com/mpm/settings/s00027/ 34 KB
34 KB 243ms
243ms Image
image/jpeg 163.181.92.181
TAOBAO Zhejiang T...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://fs.mingpao.com/mpm/settings/s00027/8a4f8935f947c3555b0a132dd5c40278.jpg
Requested by: Host: ertrytj94.threeapples.workers.dev
URL: https://ertrytj94.threeapples.workers.dev/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 163.181.92.181 Frankfurt am Main, Germany, ASN24429 (TAOBAO Zhejiang Taobao Network Co.,Ltd, CN),
Reverse DNS
Software: Tengine /
Resource Hash: 04c1b90950265ad54d86b0dd6bb85c464d13da561588c69de086d202a33b0b55

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://ertrytj94.threeapples.workers.dev/

Response headers

etag: "6a1b5b2aeb12db1:0"
age: 0
x-cache: HIT TCP_REFRESH_HIT dirn:11:384037533
date: Wed, 16 Oct 2024 12:29:02 GMT
content-type: image/jpeg
last-modified: Mon, 30 Sep 2024 03:45:17 GMT
x-swift-cachetime: 3600
timing-allow-origin: *
via: ens-cache10.l2de3[181,184,304-0,H], ens-cache16.l2de3[197,0], ens-cache8.de5[199,200,200-0,H], ens-cache8.de5[210,0]
ali-swift-global-savetime: 1729081742
x-swift-savetime: Wed, 16 Oct 2024 12:29:02 GMT
accept-ranges: bytes
access-control-allow-origin: *
eagleid: a3b55c9c17290817423467627e
content-length: 34547
server: Tengine

GET
H2 200 8a5761faf01d4de91a5d3f9f4f5f0544.jpg
fs.mingpao.com/mpm/settings/s00027/ 63 KB
63 KB 450ms
443ms Image
image/jpeg 163.181.92.181
TAOBAO Zhejiang T...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://fs.mingpao.com/mpm/settings/s00027/8a5761faf01d4de91a5d3f9f4f5f0544.jpg
Requested by: Host: ertrytj94.threeapples.workers.dev
URL: https://ertrytj94.threeapples.workers.dev/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 163.181.92.181 Frankfurt am Main, Germany, ASN24429 (TAOBAO Zhejiang Taobao Network Co.,Ltd, CN),
Reverse DNS
Software: Tengine /
Resource Hash: debb16ba6256a783021016187fde0d3245f5e0c986a398aedc02ce4df5cc4055

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://ertrytj94.threeapples.workers.dev/

Response headers

etag: "a223c048eb12db1:0"
age: 0
x-cache: HIT TCP_REFRESH_HIT dirn:12:594446337
date: Wed, 16 Oct 2024 12:29:02 GMT
content-type: image/jpeg
last-modified: Mon, 30 Sep 2024 03:46:08 GMT
x-swift-cachetime: 3600
timing-allow-origin: *
via: ens-cache5.l2de3[396,396,304-0,H], ens-cache5.l2de3[399,0], ens-cache1.de5[406,405,200-0,H], ens-cache8.de5[421,0]
ali-swift-global-savetime: 1729081742
x-swift-savetime: Wed, 16 Oct 2024 12:29:02 GMT
accept-ranges: bytes
access-control-allow-origin: *
eagleid: a3b55c9c17290817425028575e
content-length: 64386
server: Tengine

GET
H2 200 8a5fa513ee6d4519180f3e40e3eeedf2.jpg
fs.mingpao.com/mpm/settings/s00027/ 37 KB
37 KB 420ms
413ms Image
image/jpeg 163.181.92.181
TAOBAO Zhejiang T...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://fs.mingpao.com/mpm/settings/s00027/8a5fa513ee6d4519180f3e40e3eeedf2.jpg
Requested by: Host: ertrytj94.threeapples.workers.dev
URL: https://ertrytj94.threeapples.workers.dev/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 163.181.92.181 Frankfurt am Main, Germany, ASN24429 (TAOBAO Zhejiang Taobao Network Co.,Ltd, CN),
Reverse DNS
Software: Tengine /
Resource Hash: 550b73e0c0aec915a041325949acdb92f807c636fd8554e00346fff5a3c51b18

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://ertrytj94.threeapples.workers.dev/

Response headers

etag: "fc5b2a69eb12db1:0"
age: 0
x-cache: HIT TCP_REFRESH_HIT dirn:11:158237027
date: Wed, 16 Oct 2024 12:29:02 GMT
content-type: image/jpeg
last-modified: Mon, 30 Sep 2024 03:47:02 GMT
x-swift-cachetime: 3600
timing-allow-origin: *
via: ens-cache18.l2de3[368,367,304-0,H], ens-cache11.l2de3[370,0], ens-cache5.de5[373,373,200-0,H], ens-cache8.de5[404,0]
ali-swift-global-savetime: 1729081742
x-swift-savetime: Wed, 16 Oct 2024 12:29:02 GMT
accept-ranges: bytes
access-control-allow-origin: *
eagleid: a3b55c9c17290817425028587e
content-length: 38043
server: Tengine

GET
H2 200 924320d4db28fb2f2bbd754be42d95d2.jpg
fs.mingpao.com/mpm/settings/s00036/ 13 KB
13 KB 487ms
480ms Image
image/jpeg 163.181.92.181
TAOBAO Zhejiang T...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://fs.mingpao.com/mpm/settings/s00036/924320d4db28fb2f2bbd754be42d95d2.jpg
Requested by: Host: ertrytj94.threeapples.workers.dev
URL: https://ertrytj94.threeapples.workers.dev/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 163.181.92.181 Frankfurt am Main, Germany, ASN24429 (TAOBAO Zhejiang Taobao Network Co.,Ltd, CN),
Reverse DNS
Software: Tengine /
Resource Hash: 5a5176d831bcbcb91dbaa56013bbaa0e727420391705b5df454907e0694365bd

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://ertrytj94.threeapples.workers.dev/

Response headers

etag: "32ab7542a13db1:0"
age: 0
x-cache: HIT TCP_REFRESH_HIT dirn:12:336341973
date: Wed, 16 Oct 2024 12:29:02 GMT
content-type: image/jpeg
last-modified: Mon, 30 Sep 2024 07:27:52 GMT
x-swift-cachetime: 3600
timing-allow-origin: *
via: ens-cache11.l2de3[370,443,304-0,H], ens-cache10.l2de3[445,0], ens-cache13.de5[447,448,200-0,H], ens-cache8.de5[461,0]
ali-swift-global-savetime: 1729081742
x-swift-savetime: Wed, 16 Oct 2024 12:29:02 GMT
accept-ranges: bytes
access-control-allow-origin: *
eagleid: a3b55c9c17290817425028605e
content-length: 13116
server: Tengine

GET
H2 200 50d8f17adab77e113f4b0ed6b8b28127.jpg
fs.mingpao.com/mpm/settings/s00037/ 168 KB
169 KB 457ms
451ms Image
image/jpeg 163.181.92.181
TAOBAO Zhejiang T...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://fs.mingpao.com/mpm/settings/s00037/50d8f17adab77e113f4b0ed6b8b28127.jpg
Requested by: Host: ertrytj94.threeapples.workers.dev
URL: https://ertrytj94.threeapples.workers.dev/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 163.181.92.181 Frankfurt am Main, Germany, ASN24429 (TAOBAO Zhejiang Taobao Network Co.,Ltd, CN),
Reverse DNS
Software: Tengine /
Resource Hash: 1896028deda7561bb8447c54d86adc7af92538133a1710e483a236ff9e2873d9

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://ertrytj94.threeapples.workers.dev/

Response headers

etag: "9af092b33aadb1:0"
age: 0
x-cache: HIT TCP_REFRESH_HIT dirn:12:594450389
date: Wed, 16 Oct 2024 12:29:02 GMT
content-type: image/jpeg
last-modified: Thu, 19 Sep 2024 02:21:57 GMT
x-swift-cachetime: 3600
timing-allow-origin: *
via: ens-cache18.l2de3[374,385,304-0,H], ens-cache15.l2de3[387,0], ens-cache1.de5[401,419,200-0,H], ens-cache8.de5[440,0]
ali-swift-global-savetime: 1729081742
x-swift-savetime: Wed, 16 Oct 2024 12:29:02 GMT
accept-ranges: bytes
access-control-allow-origin: *
eagleid: a3b55c9c17290817425028613e
content-length: 172500
server: Tengine

GET
H3 200 p001.jpg
bbbb.airnasusa.cf/emag/book/2024-10/T1/ 440 KB
441 KB 2336ms
2330ms Image
image/jpeg 188.114.96.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://bbbb.airnasusa.cf/emag/book/2024-10/T1/p001.jpg
Requested by: Host: ertrytj94.threeapples.workers.dev
URL: https://ertrytj94.threeapples.workers.dev/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ec1716e17f07c7f5e72bfeb9f14aec816ff474824dbf366999096004b13e47d0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://ertrytj94.threeapples.workers.dev/

Response headers

cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-cache-status: MISS
etag: "efa3c677f11db1:0"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=UYrTMeyaPXQd3ctVotzhLaYjZLQsee4sIGdyQV8M7SKmVZ6bhS4Il%2F4iNBFtquz3%2BL4rWkvHNLudanUQNNxCfzHcMrKhlK6CXvWKQShEaOhB%2F8p0wNPINSFnCavyhkUcwrjB1g%3D%3D"}],"group":"cf-nel","max_age":604800}
cf-ray: 8d380d5bab6fa8f8-SIN
accept-ranges: bytes
alt-svc: h3=":443"; ma=86400
server-timing: cfExtPri
content-length: 451067
date: Wed, 16 Oct 2024 12:29:04 GMT
content-type: image/jpeg
last-modified: Fri, 27 Sep 2024 19:00:06 GMT
vary: Accept-Encoding
server: cloudflare

GET
H2 200 fb22a5729f3f38cb1e6ec069605c4bc4.jpg
fs.mingpao.com/mpm/settings/s00032/ 76 KB
77 KB 493ms
487ms Image
image/jpeg 163.181.92.181
TAOBAO Zhejiang T...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://fs.mingpao.com/mpm/settings/s00032/fb22a5729f3f38cb1e6ec069605c4bc4.jpg
Requested by: Host: ertrytj94.threeapples.workers.dev
URL: https://ertrytj94.threeapples.workers.dev/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 163.181.92.181 Frankfurt am Main, Germany, ASN24429 (TAOBAO Zhejiang Taobao Network Co.,Ltd, CN),
Reverse DNS
Software: Tengine /
Resource Hash: 92dd15ecb41ce8e723ab01b7f3f2ca9c684073f77a7e4cde8b122eb32698f0e3

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://ertrytj94.threeapples.workers.dev/

Response headers

etag: "f8e38333cead61:0"
age: 0
x-cache: HIT TCP_REFRESH_HIT dirn:12:418010278
date: Wed, 16 Oct 2024 12:29:02 GMT
content-type: image/jpeg
last-modified: Thu, 14 Jan 2021 06:12:13 GMT
x-swift-cachetime: 3600
timing-allow-origin: *
via: ens-cache3.l2de3[388,420,304-0,H], ens-cache11.l2de3[455,0], ens-cache3.de5[457,457,200-0,H], ens-cache8.de5[474,0]
ali-swift-global-savetime: 1729081742
x-swift-savetime: Wed, 16 Oct 2024 12:29:02 GMT
accept-ranges: bytes
access-control-allow-origin: *
eagleid: a3b55c9c17290817425028621e
content-length: 78057
server: Tengine

GET
H2 200 68533e3cecc34ae735151068f5f731ff.jpg
fs.mingpao.com/mpm/settings/s00032/ 822 KB
823 KB 455ms
448ms Image
image/jpeg 163.181.92.181
TAOBAO Zhejiang T...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://fs.mingpao.com/mpm/settings/s00032/68533e3cecc34ae735151068f5f731ff.jpg
Requested by: Host: ertrytj94.threeapples.workers.dev
URL: https://ertrytj94.threeapples.workers.dev/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 163.181.92.181 Frankfurt am Main, Germany, ASN24429 (TAOBAO Zhejiang Taobao Network Co.,Ltd, CN),
Reverse DNS
Software: Tengine /
Resource Hash: d6ef91a8d6ce940b5973efb82b2733e43da517383416b5a9b7b3a7daba4bf3ad

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://ertrytj94.threeapples.workers.dev/

Response headers

etag: "f9d29f47408ad61:0"
age: 0
x-cache: HIT TCP_REFRESH_HIT dirn:5:191944450
date: Wed, 16 Oct 2024 12:29:02 GMT
content-type: image/jpeg
last-modified: Mon, 14 Sep 2020 02:39:33 GMT
x-swift-cachetime: 3600
timing-allow-origin: *
via: ens-cache10.l2de3[369,392,304-0,H], ens-cache1.l2de3[394,0], ens-cache3.de5[399,419,200-0,H], ens-cache8.de5[436,0]
ali-swift-global-savetime: 1729081742
x-swift-savetime: Wed, 16 Oct 2024 12:29:02 GMT
accept-ranges: bytes
access-control-allow-origin: *
eagleid: a3b55c9c17290817425028635e
content-length: 841753
server: Tengine

GET
H2 200 e8dc9471ab5d7eda8de58134b4b2d21c.jpg
fs.mingpao.com/mpm/settings/s00032/ 32 KB
32 KB 485ms
479ms Image
image/jpeg 163.181.92.181
TAOBAO Zhejiang T...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://fs.mingpao.com/mpm/settings/s00032/e8dc9471ab5d7eda8de58134b4b2d21c.jpg
Requested by: Host: ertrytj94.threeapples.workers.dev
URL: https://ertrytj94.threeapples.workers.dev/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 163.181.92.181 Frankfurt am Main, Germany, ASN24429 (TAOBAO Zhejiang Taobao Network Co.,Ltd, CN),
Reverse DNS
Software: Tengine /
Resource Hash: 2b2df6ea1708e36840f554d26080cd87efc24ed9b9ee7b0b8446d7c49a48736e

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://ertrytj94.threeapples.workers.dev/

Response headers

etag: "f891ec5cc49d61:0"
age: 0
x-cache: HIT TCP_REFRESH_HIT dirn:10:929295943
date: Wed, 16 Oct 2024 12:29:02 GMT
content-type: image/jpeg
last-modified: Wed, 24 Jun 2020 02:11:28 GMT
x-swift-cachetime: 3600
timing-allow-origin: *
via: ens-cache18.l2de3[371,382,304-0,H], ens-cache9.l2de3[384,0], ens-cache3.de5[391,441,200-0,H], ens-cache8.de5[461,0]
ali-swift-global-savetime: 1729081742
x-swift-savetime: Wed, 16 Oct 2024 12:29:02 GMT
accept-ranges: bytes
access-control-allow-origin: *
eagleid: a3b55c9c17290817425028641e
content-length: 32523
server: Tengine

GET
H2 200 76d312afcf2651a26fe856e87b5f6d4d.jpg
fs.mingpao.com/mpm/settings/s00032/ 12 KB
12 KB 452ms
446ms Image
image/jpeg 163.181.92.181
TAOBAO Zhejiang T...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://fs.mingpao.com/mpm/settings/s00032/76d312afcf2651a26fe856e87b5f6d4d.jpg
Requested by: Host: ertrytj94.threeapples.workers.dev
URL: https://ertrytj94.threeapples.workers.dev/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 163.181.92.181 Frankfurt am Main, Germany, ASN24429 (TAOBAO Zhejiang Taobao Network Co.,Ltd, CN),
Reverse DNS
Software: Tengine /
Resource Hash: 9a762ccbec72f15f2ae7e1a1e615aded4c3f6ef4a497d1206e569c74e6f395d2

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://ertrytj94.threeapples.workers.dev/

Response headers

etag: "7fd03f257add81:0"
age: 0
x-cache: HIT TCP_REFRESH_HIT dirn:11:258453833
date: Wed, 16 Oct 2024 12:29:02 GMT
content-type: image/jpeg
last-modified: Thu, 11 Aug 2022 07:50:21 GMT
x-swift-cachetime: 3600
timing-allow-origin: *
via: ens-cache5.l2de3[361,391,304-0,H], ens-cache3.l2de3[393,0], ens-cache6.de5[400,400,200-0,H], ens-cache8.de5[425,0]
ali-swift-global-savetime: 1729081742
x-swift-savetime: Wed, 16 Oct 2024 12:29:02 GMT
accept-ranges: bytes
access-control-allow-origin: *
eagleid: a3b55c9c17290817425028647e
content-length: 12141
server: Tengine

GET
H3 200 mpc_logo.png
bbbb.airnasusa.cf/static/images/ 60 KB
61 KB 2161ms
2156ms Image
image/png 188.114.96.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://bbbb.airnasusa.cf/static/images/mpc_logo.png
Requested by: Host: ertrytj94.threeapples.workers.dev
URL: https://ertrytj94.threeapples.workers.dev/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6d1862b8191d2d7d3ddc5fb935211b8316203028f50fa865aa8230de6e6566ea

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://ertrytj94.threeapples.workers.dev/

Response headers

cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-cache-status: MISS
etag: "0586484a9f7d51:0"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=qCBKu49baQeoFqWjErcBBuNrR9K7wDrmDsqPAA%2BGtXut2IdMuMsIu12r7vqqohVO93G5kO6TUTWR9nNVGcm1kr6TgreXL0FPhaxLnp7WjOZs9wisb5vGQYdQSGBTWlfkOzeF%2Fw%3D%3D"}],"group":"cf-nel","max_age":604800}
cf-ray: 8d380d5bab77a8f8-SIN
accept-ranges: bytes
alt-svc: h3=":443"; ma=86400
server-timing: cfExtPri
content-length: 61845
date: Wed, 16 Oct 2024 12:29:04 GMT
content-type: image/png
last-modified: Wed, 11 Mar 2020 13:32:32 GMT
vary: Accept-Encoding
server: cloudflare

GET
H3 200 banner_l6.gif
bbbb.airnasusa.cf/static/images/ 5 KB
5 KB 1805ms
1800ms Image
image/gif 188.114.96.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://bbbb.airnasusa.cf/static/images/banner_l6.gif
Requested by: Host: ertrytj94.threeapples.workers.dev
URL: https://ertrytj94.threeapples.workers.dev/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e1c8692c13b885eaba7c46ad68373a48f380f20752e6efa6fd3adf95edf5c966

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://ertrytj94.threeapples.workers.dev/

Response headers

cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-cache-status: MISS
etag: "0586484a9f7d51:0"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=eOH8NIvCWpCpcsDUI0u37KO%2FvrImDMuyBnNz%2FaGDOmpA0G%2FLarAz%2FhWMf6me2yV9mjmAuATJiOSI6%2Fw8LxbV%2BFmIJFqGc3w3PpM%2F1yI9U%2BgRK1atvxsIdRQPp2mcItAdlI3xug%3D%3D"}],"group":"cf-nel","max_age":604800}
cf-ray: 8d380d5bab7aa8f8-SIN
accept-ranges: bytes
alt-svc: h3=":443"; ma=86400
server-timing: cfExtPri
content-length: 5122
date: Wed, 16 Oct 2024 12:29:04 GMT
content-type: image/gif
last-modified: Wed, 11 Mar 2020 13:32:32 GMT
vary: Accept-Encoding
server: cloudflare

GET
H3 200 banner_l7.gif
bbbb.airnasusa.cf/static/images/ 4 KB
5 KB 1625ms
1619ms Image
image/gif 188.114.96.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://bbbb.airnasusa.cf/static/images/banner_l7.gif
Requested by: Host: ertrytj94.threeapples.workers.dev
URL: https://ertrytj94.threeapples.workers.dev/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: caf5b513d25fbb70aa4bdbb26e3ebc1015feb8d2ac362e114b19fb0beb5f4cbc

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://ertrytj94.threeapples.workers.dev/

Response headers

cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-cache-status: MISS
etag: "0586484a9f7d51:0"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=ce2mj0g409qqeOomAHdMZesey0UWcwPFQcaRwlktDD9ynpABPVpN4MOod9pjf30Od97pLIuJRDRqyAMjIo75VazD%2BSuUiYwEMImsYp7K4LnTLhz1Fio7T7Np8bfNMVPCGcJqPA%3D%3D"}],"group":"cf-nel","max_age":604800}
cf-ray: 8d380d5bab7da8f8-SIN
accept-ranges: bytes
alt-svc: h3=":443"; ma=86400
server-timing: cfExtPri
content-length: 4479
date: Wed, 16 Oct 2024 12:29:04 GMT
content-type: image/gif
last-modified: Wed, 11 Mar 2020 13:32:32 GMT
vary: Accept-Encoding
server: cloudflare

GET
H3 200 banner_l5.gif
bbbb.airnasusa.cf/static/images/ 2 KB
2 KB 1529ms
1523ms Image
image/gif 188.114.96.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://bbbb.airnasusa.cf/static/images/banner_l5.gif
Requested by: Host: ertrytj94.threeapples.workers.dev
URL: https://ertrytj94.threeapples.workers.dev/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d65836e1d589fb9580a78e1782d4dadc8b53a57835a170b105ad079dff551127

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://ertrytj94.threeapples.workers.dev/

Response headers

cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-cache-status: MISS
etag: "0586484a9f7d51:0"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=omHD2ukRbDRFCTnsfCgejAfDsF%2BDGxy0XTSTwArVCTg8GBLbZ3xCrFmZs0BsNeA0ya6DGwpE%2BcF%2Bqtx7J%2BFXNqKbJFrJsx03UWww9%2FLfFzACc%2F17botd2HRO6%2BU01KF5ti5law%3D%3D"}],"group":"cf-nel","max_age":604800}
cf-ray: 8d380d5bab80a8f8-SIN
accept-ranges: bytes
alt-svc: h3=":443"; ma=86400
server-timing: cfExtPri
content-length: 2000
date: Wed, 16 Oct 2024 12:29:03 GMT
content-type: image/gif
last-modified: Wed, 11 Mar 2020 13:32:32 GMT
vary: Accept-Encoding
server: cloudflare

GET
H3 200 cookieconsent.min.js Show response
bbbb.airnasusa.cf/static/js/ 20 KB
7 KB 1910ms
1910ms Script
application/javascript 188.114.96.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://bbbb.airnasusa.cf/static/js/cookieconsent.min.js
Requested by: Host: ertrytj94.threeapples.workers.dev
URL: https://ertrytj94.threeapples.workers.dev/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e55842a856a6d829feca3c3ad736c136b6c7549e9247274f78aa296259e06e24

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://ertrytj94.threeapples.workers.dev/

Response headers

cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding: zstd
cf-cache-status: MISS
etag: W/"3fed8e77b2f6d51:0"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Xe4EAT7TkaQNKTpppvl3qiL6UuMRxOpalh8pqyJvOm105FHA%2B7f2%2B6lpmkYaJuE5BWc9FtFItTUda38IlVfvlUgtLWUrUDw9XrG2CnWl3lcMMv90fcNKn7XJ5EVQqLQzjo6thw%3D%3D"}],"group":"cf-nel","max_age":604800}
cf-ray: 8d380d5b8b39a8f8-SIN
alt-svc: h3=":443"; ma=86400
server-timing: cfExtPri
date: Wed, 16 Oct 2024 12:29:04 GMT
content-type: application/javascript
last-modified: Tue, 10 Mar 2020 08:04:04 GMT
vary: Accept-Encoding
server: cloudflare

GET
H3 404 recaptcha__zh_tw.js
www.gstatic.com/recaptcha/releases/YhkYx1k-yvvb8OonJPmOpoJY/ 0
0 528ms
479ms Script
text/html 172.217.16.195
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/YhkYx1k-yvvb8OonJPmOpoJY/recaptcha__zh_tw.js

Requested by

Host: bbbb.airnasusa.cf
URL: https://bbbb.airnasusa.cf/static/js/api.js

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.16.195 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s08-in-f3.1e100.net

Software

sffe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Origin: https://ertrytj94.threeapples.workers.dev
Referer: https://ertrytj94.threeapples.workers.dev/

Response headers

cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
access-control-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1624
date: Wed, 16 Oct 2024 12:29:03 GMT
x-xss-protection: 0
content-type: text/html; charset=UTF-8
server: sffe

GET
H3 200 gpt.js Show response
securepubads.g.doubleclick.net/tag/js/ 107 KB
33 KB 127ms
53ms Script
text/javascript 172.217.16.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/tag/js/gpt.js

Requested by

Host: bbbb.airnasusa.cf
URL: https://bbbb.airnasusa.cf/js/mpmadvert.js

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.16.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

zrh04s06-in-f130.1e100.net

Software

cafe /

Resource Hash

6b5f30162badf939fb69e8aa57726759e3cebca6325beac34579445eb27690d1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://ertrytj94.threeapples.workers.dev/

Response headers

content-encoding: br
etag: 485 / 20012 / 31088109 / config-hash: 7897950293940484989
x-content-type-options: nosniff
expires: Wed, 16 Oct 2024 12:29:02 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
date: Wed, 16 Oct 2024 12:29:02 GMT
content-type: text/javascript; charset=UTF-8
vary: Accept-Encoding
content-disposition: attachment; filename="f.txt"
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
content-length: 33321
x-xss-protection: 0
server: cafe

GET
H3 200 icon_slider_left.png
bbbb.airnasusa.cf/static/images/ 1 KB
2 KB 2074ms
2072ms Image
image/png 188.114.96.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://bbbb.airnasusa.cf/static/images/icon_slider_left.png
Requested by: Host: bbbb.airnasusa.cf
URL: https://bbbb.airnasusa.cf/static/css/main.css?v=1.4
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 733664ac0168d9b8001dee6bdf2a0f5e0e6ea951c57ba5159d808f6cad51f872

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://bbbb.airnasusa.cf/static/css/main.css?v=1.4

Response headers

cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-cache-status: MISS
etag: "2e27fc87b2f6d51:0"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=EqJhn%2Fh4nd0IAbTDrJMvn7i%2B5TfE%2BBSepXs7MDE%2FAHkhImpI9tm02givvs%2BGrCxGUDc3z2w05Gze4foqU4nA%2FIgQ%2BYLcshh%2Bkt00EHSHnqXFV4%2FAKa4MjXPAab5aqtif6motzw%3D%3D"}],"group":"cf-nel","max_age":604800}
cf-ray: 8d380d5bbba9a8f8-SIN
accept-ranges: bytes
alt-svc: h3=":443"; ma=86400
server-timing: cfExtPri
content-length: 1153
date: Wed, 16 Oct 2024 12:29:04 GMT
content-type: image/png
last-modified: Tue, 10 Mar 2020 08:04:32 GMT
vary: Accept-Encoding
server: cloudflare

GET
H3 200 icon_slider_right.png
bbbb.airnasusa.cf/static/images/ 1 KB
2 KB 1502ms
1500ms Image
image/png 188.114.96.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://bbbb.airnasusa.cf/static/images/icon_slider_right.png
Requested by: Host: bbbb.airnasusa.cf
URL: https://bbbb.airnasusa.cf/static/css/main.css?v=1.4
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7b29a89dccd63c5a9c8363bb6e44f9a164ea59a95539be11c783a6fbab35ab15

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://bbbb.airnasusa.cf/static/css/main.css?v=1.4

Response headers

cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-cache-status: MISS
etag: "2d1ca08bb2f6d51:0"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=z6FF3MLRMnbWCH1HDud50O7oU8zTE6c9WZwrBFozUmy1uuGmtsVKxjX7LeJyYaP1%2B1P5ekidi6x6RkINi0MUeZD8ehjhLeASIqdz5chx6uH436Q9FK256y0526c6bdOu7Uay5A%3D%3D"}],"group":"cf-nel","max_age":604800}
cf-ray: 8d380d5bbbb0a8f8-SIN
accept-ranges: bytes
alt-svc: h3=":443"; ma=86400
server-timing: cfExtPri
content-length: 1136
date: Wed, 16 Oct 2024 12:29:03 GMT
content-type: image/png
last-modified: Tue, 10 Mar 2020 08:04:38 GMT
vary: Accept-Encoding
server: cloudflare

GET
H3 200 btn-bg.png
bbbb.airnasusa.cf/static/images/ 1 KB
2 KB 1509ms
1507ms Image
image/png 188.114.96.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://bbbb.airnasusa.cf/static/images/btn-bg.png
Requested by: Host: bbbb.airnasusa.cf
URL: https://bbbb.airnasusa.cf/static/css/main.css?v=1.4
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: dcdf3bf4f8a89be20d6875229258e61cd9c3a510e694756ebec98d5d90bfce33

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://bbbb.airnasusa.cf/static/css/main.css?v=1.4

Response headers

cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-cache-status: MISS
etag: "bebebfae69f7d51:0"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=1MphiewkavRuJUcTaI7iBQXyvbUXCDetb%2BmFBJhdCKSKQp1Nj3Ze2uz2jmwDKZUN6xSE1w8i%2BHE9w6XyZ3VR5upPqlmbVBg%2FbI82VKjo73kz9LF%2BTsjESyfxuUnr3cmxyD%2FXwg%3D%3D"}],"group":"cf-nel","max_age":604800}
cf-ray: 8d380d5bbbb7a8f8-SIN
accept-ranges: bytes
alt-svc: h3=":443"; ma=86400
server-timing: cfExtPri
content-length: 1106
date: Wed, 16 Oct 2024 12:29:03 GMT
content-type: image/png
last-modified: Wed, 11 Mar 2020 05:55:35 GMT
vary: Accept-Encoding
server: cloudflare

GET
H2 200 891779fca4272f4118f8b042abb5f4f5.jpg
fs.mingpao.com/mpm/2024-10/s00007/ 52 KB
52 KB 520ms
516ms Image
image/jpeg 163.181.92.181
TAOBAO Zhejiang T...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://fs.mingpao.com/mpm/2024-10/s00007/891779fca4272f4118f8b042abb5f4f5.jpg
Requested by: Host: ertrytj94.threeapples.workers.dev
URL: https://ertrytj94.threeapples.workers.dev/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 163.181.92.181 Frankfurt am Main, Germany, ASN24429 (TAOBAO Zhejiang Taobao Network Co.,Ltd, CN),
Reverse DNS
Software: Tengine /
Resource Hash: ea427e862da0f0789701c4331b0b84e73c4c6f635e27493b760e24c138821711

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://ertrytj94.threeapples.workers.dev/

Response headers

etag: "5b765468e612db1:0"
age: 0
x-cache: HIT TCP_REFRESH_HIT dirn:11:821171649
date: Wed, 16 Oct 2024 12:29:02 GMT
content-type: image/jpeg
last-modified: Mon, 30 Sep 2024 03:11:13 GMT
x-swift-cachetime: 3600
timing-allow-origin: *
via: ens-cache12.l2de3[369,432,304-0,H], ens-cache6.l2de3[440,0], ens-cache1.de5[446,447,200-0,H], ens-cache8.de5[496,0]
ali-swift-global-savetime: 1729081743
x-swift-savetime: Wed, 16 Oct 2024 12:29:03 GMT
accept-ranges: bytes
access-control-allow-origin: *
eagleid: a3b55c9c17290817425258745e
content-length: 53161
server: Tengine

GET
H2 200 ef8d88e0e6d299c78390ab9bac9ec716.jpg
fs.mingpao.com/mpm/2024-10/s00010/ 19 KB
19 KB 316ms
312ms Image
image/jpeg 163.181.92.181
TAOBAO Zhejiang T...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://fs.mingpao.com/mpm/2024-10/s00010/ef8d88e0e6d299c78390ab9bac9ec716.jpg
Requested by: Host: ertrytj94.threeapples.workers.dev
URL: https://ertrytj94.threeapples.workers.dev/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 163.181.92.181 Frankfurt am Main, Germany, ASN24429 (TAOBAO Zhejiang Taobao Network Co.,Ltd, CN),
Reverse DNS
Software: Tengine /
Resource Hash: d642e58114bbcf48f1bb72d671c8a0e01ecb7e10f62568e909a9f7805f310286

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://ertrytj94.threeapples.workers.dev/

Response headers

etag: "787b88a18e10db1:0"
age: 0
x-cache: HIT TCP_REFRESH_HIT dirn:11:821171253
date: Wed, 16 Oct 2024 12:29:02 GMT
content-type: image/jpeg
last-modified: Fri, 27 Sep 2024 03:37:51 GMT
x-swift-cachetime: 3600
timing-allow-origin: *
via: ens-cache5.l2de3[189,190,304-0,H], ens-cache6.l2de3[208,0], ens-cache1.de5[227,227,200-0,H], ens-cache8.de5[288,0]
ali-swift-global-savetime: 1729081742
x-swift-savetime: Wed, 16 Oct 2024 12:29:02 GMT
accept-ranges: bytes
access-control-allow-origin: *
eagleid: a3b55c9c17290817425258757e
content-length: 19109
server: Tengine

GET
H2 200 f39088bc073e197bac64e5053a7a2867.jpg
fs.mingpao.com/mpm/settings/s00022/ 29 KB
30 KB 422ms
419ms Image
image/jpeg 163.181.92.181
TAOBAO Zhejiang T...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://fs.mingpao.com/mpm/settings/s00022/f39088bc073e197bac64e5053a7a2867.jpg
Requested by: Host: ertrytj94.threeapples.workers.dev
URL: https://ertrytj94.threeapples.workers.dev/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 163.181.92.181 Frankfurt am Main, Germany, ASN24429 (TAOBAO Zhejiang Taobao Network Co.,Ltd, CN),
Reverse DNS
Software: Tengine /
Resource Hash: 4d59cdc5274b65d3e962d266f7d46f92573fa05247a7b3a1b3d33e0da09afa91

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://ertrytj94.threeapples.workers.dev/

Response headers

etag: "5bb4e393f649d61:0"
age: 0
x-cache: HIT TCP_REFRESH_HIT dirn:11:272509293
date: Wed, 16 Oct 2024 12:29:02 GMT
content-type: image/jpeg
last-modified: Wed, 24 Jun 2020 07:10:44 GMT
x-swift-cachetime: 3600
timing-allow-origin: *
via: ens-cache9.l2de3[368,367,304-0,H], ens-cache2.l2de3[370,0], ens-cache10.de5[375,374,200-0,H], ens-cache8.de5[390,0]
ali-swift-global-savetime: 1729081742
x-swift-savetime: Wed, 16 Oct 2024 12:29:02 GMT
accept-ranges: bytes
access-control-allow-origin: *
eagleid: a3b55c9c17290817425258760e
content-length: 30116
server: Tengine

GET
H2 200 4ca40559d7ec695edb4746bad3e37758.jpg
fs.mingpao.com/mpm/settings/s00021/ 5 KB
5 KB 437ms
434ms Image
image/jpeg 163.181.92.181
TAOBAO Zhejiang T...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://fs.mingpao.com/mpm/settings/s00021/4ca40559d7ec695edb4746bad3e37758.jpg
Requested by: Host: ertrytj94.threeapples.workers.dev
URL: https://ertrytj94.threeapples.workers.dev/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 163.181.92.181 Frankfurt am Main, Germany, ASN24429 (TAOBAO Zhejiang Taobao Network Co.,Ltd, CN),
Reverse DNS
Software: Tengine /
Resource Hash: 80184c6a9d841c3254584df094aa329e08119d92f61953bf799bb76ee3aea56f

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://ertrytj94.threeapples.workers.dev/

Response headers

etag: "8365234f6ac4d61:0"
age: 0
x-cache: HIT TCP_REFRESH_HIT dirn:12:31670509
date: Wed, 16 Oct 2024 12:29:02 GMT
content-type: image/jpeg
last-modified: Fri, 27 Nov 2020 03:06:32 GMT
x-swift-cachetime: 3600
timing-allow-origin: *
via: ens-cache2.l2de3[376,384,304-0,H], ens-cache10.l2de3[388,0], ens-cache6.de5[391,391,200-0,H], ens-cache8.de5[407,0]
ali-swift-global-savetime: 1729081742
x-swift-savetime: Wed, 16 Oct 2024 12:29:02 GMT
accept-ranges: bytes
access-control-allow-origin: *
eagleid: a3b55c9c17290817425258764e
content-length: 5189
server: Tengine

GET
H2 200 9580a5cebbc2281db7bfc66c0e0ec7cf.jpg
fs.mingpao.com/mpm/settings/s00021/ 148 KB
148 KB 425ms
422ms Image
image/jpeg 163.181.92.181
TAOBAO Zhejiang T...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://fs.mingpao.com/mpm/settings/s00021/9580a5cebbc2281db7bfc66c0e0ec7cf.jpg
Requested by: Host: ertrytj94.threeapples.workers.dev
URL: https://ertrytj94.threeapples.workers.dev/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 163.181.92.181 Frankfurt am Main, Germany, ASN24429 (TAOBAO Zhejiang Taobao Network Co.,Ltd, CN),
Reverse DNS
Software: Tengine /
Resource Hash: 3ab832b2c04011c34e585322a9839916ba12fb62306fc1b1512c23ec2cb6f42d

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://ertrytj94.threeapples.workers.dev/

Response headers

etag: "67fa7e2f5750d61:0"
age: 0
x-cache: HIT TCP_REFRESH_HIT dirn:11:158236711
date: Wed, 16 Oct 2024 12:29:02 GMT
content-type: image/jpeg
last-modified: Thu, 02 Jul 2020 09:57:24 GMT
x-swift-cachetime: 3600
timing-allow-origin: *
via: ens-cache6.l2de3[368,369,304-0,H], ens-cache11.l2de3[372,0], ens-cache5.de5[374,375,200-0,H], ens-cache8.de5[390,0]
ali-swift-global-savetime: 1729081742
x-swift-savetime: Wed, 16 Oct 2024 12:29:02 GMT
accept-ranges: bytes
access-control-allow-origin: *
eagleid: a3b55c9c17290817425258770e
content-length: 151223
server: Tengine

GET
H2 200 ac402a19e3169f2b3922d69126aaa7d1.jpg
fs.mingpao.com/mpm/settings/s00026/ 90 KB
90 KB 424ms
420ms Image
image/jpeg 163.181.92.181
TAOBAO Zhejiang T...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://fs.mingpao.com/mpm/settings/s00026/ac402a19e3169f2b3922d69126aaa7d1.jpg
Requested by: Host: ertrytj94.threeapples.workers.dev
URL: https://ertrytj94.threeapples.workers.dev/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 163.181.92.181 Frankfurt am Main, Germany, ASN24429 (TAOBAO Zhejiang Taobao Network Co.,Ltd, CN),
Reverse DNS
Software: Tengine /
Resource Hash: 6d499f80c5b9c5c716e7773fed830f2f95dc7f65b29a4bc15a5b6d89a9f2e2cc

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://ertrytj94.threeapples.workers.dev/

Response headers

etag: "7ce532c96faed61:0"
age: 0
x-cache: HIT TCP_REFRESH_HIT dirn:12:368199998
date: Wed, 16 Oct 2024 12:29:02 GMT
content-type: image/jpeg
last-modified: Fri, 30 Oct 2020 03:50:19 GMT
x-swift-cachetime: 3600
timing-allow-origin: *
via: ens-cache3.l2de3[367,367,304-0,H], ens-cache15.l2de3[369,0], ens-cache8.de5[371,372,200-0,H], ens-cache8.de5[390,0]
ali-swift-global-savetime: 1729081742
x-swift-savetime: Wed, 16 Oct 2024 12:29:02 GMT
accept-ranges: bytes
access-control-allow-origin: *
eagleid: a3b55c9c17290817425258774e
content-length: 91664
server: Tengine

GET
H2 200 03539ac6c294c306a9560c7cf40911d1.jpg
fs.mingpao.com/mpm/settings/s00023/ 49 KB
49 KB 471ms
468ms Image
image/jpeg 163.181.92.181
TAOBAO Zhejiang T...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://fs.mingpao.com/mpm/settings/s00023/03539ac6c294c306a9560c7cf40911d1.jpg
Requested by: Host: ertrytj94.threeapples.workers.dev
URL: https://ertrytj94.threeapples.workers.dev/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 163.181.92.181 Frankfurt am Main, Germany, ASN24429 (TAOBAO Zhejiang Taobao Network Co.,Ltd, CN),
Reverse DNS
Software: Tengine /
Resource Hash: d3c1e68fc4bc2a76968b26980639f945779b2650051a5ae5e0c05b68e00bec00

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://ertrytj94.threeapples.workers.dev/

Response headers

etag: "63f11cd9538cd81:0"
age: 0
x-cache: HIT TCP_REFRESH_HIT dirn:12:527516150
date: Wed, 16 Oct 2024 12:29:02 GMT
content-type: image/jpeg
last-modified: Thu, 30 Jun 2022 07:34:36 GMT
x-swift-cachetime: 3600
timing-allow-origin: *
via: ens-cache12.l2de3[366,378,304-0,H], ens-cache5.l2de3[386,0], ens-cache5.de5[389,390,200-0,H], ens-cache8.de5[443,0]
ali-swift-global-savetime: 1729081742
x-swift-savetime: Wed, 16 Oct 2024 12:29:02 GMT
accept-ranges: bytes
access-control-allow-origin: *
eagleid: a3b55c9c17290817425258780e
content-length: 49979
server: Tengine

GET
H2 200 f39d9561fdacf44e385d5dd938e524de.jpg
fs.mingpao.com/mpm/settings/s00022/ 28 KB
28 KB 539ms
536ms Image
image/jpeg 163.181.92.181
TAOBAO Zhejiang T...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://fs.mingpao.com/mpm/settings/s00022/f39d9561fdacf44e385d5dd938e524de.jpg
Requested by: Host: ertrytj94.threeapples.workers.dev
URL: https://ertrytj94.threeapples.workers.dev/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 163.181.92.181 Frankfurt am Main, Germany, ASN24429 (TAOBAO Zhejiang Taobao Network Co.,Ltd, CN),
Reverse DNS
Software: Tengine /
Resource Hash: 0b930122af2e00b5c9ff7e97ef6c6f41d01cb99188e1ad183e7fd7b639626039

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://ertrytj94.threeapples.workers.dev/

Response headers

etag: "44e14dc8f649d61:0"
age: 0
x-cache: MISS TCP_MISS dirn:-2:-2
date: Wed, 16 Oct 2024 12:29:02 GMT
content-type: image/jpeg
last-modified: Wed, 24 Jun 2020 07:12:12 GMT
x-swift-cachetime: 3599
timing-allow-origin: *
via: ens-cache17.l2de3[370,376,200-0,H], ens-cache5.l2de3[378,0], ens-cache7.de5[427,427,200-0,M], ens-cache8.de5[518,0]
ali-swift-global-savetime: 1729081742
x-swift-savetime: Wed, 16 Oct 2024 12:29:03 GMT
accept-ranges: bytes
access-control-allow-origin: *
eagleid: a3b55c9c17290817425258789e
content-length: 28244
server: Tengine

GET
H2 200 f2b28d7bfdfdb05f3938ecc6d7640fe7.jpg
fs.mingpao.com/mpm/settings/s00021/ 32 KB
32 KB 472ms
470ms Image
image/jpeg 163.181.92.181
TAOBAO Zhejiang T...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://fs.mingpao.com/mpm/settings/s00021/f2b28d7bfdfdb05f3938ecc6d7640fe7.jpg
Requested by: Host: ertrytj94.threeapples.workers.dev
URL: https://ertrytj94.threeapples.workers.dev/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 163.181.92.181 Frankfurt am Main, Germany, ASN24429 (TAOBAO Zhejiang Taobao Network Co.,Ltd, CN),
Reverse DNS
Software: Tengine /
Resource Hash: 337902de2cc98c8dff8b07c398a7c33c4b4c34748e65b358a9bf873153d505a3

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://ertrytj94.threeapples.workers.dev/

Response headers

etag: "a335372ff349d61:0"
age: 0
x-cache: HIT TCP_REFRESH_HIT dirn:11:384036955
date: Wed, 16 Oct 2024 12:29:02 GMT
content-type: image/jpeg
last-modified: Wed, 24 Jun 2020 06:46:27 GMT
x-swift-cachetime: 3600
timing-allow-origin: *
via: ens-cache8.l2de3[374,389,304-0,H], ens-cache8.l2de3[390,0], ens-cache8.de5[393,393,200-0,H], ens-cache8.de5[446,0]
ali-swift-global-savetime: 1729081742
x-swift-savetime: Wed, 16 Oct 2024 12:29:02 GMT
accept-ranges: bytes
access-control-allow-origin: *
eagleid: a3b55c9c17290817425258797e
content-length: 32709
server: Tengine

GET
H2 200 f49d2f82e12bb52bd3613661e6498fd4.jpg
fs.mingpao.com/mpm/settings/s00023/ 42 KB
43 KB 486ms
483ms Image
image/jpeg 163.181.92.181
TAOBAO Zhejiang T...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://fs.mingpao.com/mpm/settings/s00023/f49d2f82e12bb52bd3613661e6498fd4.jpg
Requested by: Host: ertrytj94.threeapples.workers.dev
URL: https://ertrytj94.threeapples.workers.dev/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 163.181.92.181 Frankfurt am Main, Germany, ASN24429 (TAOBAO Zhejiang Taobao Network Co.,Ltd, CN),
Reverse DNS
Software: Tengine /
Resource Hash: c859be96de616000f8674c4957e7a5dd019251185209713651c6d9af7b909a6c

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://ertrytj94.threeapples.workers.dev/

Response headers

etag: "77af79acfa49d61:0"
age: 0
x-cache: HIT TCP_REFRESH_HIT dirn:11:821170972
date: Wed, 16 Oct 2024 12:29:02 GMT
content-type: image/jpeg
last-modified: Wed, 24 Jun 2020 07:40:03 GMT
x-swift-cachetime: 3600
timing-allow-origin: *
via: ens-cache11.l2de3[377,378,304-0,H], ens-cache5.l2de3[380,0], ens-cache1.de5[384,397,200-0,H], ens-cache8.de5[463,0]
ali-swift-global-savetime: 1729081742
x-swift-savetime: Wed, 16 Oct 2024 12:29:02 GMT
accept-ranges: bytes
access-control-allow-origin: *
eagleid: a3b55c9c17290817425258803e
content-length: 43463
server: Tengine

GET
H2 200 f4761c3c01633efd5b4e9f386de5d56c.jpg
fs.mingpao.com/mpm/settings/s00023/ 25 KB
26 KB 527ms
524ms Image
image/jpeg 163.181.92.181
TAOBAO Zhejiang T...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://fs.mingpao.com/mpm/settings/s00023/f4761c3c01633efd5b4e9f386de5d56c.jpg
Requested by: Host: ertrytj94.threeapples.workers.dev
URL: https://ertrytj94.threeapples.workers.dev/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 163.181.92.181 Frankfurt am Main, Germany, ASN24429 (TAOBAO Zhejiang Taobao Network Co.,Ltd, CN),
Reverse DNS
Software: Tengine /
Resource Hash: 6719dd6012b88079db333c12a5836e5d4bccdb12ed6f348088a2be0051d99ef7

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://ertrytj94.threeapples.workers.dev/

Response headers

etag: "ce55fc14fa49d61:0"
age: 1
x-cache: HIT TCP_REFRESH_HIT dirn:1:850152880
date: Wed, 16 Oct 2024 12:29:02 GMT
content-type: image/jpeg
last-modified: Wed, 24 Jun 2020 07:35:49 GMT
x-swift-cachetime: 3599
timing-allow-origin: *
via: ens-cache17.l2de3[383,383,304-0,H], ens-cache18.l2de3[413,0], ens-cache4.de5[429,483,200-0,H], ens-cache8.de5[504,0]
ali-swift-global-savetime: 1729081742
x-swift-savetime: Wed, 16 Oct 2024 12:29:03 GMT
accept-ranges: bytes
access-control-allow-origin: *
eagleid: a3b55c9c17290817425258808e
content-length: 25874
server: Tengine

GET
H2 200 f3eefe32e183d5a35fe8d8844624578c.jpg
fs.mingpao.com/mpm/settings/s00025/ 4 KB
5 KB 464ms
461ms Image
image/jpeg 163.181.92.181
TAOBAO Zhejiang T...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://fs.mingpao.com/mpm/settings/s00025/f3eefe32e183d5a35fe8d8844624578c.jpg
Requested by: Host: ertrytj94.threeapples.workers.dev
URL: https://ertrytj94.threeapples.workers.dev/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 163.181.92.181 Frankfurt am Main, Germany, ASN24429 (TAOBAO Zhejiang Taobao Network Co.,Ltd, CN),
Reverse DNS
Software: Tengine /
Resource Hash: bbbd4edd726d7a69067f4e434f37570c057a43a172ecbc02e3757088c613208b

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://ertrytj94.threeapples.workers.dev/

Response headers

etag: "4944433f849d61:0"
age: 0
x-cache: HIT TCP_REFRESH_HIT dirn:12:359637709
date: Wed, 16 Oct 2024 12:29:02 GMT
content-type: image/jpeg
last-modified: Wed, 24 Jun 2020 07:21:00 GMT
x-swift-cachetime: 3600
timing-allow-origin: *
via: ens-cache14.l2de3[373,374,304-0,H], ens-cache3.l2de3[375,0], ens-cache8.de5[377,376,200-0,H], ens-cache8.de5[430,0]
ali-swift-global-savetime: 1729081742
x-swift-savetime: Wed, 16 Oct 2024 12:29:02 GMT
accept-ranges: bytes
access-control-allow-origin: *
eagleid: a3b55c9c17290817425258817e
content-length: 4565
server: Tengine

GET
H2 200 f811541de11eea856e02a55b4dfd2b61.jpg
fs.mingpao.com/mpm/2024-10/s00011/ 40 KB
40 KB 510ms
507ms Image
image/jpeg 163.181.92.181
TAOBAO Zhejiang T...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://fs.mingpao.com/mpm/2024-10/s00011/f811541de11eea856e02a55b4dfd2b61.jpg
Requested by: Host: ertrytj94.threeapples.workers.dev
URL: https://ertrytj94.threeapples.workers.dev/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 163.181.92.181 Frankfurt am Main, Germany, ASN24429 (TAOBAO Zhejiang Taobao Network Co.,Ltd, CN),
Reverse DNS
Software: Tengine /
Resource Hash: 6a05b5a94bcc25fdca44e9e1f5c6e92dbe9029e3966cd430d395e0562655a250

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://ertrytj94.threeapples.workers.dev/

Response headers

etag: "58e25de5af10db1:0"
age: 0
x-cache: HIT TCP_REFRESH_HIT dirn:11:392339512
date: Wed, 16 Oct 2024 12:29:02 GMT
content-type: image/jpeg
last-modified: Fri, 27 Sep 2024 07:35:59 GMT
x-swift-cachetime: 3600
timing-allow-origin: *
via: ens-cache7.l2de3[381,399,304-0,H], ens-cache7.l2de3[431,0], ens-cache7.de5[471,454,200-0,H], ens-cache8.de5[488,0]
ali-swift-global-savetime: 1729081743
x-swift-savetime: Wed, 16 Oct 2024 12:29:03 GMT
accept-ranges: bytes
access-control-allow-origin: *
eagleid: a3b55c9c17290817425258825e
content-length: 40585
server: Tengine

GET
H2 200 ef25919bc1819cc5a2de6d94a7e49f9c.jpg
fs.mingpao.com/mpm/2024-10/s00012/ 29 KB
29 KB 247ms
244ms Image
image/jpeg 163.181.92.181
TAOBAO Zhejiang T...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://fs.mingpao.com/mpm/2024-10/s00012/ef25919bc1819cc5a2de6d94a7e49f9c.jpg
Requested by: Host: ertrytj94.threeapples.workers.dev
URL: https://ertrytj94.threeapples.workers.dev/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 163.181.92.181 Frankfurt am Main, Germany, ASN24429 (TAOBAO Zhejiang Taobao Network Co.,Ltd, CN),
Reverse DNS
Software: Tengine /
Resource Hash: 6ce7374a73bcef01a7eac31045895ec78692497e4f596a18ccf32958f6521eb0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://ertrytj94.threeapples.workers.dev/

Response headers

etag: "dbfbadb8d10db1:0"
age: 0
x-cache: HIT TCP_REFRESH_HIT dirn:11:49794788
date: Wed, 16 Oct 2024 12:29:02 GMT
content-type: image/jpeg
last-modified: Fri, 27 Sep 2024 03:26:30 GMT
x-swift-cachetime: 3600
timing-allow-origin: *
via: ens-cache16.l2de3[185,185,304-0,H], ens-cache1.l2de3[188,0], ens-cache11.de5[190,190,200-0,H], ens-cache8.de5[223,0]
ali-swift-global-savetime: 1729081742
x-swift-savetime: Wed, 16 Oct 2024 12:29:02 GMT
accept-ranges: bytes
access-control-allow-origin: *
eagleid: a3b55c9c17290817425258830e
content-length: 29373
server: Tengine

GET
H2 200 f00faa07a628fc7b7e0a1b612e8d268d.jpg
fs.mingpao.com/mpm/2024-10/s00013/ 31 KB
31 KB 434ms
432ms Image
image/jpeg 163.181.92.181
TAOBAO Zhejiang T...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://fs.mingpao.com/mpm/2024-10/s00013/f00faa07a628fc7b7e0a1b612e8d268d.jpg
Requested by: Host: ertrytj94.threeapples.workers.dev
URL: https://ertrytj94.threeapples.workers.dev/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 163.181.92.181 Frankfurt am Main, Germany, ASN24429 (TAOBAO Zhejiang Taobao Network Co.,Ltd, CN),
Reverse DNS
Software: Tengine /
Resource Hash: 66f63f92598af33d43fea0fcda63f0413ee2817643c6a307b33ffa58359f4268

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://ertrytj94.threeapples.workers.dev/

Response headers

etag: "1c79ab9d9010db1:0"
age: 0
x-cache: HIT TCP_REFRESH_HIT dirn:12:258076211
date: Wed, 16 Oct 2024 12:29:02 GMT
content-type: image/jpeg
last-modified: Fri, 27 Sep 2024 03:52:04 GMT
x-swift-cachetime: 3600
timing-allow-origin: *
via: ens-cache1.l2de3[364,364,304-0,H], ens-cache1.l2de3[366,0], ens-cache12.de5[368,369,200-0,H], ens-cache8.de5[398,0]
ali-swift-global-savetime: 1729081742
x-swift-savetime: Wed, 16 Oct 2024 12:29:02 GMT
accept-ranges: bytes
access-control-allow-origin: *
eagleid: a3b55c9c17290817425258833e
content-length: 31469
server: Tengine

GET
H2 200 ee674e8febc4cbb2070a3df101592cb3.jpg
fs.mingpao.com/mpm/2024-10/s00028/ 46 KB
47 KB 449ms
447ms Image
image/jpeg 163.181.92.181
TAOBAO Zhejiang T...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://fs.mingpao.com/mpm/2024-10/s00028/ee674e8febc4cbb2070a3df101592cb3.jpg
Requested by: Host: ertrytj94.threeapples.workers.dev
URL: https://ertrytj94.threeapples.workers.dev/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 163.181.92.181 Frankfurt am Main, Germany, ASN24429 (TAOBAO Zhejiang Taobao Network Co.,Ltd, CN),
Reverse DNS
Software: Tengine /
Resource Hash: 059acb78199c38759718ffe6509fee612817f9676c8beec8b82fc5f8b54bf977

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://ertrytj94.threeapples.workers.dev/

Response headers

etag: "d0502a258a10db1:0"
age: 0
x-cache: HIT TCP_REFRESH_HIT dirn:3:283875332
date: Wed, 16 Oct 2024 12:29:02 GMT
content-type: image/jpeg
last-modified: Fri, 27 Sep 2024 03:05:45 GMT
x-swift-cachetime: 3600
timing-allow-origin: *
via: ens-cache14.l2de3[368,369,304-0,H], ens-cache14.l2de3[384,0], ens-cache3.de5[394,400,200-0,H], ens-cache8.de5[426,0]
ali-swift-global-savetime: 1729081742
x-swift-savetime: Wed, 16 Oct 2024 12:29:02 GMT
accept-ranges: bytes
access-control-allow-origin: *
eagleid: a3b55c9c17290817425258839e
content-length: 47610
server: Tengine

GET
H2 200 f5aa970cf9996b25806eb30f47eb9790.jpg
fs.mingpao.com/mpm/2024-10/s00029/ 30 KB
31 KB 499ms
497ms Image
image/jpeg 163.181.92.181
TAOBAO Zhejiang T...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://fs.mingpao.com/mpm/2024-10/s00029/f5aa970cf9996b25806eb30f47eb9790.jpg
Requested by: Host: ertrytj94.threeapples.workers.dev
URL: https://ertrytj94.threeapples.workers.dev/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 163.181.92.181 Frankfurt am Main, Germany, ASN24429 (TAOBAO Zhejiang Taobao Network Co.,Ltd, CN),
Reverse DNS
Software: Tengine /
Resource Hash: 96c1d938b90285cc4ac541ea35928bdbb43f1722228c267eb2c70220bd75446e

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://ertrytj94.threeapples.workers.dev/

Response headers

etag: "52f49383a610db1:0"
age: 0
x-cache: HIT TCP_REFRESH_HIT dirn:12:586078591
date: Wed, 16 Oct 2024 12:29:02 GMT
content-type: image/jpeg
last-modified: Fri, 27 Sep 2024 06:28:49 GMT
x-swift-cachetime: 3600
timing-allow-origin: *
via: ens-cache16.l2de3[359,360,304-0,H], ens-cache14.l2de3[364,0], ens-cache1.de5[395,394,200-0,H], ens-cache8.de5[475,0]
ali-swift-global-savetime: 1729081742
x-swift-savetime: Wed, 16 Oct 2024 12:29:02 GMT
accept-ranges: bytes
access-control-allow-origin: *
eagleid: a3b55c9c17290817425258846e
content-length: 31013
server: Tengine

GET
H2 200 f64df8b4a68d8ff36c6a57c76ba94560.jpg
fs.mingpao.com/mpm/2024-10/s00030/ 25 KB
25 KB 465ms
463ms Image
image/jpeg 163.181.92.181
TAOBAO Zhejiang T...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://fs.mingpao.com/mpm/2024-10/s00030/f64df8b4a68d8ff36c6a57c76ba94560.jpg
Requested by: Host: ertrytj94.threeapples.workers.dev
URL: https://ertrytj94.threeapples.workers.dev/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 163.181.92.181 Frankfurt am Main, Germany, ASN24429 (TAOBAO Zhejiang Taobao Network Co.,Ltd, CN),
Reverse DNS
Software: Tengine /
Resource Hash: c08362ed9349936de2fd6f30501d153300f037a046ca269b80bf611728432207

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://ertrytj94.threeapples.workers.dev/

Response headers

etag: "bf7a8f1a910db1:0"
age: 0
x-cache: HIT TCP_REFRESH_HIT dirn:12:359637699
date: Wed, 16 Oct 2024 12:29:02 GMT
content-type: image/jpeg
last-modified: Fri, 27 Sep 2024 06:46:39 GMT
x-swift-cachetime: 3600
timing-allow-origin: *
via: ens-cache5.l2de3[367,367,304-0,H], ens-cache16.l2de3[371,0], ens-cache8.de5[374,373,200-0,H], ens-cache8.de5[432,0]
ali-swift-global-savetime: 1729081742
x-swift-savetime: Wed, 16 Oct 2024 12:29:02 GMT
accept-ranges: bytes
access-control-allow-origin: *
eagleid: a3b55c9c17290817425258850e
content-length: 25206
server: Tengine

GET
H2 200 f8566462b5235cb17c15e43888b3025a.jpg
fs.mingpao.com/mpm/2024-10/s00015/ 48 KB
49 KB 308ms
307ms Image
image/jpeg 163.181.92.181
TAOBAO Zhejiang T...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://fs.mingpao.com/mpm/2024-10/s00015/f8566462b5235cb17c15e43888b3025a.jpg
Requested by: Host: ertrytj94.threeapples.workers.dev
URL: https://ertrytj94.threeapples.workers.dev/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 163.181.92.181 Frankfurt am Main, Germany, ASN24429 (TAOBAO Zhejiang Taobao Network Co.,Ltd, CN),
Reverse DNS
Software: Tengine /
Resource Hash: 4f00f9ed283ca0b8229dcfc651fdf76145a847159ca25d18708e8a5bbe3747f6

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://ertrytj94.threeapples.workers.dev/

Response headers

etag: "7739af2b010db1:0"
age: 0
x-cache: HIT TCP_REFRESH_HIT dirn:11:150250521
date: Wed, 16 Oct 2024 12:29:02 GMT
content-type: image/jpeg
last-modified: Fri, 27 Sep 2024 07:43:30 GMT
x-swift-cachetime: 3600
timing-allow-origin: *
via: ens-cache1.l2de3[184,223,304-0,H], ens-cache10.l2de3[224,0], ens-cache5.de5[227,227,200-0,H], ens-cache8.de5[285,0]
ali-swift-global-savetime: 1729081742
x-swift-savetime: Wed, 16 Oct 2024 12:29:02 GMT
accept-ranges: bytes
access-control-allow-origin: *
eagleid: a3b55c9c17290817425258860e
content-length: 49586
server: Tengine

GET
H3 200 search.png
bbbb.airnasusa.cf/static/images/ 1 KB
1 KB 1807ms
1806ms Image
image/png 188.114.96.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://bbbb.airnasusa.cf/static/images/search.png
Requested by: Host: bbbb.airnasusa.cf
URL: https://bbbb.airnasusa.cf/static/css/main.css?v=1.4
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2b28b5b1ff4a807ec281585c160c2fe05696e54814b02498d6c28258dccd93f9

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://bbbb.airnasusa.cf/static/css/main.css?v=1.4

Response headers

cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-cache-status: MISS
etag: "2e515036ef7d51:0"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=RGIw4cm8J1QxgZPvYtTNKFU11e3AJ2cXaR52z3Jg4BK3nimbu1u%2F1Jur8hY%2BMECTtCwgCyVJAwReWfezNiO2FA4QQWZzx2FLWPZHlO3oU4lSNVSmvs0F8RgJgYKAOoNMOKznTQ%3D%3D"}],"group":"cf-nel","max_age":604800}
cf-ray: 8d380d5bbbbfa8f8-SIN
accept-ranges: bytes
alt-svc: h3=":443"; ma=86400
server-timing: cfExtPri
content-length: 1028
date: Wed, 16 Oct 2024 12:29:04 GMT
content-type: image/png
last-modified: Wed, 11 Mar 2020 06:26:35 GMT
vary: Accept-Encoding
server: cloudflare

GET fa-regular-400.woff2
bbbb.airnasusa.cf/static/fonts/ 0
0

GET fontawesome-webfont.woff2
bbbb.airnasusa.cf/static/css/font-awesome/fonts/ 0
0

GET fa-solid-900.woff2
bbbb.airnasusa.cf/static/fonts/ 0
0

GET
H3 200 sdk.js Show response
connect.facebook.net/zh_TW/ 283 KB
81 KB 12ms
11ms Script
application/x-javascript 157.240.253.1
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/zh_TW/sdk.js?hash=5daa3f452fde7af74e20230d173684bd

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/zh_TW/sdk.js

Protocol

Security

QUIC, , AES_128_GCM

Server

157.240.253.1 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

xx-fbcdn-shv-02-fra5.fbcdn.net

Software

Resource Hash

dc677724ba38a275256838df9edec6971af5005383f2ddfe96f37e6809e74e5a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Origin: https://ertrytj94.threeapples.workers.dev
Referer: https://ertrytj94.threeapples.workers.dev/

Response headers

content-md5: 2mduQ3IPWl4hmlyprCbl5Q==
access-control-expose-headers: X-FB-Content-MD5
content-encoding: gzip
etag: "1f0358096090c8661dd62bddd5544929"
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
x-content-type-options: nosniff
expires: Thu, 16 Oct 2025 08:29:15 GMT
alt-svc: h3=":443"; ma=86400
date: Wed, 16 Oct 2024 12:29:02 GMT
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
priority: u=3,i
x-frame-options: DENY
strict-transport-security: max-age=31536000; preload; includeSubDomains
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
x-fb-content-md5: ecb295ce71a197e0f7b71ae78a7d1e5f
cache-control: public,max-age=31536000,stale-while-revalidate=3600,immutable
timing-allow-origin: *
cross-origin-opener-policy: same-origin-allow-popups
x-fb-connection-quality: EXCELLENT; q=0.9, rtt=6, rtx=0, c=27, mss=1232, tbw=8885, tp=16, tpl=0, uplat=1, ullat=-1
x-fb-debug: +jRR+KgNAmBvBRbBJFDT9bzqQ8nDWyeLgarK6+tQHTnwqOgEMa1zJeNZJQleFBR1KNSFVR0x+861FXEKfwA4/Q==
cross-origin-resource-policy: cross-origin
permissions-policy: accelerometer=(), attribution-reporting=(), autoplay=(), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
document-policy: force-load-at-top
access-control-allow-origin: *
content-length: 82712
origin-agent-cluster: ?1

GET
H3 200 pubads_impl.js Show response
securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202410150101/ 478 KB
148 KB 43ms
42ms Script
text/javascript 172.217.16.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202410150101/pubads_impl.js?cb=31088109

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.16.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

zrh04s06-in-f130.1e100.net

Software

cafe /

Resource Hash

592e81b6cea7d6e226497bfa57722b8ae306281cf092d243bc96f4688c1147c2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://ertrytj94.threeapples.workers.dev/

Response headers

content-encoding: br
etag: 8653127067744972146
age: 8862
x-content-type-options: nosniff
expires: Thu, 16 Oct 2025 10:01:20 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
date: Wed, 16 Oct 2024 10:01:20 GMT
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
vary: Accept-Encoding
cache-control: public, immutable, max-age=31536000
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
content-length: 151948
x-xss-protection: 0
server: cafe

GET
H3 200 ppub_config Show response
securepubads.g.doubleclick.net/pagead/ 81 B
86 B 122ms
44ms XHR
application/json 172.217.16.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/ppub_config?ippd=ertrytj94.threeapples.workers.dev

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.16.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

zrh04s06-in-f130.1e100.net

Software

cafe /

Resource Hash

f816f00cec4fb8b7ffef8a55d7ad6a407ca477b374d2c14928d63b8706e7c011

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://ertrytj94.threeapples.workers.dev/

Response headers

cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
content-encoding: br
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
expires: Wed, 16 Oct 2024 12:29:02 GMT
access-control-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-length: 62
date: Wed, 16 Oct 2024 12:29:02 GMT
x-xss-protection: 0
content-type: application/json; charset=UTF-8
content-disposition: attachment; filename="f.txt"
server: cafe

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 318 KB
105 KB 59ms
59ms Script
application/javascript 2a00:1450:4001:81c::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-7435193Z78&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-4717822-61

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

13e0f4b7e063454f3fee678574e4f739e138f2779b1829418b40d973361596e4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://ertrytj94.threeapples.workers.dev/

Response headers

content-encoding: br
report-to: {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcycc:838:0"}],}
expires: Wed, 16 Oct 2024 12:29:02 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Wed, 16 Oct 2024 12:29:02 GMT
content-type: application/javascript; charset=UTF-8
vary: Accept-Encoding
access-control-allow-headers: Cache-Control
strict-transport-security: max-age=31536000; includeSubDomains
cache-control: private, max-age=900
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcycc:838:0
access-control-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to=coop_reporting
content-length: 107668
x-xss-protection: 0
server: Google Tag Manager

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 52 KB
21 KB 125ms
38ms Script
text/javascript 2a00:1450:4001:82b::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-4717822-61

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://ertrytj94.threeapples.workers.dev/

Response headers

content-encoding: gzip
age: 3767
report-to: {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsgac:225:0"}],}
x-content-type-options: nosniff
expires: Wed, 16 Oct 2024 13:26:15 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Wed, 16 Oct 2024 11:26:15 GMT
last-modified: Tue, 12 Dec 2023 18:09:08 GMT
content-type: text/javascript
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains; preload
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsgac:225:0
cross-origin-opener-policy-report-only: same-origin; report-to=coop_reporting
content-length: 20994
server: Golfe2

POST
H2 204 collect
region1.analytics.google.com/g/ 0
0 60ms
21ms Fetch
text/plain 2001:4860:4802:32::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.analytics.google.com/g/collect?v=2&tid=G-7435193Z78&gtm=45je4ae0v9103404907za200&_p=1729081742490&_gaz=1&gcd=13l3l3l2l1l1&npa=1&dma_cps=syphamo&dma=1&tag_exp=101529666~101686685&cid=589779022.1729081743&ul=de-de&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&are=1&frm=0&pscdl=noapi&_eu=AAAI&_s=1&sid=1729081742&sct=1&seg=0&dl=https%3A%2F%2Fertrytj94.threeapples.workers.dev%2F&dt=%E6%98%8E%E5%A0%B1%E6%9C%88%E5%88%8A&en=page_view&_fv=1&_nsi=1&_ss=1&tfd=4602
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-7435193Z78&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://ertrytj94.threeapples.workers.dev/

Response headers

cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsggc:136:0
report-to: {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsggc:136:0"}],}
expires: Fri, 01 Jan 1990 00:00:00 GMT
access-control-allow-origin: https://ertrytj94.threeapples.workers.dev
cross-origin-opener-policy-report-only: same-origin; report-to=coop_reporting
content-length: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Wed, 16 Oct 2024 12:29:02 GMT
content-type: text/plain
server: Golfe2

POST
H2 204 collect
stats.g.doubleclick.net/g/ 0
567 B 71ms
26ms Ping
text/plain 2a00:1450:400c:c00::9a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://stats.g.doubleclick.net/g/collect?v=2&tid=G-7435193Z78&cid=589779022.1729081743&gtm=45je4ae0v9103404907za200&aip=1&dma=1&dma_cps=syphamo&gcd=13l3l3l2l1l1&npa=1&frm=0&tag_exp=101529666~101686685
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-7435193Z78&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:400c:c00::9a Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://ertrytj94.threeapples.workers.dev/

Response headers

cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsggc:111:0
report-to: {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsggc:111:0"}],}
expires: Fri, 01 Jan 1990 00:00:00 GMT
access-control-allow-origin: https://ertrytj94.threeapples.workers.dev
cross-origin-opener-policy-report-only: same-origin; report-to=coop_reporting
content-length: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Wed, 16 Oct 2024 12:29:02 GMT
content-type: text/plain
server: Golfe2

GET
H3 200 ga-audiences
www.google.de/ads/ 42 B
63 B 127ms
74ms Image
image/gif 172.217.18.99
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-7435193Z78&cid=589779022.1729081743&gtm=45je4ae0v9103404907za200&aip=1&dma=1&dma_cps=syphamo&gcd=13l3l3l2l1l1&npa=1&frm=0&tag_exp=101529666~101686685&tag_exp=101529666~101686685&z=1108360899

Requested by

Host: ertrytj94.threeapples.workers.dev
URL: https://ertrytj94.threeapples.workers.dev/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.18.99 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

zrh04s05-in-f99.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://ertrytj94.threeapples.workers.dev/

Response headers

cache-control: no-cache, no-store, must-revalidate
timing-allow-origin: *
pragma: no-cache
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
expires: Fri, 01 Jan 1990 00:00:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-length: 42
date: Wed, 16 Oct 2024 12:29:02 GMT
x-xss-protection: 0
content-type: image/gif
server: cafe

POST
H2 200 collect Show response
www.google-analytics.com/j/ 1 B
432 B 43ms
43ms XHR
text/plain 2a00:1450:4001:82b::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j101&a=1105226083&t=pageview&_s=1&dl=https%3A%2F%2Fertrytj94.threeapples.workers.dev%2F&ul=de-de&de=UTF-8&dt=%E6%98%8E%E5%A0%B1%E6%9C%88%E5%88%8A&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YADAAUABAAAAACAAI~&jid=1443227211&gjid=1341969072&cid=589779022.1729081743&tid=UA-4717822-61&_gid=1045018121.1729081743&_r=1&gtm=457e4ae0za200&gcd=13l3l3l2l1l1&dma_cps=syphamo&dma=1&tag_exp=101686685&jsscut=1&npa=1&z=2132809954

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Content-Type: text/plain
Referer: https://ertrytj94.threeapples.workers.dev/

Response headers

report-to: {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsgac:175:0"}],}
x-content-type-options: nosniff
expires: Fri, 01 Jan 1990 00:00:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Wed, 16 Oct 2024 12:29:02 GMT
last-modified: Sun, 17 May 1998 03:00:00 GMT
content-type: text/plain
cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsgac:175:0
access-control-allow-origin: https://ertrytj94.threeapples.workers.dev
cross-origin-opener-policy-report-only: same-origin; report-to=coop_reporting
content-length: 1
server: Golfe2

GET fa-regular-400.woff
bbbb.airnasusa.cf/static/fonts/ 0
0

GET fontawesome-webfont.woff
bbbb.airnasusa.cf/static/css/font-awesome/fonts/ 0
0

GET fa-solid-900.woff
bbbb.airnasusa.cf/static/fonts/ 0
0

GET
H2 200 page.php
www.facebook.com/v6.0/plugins/ Frame F052 0
0 267ms
223ms Document
text/html 2a03:2880:f177:185:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/v6.0/plugins/page.php?adapt_container_width=true&app_id=881937541953801&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df6d843fd305fefb5e%26domain%3Dertrytj94.threeapples.workers.dev%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Fertrytj94.threeapples.workers.dev%252Ffaf8305b469649e42%26relation%3Dparent.parent&container_width=300&height=130&hide_cover=false&href=https%3A%2F%2Fwww.facebook.com%2Fmingpaomonthly&locale=zh_TW&sdk=joey&show_facepile=false&small_header=false&tabs=timeline&width=

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/zh_TW/sdk.js?hash=5daa3f452fde7af74e20230d173684bd

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f177:185:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	default-src data: blob: 'self' https://.fbsbx.com 'unsafe-inline' .facebook.com .fbcdn.net 'unsafe-eval';script-src .facebook.com .fbcdn.net .facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'unsafe-eval' https://.google-analytics.com .google.com;style-src .fbcdn.net data: .facebook.com 'unsafe-inline' https://fonts.googleapis.com;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com:* wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: .cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net .fbsbx.com .fb.com https://.google-analytics.com;font-src data: .facebook.com .fbcdn.net .fbsbx.com https://fonts.gstatic.com;img-src .fbcdn.net .facebook.com data: https://.fbsbx.com facebook.com .cdninstagram.com fbsbx.com fbcdn.net connect.facebook.net .carriersignal.info blob: android-webview-video-poster: .whatsapp.net .fb.com .oculuscdn.com .tenor.co .tenor.com .giphy.com https://paywithmybank.com/ https://.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://.google-analytics.com;media-src .cdninstagram.com blob: .fbcdn.net .fbsbx.com www.facebook.com .facebook.com data: .tenor.co .tenor.com https://.giphy.com;frame-src .facebook.com .fbsbx.com fbsbx.com data: www.instagram.com .fbcdn.net https://paywithmybank.com/ https://.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://www.google.com https://td.doubleclick.net .google.com .doubleclick.net;worker-src blob: .facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ertrytj94.threeapples.workers.dev/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36

Response headers

alt-svc: h3=":443"; ma=86400
cache-control: private, no-cache, no-store, must-revalidate
content-encoding: zstd
content-security-policy: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net 'unsafe-eval';script-src *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'unsafe-eval' https://*.google-analytics.com *.google.com;style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline' https://fonts.googleapis.com;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com https://*.google-analytics.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com https://fonts.gstatic.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: *.whatsapp.net *.fb.com *.oculuscdn.com *.tenor.co *.tenor.com *.giphy.com https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://*.google-analytics.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data: *.tenor.co *.tenor.com https://*.giphy.com;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://www.google.com https://td.doubleclick.net *.google.com *.doubleclick.net;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
content-type: text/html; charset="utf-8"
cross-origin-opener-policy: unsafe-none;report-to="coop_report"
cross-origin-resource-policy: cross-origin
date: Wed, 16 Oct 2024 12:29:04 GMT
document-policy: force-load-at-top
expires: Sat, 01 Jan 2000 00:00:00 GMT
facebook-api-version: v15.0
origin-agent-cluster: ?0
permissions-policy: accelerometer=(), attribution-reporting=(self), autoplay=(), bluetooth=(), browsing-topics=(self), camera=(self), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(self), clipboard-write=(self), compute-pressure=(), display-capture=(self), encrypted-media=(self), fullscreen=(self), gamepad=*, geolocation=(self), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(self), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(self), midi=(), otp-credentials=(), payment=(), picture-in-picture=(self), private-state-token-issuance=(), publickey-credentials-get=(self), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), unload=(self), window-management=(), xr-spatial-tracking=(self);report-to="permissions_policy"
pragma: no-cache
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown&brsid=7426349544489068052"}]}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", default="https://www.facebook.com/ajax/browser_error_reports/?device_level=unknown&brsid=7426349544489068052", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
strict-transport-security: max-age=15552000; preload
vary: Accept-Encoding
x-content-type-options: nosniff
x-fb-connection-quality: EXCELLENT; q=0.9, rtt=12, rtx=0, c=10, mss=1368, tbw=2918, tp=-1, tpl=-1, uplat=215, ullat=0
x-fb-debug: fc0axXucTeQfR9+8r76iPAwc2Vr3UEohjZo0TA+YX+png5uTHK0cGcfQj2BKsCLqBp6HijC9FcvBxfNRmKK3Og==
x-xss-protection: 0

GET fa-regular-400.ttf
bbbb.airnasusa.cf/static/fonts/ 0
0

GET fontawesome-webfont.ttf
bbbb.airnasusa.cf/static/css/font-awesome/fonts/ 0
0

GET fa-solid-900.ttf
bbbb.airnasusa.cf/static/fonts/ 0
0

GET
H2 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 17 KB
13 KB 145ms
51ms XHR
application/json 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=m202410150101&st=env

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202410150101/pubads_impl.js?cb=31088109

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d16f0d9322648fc1172eb8208f912f20bad8ac0851c887a1c7868274d5f7dc88

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://ertrytj94.threeapples.workers.dev/

Response headers

timing-allow-origin: *
content-encoding: br
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
access-control-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-length: 12891
date: Wed, 16 Oct 2024 12:29:07 GMT
x-xss-protection: 0
content-type: application/json; charset=UTF-8
content-disposition: attachment; filename="f.txt"
server: cafe

GET
H2 200 ads Show response
pagead2.googlesyndication.com/gampad/ 72 KB
27 KB 486ms
440ms Fetch
text/plain 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/gampad/ads?pvsid=2251526090078478&correlator=2028073175884255&eid=31079957%2C31088084%2C31088109&output=ldjh&gdfp_req=1&vrg=202410150101&ptt=17&impl=fifs&iu_parts=7101%2CMPC_GPT_Monthly%2Cfrontpage%2Ctopsb_728x90&enc_prev_ius=%2F0%2F1%2F2%2F3&prev_iu_szs=728x90%7C728x250%7C728x150%7C996x90%7C996x250%7C970x90%7C970x150%7C970x250&ifi=1&sfv=1-0-40&eri=1&sc=1&abxe=1&dt=1729081747066&lmt=1729081747&adxs=581&adys=65&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=1&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=120&dmc=8&bc=31&nvt=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&url=https%3A%2F%2Fertrytj94.threeapples.workers.dev%2F&vis=1&psz=869x0&msz=728x0&fws=128&ohw=0&td=1&tan=36215903-20fe-4479-9578-e0ca85bb95c7&tdf=2&topics=5&tps=5&htps=5&nt=1&psd=WzE1LFtdLG51bGwsM10.&dlt=1729081740540&idt=2263&adks=2024665842&frm=20

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202410150101/pubads_impl.js?cb=31088109

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e33e41ef7541fd82c2ef18d08123e02ffde629e68dce7d0b84c721961eefeb12

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://ertrytj94.threeapples.workers.dev/

Response headers

content-encoding: br
google-lineitem-id: 6794855697
x-content-type-options: nosniff
google-mediationtag-id: -2
google-mediationgroup-id: -2
expires: Fri, 01 Jan 1990 00:00:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
date: Wed, 16 Oct 2024 12:29:07 GMT
content-type: text/plain; charset=UTF-8
google-creative-id: 138491899530
cache-control: no-cache, must-revalidate
timing-allow-origin: *
pragma: no-cache
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
access-control-allow-origin: https://ertrytj94.threeapples.workers.dev
content-length: 27334
x-xss-protection: 0
server: cafe

GET
H2 200 ads Show response
pagead2.googlesyndication.com/gampad/ 51 KB
20 KB 141ms
97ms Fetch
text/plain 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/gampad/ads?pvsid=2251526090078478&correlator=4501031173086370&eid=31079957%2C31088084%2C31088109&output=ldjh&gdfp_req=1&vrg=202410150101&ptt=17&impl=fifs&iu_parts=7101%2CMPC_GPT_Monthly%2Cfrontpage%2Clrec1_300x250&enc_prev_ius=%2F0%2F1%2F2%2F3&prev_iu_szs=300x50%7C300x100%7C300x250%7C300x600%7C320x50%7C320x100%7C336x280%7C300x600&ifi=2&sfv=1-0-40&eri=1&sc=1&abxe=1&dt=1729081747088&lmt=1729081747&adxs=1080&adys=349&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=2&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=120&dmc=8&bc=31&nvt=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&url=https%3A%2F%2Fertrytj94.threeapples.workers.dev%2F&vis=1&psz=300x113&msz=300x0&fws=132&ohw=300&td=1&tan=36215903-20fe-4479-9578-e0ca85bb95c8&tdf=2&topics=5&tps=5&htps=5&nt=1&psd=WzE1LFtdLG51bGwsM10.&dlt=1729081740540&idt=2263&adks=4178820884&frm=20

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202410150101/pubads_impl.js?cb=31088109

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

493baac3d5baf968932fbe557a97ee285c4eb17256645513c5db3d63fae650df

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://ertrytj94.threeapples.workers.dev/

Response headers

content-encoding: br
google-lineitem-id: 223174748
x-content-type-options: nosniff
google-mediationtag-id: -2
google-mediationgroup-id: -2
expires: Fri, 01 Jan 1990 00:00:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
date: Wed, 16 Oct 2024 12:29:07 GMT
content-type: text/plain; charset=UTF-8
google-creative-id: 138484048141
cache-control: no-cache, must-revalidate
timing-allow-origin: *
pragma: no-cache
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
access-control-allow-origin: https://ertrytj94.threeapples.workers.dev
content-length: 20617
x-xss-protection: 0
server: cafe

GET
H2 200 ads Show response
pagead2.googlesyndication.com/gampad/ 52 KB
20 KB 472ms
429ms Fetch
text/plain 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/gampad/ads?pvsid=2251526090078478&correlator=217437995728895&eid=31079957%2C31088084%2C31088109&output=ldjh&gdfp_req=1&vrg=202410150101&ptt=17&impl=fifs&iu_parts=7101%2CMPC_GPT_Monthly%2Cfrontpage%2Clrec2_300x250&enc_prev_ius=%2F0%2F1%2F2%2F3&prev_iu_szs=300x50%7C300x100%7C300x250%7C300x600%7C320x50%7C320x100%7C336x280%7C300x600%7C320x480&ifi=3&sfv=1-0-40&eri=1&sc=1&abxe=1&dt=1729081747092&lmt=1729081747&adxs=1080&adys=2144&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=1&ucis=3&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=120&dmc=8&bc=31&nvt=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&url=https%3A%2F%2Fertrytj94.threeapples.workers.dev%2F&vis=1&psz=300x1908&msz=300x0&fws=132&ohw=300&td=1&tan=36215903-20fe-4479-9578-e0ca85bb95c9&tdf=2&topics=5&tps=5&htps=5&nt=1&psd=WzE1LFtdLG51bGwsM10.&dlt=1729081740540&idt=2263&adks=3700828885&frm=20

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202410150101/pubads_impl.js?cb=31088109

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9aee62004982ba23d3198d07581270784dc031d2681684615cb383c1bdf225ad

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://ertrytj94.threeapples.workers.dev/

Response headers

content-encoding: br
google-lineitem-id: 223174748
x-content-type-options: nosniff
google-mediationtag-id: -2
google-mediationgroup-id: -2
expires: Fri, 01 Jan 1990 00:00:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
date: Wed, 16 Oct 2024 12:29:07 GMT
content-type: text/plain; charset=UTF-8
google-creative-id: 138484048141
cache-control: no-cache, must-revalidate
timing-allow-origin: *
pragma: no-cache
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
access-control-allow-origin: https://ertrytj94.threeapples.workers.dev
content-length: 20755
x-xss-protection: 0
server: cafe

GET
H2 200 ads Show response
pagead2.googlesyndication.com/gampad/ 52 KB
20 KB 536ms
492ms Fetch
text/plain 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/gampad/ads?pvsid=2251526090078478&correlator=220202143789507&eid=31079957%2C31088084%2C31088109&output=ldjh&gdfp_req=1&vrg=202410150101&ptt=17&impl=fifs&iu_parts=7101%2CMPC_GPT_Monthly%2Cfrontpage%2Clrec3_300x250&enc_prev_ius=%2F0%2F1%2F2%2F3&prev_iu_szs=300x50%7C300x100%7C300x250%7C300x600%7C320x480%7C320x50%7C320x100%7C336x280%7C300x600%7C320x480&ifi=4&sfv=1-0-40&eri=1&sc=1&abxe=1&dt=1729081747094&lmt=1729081747&adxs=1080&adys=2144&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=2&ucis=4&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=120&dmc=8&bc=31&nvt=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&url=https%3A%2F%2Fertrytj94.threeapples.workers.dev%2F&vis=1&psz=300x1908&msz=300x0&fws=132&ohw=300&td=1&tan=36215903-20fe-4479-9578-e0ca85bb95ca&tdf=2&topics=5&tps=5&htps=5&nt=1&psd=WzE1LFtdLG51bGwsM10.&dlt=1729081740540&idt=2263&adks=588007111&frm=20

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202410150101/pubads_impl.js?cb=31088109

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f360d19c3cd2476ea12ced778e1dbdd6d184c13115f47aba3d599fbc8ab5e039

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://ertrytj94.threeapples.workers.dev/

Response headers

content-encoding: br
google-lineitem-id: 223174748
x-content-type-options: nosniff
google-mediationtag-id: -2
google-mediationgroup-id: -2
expires: Fri, 01 Jan 1990 00:00:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
date: Wed, 16 Oct 2024 12:29:07 GMT
content-type: text/plain; charset=UTF-8
google-creative-id: 138484048141
cache-control: no-cache, must-revalidate
timing-allow-origin: *
pragma: no-cache
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
access-control-allow-origin: https://ertrytj94.threeapples.workers.dev
content-length: 20693
x-xss-protection: 0
server: cafe

GET
H2 200 ads Show response
pagead2.googlesyndication.com/gampad/ 31 KB
13 KB 196ms
153ms Fetch
text/plain 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/gampad/ads?pvsid=2251526090078478&correlator=3626012892566026&eid=31079957%2C31088084%2C31088109&output=ldjh&gdfp_req=1&vrg=202410150101&ptt=17&impl=fifs&iu_parts=7101%2CMPC_GPT_Monthly%2Cfrontpage%2Ccustom_1x1_welcome&enc_prev_ius=%2F0%2F1%2F2%2F3&prev_iu_szs=1x1&ifi=5&sfv=1-0-40&eri=1&sc=1&abxe=1&dt=1729081747096&lmt=1729081747&adxs=0&adys=5139&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=3&ucis=5&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=120&dmc=8&bc=31&nvt=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&url=https%3A%2F%2Fertrytj94.threeapples.workers.dev%2F&vis=1&psz=1600x5139&msz=1x-1&fws=132&ohw=1&td=1&tan=36215903-20fe-4479-9578-e0ca85bb95cb&tdf=2&topics=5&tps=5&htps=5&nt=1&psd=WzE1LFtdLG51bGwsM10.&dlt=1729081740540&idt=2263&adks=2182262688&frm=20

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202410150101/pubads_impl.js?cb=31088109

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0833f2537221cb1ba9595ac02d879465f3728adafa1ba13f0fe7e52b6c4be27c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://ertrytj94.threeapples.workers.dev/

Response headers

content-encoding: br
google-lineitem-id: 5387115781
x-content-type-options: nosniff
google-mediationtag-id: -2
google-mediationgroup-id: -2
expires: Fri, 01 Jan 1990 00:00:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
date: Wed, 16 Oct 2024 12:29:07 GMT
content-type: text/plain; charset=UTF-8
google-creative-id: 138313110509
cache-control: no-cache, must-revalidate
timing-allow-origin: *
pragma: no-cache
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
access-control-allow-origin: https://ertrytj94.threeapples.workers.dev
content-length: 13232
x-xss-protection: 0
server: cafe

GET
H2 200 container.html
5751df832b90a0a09a676a4b506e5c1e.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 1B10 0
0 142ms
45ms Document
text/html 2a00:1450:4001:806::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://5751df832b90a0a09a676a4b506e5c1e.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202410150101/pubads_impl.js?cb=31088109

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ertrytj94.threeapples.workers.dev/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36

Response headers

accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=300
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Wed, 16 Oct 2024 12:29:07 GMT
expires: Wed, 16 Oct 2024 12:29:07 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 18 KB
7 KB 209ms
121ms Script
text/javascript 2a00:1450:4001:812::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202410150101/pubads_impl.js?cb=31088109

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ff3de130872fe0fb5b770dfa2bc9f0daf8ab320403a34a60d089436f08d24f99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://ertrytj94.threeapples.workers.dev/

Response headers

content-encoding: gzip
etag: "1727224258380615"
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
x-content-type-options: nosniff
expires: Wed, 16 Oct 2024 12:29:07 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Wed, 16 Oct 2024 12:29:07 GMT
content-type: text/javascript
vary: Accept-Encoding
cache-control: private, max-age=3000
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
content-length: 6445
x-xss-protection: 0
server: sffe

GET
H3 200 view
pagead2.googlesyndication.com/pcs/ Frame FD7B 0
0 163ms
88ms Fetch
image/gif 142.250.181.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/view?xai=AKAOjsvL8RCD97cZVCjxCqTM-aXcBspOV06PAq5zOCj8o9VoIU_IrR1zZh9Gcf0QLGWx3pLtNfgCeRNJOceoZFLzxKo15HtpvgK9IvC-hS6H2D77vO93xHorB8u37gQZTDfxQqX_N9faKub6-mgRaxTZIbjprNy5EtcNuMa83ayDj1ASTRIzvTargrocK0D1tUU2YHQ0xmKrYtqGxmw71olR3_p6q-wq55Agtz3DzTeRHXFYe7FYX6SfLIhDbW5FJPo-BYf9Ww0gIfEx7wybHDY_HJdKjLmUQezfR40XNvC-p_Zv_sbWfJKFF4tCV0PZGwhEsnuifPyFyujj8Cjsj0S_TG2oOjDdbAlzaL691ldfZ2yUBOEoQiNnT8hWHhE4pFpG3aTP8uz31ufvqh2791LM7XZDlbPjyen3rjOO-tjEtDykiQBXKAYDWcnzwRyYRD5gIpYYSCg&sig=Cg0ArKJSzFuT9K3cZ3UCEAE&uach_m=%5BUACH%5D&urlfix=1&adurl=

Requested by

Host: ertrytj94.threeapples.workers.dev
URL: https://ertrytj94.threeapples.workers.dev/

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.181.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://ertrytj94.threeapples.workers.dev/

Response headers

cache-control: private
timing-allow-origin: *
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
access-control-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-length: 0
date: Wed, 16 Oct 2024 12:29:07 GMT
x-xss-protection: 0
content-type: image/gif
server: cafe

GET
H3 200 abg_lite_fy2021.js Show response
pagead2.googlesyndication.com/pagead/js/r20241014/r20110914/ Frame FD7B 23 KB
9 KB 163ms
90ms Script
text/javascript 142.250.181.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20241014/r20110914/abg_lite_fy2021.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202410150101/pubads_impl.js?cb=31088109

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.181.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f2.1e100.net

Software

cafe /

Resource Hash

1614281ea3ceb097071b78b590af2c261515d1454ce40d35d256fc6399a95ba6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://ertrytj94.threeapples.workers.dev/

Response headers

content-encoding: br
etag: 15243461546475837925
age: 61557
x-content-type-options: nosniff
expires: Tue, 29 Oct 2024 19:23:10 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
date: Tue, 15 Oct 2024 19:23:10 GMT
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
vary: Accept-Encoding
cache-control: public, max-age=1209600
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
content-length: 9338
x-xss-protection: 0
server: cafe

GET
H3 200 ufs_web_display.js Show response
pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ Frame FD7B 207 KB
64 KB 109ms
37ms Script
text/javascript 142.250.181.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ufs_web_display.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202410150101/pubads_impl.js?cb=31088109

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.181.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f2.1e100.net

Software

cafe /

Resource Hash

5ef1ee376d130228c011db5d64084f454c6e82acd78bf95afd4ad512b0fee9c2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://ertrytj94.threeapples.workers.dev/

Response headers

content-encoding: br
etag: 6298422545858495708
age: 411
x-content-type-options: nosniff
expires: Wed, 16 Oct 2024 13:22:16 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
date: Wed, 16 Oct 2024 12:22:16 GMT
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=ISO-8859-1
vary: Accept-Encoding
cache-control: public, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-length: 65271
x-xss-protection: 0
server: cafe

GET
H2 200 7439593092314140174
tpc.googlesyndication.com/simgad/ Frame FD7B 84 KB
85 KB 50ms
40ms Image
image/jpeg 2a00:1450:4001:812::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/7439593092314140174?

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202410150101/pubads_impl.js?cb=31088109

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

71343af0ed9b3f5fe834833e87ba5d19020529324fc10df67462eb347ef39896

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://ertrytj94.threeapples.workers.dev/

Response headers

age: 98413
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
x-content-type-options: nosniff
expires: Wed, 15 Oct 2025 09:08:54 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
allow-fenced-frame-automatic-beacons: true
date: Tue, 15 Oct 2024 09:08:54 GMT
last-modified: Wed, 24 Jul 2024 04:01:58 GMT
content-type: image/jpeg
cache-control: public, max-age=31536000
timing-allow-origin: *
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
access-control-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
content-length: 86387
x-xss-protection: 0
server: sffe

GET
H3 200 view
pagead2.googlesyndication.com/pcs/ Frame 9D6E 0
0 103ms
73ms Fetch
image/gif 142.250.181.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/view?xai=AKAOjst3hYj0mJSeL9_y_zt7kS3tgrw-CwBvGsLxGGsQCO4FOzglcWEc3x7GNjCgAbaNluRGJSKsXOpxMeHQJLciehNbTq2HPBDJ5b-PNhc4cJxVOf5na4OGPFTDmxR4H3j9vtzoK5cmnqIEG3iISchTut_WCwH-PU_9hVaF2cCrUL0fOcI7fKZ9KqGl30lv1hpgAlt9Yx6IAhOfkeznbpfKvoZJ3YuIxFlNN-kR0hvV9YOuGlKJIkd5eqHQXZOPldIg7-SOuBKP2uOisIoyRA8ulMs4r1c_0rhZYUn6dU1g-qsKOzGzscToov02Q44U16PUX6NvWGqnlOVKETutjAI2mUTTJiG0jnbL4KA5zbDmmppRMzKRUa6XUpe3e1e2xWg1BHG8VBcLEw6Ge_11rifMIGfMCdH-V8aZV5l26u8_3D1MSKmmYJn2cBOG25UHC-Vu0_s98wk5v0QgwHDQwC9KOOno4OWFkHAl_pJQMv99&sig=Cg0ArKJSzJZnmD_uFtX3EAE&uach_m=%5BUACH%5D&urlfix=1&adurl=

Requested by

Host: ertrytj94.threeapples.workers.dev
URL: https://ertrytj94.threeapples.workers.dev/

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.181.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://ertrytj94.threeapples.workers.dev/

Response headers

cache-control: private
timing-allow-origin: *
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
access-control-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-length: 0
date: Wed, 16 Oct 2024 12:29:07 GMT
x-xss-protection: 0
content-type: image/gif
server: cafe

GET
H/1.1 200
OK admanager.js Show response
cdn.innity.net/ Frame 9D6E 12 KB
4 KB 202ms
9ms Script
application/javascript 2.17.190.130
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.innity.net/admanager.js
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202410150101/pubads_impl.js?cb=31088109
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 2.17.190.130 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-17-190-130.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: cf6d7d444098448381f04cad4887c62c8ece4566e664ddccfc6cdebe825f8709

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://ertrytj94.threeapples.workers.dev/

Response headers

Cache-Control: max-age=86400
Content-Encoding: gzip
ETag: "3194-61ac1c1a39f00-gzip"
Connection: keep-alive
Expires: Thu, 17 Oct 2024 12:29:07 GMT
Accept-Ranges: bytes
Content-Length: 4188
Date: Wed, 16 Oct 2024 12:29:07 GMT
Last-Modified: Thu, 13 Jun 2024 09:02:20 GMT
Content-Type: application/javascript
Server: Apache
Vary: Accept-Encoding

GET
H3 200 ufs_web_display.js Show response
pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ Frame 9D6E 207 KB
0 66ms
66ms Script
text/javascript 142.250.181.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ufs_web_display.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202410150101/pubads_impl.js?cb=31088109

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.181.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f2.1e100.net

Software

cafe /

Resource Hash

5ef1ee376d130228c011db5d64084f454c6e82acd78bf95afd4ad512b0fee9c2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://ertrytj94.threeapples.workers.dev/

Response headers

content-encoding: br
etag: 6298422545858495708
age: 411
x-content-type-options: nosniff
expires: Wed, 16 Oct 2024 13:22:16 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
date: Wed, 16 Oct 2024 12:22:16 GMT
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=ISO-8859-1
vary: Accept-Encoding
cache-control: public, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-length: 65271
x-xss-protection: 0
server: cafe

GET
H2 200 runner.html
tpc.googlesyndication.com/sodar/sodar2/232/ Frame 4566 0
0 135ms
36ms Document
text/html 2a00:1450:4001:812::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/232/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ertrytj94.threeapples.workers.dev/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36

Response headers

accept-ranges: bytes
age: 2277
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=3000
content-encoding: gzip
content-length: 5005
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Wed, 16 Oct 2024 11:51:10 GMT
expires: Wed, 16 Oct 2024 12:41:10 GMT
last-modified: Mon, 23 Sep 2024 18:12:21 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 view
pagead2.googlesyndication.com/pcs/ Frame FD7B 0
0 76ms
75ms Fetch
image/gif 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/view?xai=AKAOjsugdAcCNf6uNmLpQ6tYmGjPudRgc5CNF02PW-KYorhv68WzYZNGv5wCcKC__nQbruMCtNCnaQEyGhh2Hkp99yd5-zZe_zrR0JrjtWTgX6Gs9hkwQyOcMzhA6TMqXsn8ZD-uR20O1YNKpU5OAvlP-XGaG8GnELoD4HmzRdAZ2ngrM2IGJ-vIRDHHZ6G6RCnVx5Az5kWEytq05o-HEM3MaAq-jx31xesVtRNxyJwXZQPIn3S6CREomYPvEz1CpPg0-USXiAB8nXB36xbjc9Nd9OPvO7CdN7SNkMC4JVUdoX0deAn4KCm0G-Sxyfdk56nR9bPK6_2u1_7y6AsL87cg_PbpNTDDXyxPr96mSxUNbBi_ZTcl43O5HlMoNJkrCz2byk1ZqDM0MDlC5-RLLIrzpfx-H_5o5QmIUfTGcLeEacfmTZLDRwEbxQ7oqd-uf3gF8zFPDTqu1Q&sig=Cg0ArKJSzBM7o5UZRXFuEAE&uach_m=%5BUACH%5D&urlfix=1&adurl=

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ufs_web_display.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://ertrytj94.threeapples.workers.dev/

Response headers

cache-control: private
timing-allow-origin: *
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
access-control-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-length: 0
date: Wed, 16 Oct 2024 12:29:07 GMT
x-xss-protection: 0
content-type: image/gif
server: cafe

GET
H2 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame FD7B 0
0 68ms
68ms Fetch
image/gif 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=av-js&type=reach&proto=CAlgAWgD

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ufs_web_display.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://ertrytj94.threeapples.workers.dev/

Response headers

cache-control: no-cache, must-revalidate
timing-allow-origin: *
pragma: no-cache
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
expires: Fri, 01 Jan 1990 00:00:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-length: 0
date: Wed, 16 Oct 2024 12:29:07 GMT
x-xss-protection: 0
content-type: image/gif
server: cafe

GET
DATA 200
OK truncated
/ Frame FD7B 217 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 032ac52be3e8c106368160409279b93f20a3b2d055118279220da944d33fe121

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer

Response headers

Content-Type: image/png

GET
H/1.1 200
OK admanager-config.js Show response
cdn.innity.net/ Frame 9D6E 45 B
363 B 102ms
102ms Script
application/javascript 2.17.190.130
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.innity.net/admanager-config.js
Requested by: Host: cdn.innity.net
URL: https://cdn.innity.net/admanager.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 2.17.190.130 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-17-190-130.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: 607b848eda6aa9fb4a23d1a56b8576241aae9d3ae317a7ed52b63c4e6faefcd2

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://ertrytj94.threeapples.workers.dev/

Response headers

Cache-Control: max-age=86400
ETag: "2d-620366f8b8000"
Connection: keep-alive
Expires: Thu, 17 Oct 2024 12:29:07 GMT
Accept-Ranges: bytes
Content-Length: 45
Date: Wed, 16 Oct 2024 12:29:07 GMT
Last-Modified: Wed, 21 Aug 2024 19:20:32 GMT
Content-Type: application/javascript
Server: Apache

GET
H/1.1 200
OK / Show response
avd.innity.com/dc/cb/ Frame 9D6E 59 B
707 B 1347ms
326ms Script
application/javascript 47.243.203.231
ALIBABA-CN-NET Al...

General

Check archive.org

Show headers Download Go to

Full URL: https://avd.innity.com/dc/cb/?mt=_iampt._cbUC
Requested by: Host: cdn.innity.net
URL: https://cdn.innity.net/admanager.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 47.243.203.231 Hong Kong, Hong Kong, ASN45102 (ALIBABA-CN-NET Alibaba US Technology Co., Ltd., CN),
Reverse DNS
Software: Apache /
Resource Hash: 1a03a5f97812e97b5ef89ce9a108eb9796dd1d7cba7864c211c89af80b88f07e

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://ertrytj94.threeapples.workers.dev/

Response headers

Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Content-Encoding: gzip
Pragma: no-cache
Expires: Wed, 04 Aug 1985 12:59:00 GMT
P3P: policyref=http://www.innity.com/p3p/p3p.xml,CP="CURa ADMa DEVa OUR BUS UNI COM NAV INT"
Content-Length: 79
Date: Wed, 16 Oct 2024 12:29:08 GMT
Last-Modified: Wed, 16 Oct 2024 12:29:08 GMT
Vary: Accept-Encoding
Server: Apache
Content-Type: application/javascript

GET
H/1.1 200
OK / Show response
as.innity.com/synd/ Frame 9D6E 2 KB
2 KB 805ms
192ms Script
text/javascript 159.138.232.14
HWCLOUDS-AS-AP HU...

General

Check archive.org

Show headers Download Go to

Full URL: https://as.innity.com/synd/?cb=1729081747600&ver=1&pub=8c59fd6fbe0e9793ec2b27971221cace&zone=88329&output=js&flash=0&url=ertrytj94.threeapples.workers.dev&width=*&height=*&vpw=1600&vph=1200&auction=4d4521d-e8cf9e9&ioptout=0&u=aHR0cHM6Ly9lcnRyeXRqOTQudGhyZWVhcHBsZXMud29ya2Vycy5kZXYv
Requested by: Host: cdn.innity.net
URL: https://cdn.innity.net/admanager.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 159.138.232.14 Chon Buri, Thailand, ASN136907 (HWCLOUDS-AS-AP HUAWEI CLOUDS, HK),
Reverse DNS: ecs-159-138-232-14.compute.hwclouds-dns.com
Software: Apache /
Resource Hash: d0ffced4d995b0fceda806b38da61a8825879e23650d4ec4a3f53a244b98abef

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://ertrytj94.threeapples.workers.dev/

Response headers

Cache-Control: no-store, no-cache, must-revalidate, max-age=0, post-check=0, pre-check=0
Content-Encoding: gzip
Pragma: no-cache
Expires: Sat, 03 Sep 1983 02:00:00 GMT
P3P: policyref=http://www.innity.com/p3p/p3p.xml,CP="CURa ADMa DEVa OUR BUS UNI COM NAV INT"
Content-Length: 775
Date: Wed, 16 Oct 2024 12:29:08 GMT
Last-Modified: Wed, 16 Oct 2024 12:29:08 GMT
Vary: Accept-Encoding
Server: Apache
Content-Type: text/javascript; charset=utf-8

GET
H3 200 view
pagead2.googlesyndication.com/pcs/ Frame 9ECF 0
0 70ms
69ms Fetch
image/gif 142.250.181.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/view?xai=AKAOjsvrW-mSx9TV0-Gp5H1X8tSN41uvZnI7crZmL4I0PQVdUex8ATDRZVRo_5vubUL1HkDVZwvW1mPO-Os4I8OZlFEN2Qdke8LSTgG5uHSUWQm2k-yHMtcZZHPuEycgA24ghBRFbIm4z3XaiBM-E_9hjxTr2o0SWaLnl48yAl7q_pCig5n05shkM2M39ma5R59sHEdS0_vwXNJRKuTuktJydm_wcUHBWlQS7lmZ9SvNlyCs_KtA0OlxtkCq9t73drrdOhrndlugZ_YrvUZsVrmoDfC_gtcPwBXoekPvNAaP3grvE0ZUy161IwwDqBdJ5A6rLf3dk84W8gt09RULRLkS0u5_yc0fxUdvANEkfeqMjc3lcFrytr_dYPxxubDjFpUADX1ONT-aExJJHj-kCzObIdDONp6zGjZbLulMKgDNvaRf2od60HLZr0xvX3PAMG2XU96Tg7zky322B3yb86FgX71bVsrZ33ugV7G7&sig=Cg0ArKJSzI7RG233RBJyEAE&uach_m=%5BUACH%5D&urlfix=1&adurl=

Requested by

Host: ertrytj94.threeapples.workers.dev
URL: https://ertrytj94.threeapples.workers.dev/

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.181.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://ertrytj94.threeapples.workers.dev/

Response headers

cache-control: private
timing-allow-origin: *
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
access-control-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-length: 0
date: Wed, 16 Oct 2024 12:29:07 GMT
x-xss-protection: 0
content-type: image/gif
server: cafe

GET
H3 200 abg_lite_fy2021.js Show response
pagead2.googlesyndication.com/pagead/js/r20241014/r20110914/ Frame 9ECF 23 KB
0 163ms
90ms Script
text/javascript 142.250.181.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20241014/r20110914/abg_lite_fy2021.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202410150101/pubads_impl.js?cb=31088109

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.181.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f2.1e100.net

Software

cafe /

Resource Hash

1614281ea3ceb097071b78b590af2c261515d1454ce40d35d256fc6399a95ba6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://ertrytj94.threeapples.workers.dev/

Response headers

content-encoding: br
etag: 15243461546475837925
age: 61557
x-content-type-options: nosniff
expires: Tue, 29 Oct 2024 19:23:10 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
date: Tue, 15 Oct 2024 19:23:10 GMT
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
vary: Accept-Encoding
cache-control: public, max-age=1209600
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
content-length: 9338
x-xss-protection: 0
server: cafe

GET
H2 200 7439593092314140174
tpc.googlesyndication.com/simgad/ Frame 9ECF 84 KB
0 50ms
40ms Image
image/jpeg 2a00:1450:4001:812::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/7439593092314140174?

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202410150101/pubads_impl.js?cb=31088109

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

71343af0ed9b3f5fe834833e87ba5d19020529324fc10df67462eb347ef39896

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://ertrytj94.threeapples.workers.dev/

Response headers

age: 98413
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
x-content-type-options: nosniff
expires: Wed, 15 Oct 2025 09:08:54 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
allow-fenced-frame-automatic-beacons: true
date: Tue, 15 Oct 2024 09:08:54 GMT
last-modified: Wed, 24 Jul 2024 04:01:58 GMT
content-type: image/jpeg
cache-control: public, max-age=31536000
timing-allow-origin: *
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
access-control-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
content-length: 86387
x-xss-protection: 0
server: sffe

GET
H3 200 ufs_web_display.js Show response
pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ Frame 9ECF 207 KB
0 66ms
66ms Script
text/javascript 142.250.181.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ufs_web_display.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202410150101/pubads_impl.js?cb=31088109

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.181.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f2.1e100.net

Software

cafe /

Resource Hash

5ef1ee376d130228c011db5d64084f454c6e82acd78bf95afd4ad512b0fee9c2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://ertrytj94.threeapples.workers.dev/

Response headers

content-encoding: br
etag: 6298422545858495708
age: 411
x-content-type-options: nosniff
expires: Wed, 16 Oct 2024 13:22:16 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
date: Wed, 16 Oct 2024 12:22:16 GMT
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=ISO-8859-1
vary: Accept-Encoding
cache-control: public, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-length: 65271
x-xss-protection: 0
server: cafe

GET
H3 200 view
pagead2.googlesyndication.com/pcs/ Frame 9ECF 0
0 72ms
71ms Fetch
image/gif 142.250.181.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/view?xai=AKAOjssKfs-ScBzFMbJJqEzFvEjifcTBYbM3wzKzdklWIRI3oIl6RUMrUmBMTIFOYdGIyK8m6WHDcqNB8mii-GfVwam2IJdZ9VTn43gplLNgAayaemfRx36hGspX9gi9gdfWNvPDGIrn-Ig0Muujb3r3QPqmKWDySHihm2HnsceUWC-RH7BXoNJ5fOuRBk0g4evXXBUb56T5YxKylV0CiMx7S6HI9jjNPqGtpH7eNN9QxVkzrZkTe0mzsgQoIffsixtk1RBAPhVOkTSQ52fsuPADbPjrPObGIIe47JWGvMVpZgmVb8v22pREXF1BsryVIm_q--fW6-ZIOsmmszn8Eik10ic9BQdK_SEcWvl8ha-lI_rTFgoIMBcOsZEFSwksqaIeKirF8YkLTUOL8XIIa_DqmSMyz-JHjMVEyhDgfcaNL9qLNqHFYq7QaYP7xbmWHbOiq_BcqZbw6AsaQprPczin38wi5weGSFBlWHPPXRo&sig=Cg0ArKJSzPqSj77CUYkDEAE&uach_m=%5BUACH%5D&urlfix=1&adurl=

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ufs_web_display.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.181.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://ertrytj94.threeapples.workers.dev/

Response headers

cache-control: private
timing-allow-origin: *
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
access-control-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-length: 0
date: Wed, 16 Oct 2024 12:29:07 GMT
x-xss-protection: 0
content-type: image/gif
server: cafe

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 9ECF 0
0 68ms
68ms Fetch
image/gif 142.250.181.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=av-js&type=reach&proto=CAlgAWgD

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ufs_web_display.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.181.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://ertrytj94.threeapples.workers.dev/

Response headers

cache-control: no-cache, must-revalidate
timing-allow-origin: *
pragma: no-cache
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
expires: Fri, 01 Jan 1990 00:00:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-length: 0
date: Wed, 16 Oct 2024 12:29:07 GMT
x-xss-protection: 0
content-type: image/gif
server: cafe

GET
H3 200 view
pagead2.googlesyndication.com/pcs/ Frame CF1E 0
0 72ms
71ms Fetch
image/gif 142.250.181.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/view?xai=AKAOjsvWtd9xswQuR7suQ9UlRrGlQzHHDaoiQQ3MbgQuCzli8PIKGcnnPwvefXjvtKhbKyRkz95EW-GmbePmGj4Y2k6-_TtgBrmF-ItkzB1_1VQM3OGOMKMvOIJKQ9g40DFF_doNZTMGUuiSE2sS2Z8sGpF2Uq9xTJA2KSABdEIiigms02n8DB56WYdd89Et3acbiefmlDHD1g7j0Ce7WURzpz5OR9Buf1lFO1AjpZpyeI8m81iEZ1XEyHTflTrA8S3Xo3eEh40b4xfCpz2JKFmu0K9yTDamprICUh7wPiwloS7MlLoK1YnGFah-nZOvtsvPxi3ouje3XNOJpGpxpO7g-ddaNRRQjsqblM-P8dM-qIO1_CloUq57Vl3_-QuSrUvqP9B1KFoNiKRjARTZzeAQz24E57QD3ovm9poDDTFUrvrRGp7_tilMQPl4a69NYtP4tV2YsCr0W4f6YUkMLPGOr-AiVMOHqMxK&sig=Cg0ArKJSzCxyEi9H9fFcEAE&uach_m=%5BUACH%5D&adurl=

Requested by

Host: ertrytj94.threeapples.workers.dev
URL: https://ertrytj94.threeapples.workers.dev/

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.181.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://ertrytj94.threeapples.workers.dev/

Response headers

cache-control: private
timing-allow-origin: *
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
access-control-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-length: 0
date: Wed, 16 Oct 2024 12:29:07 GMT
x-xss-protection: 0
content-type: image/gif
server: cafe

GET
H3 200 abg_lite_fy2021.js Show response
pagead2.googlesyndication.com/pagead/js/r20241014/r20110914/ Frame CF1E 23 KB
0 163ms
90ms Script
text/javascript 142.250.181.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20241014/r20110914/abg_lite_fy2021.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202410150101/pubads_impl.js?cb=31088109

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.181.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f2.1e100.net

Software

cafe /

Resource Hash

1614281ea3ceb097071b78b590af2c261515d1454ce40d35d256fc6399a95ba6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://ertrytj94.threeapples.workers.dev/

Response headers

content-encoding: br
etag: 15243461546475837925
age: 61557
x-content-type-options: nosniff
expires: Tue, 29 Oct 2024 19:23:10 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
date: Tue, 15 Oct 2024 19:23:10 GMT
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
vary: Accept-Encoding
cache-control: public, max-age=1209600
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
content-length: 9338
x-xss-protection: 0
server: cafe

GET
H3 200 window_focus_fy2021.js Show response
pagead2.googlesyndication.com/pagead/js/r20241014/r20110914/client/ Frame CF1E 3 KB
1 KB 36ms
36ms Script
text/javascript 142.250.181.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20241014/r20110914/client/window_focus_fy2021.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202410150101/pubads_impl.js?cb=31088109

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.181.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f2.1e100.net

Software

cafe /

Resource Hash

66e9bf446316f6eec5eaefa7098592bbd2144a60eb38c481db233a6ca8b8d94a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://ertrytj94.threeapples.workers.dev/

Response headers

content-encoding: br
etag: 16544991220582087243
age: 61621
x-content-type-options: nosniff
expires: Tue, 29 Oct 2024 19:22:06 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
date: Tue, 15 Oct 2024 19:22:06 GMT
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
vary: Accept-Encoding
cache-control: public, max-age=1209600
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
content-length: 1229
x-xss-protection: 0
server: cafe

GET
H3 200 ufs_web_display.js Show response
pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ Frame CF1E 207 KB
0 66ms
66ms Script
text/javascript 142.250.181.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ufs_web_display.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202410150101/pubads_impl.js?cb=31088109

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.181.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f2.1e100.net

Software

cafe /

Resource Hash

5ef1ee376d130228c011db5d64084f454c6e82acd78bf95afd4ad512b0fee9c2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://ertrytj94.threeapples.workers.dev/

Response headers

content-encoding: br
etag: 6298422545858495708
age: 411
x-content-type-options: nosniff
expires: Wed, 16 Oct 2024 13:22:16 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
date: Wed, 16 Oct 2024 12:22:16 GMT
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=ISO-8859-1
vary: Accept-Encoding
cache-control: public, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-length: 65271
x-xss-protection: 0
server: cafe

GET
H2 200 7258712483303092829
tpc.googlesyndication.com/simgad/ Frame CF1E 99 KB
99 KB 51ms
51ms Image
image/png 2a00:1450:4001:812::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/7258712483303092829

Requested by

Host: ertrytj94.threeapples.workers.dev
URL: https://ertrytj94.threeapples.workers.dev/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

14f92227f9d4f379f41c785d81849b059bf0892dc7a77ec2ec643fd550655960

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://ertrytj94.threeapples.workers.dev/

Response headers

age: 11708
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
x-content-type-options: nosniff
expires: Thu, 16 Oct 2025 09:13:59 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
allow-fenced-frame-automatic-beacons: true
date: Wed, 16 Oct 2024 09:13:59 GMT
last-modified: Mon, 07 Oct 2024 04:05:49 GMT
content-type: image/png
cache-control: public, max-age=31536000
timing-allow-origin: *
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
access-control-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
content-length: 101528
x-xss-protection: 0
server: sffe

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame CF1E 0
0 82ms
68ms Fetch
image/gif 142.250.181.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=av-js&type=reach&proto=CAlgAWgD

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ufs_web_display.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.181.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://ertrytj94.threeapples.workers.dev/

Response headers

cache-control: no-cache, must-revalidate
timing-allow-origin: *
pragma: no-cache
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
expires: Fri, 01 Jan 1990 00:00:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-length: 0
date: Wed, 16 Oct 2024 12:29:07 GMT
x-xss-protection: 0
content-type: image/gif
server: cafe

GET
DATA 200
OK truncated
/ Frame 9ECF 214 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 7d86b96e299a239459a4af27b1d3147330571ea1b63097d63c0896a5ea090e9e

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ Frame CF1E 217 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: bca286f99ba4cc5f2e054080d72467c89f0b3e7dabb746f424b7819c56e9d3fe

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer

Response headers

Content-Type: image/png

GET
H3 200 logo.png
bbbb.airnasusa.cf/static/images/ 14 KB
15 KB 1994ms
1993ms Other
image/png 188.114.96.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://bbbb.airnasusa.cf/static/images/logo.png
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 693c28225e3e863b8b4947a69263037eba0332c8b7623706220ba78372dce68c

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://ertrytj94.threeapples.workers.dev/

Response headers

cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-cache-status: MISS
etag: "80217dcc7c3dd61:0"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=rofmfyRSR2Vmu1r2f2zxIdN%2FVWZqCdkJlfzrcYhOSbYmtIi0cBo8pTrpI1IXQ%2BopRia%2BXBBVtPhgGFhbtFCEU58Nt7dXDqp5LT585Xp4eIr4jQ%2BCgwXMJOgn9u1jiW%2FH0FJ6EA%3D%3D"}],"group":"cf-nel","max_age":604800}
cf-ray: 8d380d7cbbfba8f8-SIN
accept-ranges: bytes
alt-svc: h3=":443"; ma=86400
server-timing: cfExtPri
content-length: 14675
date: Wed, 16 Oct 2024 12:29:09 GMT
content-type: image/png
last-modified: Mon, 08 Jun 2020 10:08:47 GMT
vary: Accept-Encoding
server: cloudflare

GET
H3 200 view
pagead2.googlesyndication.com/pcs/ Frame E670 0
0 78ms
77ms Fetch
image/gif 142.250.181.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/view?xai=AKAOjsu34pebeTfKFH-Xy2AWG2WFIws8lvT6BURT1N34bAp0F1m_tshY7ZLsngZollLnzqMf5kSYjIMh-TYRE4xtujAkm_PGd4EADiRcdrH9AfX-wPL0XvwN7k0BZrP4C-zA4L2Zz9hmQ9CUpaD5grA8i_A2MkBXM5YGqxGpDubGOmvV_jjuyooGgG1CvcejokkH_ai0y5XEW3YYALjavcAzhDamuCxCT5mZAy1vuXkw0pCFkzsVjvbxiO8pouMoKEtgI3XhakpgI0fTS-NBfnLvDZ30h67Rbg0jWUF24RrbR7ROpGi2U4Kf9Bh4uqrytrXP8HurC3U8iZgLN4jVUvZasd_73_Rask9tKXNQdtXZ5UwScVHgIOU82Xk07S0Z9J3yTjcMyM2PIyDmHOAMr_DliN2wRp3pkfmJGC_Kv09V56zGXO8sN9kp0XsMGfQIhUlpLzzJo5h34FQjHYF_GyFZQJRUPX_zwbOvdGgv&sig=Cg0ArKJSzCXiDAMMfHJqEAE&uach_m=%5BUACH%5D&urlfix=1&adurl=

Requested by

Host: ertrytj94.threeapples.workers.dev
URL: https://ertrytj94.threeapples.workers.dev/

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.181.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://ertrytj94.threeapples.workers.dev/

Response headers

cache-control: private
timing-allow-origin: *
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
access-control-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-length: 0
date: Wed, 16 Oct 2024 12:29:07 GMT
x-xss-protection: 0
content-type: image/gif
server: cafe

GET
H3 200 abg_lite_fy2021.js Show response
pagead2.googlesyndication.com/pagead/js/r20241014/r20110914/ Frame E670 23 KB
0 163ms
90ms Script
text/javascript 142.250.181.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20241014/r20110914/abg_lite_fy2021.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202410150101/pubads_impl.js?cb=31088109

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.181.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f2.1e100.net

Software

cafe /

Resource Hash

1614281ea3ceb097071b78b590af2c261515d1454ce40d35d256fc6399a95ba6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://ertrytj94.threeapples.workers.dev/

Response headers

content-encoding: br
etag: 15243461546475837925
age: 61557
x-content-type-options: nosniff
expires: Tue, 29 Oct 2024 19:23:10 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
date: Tue, 15 Oct 2024 19:23:10 GMT
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
vary: Accept-Encoding
cache-control: public, max-age=1209600
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
content-length: 9338
x-xss-protection: 0
server: cafe

GET
H2 200 7439593092314140174
tpc.googlesyndication.com/simgad/ Frame E670 84 KB
0 50ms
40ms Image
image/jpeg 2a00:1450:4001:812::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/7439593092314140174?

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202410150101/pubads_impl.js?cb=31088109

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

71343af0ed9b3f5fe834833e87ba5d19020529324fc10df67462eb347ef39896

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://ertrytj94.threeapples.workers.dev/

Response headers

age: 98413
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
x-content-type-options: nosniff
expires: Wed, 15 Oct 2025 09:08:54 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
allow-fenced-frame-automatic-beacons: true
date: Tue, 15 Oct 2024 09:08:54 GMT
last-modified: Wed, 24 Jul 2024 04:01:58 GMT
content-type: image/jpeg
cache-control: public, max-age=31536000
timing-allow-origin: *
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
access-control-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
content-length: 86387
x-xss-protection: 0
server: sffe

GET
H3 200 ufs_web_display.js Show response
pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ Frame E670 207 KB
0 66ms
66ms Script
text/javascript 142.250.181.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ufs_web_display.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202410150101/pubads_impl.js?cb=31088109

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.181.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f2.1e100.net

Software

cafe /

Resource Hash

5ef1ee376d130228c011db5d64084f454c6e82acd78bf95afd4ad512b0fee9c2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://ertrytj94.threeapples.workers.dev/

Response headers

content-encoding: br
etag: 6298422545858495708
age: 411
x-content-type-options: nosniff
expires: Wed, 16 Oct 2024 13:22:16 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
date: Wed, 16 Oct 2024 12:22:16 GMT
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=ISO-8859-1
vary: Accept-Encoding
cache-control: public, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-length: 65271
x-xss-protection: 0
server: cafe

GET
H3 200 view
pagead2.googlesyndication.com/pcs/ Frame E670 0
0 70ms
69ms Fetch
image/gif 142.250.181.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/view?xai=AKAOjstyR_Ce_IVONfIngGQaIbUhuMX2ZoRjnLdjDHVqgMbJttfF9p7USsPmsTjhj-3wnNZdhm-9sIQPlAnNlG1PfRqTj56IlElFkauvZ1rD6XAaR5OVlLZvOXj72XhYq1iMxGtCX99cEIxh9rNjDLlTXPDMDSjfJ201gqlgADZG8szQOg5WxbeQXF_WyB3emh2s0BjeKEZ3y4-2heU1KUprgGHYEuGfLWZ5nyDdYlQn79RwcyzlJ3VzVN1bJky6u8Fe_5ZAZ-FWBFhaq0Wc0JD3mrpjUtGEAKFbCktj9IZ9YIrVtwgAU4Yj2JHRPJ01TRxaln73R3iTIo_x1XUVP_YfTksOZeaXBJvyLNvAuFhYra9U3IH4V1XJPGtkY3kHAR68wiq5C-9oU6-kkg67KCwKmEjFi4rt4sA_LdKbQKg6wVt7vtujU7_sBtJV0q_2Yj9-ouXpgBF5ASc0WVHqJgaIRrPqu8sBhQAnzS6zga4&sig=Cg0ArKJSzPWYOQx7H4GIEAE&uach_m=%5BUACH%5D&urlfix=1&adurl=

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ufs_web_display.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.181.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://ertrytj94.threeapples.workers.dev/

Response headers

cache-control: private
timing-allow-origin: *
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
access-control-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-length: 0
date: Wed, 16 Oct 2024 12:29:07 GMT
x-xss-protection: 0
content-type: image/gif
server: cafe

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame E670 0
0 71ms
70ms Fetch
image/gif 142.250.181.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=av-js&type=reach&proto=CAlgAWgD

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ufs_web_display.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.181.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://ertrytj94.threeapples.workers.dev/

Response headers

cache-control: no-cache, must-revalidate
timing-allow-origin: *
pragma: no-cache
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
expires: Fri, 01 Jan 1990 00:00:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-length: 0
date: Wed, 16 Oct 2024 12:29:07 GMT
x-xss-protection: 0
content-type: image/gif
server: cafe

GET
H3 200 view
pagead2.googlesyndication.com/pcs/ Frame CF1E 0
0 79ms
78ms Fetch
image/gif 142.250.181.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/view?xai=AKAOjss4pnvC16Qtw76sOoVqJD-hett3aJ4LAQkZG7D4LZwrk-lKvf3IB7IlY5N49alS-vUurpMU_FoRzyRv6TqYx0BXimQQKg5R0t2qgQBZb0FDtXpeJIqzGiX-3x8xoiDDN5mIWZNKFrDDu60DU5uPoVMtTcItw2GTAOZoJkFnV6ObAcBenaqPbg5KBHS18wY8MNOv5oezsBZRagGUv1upP6qMPB9C5EOIjiFYuCArhR1BMjOuOFpdH3FVNiooeCNpmMiw165aqQvwL8r25zAfF6qG6D0oV-u4MAciibshNl20VaNHydYK_3eeLUqmvomkBknDP-GsbaENBThX6t1e4WwTxyu6z8eWD8KcEquudv4XqoqZDOgIQAgwiCL5T0BtLl542MyQaFw__hqWvW3gpaObB_twxjxvYLfnzDpSwfU6iPPjrk6JXxPaI7StZqgHmzt3cOow5HonTPGavCpNMgtvO-eOmcUmVow&sig=Cg0ArKJSzAsA20erkdcCEAE&uach_m=%5BUACH%5D&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&adurl=

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ufs_web_display.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.181.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://ertrytj94.threeapples.workers.dev/

Response headers

cache-control: private
timing-allow-origin: *
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
access-control-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-length: 0
date: Wed, 16 Oct 2024 12:29:07 GMT
x-xss-protection: 0
content-type: image/gif
server: cafe

GET
DATA 200
OK truncated
/ Frame E670 216 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 6fbf8f11fa3afd72c833cf52c8a851eeffeb3ac3a6e6ff1c2da1e5f7ddf19e30

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer

Response headers

Content-Type: image/png

GET
H/1.1 200
OK innity_blank.js Show response
media.innity.net/adnetwork/default/ Frame 9D6E 1 KB
841 B 232ms
28ms Script
application/javascript 2.17.190.130
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://media.innity.net/adnetwork/default/innity_blank.js
Requested by: Host: as.innity.com
URL: https://as.innity.com/synd/?cb=1729081747600&ver=1&pub=8c59fd6fbe0e9793ec2b27971221cace&zone=88329&output=js&flash=0&url=ertrytj94.threeapples.workers.dev&width=*&height=*&vpw=1600&vph=1200&auction=4d4521d-e8cf9e9&ioptout=0&u=aHR0cHM6Ly9lcnRyeXRqOTQudGhyZWVhcHBsZXMud29ya2Vycy5kZXYv
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 2.17.190.130 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-17-190-130.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: 95767e63cd01709ecc9ba635292a11c5deb22f78cf4210a97698ab7c8392f112

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://ertrytj94.threeapples.workers.dev/

Response headers

Cache-Control: max-age=1800
Content-Encoding: gzip
ETag: "52e-5cb49ec79a700-gzip"
Connection: keep-alive
Expires: Wed, 16 Oct 2024 12:59:08 GMT
Accept-Ranges: bytes
Content-Length: 470
Date: Wed, 16 Oct 2024 12:29:08 GMT
Last-Modified: Mon, 06 Sep 2021 01:54:04 GMT
Content-Type: application/javascript
Server: Apache
Vary: Accept-Encoding

GET sodar
pagead2.googlesyndication.com/pagead/ 0
0

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame FD7B 42 B
65 B 75ms
75ms Fetch
image/gif 142.250.181.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjssqFa_xyewQ94KG5MfXb8-v-tU7CkImedXq1GuyVClPMyddG7GICvCNlGkw-pDB8bo1sRnoLy5pO_0hkvLQZO0meuX5MKXF0O0nJoV_A3vavlJzTNiq_q8m7bXDY58dQ3M_v3n44HwY1pNYKOm7fYf76p2Pog1mVb-A74QXPsn-fbhmwIWheDNKFfXAKgnYvQd4Y32S_xM&sig=Cg0ArKJSzMRgjjF6fc5IEAE&id=lidar2&mcvt=1001&p=348,1079,602,1379&tm=1026.5&tu=25.600000381469727&mtos=0,1001,1001,1001,1001&tos=0,1001,0,0,0&v=20241014&bin=7&avms=nio&bs=1600,1200&mc=0.98&vu=1&app=0&itpl=19&adk=4178820884&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&vs=4&r=v&co=2501454700&rst=1729081747271&rpt=280&isd=0&lsd=0&met=mue&wmsd=0&pbe=0&fle=0&vae=0&spb=0&sfl=0&ffslot=0&reach=8&io2=0

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ufs_web_display.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.181.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f2.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://ertrytj94.threeapples.workers.dev/

Response headers

cache-control: no-cache, must-revalidate
timing-allow-origin: *
pragma: no-cache
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
x-content-type-options: nosniff
expires: Fri, 01 Jan 1990 00:00:00 GMT
access-control-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-length: 42
date: Wed, 16 Oct 2024 12:29:08 GMT
x-xss-protection: 0
content-type: image/gif
server: cafe

GET
H/1.1 200
OK container_576b5a051c51b1c0244bca09.js Show response
ssl-avd.innity.net/1/ Frame C12C 13 KB
4 KB 162ms
9ms Script
application/javascript 2.17.190.130
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ssl-avd.innity.net/1/container_576b5a051c51b1c0244bca09.js
Requested by: Host: ertrytj94.threeapples.workers.dev
URL: https://ertrytj94.threeapples.workers.dev/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 2.17.190.130 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-17-190-130.deploy.static.akamaitechnologies.com
Software: nginx/1.24.0 /
Resource Hash: 0904b1b0ce662b3f8309a32591df50106b3a4be39f58ff48a4d638566be5b658

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://ertrytj94.threeapples.workers.dev/

Response headers

Cache-Control: public, max-age=674719
Content-Encoding: gzip
ETag: "66f27048-3332-gzip"
Connection: keep-alive
Expires: Thu, 24 Oct 2024 07:54:27 GMT
Accept-Ranges: bytes
Content-Length: 3942
Date: Wed, 16 Oct 2024 12:29:08 GMT
Content-Type: application/javascript
Last-Modified: Tue, 24 Sep 2024 07:54:48 GMT
Server: nginx/1.24.0
Vary: Accept-Encoding

GET
H/1.1 200
OK container_549927e79bd1fa1a040041a9.js Show response
ssl-avd.innity.net/1/ Frame DDCF 7 KB
3 KB 158ms
11ms Script
application/javascript 2.17.190.130
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ssl-avd.innity.net/1/container_549927e79bd1fa1a040041a9.js
Requested by: Host: ertrytj94.threeapples.workers.dev
URL: https://ertrytj94.threeapples.workers.dev/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 2.17.190.130 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-17-190-130.deploy.static.akamaitechnologies.com
Software: nginx/1.18.0 /
Resource Hash: 6d82e21331aeb7b154ce45f18bc4a76893c17b1e2db85c4b40397fabfc0b023e

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://ertrytj94.threeapples.workers.dev/

Response headers

Cache-Control: public, max-age=1331333
Content-Encoding: gzip
ETag: "5f45ee87-1dd4-gzip"
Connection: keep-alive
Expires: Thu, 31 Oct 2024 22:18:01 GMT
Accept-Ranges: bytes
Content-Length: 2863
Date: Wed, 16 Oct 2024 12:29:08 GMT
Content-Type: application/javascript
Last-Modified: Wed, 26 Aug 2020 05:09:27 GMT
Server: nginx/1.18.0
Vary: Accept-Encoding

GET
H/1.1 200
OK analytics.js Show response
cdn.innity.net/ Frame 9D6E 199 B
545 B 8ms
8ms Script
application/javascript 2.17.190.130
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.innity.net/analytics.js
Requested by: Host: ertrytj94.threeapples.workers.dev
URL: https://ertrytj94.threeapples.workers.dev/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 2.17.190.130 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-17-190-130.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: 580651dd51de7edef1ae471bb8ec51747ce5e814a7679978ef1a0af2ce88020a

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://ertrytj94.threeapples.workers.dev/

Response headers

Cache-Control: max-age=86400
Content-Encoding: gzip
ETag: "c7-61ac1e1c41bc0-gzip"
Connection: keep-alive
Expires: Thu, 17 Oct 2024 12:29:08 GMT
Accept-Ranges: bytes
Content-Length: 174
Date: Wed, 16 Oct 2024 12:29:08 GMT
Last-Modified: Thu, 13 Jun 2024 09:11:19 GMT
Content-Type: application/javascript
Server: Apache
Vary: Accept-Encoding

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 9D6E 0
0 68ms
68ms Fetch
image/gif 142.250.181.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=av-js&type=reach&proto=CAlgAWgD

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ufs_web_display.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.181.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://ertrytj94.threeapples.workers.dev/

Response headers

cache-control: no-cache, must-revalidate
timing-allow-origin: *
pragma: no-cache
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
expires: Fri, 01 Jan 1990 00:00:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-length: 0
date: Wed, 16 Oct 2024 12:29:08 GMT
x-xss-protection: 0
content-type: image/gif
server: cafe

GET /
optimize2.innity.com/ Frame 9D6E 0
0

GET
H/1.1 200
OK dc.js Show response
avd.innity.net/lib/ Frame C12C 20 KB
7 KB 216ms
21ms Script
application/javascript 2.17.190.130
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://avd.innity.net/lib/dc.js
Requested by: Host: ssl-avd.innity.net
URL: https://ssl-avd.innity.net/1/container_576b5a051c51b1c0244bca09.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 2.17.190.130 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-17-190-130.deploy.static.akamaitechnologies.com
Software: nginx/1.20.2 /
Resource Hash: 0014ffccade01ae1ab385b85433decef0f11f26cbe25721faa0d13bb5c0badda

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://ertrytj94.threeapples.workers.dev/

Response headers

Cache-Control: public, max-age=428050
Content-Encoding: gzip
ETag: "61725cee-5149-gzip"
Connection: keep-alive
Expires: Mon, 21 Oct 2024 11:23:19 GMT
Accept-Ranges: bytes
Content-Length: 6407
Date: Wed, 16 Oct 2024 12:29:09 GMT
Content-Type: application/javascript
Last-Modified: Fri, 22 Oct 2021 06:40:46 GMT
Server: nginx/1.20.2
Vary: Accept-Encoding

GET
H2 200 userSync.js Show response
ads.pubmatic.com/AdServer/js/ Frame C12C 7 KB
3 KB 51ms
7ms Script
application/javascript 184.28.88.244
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.pubmatic.com/AdServer/js/userSync.js
Requested by: Host: ertrytj94.threeapples.workers.dev
URL: https://ertrytj94.threeapples.workers.dev/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 184.28.88.244 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a184-28-88-244.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: bbfd11be8ef21e1c20fcbb1a97d6e90e07784a8b824d4ff3e76b2600527388f9

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://ertrytj94.threeapples.workers.dev/

Response headers

cache-control: max-age=28443
content-encoding: gzip
expires: Wed, 16 Oct 2024 20:23:11 GMT
accept-ranges: bytes
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length: 2416
date: Wed, 16 Oct 2024 12:29:08 GMT
last-modified: Thu, 16 Nov 2023 09:12:08 GMT
content-type: application/javascript
server: Apache
vary: Accept-Encoding

GET
H/1.1 200
OK /
avd.innity.com/uidsync/init/ Frame 6C67 43 B
609 B 428ms
348ms Image
image/gif 47.243.203.231
ALIBABA-CN-NET Al...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://avd.innity.com/uidsync/init/?idsr=https%3A%2F%2Floadus.exelator.com%2Fload%2F%3Fp%3D1381%26g%3D204%26j%3D0&c=HK&itmcb=1729081748834
Requested by: Host: ertrytj94.threeapples.workers.dev
URL: https://ertrytj94.threeapples.workers.dev/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 47.243.203.231 Hong Kong, Hong Kong, ASN45102 (ALIBABA-CN-NET Alibaba US Technology Co., Ltd., CN),
Reverse DNS
Software: Apache /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://ertrytj94.threeapples.workers.dev/

Response headers

Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache
Expires: Wed, 04 Aug 1985 12:59:00 GMT
P3P: policyref=http://www.innity.com/p3p/p3p.xml,CP="CURa ADMa DEVa OUR BUS UNI COM NAV INT"
Content-Length: 43
Date: Wed, 16 Oct 2024 12:29:09 GMT
Last-Modified: Wed, 16 Oct 2024 12:29:09 GMT
Content-Type: image/gif
Server: Apache

GET
H2

200

sync
x.bidswitch.net/ Frame 6C67
Redirect Chain

https://avd.innity.com/uidsync/getuid/?idsr=https%3A%2F%2Fx.bidswitch.net%2Fsync%3Fssp%3Dinnity%26user_id%3D%24UID&itmcb=1729081748834
https://x.bidswitch.net/sync?ssp=innity&user_id=1c917f9d8c4f4f54b4c330988592fe44

43 B
183 B

63ms
21ms

Image
image/gif

35.214.136.108
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://x.bidswitch.net/sync?ssp=innity&user_id=1c917f9d8c4f4f54b4c330988592fe44
Requested by: Host: ertrytj94.threeapples.workers.dev
URL: https://ertrytj94.threeapples.workers.dev/
Protocol: H2
Server: 35.214.136.108 Groningen, Netherlands, ASN15169 (GOOGLE, US),
Reverse DNS: 108.136.214.35.bc.googleusercontent.com
Software: /
Resource Hash: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://ertrytj94.threeapples.workers.dev/

Response headers

via: 1.1 google
cache-control: no-cache, no-store, must-revalidate
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 43
date: Wed, 16 Oct 2024 12:29:09 GMT
content-type: image/gif

Redirect headers

Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Location: https://x.bidswitch.net/sync?ssp=innity&user_id=1c917f9d8c4f4f54b4c330988592fe44
Pragma: no-cache
Expires: Wed, 04 Aug 1985 12:59:00 GMT
P3P: policyref=http://www.innity.com/p3p/p3p.xml,CP="CURa ADMa DEVa OUR BUS UNI COM NAV INT"
Content-Length: 43
Date: Wed, 16 Oct 2024 12:29:09 GMT
Last-Modified: Wed, 16 Oct 2024 12:29:09 GMT
Content-Type: image/gif
Server: Apache

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame CF1E 42 B
65 B 69ms
69ms Fetch
image/gif 142.250.181.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjstot9IAxYax_6AjS0kv4DZK1yzB0ErjrZJQiAqvJ-SlwDtOgayl9azJDPSyTwfjYsi1S5-76C8q1qk19z2NZh9SF9ixQnrZWVAEKwaTSBSObL7EFmMneQ_EmXu10PH5cr0J9P93v18pDMpCsFajA2cEHnp_jmlsJPQTB-CAjVGys3iCr_kg_OY3De_FopEnQuKh_6whcYE&sig=Cg0ArKJSzMSsnWhzZtlwEAE&id=lidar2&mcvt=1000&p=64,580,154,1308&tm=1149.3000001907349&tu=149.80000019073486&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20241014&bin=7&avms=nio&bs=1600,1200&mc=1&vu=1&app=0&itpl=3&adk=2024665842&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&vs=4&r=v&co=2501454700&rst=1729081747693&rpt=177&isd=0&lsd=0&met=mue&wmsd=0&pbe=0&fle=0&vae=0&spb=0&sfl=0&ffslot=0&reach=8&io2=0

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ufs_web_display.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.181.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f2.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://ertrytj94.threeapples.workers.dev/

Response headers

cache-control: no-cache, must-revalidate
timing-allow-origin: *
pragma: no-cache
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
x-content-type-options: nosniff
expires: Fri, 01 Jan 1990 00:00:00 GMT
access-control-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-length: 42
date: Wed, 16 Oct 2024 12:29:08 GMT
x-xss-protection: 0
content-type: image/gif
server: cafe

GET
H2 200 user_sync.html
ads.pubmatic.com/AdServer/js/ Frame C8F9 0
0 18ms
7ms Document
text/html 184.28.88.244
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&SPug=true&p=163515&s=&predirect=https%3A%2F%2Favd.innity.com%2Fuidsync%2Fmapuid%2F%3Fpid%3D1056%26puuid%3D(PM_UID)&userIdMacro=(PM_UID)&gdpr_consent=&gdpr=0&us_privacy=&
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/userSync.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 184.28.88.244 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a184-28-88-244.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash

Request headers

Referer: https://ertrytj94.threeapples.workers.dev/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36

Response headers

accept-ranges: bytes
cache-control: max-age=134895
content-encoding: gzip
content-length: 5633
content-type: text/html
date: Wed, 16 Oct 2024 12:29:08 GMT
expires: Fri, 18 Oct 2024 01:57:23 GMT
last-modified: Mon, 26 Aug 2024 15:25:10 GMT
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server: Apache
vary: Accept-Encoding

GET
H/1.1 200
OK /
avd.innity.com/sync/ Frame C12C 43 B
452 B 548ms
334ms Image
image/gif 47.243.203.231
ALIBABA-CN-NET Al...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://avd.innity.com/sync/?partner=innity&token=0311c2338c05513fef2c2df4c1598934&type=cookie&itmcb=1729081749052
Requested by: Host: ertrytj94.threeapples.workers.dev
URL: https://ertrytj94.threeapples.workers.dev/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 47.243.203.231 Hong Kong, Hong Kong, ASN45102 (ALIBABA-CN-NET Alibaba US Technology Co., Ltd., CN),
Reverse DNS
Software: Apache /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://ertrytj94.threeapples.workers.dev/

Response headers

Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache
Expires: Wed, 04 Aug 1985 12:59:00 GMT
P3P: policyref=http://www.innity.com/p3p/p3p.xml,CP="CURa ADMa DEVa OUR BUS UNI COM NAV INT"
Content-Length: 43
Date: Wed, 16 Oct 2024 12:29:09 GMT
Last-Modified: Wed, 16 Oct 2024 12:29:09 GMT
Content-Type: image/gif
Server: Apache

GET
H/1.1 200
OK /
avd.innity.com/dc/ Frame C12C 43 B
609 B 551ms
327ms Image
image/gif 47.243.203.231
ALIBABA-CN-NET Al...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://avd.innity.com/dc/?cl=1&cuid=0311c2338c05513fef2c2df4c1598934&cb=1729081749053&douid=&sess=107633731.1.1729081749052&dur=0&ref=https%3A%2F%2Fertrytj94.threeapples.workers.dev%2F&srf=&pk=&pt=%E6%98%8E%E5%A0%B1%E6%9C%88%E5%88%8A&sr=1600x1200&ul=de-DE&de=UTF-8&vp=1600x1200
Requested by: Host: ertrytj94.threeapples.workers.dev
URL: https://ertrytj94.threeapples.workers.dev/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 47.243.203.231 Hong Kong, Hong Kong, ASN45102 (ALIBABA-CN-NET Alibaba US Technology Co., Ltd., CN),
Reverse DNS
Software: Apache /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://ertrytj94.threeapples.workers.dev/

Response headers

Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache
Expires: Wed, 04 Aug 1985 12:59:00 GMT
P3P: policyref=http://www.innity.com/p3p/p3p.xml,CP="CURa ADMa DEVa OUR BUS UNI COM NAV INT"
Content-Length: 43
Date: Wed, 16 Oct 2024 12:29:09 GMT
Last-Modified: Wed, 16 Oct 2024 12:29:09 GMT
Content-Type: image/gif
Server: Apache

GET
H3 200 logo.png
bbbb.airnasusa.cf/static/images/ 14 KB
0 0ms
0ms Other
image/png 188.114.96.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://bbbb.airnasusa.cf/static/images/logo.png
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 693c28225e3e863b8b4947a69263037eba0332c8b7623706220ba78372dce68c

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://ertrytj94.threeapples.workers.dev/

Response headers

cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-cache-status: MISS
etag: "80217dcc7c3dd61:0"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=rofmfyRSR2Vmu1r2f2zxIdN%2FVWZqCdkJlfzrcYhOSbYmtIi0cBo8pTrpI1IXQ%2BopRia%2BXBBVtPhgGFhbtFCEU58Nt7dXDqp5LT585Xp4eIr4jQ%2BCgwXMJOgn9u1jiW%2FH0FJ6EA%3D%3D"}],"group":"cf-nel","max_age":604800}
cf-ray: 8d380d7cbbfba8f8-SIN
accept-ranges: bytes
alt-svc: h3=":443"; ma=86400
server-timing: cfExtPri
content-length: 14675
date: Wed, 16 Oct 2024 12:29:09 GMT
content-type: image/png
last-modified: Mon, 08 Jun 2020 10:08:47 GMT
vary: Accept-Encoding
server: cloudflare

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: bbbb.airnasusa.cf
URL: https://bbbb.airnasusa.cf/static/fonts/fa-regular-400.woff2

Domain: bbbb.airnasusa.cf
URL: https://bbbb.airnasusa.cf/static/css/font-awesome/fonts/fontawesome-webfont.woff2?v=4.7.0

Domain: bbbb.airnasusa.cf
URL: https://bbbb.airnasusa.cf/static/fonts/fa-solid-900.woff2

Domain: bbbb.airnasusa.cf
URL: https://bbbb.airnasusa.cf/static/fonts/fa-regular-400.woff

Domain: bbbb.airnasusa.cf
URL: https://bbbb.airnasusa.cf/static/css/font-awesome/fonts/fontawesome-webfont.woff?v=4.7.0

Domain: bbbb.airnasusa.cf
URL: https://bbbb.airnasusa.cf/static/fonts/fa-solid-900.woff

Domain: bbbb.airnasusa.cf
URL: https://bbbb.airnasusa.cf/static/fonts/fa-regular-400.ttf

Domain: bbbb.airnasusa.cf
URL: https://bbbb.airnasusa.cf/static/css/font-awesome/fonts/fontawesome-webfont.ttf?v=4.7.0

Domain: bbbb.airnasusa.cf
URL: https://bbbb.airnasusa.cf/static/fonts/fa-solid-900.ttf

Domain: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=232&t=2&li=gpt_m202410150101&jk=2251526090078478&bg=!v7ylvPPNAAaUWUsktFk7ADQBe5WfOBV8OefbQFLU2Duw95k1sTELxsKV7fNsxIGEPaWVgD0JJqTUTEuL-JSLU_dXqhIkAgAAAIFSAAAAA2gBB34ANgKKs7c98_-jnS1L0VWjVEjELmVMEBAS0Hs3WbTe6uajHwf6K5HVGwGgIHztyncysSHObbfZNpkCqpM5cbxHFmuOOvDmPwVRLjlvzb9qdPHjkYVXTnn1CP25zA70GTy606Vb-mUZUFQl3lMNUZ-DdeFWa3GKyz2KOyfiH39y-WNcp0Jn_V_KF3cTBYGUDtYY5KwDGUjSgmNWPLdyclqjvygl8nD8oE6hjoiVsLHi_v_J1GOWsoev2adQHZ6RWaJlkK-CDrL2nJLvSJT4TTtJuti-PVY_OfQbId12QRu1ZavcHMergFsnRa4gioa9cwG09OXFCZxmRoZTYHRIPy4xl5hN3nmeNz5DzuHb835YuXplX2n1Rp345crEySpdIMOJA4vaIYIxhmBi0tedlXFmrDaRJ-di9rzGo0UEnpytB4wSutR1OJZbUDjHaDbcSs3105Qfl5uyQytGuTJaBbHlRHkVNSEbEXVjTvbD3BMJRl2371w-ui0yJ-1DUTcs8-oIVLl9gK89j9y0AJlkOzDSsvRTa3p0-l7g8SoImdjiZNzV_NuSjZ6e95-LSnmMfL6ov1ZPIHRoMI8MlRYoD6rMA2DKc6qRDNR7gdzfGRTd9D8Fy5zb1OopJ3Lty0YE_N_HzCaG9CHnpwS29kVOJi6oK3zQGNEK4FPt5TLjbGQod6cf-6QqzSEGTXc8PsgaSPkReWZzh_QWMoco1rUrzjxinut8vSMI0zLUbDR6acq7UNeH-If4BbLlOIHR_YPCbL1LR1g8hfCCWR8flqusGbxqaEsGoVPVZYuB7CNK7MtDIkqH_Y8p0HA8r8q19rzbUwSKoa2bjEjnA_f0nd3bcf_gfnF1lzwTOrtjGlUayl4mOVyuzAZEaGHzTdIkmHHmlv3KY91ZZpQvsVcGioFia1dMOBBYAdO9MsEtgg2BVFypSuNv243DSvf6PnlpSkaju_3pEvB14zuJG37aKjbVp7i_dzx8rv0

Domain: optimize2.innity.com
URL: https://optimize2.innity.com/?pubid=2554&zoneid=88329&cb=1729081748678

Verdicts & Comments Add Verdict or Comment

49 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

21 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
ertrytj94.threeapples.workers.dev/	1969-12-31 23:59:59	Name: PHPSESSID Value: f54bgphkbt3h5dl8i0h7shkqek
ertrytj94.threeapples.workers.dev/	1970-01-21 00:18:08	Name: XSRF-TOKEN Value: eyJpdiI6Im93b0twZnhGWjd0cGZDOU5HbHFlN0E9PSIsInZhbHVlIjoiZnFEK08zREVpYUVqWHZ1eEM3WGNuZXJOM0VuY09DVDNQdTRlRVRmWm5QMUk1bEFkSkpSSGt1b3k3cGhxbUVWVW8yYnVRanhMZ1FDbzNjNXpTRnRiWnNTZlEvcnhaT2JYbmFJUnRGdlIwYXl6bGNNa3gxOVQ1cFAzZVc5c1JIZEUiLCJtYWMiOiI4MGMyMmY3OTJhMTFlMTE5NzJmY2YwNDlkNzk5NjIwYWRmNzM4MjQ5ZWY3YTIxYTg3ZmQ1N2M5MmYxMDY4YWViIiwidGFnIjoiIn0%3D
ertrytj94.threeapples.workers.dev/	1970-01-21 00:18:08	Name: _session Value: eyJpdiI6IjZ5NC8vSi9COXViM05WeFNZNWUyOWc9PSIsInZhbHVlIjoiUEpHRG1vUXkyRWl6QklYSnZBcThVTWh3U3FEOUtVS3lDZmNNQVdPUERrUnFyelRMVE15eTI3SUdSbW1CWXdqOEZGU1lwc1laTjQybVV6TG5kTXZKY1EyNU8rOGh3NlBEcDAxV09yRnFoa2lzNnhwekVoUWZJMUcrcnRxUkhyU0MiLCJtYWMiOiIwYzBiMjZiNDU3NDczZGRjYzczM2RmNjE0NWM2NjJlMjExZmNlMzZiOTJmNzBmZWE0NWZiMDI2YjE1NzgyMjEyIiwidGFnIjoiIn0%3D
.threeapples.workers.dev/	1970-01-21 09:54:01	Name: _ga_7435193Z78 Value: GS1.1.1729081742.1.0.1729081742.60.0.0
.threeapples.workers.dev/	1970-01-21 09:54:01	Name: _ga Value: GA1.3.589779022.1729081743
.threeapples.workers.dev/	1970-01-21 00:19:28	Name: _gid Value: GA1.3.1045018121.1729081743
.threeapples.workers.dev/	1970-01-21 00:18:01	Name: _gat_gtag_UA_4717822_61 Value: 1
.innity.com/	1970-01-21 00:19:28	Name: iGEO Value: DE%7E05
.innity.com/	1970-01-21 00:19:28	Name: iGEOV2 Value: DE%7EHE
.innity.com/	1970-01-21 00:19:28	Name: iSync Value: 1
.ertrytj94.threeapples.workers.dev/	1970-01-21 00:19:28	Name: freq.5e661e8b47e7043d03000003 Value: 1
.ertrytj94.threeapples.workers.dev/	1970-01-21 00:19:28	Name: freq.5f462d2c47e7044a01000002 Value: 1
.ertrytj94.threeapples.workers.dev/	1970-01-21 00:19:28	Name: freq.65279e2647e7041906000000 Value: 1
.ads.pubmatic.com/	1970-01-21 00:19:28	Name: KCCH Value: YES
.innity.com/	1970-01-21 09:54:01	Name: iUUID Value: 0311c2338c05513fef2c2df4c1598934
.threeapples.workers.dev/	1970-01-21 09:54:01	Name: iUUID Value: 0311c2338c05513fef2c2df4c1598934
.ertrytj94.threeapples.workers.dev/	1970-01-21 09:54:01	Name: iUUID Value: 0311c2338c05513fef2c2df4c1598934
.threeapples.workers.dev/	1970-01-21 00:19:28	Name: innity.dmp.cks.innity Value: 1
.threeapples.workers.dev/	1970-01-21 00:18:03	Name: innity.dmp.1.sess Value: 1.1729081749052.1729081749052.1729081749052
.threeapples.workers.dev/	1970-01-21 00:18:03	Name: innity.dmp.1.sess.id Value: 107633731.1.1729081749052
avd.innity.com/	1970-01-21 00:19:28	Name: geo Value: EU%3BGermany%3BDE%3BHesse%3BHE%3BFrankfurt%20am%20Main

21 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://s7.addthis.com/js/300/addthis_widget.js#pubid=ra-56020fb93aa96cc1 Message: Failed to load resource: the server responded with a status of 500 (Internal Server Error)
network	error	URL: https://www.gstatic.com/recaptcha/releases/YhkYx1k-yvvb8OonJPmOpoJY/recaptcha__zh_tw.js Message: Failed to load resource: the server responded with a status of 404 ()
security	error	URL: https://ertrytj94.threeapples.workers.dev/ Message: Refused to execute script from 'https://www.gstatic.com/recaptcha/releases/YhkYx1k-yvvb8OonJPmOpoJY/recaptcha__zh_tw.js' because its MIME type ('text/html') is not executable, and strict MIME type checking is enabled.
javascript	error	URL: https://ertrytj94.threeapples.workers.dev/ Message: Access to font at 'https://bbbb.airnasusa.cf/static/fonts/fa-regular-400.woff2' from origin 'https://ertrytj94.threeapples.workers.dev' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network	error	URL: https://bbbb.airnasusa.cf/static/fonts/fa-regular-400.woff2 Message: Failed to load resource: net::ERR_FAILED
javascript	error	URL: https://ertrytj94.threeapples.workers.dev/ Message: Access to font at 'https://bbbb.airnasusa.cf/static/css/font-awesome/fonts/fontawesome-webfont.woff2?v=4.7.0' from origin 'https://ertrytj94.threeapples.workers.dev' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network	error	URL: https://bbbb.airnasusa.cf/static/css/font-awesome/fonts/fontawesome-webfont.woff2?v=4.7.0 Message: Failed to load resource: net::ERR_FAILED
javascript	error	URL: https://ertrytj94.threeapples.workers.dev/ Message: Access to font at 'https://bbbb.airnasusa.cf/static/fonts/fa-solid-900.woff2' from origin 'https://ertrytj94.threeapples.workers.dev' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network	error	URL: https://bbbb.airnasusa.cf/static/fonts/fa-solid-900.woff2 Message: Failed to load resource: net::ERR_FAILED
javascript	error	URL: https://ertrytj94.threeapples.workers.dev/ Message: Access to font at 'https://bbbb.airnasusa.cf/static/fonts/fa-regular-400.woff' from origin 'https://ertrytj94.threeapples.workers.dev' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network	error	URL: https://bbbb.airnasusa.cf/static/fonts/fa-regular-400.woff Message: Failed to load resource: net::ERR_FAILED
javascript	error	URL: https://ertrytj94.threeapples.workers.dev/ Message: Access to font at 'https://bbbb.airnasusa.cf/static/css/font-awesome/fonts/fontawesome-webfont.woff?v=4.7.0' from origin 'https://ertrytj94.threeapples.workers.dev' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network	error	URL: https://bbbb.airnasusa.cf/static/css/font-awesome/fonts/fontawesome-webfont.woff?v=4.7.0 Message: Failed to load resource: net::ERR_FAILED
javascript	error	URL: https://ertrytj94.threeapples.workers.dev/ Message: Access to font at 'https://bbbb.airnasusa.cf/static/fonts/fa-solid-900.woff' from origin 'https://ertrytj94.threeapples.workers.dev' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network	error	URL: https://bbbb.airnasusa.cf/static/fonts/fa-solid-900.woff Message: Failed to load resource: net::ERR_FAILED
javascript	error	URL: https://ertrytj94.threeapples.workers.dev/ Message: Access to font at 'https://bbbb.airnasusa.cf/static/fonts/fa-regular-400.ttf' from origin 'https://ertrytj94.threeapples.workers.dev' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network	error	URL: https://bbbb.airnasusa.cf/static/fonts/fa-regular-400.ttf Message: Failed to load resource: net::ERR_FAILED
javascript	error	URL: https://ertrytj94.threeapples.workers.dev/ Message: Access to font at 'https://bbbb.airnasusa.cf/static/css/font-awesome/fonts/fontawesome-webfont.ttf?v=4.7.0' from origin 'https://ertrytj94.threeapples.workers.dev' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network	error	URL: https://bbbb.airnasusa.cf/static/css/font-awesome/fonts/fontawesome-webfont.ttf?v=4.7.0 Message: Failed to load resource: net::ERR_FAILED
javascript	error	URL: https://ertrytj94.threeapples.workers.dev/ Message: Access to font at 'https://bbbb.airnasusa.cf/static/fonts/fa-solid-900.ttf' from origin 'https://ertrytj94.threeapples.workers.dev' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network	error	URL: https://bbbb.airnasusa.cf/static/fonts/fa-solid-900.ttf Message: Failed to load resource: net::ERR_FAILED

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

5751df832b90a0a09a676a4b506e5c1e.safeframe.googlesyndication.com
ads.pubmatic.com
as.innity.com
avd.innity.com
avd.innity.net
bbbb.airnasusa.cf
cdn.innity.net
connect.facebook.net
ertrytj94.threeapples.workers.dev
fs.mingpao.com
media.innity.net
optimize2.innity.com
pagead2.googlesyndication.com
region1.analytics.google.com
s7.addthis.com
securepubads.g.doubleclick.net
ssl-avd.innity.net
stats.g.doubleclick.net
tpc.googlesyndication.com
www.facebook.com
www.google-analytics.com
www.google.de
www.googletagmanager.com
www.gstatic.com
x.bidswitch.net
bbbb.airnasusa.cf
optimize2.innity.com
pagead2.googlesyndication.com
142.250.181.226
157.240.253.1
159.138.232.14
163.181.92.181
172.217.16.130
172.217.16.195
172.217.18.99
172.67.136.235
184.28.88.244
188.114.96.3
2.17.190.130
2.19.225.248
2001:4860:4802:32::36
2606:4700:3033::6815:490b
2a00:1450:4001:806::2001
2a00:1450:4001:812::2001
2a00:1450:4001:81c::2008
2a00:1450:4001:82b::200e
2a00:1450:4001:82f::2002
2a00:1450:400c:c00::9a
2a03:2880:f177:185:face:b00c:0:25de
2a06:98c1:3120::3
35.214.136.108
47.243.203.231
0014ffccade01ae1ab385b85433decef0f11f26cbe25721faa0d13bb5c0badda
032ac52be3e8c106368160409279b93f20a3b2d055118279220da944d33fe121
04c1b90950265ad54d86b0dd6bb85c464d13da561588c69de086d202a33b0b55
059acb78199c38759718ffe6509fee612817f9676c8beec8b82fc5f8b54bf977
063691ce734d5091d648d33cf796fcbbb226685ff0aef818fa7a9e2d869c0016
0833f2537221cb1ba9595ac02d879465f3728adafa1ba13f0fe7e52b6c4be27c
0904b1b0ce662b3f8309a32591df50106b3a4be39f58ff48a4d638566be5b658
095c80bd8faf58bdabea00d7078dbc53555d9259c4e59057f7e3e057f8cc5174
0b930122af2e00b5c9ff7e97ef6c6f41d01cb99188e1ad183e7fd7b639626039
11a2142988720cd49ff000e5d488493947b3d34821301c5a706b3495b8381f7d
13e0f4b7e063454f3fee678574e4f739e138f2779b1829418b40d973361596e4
14f92227f9d4f379f41c785d81849b059bf0892dc7a77ec2ec643fd550655960
1614281ea3ceb097071b78b590af2c261515d1454ce40d35d256fc6399a95ba6
1896028deda7561bb8447c54d86adc7af92538133a1710e483a236ff9e2873d9
1a03a5f97812e97b5ef89ce9a108eb9796dd1d7cba7864c211c89af80b88f07e
2287070089dd8219d7c57bde79bc7b6f9d5e6ac3c5d17de01b77087c4deba294
2b28b5b1ff4a807ec281585c160c2fe05696e54814b02498d6c28258dccd93f9
2b2df6ea1708e36840f554d26080cd87efc24ed9b9ee7b0b8446d7c49a48736e
2c0ef88e8ded0c3ea6f5b6369c6ed124da8041ab4a4ae1ca8926facf9a84c87b
2d63b8ad7966c80ce51051da38da14f52b99cfb019aec650b2437fc74fac1560
337902de2cc98c8dff8b07c398a7c33c4b4c34748e65b358a9bf873153d505a3
35da838272760682e73dbaba7976a429642bbe614de0cd007658c3f787bb52a4
3ab832b2c04011c34e585322a9839916ba12fb62306fc1b1512c23ec2cb6f42d
493baac3d5baf968932fbe557a97ee285c4eb17256645513c5db3d63fae650df
4b5f92a6011fae08bf5e0c019658022462b92269bb77aa107b00fb91b74385b6
4d59cdc5274b65d3e962d266f7d46f92573fa05247a7b3a1b3d33e0da09afa91
4dcef37cb13cff08822faed98d717a86e8df2364b33a4347695dd3502b5d4ff7
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
4f00f9ed283ca0b8229dcfc651fdf76145a847159ca25d18708e8a5bbe3747f6
53964478a7c634e8dad34ecc303dd8048d00dce4993906de1bacf67f663486ef
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
550b73e0c0aec915a041325949acdb92f807c636fd8554e00346fff5a3c51b18
580651dd51de7edef1ae471bb8ec51747ce5e814a7679978ef1a0af2ce88020a
592e81b6cea7d6e226497bfa57722b8ae306281cf092d243bc96f4688c1147c2
5a5176d831bcbcb91dbaa56013bbaa0e727420391705b5df454907e0694365bd
5ef1ee376d130228c011db5d64084f454c6e82acd78bf95afd4ad512b0fee9c2
607b848eda6aa9fb4a23d1a56b8576241aae9d3ae317a7ed52b63c4e6faefcd2
61576c8cea1c331ab39fbe1aba96c3c77f4b93caaa8441c4833d20114cd746f8
66e9bf446316f6eec5eaefa7098592bbd2144a60eb38c481db233a6ca8b8d94a
66f63f92598af33d43fea0fcda63f0413ee2817643c6a307b33ffa58359f4268
6719dd6012b88079db333c12a5836e5d4bccdb12ed6f348088a2be0051d99ef7
693c28225e3e863b8b4947a69263037eba0332c8b7623706220ba78372dce68c
6a05b5a94bcc25fdca44e9e1f5c6e92dbe9029e3966cd430d395e0562655a250
6b5f30162badf939fb69e8aa57726759e3cebca6325beac34579445eb27690d1
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
6ce7374a73bcef01a7eac31045895ec78692497e4f596a18ccf32958f6521eb0
6d1862b8191d2d7d3ddc5fb935211b8316203028f50fa865aa8230de6e6566ea
6d499f80c5b9c5c716e7773fed830f2f95dc7f65b29a4bc15a5b6d89a9f2e2cc
6d82e21331aeb7b154ce45f18bc4a76893c17b1e2db85c4b40397fabfc0b023e
6fbf8f11fa3afd72c833cf52c8a851eeffeb3ac3a6e6ff1c2da1e5f7ddf19e30
71343af0ed9b3f5fe834833e87ba5d19020529324fc10df67462eb347ef39896
733664ac0168d9b8001dee6bdf2a0f5e0e6ea951c57ba5159d808f6cad51f872
799aeb25cc0373fdee0e1b1db7ad6c2f6a0e058dfadaa3379689f583213190bd
7b29a89dccd63c5a9c8363bb6e44f9a164ea59a95539be11c783a6fbab35ab15
7d86b96e299a239459a4af27b1d3147330571ea1b63097d63c0896a5ea090e9e
80184c6a9d841c3254584df094aa329e08119d92f61953bf799bb76ee3aea56f
8534368733743a14a503307079a03d921c33943441346ffe2a83d2b1cba34e27
92dd15ecb41ce8e723ab01b7f3f2ca9c684073f77a7e4cde8b122eb32698f0e3
95767e63cd01709ecc9ba635292a11c5deb22f78cf4210a97698ab7c8392f112
96344083f9b3ae5b3316d0e6963e519beade434c6e52977191222ee4ff9ce678
968a8e56e4adaf8c135199ebd7f6cc065424ca45974d4dfbeb5607e69fe72fcd
96c1d938b90285cc4ac541ea35928bdbb43f1722228c267eb2c70220bd75446e
9a762ccbec72f15f2ae7e1a1e615aded4c3f6ef4a497d1206e569c74e6f395d2
9aee62004982ba23d3198d07581270784dc031d2681684615cb383c1bdf225ad
a011b30df905e9a2368facf8900cc7499750a3a44df79e477a59cf35f2149996
a937efd6f5160381fbf28854650a57f30fe43a2edfbaca9c05deba25cc3156b3
aab0b0752d39ebc070486d884cfe4328e9543dd6aa7d00cf03a31a35f5606961
ae270bcb50f2d50d85d66e5fa909ad765d6a899b387bb6508d3d3e94bad43ec1
bb4d049994d611c9ec103647ac7a9e201be9fe687bfbe646f1aa0217bfb30813
bbbd4edd726d7a69067f4e434f37570c057a43a172ecbc02e3757088c613208b
bbfd11be8ef21e1c20fcbb1a97d6e90e07784a8b824d4ff3e76b2600527388f9
bca286f99ba4cc5f2e054080d72467c89f0b3e7dabb746f424b7819c56e9d3fe
c08362ed9349936de2fd6f30501d153300f037a046ca269b80bf611728432207
c7a9b7c0c58029732ea3cf41cf2daf57ac122e2af2d76597225cd9061d488e12
c859be96de616000f8674c4957e7a5dd019251185209713651c6d9af7b909a6c
caf5b513d25fbb70aa4bdbb26e3ebc1015feb8d2ac362e114b19fb0beb5f4cbc
cd0d0b6e50ff01ff2f3a9a70d7cfb66a7c6cb9acf7a566325568be6d3bd31fc4
cf6d7d444098448381f04cad4887c62c8ece4566e664ddccfc6cdebe825f8709
d0ffced4d995b0fceda806b38da61a8825879e23650d4ec4a3f53a244b98abef
d15c3163acc1e2ae7deffd9061e89913d5553912b0ddb32183e680dec6e15dfb
d16f0d9322648fc1172eb8208f912f20bad8ac0851c887a1c7868274d5f7dc88
d3c1e68fc4bc2a76968b26980639f945779b2650051a5ae5e0c05b68e00bec00
d642e58114bbcf48f1bb72d671c8a0e01ecb7e10f62568e909a9f7805f310286
d65836e1d589fb9580a78e1782d4dadc8b53a57835a170b105ad079dff551127
d6ef91a8d6ce940b5973efb82b2733e43da517383416b5a9b7b3a7daba4bf3ad
db06dcfa0112b05cef7abd20fadc5baf632a316515f07cfd4fceb436c8a0cb1b
dc677724ba38a275256838df9edec6971af5005383f2ddfe96f37e6809e74e5a
dcdf3bf4f8a89be20d6875229258e61cd9c3a510e694756ebec98d5d90bfce33
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
debb16ba6256a783021016187fde0d3245f5e0c986a398aedc02ce4df5cc4055
e1c8692c13b885eaba7c46ad68373a48f380f20752e6efa6fd3adf95edf5c966
e33e41ef7541fd82c2ef18d08123e02ffde629e68dce7d0b84c721961eefeb12
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e55842a856a6d829feca3c3ad736c136b6c7549e9247274f78aa296259e06e24
ea427e862da0f0789701c4331b0b84e73c4c6f635e27493b760e24c138821711
ec1716e17f07c7f5e72bfeb9f14aec816ff474824dbf366999096004b13e47d0
ecb916133a9376911f10bc5c659952eb0031e457f5df367cde560edbfba38fb8
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f360d19c3cd2476ea12ced778e1dbdd6d184c13115f47aba3d599fbc8ab5e039
f816f00cec4fb8b7ffef8a55d7ad6a407ca477b374d2c14928d63b8706e7c011
ff3de130872fe0fb5b770dfa2bc9f0daf8ab320403a34a60d089436f08d24f99

ertrytj94.threeapples.workers.dev Open in urlscan Pro 2606:4700:3033::6815:490b Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

143 Requests

92 %HTTPS

42 %IPv6

17 Domains

25 Subdomains

25 IPs

6 Countries

3734 kBTransfer

6640 kBSize

21 Cookies

100 Outgoing links

Redirected requests

143 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 4 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

ertrytj94.threeapples.workers.dev Open in urlscan Pro
2606:4700:3033::6815:490b Public Scan

Screenshot
Live screenshot

Full Image

143
Requests

92 %
HTTPS

42 %
IPv6

17
Domains

25
Subdomains

25
IPs

6
Countries

3734 kB
Transfer

6640 kB
Size

21
Cookies

143 HTTP transactions
4 data transactions