sdqk.me Open in urlscan Pro
52.202.168.65 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://sdqk.me/BeJoqO1L-fZbffAw4L/nexus-mods-giveaway#/enter
Effective URL:
https://sdqk.me/p/nexus-mods-giveaway-BeJoqO1L?_sqf=ZbffAw4L&_sqt=BeJoqO1L&utm_campaign=sideqik&utm_medium=sideq...
Submission: On February 07 via manual (February 7th 2023, 3:33:25 pm UTC) from FR — Scanned from FR

Summary HTTP 48 Redirects Links 3 Behaviour Indicators

Summary

This website contacted 20 IPs in 5 countries across 17 domains to perform 48 HTTP transactions. The main IP is 52.202.168.65, located in Ashburn, United States and belongs to AMAZON-AES, US. The main domain is sdqk.me.
TLS certificate: Issued by R3 on January 19th 2023. Valid for: 3 months.

This is the only time sdqk.me was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 3	52.202.168.65 52.202.168.65	14618 (AMAZON-AES) (AMAZON-AES)
1	2a04:4e42:200... 2a04:4e42:200::729	54113 (FASTLY) (FASTLY)
5	2600:9000:225... 2600:9000:2250:5c00:1a:5e61:8e00:21	16509 (AMAZON-02) (AMAZON-02)
3	2606:4700::68... 2606:4700::6812:1634	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2a00:1450:400... 2a00:1450:4001:828::200a	15169 (GOOGLE) (GOOGLE)
2	2a02:26f0:11a... 2a02:26f0:11a::217:9a48	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1	2a00:1450:400... 2a00:1450:400d:80e::2008	15169 (GOOGLE) (GOOGLE)
1	52.222.250.201 52.222.250.201	16509 (AMAZON-02) (AMAZON-02)
4	2a00:1450:400... 2a00:1450:4001:82a::200e	15169 (GOOGLE) (GOOGLE)
2	2a04:4e42:600... 2a04:4e42:600::393	54113 (FASTLY) (FASTLY)
1	2a00:1450:402... 2a00:1450:4025:401::9c	15169 (GOOGLE) (GOOGLE)
1	2a02:26f0:350... 2a02:26f0:3500:16::215:1495	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
12	2a03:2880:f01... 2a03:2880:f01c:8012:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK)
2	2a00:1450:400... 2a00:1450:4001:812::200e	15169 (GOOGLE) (GOOGLE)
2	2606:2800:234... 2606:2800:234:46c:e8b:1e2f:2bd:694	15133 (EDGECAST) (EDGECAST)
2	2a04:4e42:41::84 2a04:4e42:41::84	54113 (FASTLY) (FASTLY)
1	2a02:26f0:350... 2a02:26f0:3500:16::215:149b	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1	104.244.42.200 104.244.42.200	13414 (TWITTER) (TWITTER)
2 4	2a03:2880:f17... 2a03:2880:f176:181:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK)
1 1	2a03:2880:f01... 2a03:2880:f01c:800e:face:b00c:0:2	32934 (FACEBOOK) (FACEBOOK)
1	151.101.192.84 151.101.192.84	54113 (FASTLY) (FASTLY)
48	20

3 52.202.168.65 (Ashburn, United States) 1 redirects

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-202-168-65.compute-1.amazonaws.com

sdqk.me	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a04:4e42:200::729 (United States)

ASN54113 (FASTLY, US)

browser.sentry-cdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2600:9000:2250:5c00:1a:5e61:8e00:21 (United States)

ASN16509 (AMAZON-02, US)

d3v7rsyt5bz8s8.cloudfront.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2606:4700::6812:1634 (United States)

ASN13335 (CLOUDFLARENET, US)

pro.fontawesome.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:828::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

ajax.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a02:26f0:11a::217:9a48 (Vienna, Austria)

ASN20940 (AKAMAI-ASN1, NL)

use.typekit.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400d:80e::2008 (Ireland)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.222.250.201 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-52-222-250-201.fra60.r.cloudfront.net

d1hrk5gt3yn7pi.cloudfront.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:82a::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a04:4e42:600::393 (United States)

ASN54113 (FASTLY, US)

res.cloudinary.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4025:401::9c (Den Helder, Netherlands)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:26f0:3500:16::215:1495 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)

p.typekit.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

12 2a03:2880:f01c:8012:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
static.xx.fbcdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:812::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

apis.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:2800:234:46c:e8b:1e2f:2bd:694 (United States)

ASN15133 (EDGECAST, US)

platform.twitter.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a04:4e42:41::84 (Vienna, Austria)

ASN54113 (FASTLY, US)

assets.pinterest.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:26f0:3500:16::215:149b (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)

platform.linkedin.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.244.42.200 (United States)

ASN13414 (TWITTER, US)

syndication.twitter.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a03:2880:f176:181:face:b00c:0:25de (Frankfurt am Main, Germany) 2 redirects

ASN32934 (FACEBOOK, US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a03:2880:f01c:800e:face:b00c:0:2 (Frankfurt am Main, Germany) 1 redirects

ASN32934 (FACEBOOK, US)

web.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 151.101.192.84 (United States)

ASN54113 (FASTLY, US)

log.pinterest.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
10	fbcdn.net static.xx.fbcdn.net — Cisco Umbrella Rank: 824	720 KB
6	cloudfront.net d3v7rsyt5bz8s8.cloudfront.net d1hrk5gt3yn7pi.cloudfront.net	563 KB
5	facebook.com 3 redirects www.facebook.com — Cisco Umbrella Rank: 107 web.facebook.com — Cisco Umbrella Rank: 233	38 KB
4	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 21	20 KB
3	pinterest.com assets.pinterest.com — Cisco Umbrella Rank: 2645 log.pinterest.com — Cisco Umbrella Rank: 3720	19 KB
3	twitter.com platform.twitter.com — Cisco Umbrella Rank: 738 syndication.twitter.com — Cisco Umbrella Rank: 1011	132 KB
3	typekit.net use.typekit.net — Cisco Umbrella Rank: 436 p.typekit.net — Cisco Umbrella Rank: 598	22 KB
3	fontawesome.com pro.fontawesome.com — Cisco Umbrella Rank: 5058	295 KB
3	sdqk.me 1 redirects sdqk.me	13 KB
2	google.com apis.google.com — Cisco Umbrella Rank: 92	115 KB
2	facebook.net connect.facebook.net — Cisco Umbrella Rank: 146	89 KB
2	cloudinary.com res.cloudinary.com — Cisco Umbrella Rank: 2171	645 KB
2	googleapis.com ajax.googleapis.com — Cisco Umbrella Rank: 295	23 KB
1	linkedin.com platform.linkedin.com — Cisco Umbrella Rank: 3104	160 KB
1	doubleclick.net stats.g.doubleclick.net — Cisco Umbrella Rank: 78	340 B
1	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 40	38 KB
1	sentry-cdn.com browser.sentry-cdn.com — Cisco Umbrella Rank: 3942	17 KB
48	17

	Domain	Requested by
10	static.xx.fbcdn.net	www.facebook.com static.xx.fbcdn.net
5	d3v7rsyt5bz8s8.cloudfront.net	sdqk.me browser.sentry-cdn.com
4	www.facebook.com	2 redirects browser.sentry-cdn.com connect.facebook.net
4	www.google-analytics.com	sdqk.me browser.sentry-cdn.com
3	pro.fontawesome.com	sdqk.me pro.fontawesome.com
3	sdqk.me	1 redirects browser.sentry-cdn.com
2	assets.pinterest.com	sdqk.me assets.pinterest.com
2	platform.twitter.com	sdqk.me platform.twitter.com
2	apis.google.com	sdqk.me apis.google.com
2	connect.facebook.net	sdqk.me connect.facebook.net
2	res.cloudinary.com	sdqk.me
2	use.typekit.net	ajax.googleapis.com sdqk.me
2	ajax.googleapis.com	sdqk.me
1	log.pinterest.com
1	web.facebook.com	1 redirects
1	syndication.twitter.com	platform.twitter.com
1	platform.linkedin.com	sdqk.me
1	p.typekit.net	sdqk.me
1	stats.g.doubleclick.net	browser.sentry-cdn.com
1	d1hrk5gt3yn7pi.cloudfront.net	sdqk.me
1	www.googletagmanager.com	sdqk.me
1	browser.sentry-cdn.com	sdqk.me
48	22

This site contains links to these domains. Also see Links.

Domain
twitter.com
www.linkedin.com
www.sideqik.com

Subject Issuer	Validity	Valid
sdqk.me R3	`2023-01-19` - `2023-04-19`	3 months	crt.sh
*.sentry-cdn.com GlobalSign Atlas R3 DV TLS CA 2022 Q3	`2022-09-28` - `2023-10-30`	a year	crt.sh
*.cloudfront.net Amazon RSA 2048 M01	`2022-12-08` - `2023-12-07`	a year	crt.sh
*.fontawesome.com DigiCert TLS RSA SHA256 2020 CA1	`2022-11-22` - `2023-12-23`	a year	crt.sh
upload.video.google.com GTS CA 1C3	`2023-01-31` - `2023-04-25`	3 months	crt.sh
use.typekit.net DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2022-09-14` - `2023-10-15`	a year	crt.sh
*.google-analytics.com GTS CA 1C3	`2023-01-09` - `2023-04-03`	3 months	crt.sh
*.cloudinary.com Go Daddy Secure Certificate Authority - G2	`2022-05-30` - `2023-07-01`	a year	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2023-01-09` - `2023-04-03`	3 months	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2022-11-16` - `2023-02-14`	3 months	crt.sh
*.apis.google.com GTS CA 1C3	`2023-01-31` - `2023-04-25`	3 months	crt.sh
*.twimg.com DigiCert TLS RSA SHA256 2020 CA1	`2022-10-06` - `2023-11-06`	a year	crt.sh
*.pinterest.com DigiCert TLS RSA SHA256 2020 CA1	`2022-07-28` - `2023-08-08`	a year	crt.sh
platform.linkedin.com DigiCert SHA2 Secure Server CA	`2022-06-09` - `2023-06-09`	a year	crt.sh
syndication.twitter.com DigiCert TLS RSA SHA256 2020 CA1	`2022-10-01` - `2023-10-01`	a year	crt.sh

This page contains 3 frames:

Primary Page: https://sdqk.me/p/nexus-mods-giveaway-BeJoqO1L?_sqf=ZbffAw4L&_sqt=BeJoqO1L&utm_campaign=sideqik&utm_medium=sideqik&utm_source=sideqik
Frame ID: EB54E7127C59A21ED235EE693985CC0B
Requests: 35 HTTP requests in this frame

Frame: https://platform.twitter.com/widgets/widget_iframe.2b2d73daf636805223fb11d48f3e94f7.html?origin=https%3A%2F%2Fsdqk.me
Frame ID: 8CEC0ABDC7A3C66707746D3433569053
Requests: 2 HTTP requests in this frame

Frame: https://www.facebook.com/plugins/feedback.php?app_id=268533483171014&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df2197f85b43eaa8%26domain%3Dsdqk.me%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Fsdqk.me%252Ff10be6ecbf864d%26relation%3Dparent.parent&color_scheme=dark&container_width=740&height=100&href=https%3A%2F%2Fsdqk.me%2Fp%2Fnexus-mods-giveaway-BeJoqO1L&locale=en_US&sdk=joey&version=v6.0&width=550
Frame ID: 8308002B0096120676BDA2479A6528D1
Requests: 11 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Nexus Mods Giveaway

Page URL History Show full URLs

https://sdqk.me/BeJoqO1L-fZbffAw4L/nexus-mods-giveaway HTTP 302
https://sdqk.me/p/nexus-mods-giveaway-BeJoqO1L?_sqf=ZbffAw4L&_sqt=BeJoqO1L&utm_campaign=side... Page URL

Detected technologies

Sentry (Issue Trackers) Expand

Overall confidence: 100%
Detected patterns

browser\.sentry\-cdn\.com/([0-9.]+)/bundle(?:\.tracing)?(?:\.min)?\.js

Ruby on Rails (Web Frameworks) Expand

Overall confidence: 75%
Detected patterns

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

//connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

Font Awesome (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

googleapis\.com/.+webfont

Google Plus (Widgets) Expand

Overall confidence: 100%
Detected patterns

apis\.google\.com/js/[a-z]*\.js

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtm\.js

Linkedin (Widgets) Expand

Overall confidence: 100%
Detected patterns

//platform\.linkedin\.com/in\.js

Pinterest (Widgets) Expand

Overall confidence: 100%
Detected patterns

//assets\.pinterest\.com/js/pinit\.js

Twitter (Widgets) Expand

Overall confidence: 100%
Detected patterns

//platform\.twitter\.com/widgets\.js

Page Statistics

48
Requests

100 %
HTTPS

81 %
IPv6

17
Domains

22
Subdomains

20
IPs

5
Countries

2907 kB
Transfer

7436 kB
Size

6
Cookies

3 Outgoing links

These are links going to different origins than the main page.

URL: https://twitter.com/intent/tweet?url=https%3A%2F%2Fsdqk.me%2Fp%2Fnexus-mods-giveaway-BeJoqO1L&text=Nexus%20Mods%20has%20teamed%20up%20with%20GOG.com%2C%20MSI%2C%20Corsair%2C%20and%20PCMasterRace%20to%20host%20an%20awesome%20giveaway!

Search URL Search Domain Scan URL

URL: https://www.linkedin.com/shareArticle?url=https%3A%2F%2Fsdqk.me%2Fp%2Fnexus-mods-giveaway-BeJoqO1L&mini=true

Search URL Search Domain Scan URL

URL: https://www.sideqik.com/

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://sdqk.me/BeJoqO1L-fZbffAw4L/nexus-mods-giveaway HTTP 302
https://sdqk.me/p/nexus-mods-giveaway-BeJoqO1L?_sqf=ZbffAw4L&_sqt=BeJoqO1L&utm_campaign=sideqik&utm_medium=sideqik&utm_source=sideqik Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 35

https://web.facebook.com/v6.0/plugins/comments.php?app_id=268533483171014&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df2197f85b43eaa8%26domain%3Dsdqk.me%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Fsdqk.me%252Ff10be6ecbf864d%26relation%3Dparent.parent&color_scheme=dark&container_width=740&height=100&href=https%3A%2F%2Fsdqk.me%2Fp%2Fnexus-mods-giveaway-BeJoqO1L&locale=en_US&sdk=joey&version=v6.0&width=550 HTTP 302
https://www.facebook.com/v6.0/plugins/comments.php?app_id=268533483171014&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df2197f85b43eaa8%26domain%3Dsdqk.me%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Fsdqk.me%252Ff10be6ecbf864d%26relation%3Dparent.parent&color_scheme=dark&container_width=740&height=100&href=https%3A%2F%2Fsdqk.me%2Fp%2Fnexus-mods-giveaway-BeJoqO1L&locale=en_US&sdk=joey&version=v6.0&width=550&_rdc=1&_rdr HTTP 302
https://www.facebook.com/plugins/comments.php?app_id=268533483171014&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df2197f85b43eaa8%26domain%3Dsdqk.me%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Fsdqk.me%252Ff10be6ecbf864d%26relation%3Dparent.parent&color_scheme=dark&container_width=740&height=100&href=https%3A%2F%2Fsdqk.me%2Fp%2Fnexus-mods-giveaway-BeJoqO1L&locale=en_US&sdk=joey&version=v6.0&width=550 HTTP 302
https://www.facebook.com/plugins/feedback.php?app_id=268533483171014&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df2197f85b43eaa8%26domain%3Dsdqk.me%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Fsdqk.me%252Ff10be6ecbf864d%26relation%3Dparent.parent&color_scheme=dark&container_width=740&height=100&href=https%3A%2F%2Fsdqk.me%2Fp%2Fnexus-mods-giveaway-BeJoqO1L&locale=en_US&sdk=joey&version=v6.0&width=550

48 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1

200
OK

Primary Request nexus-mods-giveaway-BeJoqO1L Show response
sdqk.me/p/
Redirect Chain

https://sdqk.me/BeJoqO1L-fZbffAw4L/nexus-mods-giveaway
https://sdqk.me/p/nexus-mods-giveaway-BeJoqO1L?_sqf=ZbffAw4L&_sqt=BeJoqO1L&utm_campaign=sideqik&utm_medium=sideqik&utm_source=sideqik

38 KB
11 KB

225ms
224ms

Document
text/html

52.202.168.65
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://sdqk.me/p/nexus-mods-giveaway-BeJoqO1L?_sqf=ZbffAw4L&_sqt=BeJoqO1L&utm_campaign=sideqik&utm_medium=sideqik&utm_source=sideqik

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

52.202.168.65 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-52-202-168-65.compute-1.amazonaws.com

Software

Cowboy /

Resource Hash

8440ff98d060523a1d5fd3190979e1ee021ae6203b9fa04c9961136fae34b70d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
accept-language: fr-FR,fr;q=0.9

Response headers

Cache-Control: max-age=0, private, must-revalidate
Connection: keep-alive
Content-Encoding: gzip
Content-Type: text/html; charset=utf-8
Date: Tue, 07 Feb 2023 15:33:17 GMT
Etag: W/"8440ff98d060523a1d5fd3190979e1ee"
Referrer-Policy: strict-origin-when-cross-origin
Server: Cowboy
Transfer-Encoding: chunked
Vary: Origin,Accept-Encoding
Via: 1.1 vegur
X-Content-Type-Options: nosniff
X-Download-Options: noopen
X-Permitted-Cross-Domain-Policies: none
X-Request-Id: 1140bdd4-163a-41cf-94ab-d520276968f4
X-Runtime: 0.125463
X-Xss-Protection: 1; mode=block

Redirect headers

Cache-Control: no-cache
Connection: keep-alive
Content-Encoding: gzip
Content-Type: text/html; charset=utf-8
Date: Tue, 07 Feb 2023 15:33:17 GMT
Location: https://sdqk.me/p/nexus-mods-giveaway-BeJoqO1L?_sqf=ZbffAw4L&_sqt=BeJoqO1L&utm_campaign=sideqik&utm_medium=sideqik&utm_source=sideqik
Referrer-Policy: strict-origin-when-cross-origin
Server: Cowboy
Transfer-Encoding: chunked
Vary: Origin,Accept-Encoding
Via: 1.1 vegur
X-Content-Type-Options: nosniff
X-Download-Options: noopen
X-Frame-Options: SAMEORIGIN
X-Permitted-Cross-Domain-Policies: none
X-Request-Id: ddac726c-0028-4050-ac0e-834b6a9329b6
X-Runtime: 0.027156
X-Xss-Protection: 1; mode=block

GET
H2 200 bundle.min.js Show response
browser.sentry-cdn.com/5.18.1/ 57 KB
17 KB 60ms
19ms Script
application/javascript 2a04:4e42:200::729
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://browser.sentry-cdn.com/5.18.1/bundle.min.js

Requested by

Host: sdqk.me
URL: https://sdqk.me/p/nexus-mods-giveaway-BeJoqO1L?_sqf=ZbffAw4L&_sqt=BeJoqO1L&utm_campaign=sideqik&utm_medium=sideqik&utm_source=sideqik

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a04:4e42:200::729 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Fastly /

Resource Hash

5dd1bf1083162c29601c268f35f4e78df929195dd336fff60f25fc09df6dbbc0

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://sdqk.me/
Origin: https://sdqk.me
accept-language: fr-FR,fr;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Tue, 07 Feb 2023 15:33:17 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains
last-modified: Fri, 26 Jun 2020 10:08:23 GMT
server: Fastly
age: 5391878
etag: "a2ca5f1f2d44b51379829caf25022065"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
content-length: 17643
expires: Thu, 07 Dec 2023 05:48:40 GMT

GET
H2 200 promotion-actions-dark-4cbba32cb85c54762ab164c1cdee7fb12cf78cb2e3199de69fd4e412b2a05866.css
d3v7rsyt5bz8s8.cloudfront.net/assets/ 245 KB
39 KB 93ms
29ms Stylesheet
text/css 2600:9000:2250:5c00:1a:5e61:8e00:21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d3v7rsyt5bz8s8.cloudfront.net/assets/promotion-actions-dark-4cbba32cb85c54762ab164c1cdee7fb12cf78cb2e3199de69fd4e412b2a05866.css
Requested by: Host: sdqk.me
URL: https://sdqk.me/p/nexus-mods-giveaway-BeJoqO1L?_sqf=ZbffAw4L&_sqt=BeJoqO1L&utm_campaign=sideqik&utm_medium=sideqik&utm_source=sideqik
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2250:5c00:1a:5e61:8e00:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: Cowboy /
Resource Hash: a1a471052f9d94fa7e7a1ca1f03cb01eb66715682be87529c6c1fc94772ef3ec

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://sdqk.me/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Tue, 07 Feb 2023 06:39:59 GMT
content-encoding: gzip
via: 1.1 vegur, 1.1 615f944336054ae07b8e7c415ddbad44.cloudfront.net (CloudFront)
last-modified: Thu, 19 Jan 2023 00:03:53 GMT
server: Cowboy
x-amz-cf-pop: FRA60-P2
age: 31998
vary: Accept-Encoding,Origin
x-cache: Hit from cloudfront
content-type: text/css
content-length: 39670
x-amz-cf-id: J1ofMORJTnG9CRsBAr7myWkzfzIvPgY4DMwQQl_vnLZHNQ0Mj7U-7A==

GET
H2 200 promotion-dep-61211e07f31c0ecffcfd64b2a373a590a9a639905e64bded9072ad33b690dc45.js Show response
d3v7rsyt5bz8s8.cloudfront.net/assets/ 876 KB
255 KB 116ms
52ms Script
application/javascript 2600:9000:2250:5c00:1a:5e61:8e00:21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d3v7rsyt5bz8s8.cloudfront.net/assets/promotion-dep-61211e07f31c0ecffcfd64b2a373a590a9a639905e64bded9072ad33b690dc45.js
Requested by: Host: sdqk.me
URL: https://sdqk.me/p/nexus-mods-giveaway-BeJoqO1L?_sqf=ZbffAw4L&_sqt=BeJoqO1L&utm_campaign=sideqik&utm_medium=sideqik&utm_source=sideqik
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2250:5c00:1a:5e61:8e00:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: Cowboy /
Resource Hash: 61211e07f31c0ecffcfd64b2a373a590a9a639905e64bded9072ad33b690dc45

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://sdqk.me/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Tue, 07 Feb 2023 06:39:58 GMT
content-encoding: gzip
via: 1.1 vegur, 1.1 615f944336054ae07b8e7c415ddbad44.cloudfront.net (CloudFront)
last-modified: Tue, 08 Mar 2022 20:54:43 GMT
server: Cowboy
x-amz-cf-pop: FRA60-P2
age: 31998
vary: Accept-Encoding,Origin
x-cache: Hit from cloudfront
content-type: application/javascript
content-length: 260634
x-amz-cf-id: mHQVnHmHS4a4jhsRoNcqL4mOktXaw8dkOY37DI3PZ84TEwuT0LXttg==

GET
H2 200 promotion-actions-643ffe7d84ef297f65807fc71d4d846f8c0154317394bb920b66b34332ddfea6.js Show response
d3v7rsyt5bz8s8.cloudfront.net/assets/ 930 KB
250 KB 117ms
53ms Script
application/javascript 2600:9000:2250:5c00:1a:5e61:8e00:21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d3v7rsyt5bz8s8.cloudfront.net/assets/promotion-actions-643ffe7d84ef297f65807fc71d4d846f8c0154317394bb920b66b34332ddfea6.js
Requested by: Host: sdqk.me
URL: https://sdqk.me/p/nexus-mods-giveaway-BeJoqO1L?_sqf=ZbffAw4L&_sqt=BeJoqO1L&utm_campaign=sideqik&utm_medium=sideqik&utm_source=sideqik
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2250:5c00:1a:5e61:8e00:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: Cowboy /
Resource Hash: 643ffe7d84ef297f65807fc71d4d846f8c0154317394bb920b66b34332ddfea6

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://sdqk.me/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Tue, 07 Feb 2023 06:39:59 GMT
content-encoding: gzip
via: 1.1 vegur, 1.1 615f944336054ae07b8e7c415ddbad44.cloudfront.net (CloudFront)
last-modified: Wed, 01 Feb 2023 06:27:07 GMT
server: Cowboy
x-amz-cf-pop: FRA60-P2
age: 31998
vary: Accept-Encoding,Origin
x-cache: Hit from cloudfront
content-type: application/javascript
content-length: 254961
x-amz-cf-id: L6k7c7a--OPcCv6QHUY9MpPaAdn8DEKsn4-1x6-3yahdiHOBT-XVAQ==

GET
H2 200 all.css
pro.fontawesome.com/releases/v5.13.1/css/ 170 KB
32 KB 114ms
42ms Stylesheet
text/css 2606:4700::6812:1634
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://pro.fontawesome.com/releases/v5.13.1/css/all.css
Requested by: Host: sdqk.me
URL: https://sdqk.me/p/nexus-mods-giveaway-BeJoqO1L?_sqf=ZbffAw4L&_sqt=BeJoqO1L&utm_campaign=sideqik&utm_medium=sideqik&utm_source=sideqik
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:1634 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 849ab4fec0cf851d187a99fe85dd6f245673db1fdbff84056d7fb15769571823

Request headers

Referer: https://sdqk.me/
Origin: https://sdqk.me
accept-language: fr-FR,fr;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Tue, 07 Feb 2023 15:33:17 GMT
content-encoding: gzip
cf-cache-status: HIT
x-amz-request-id: 30E2P8KNA70EFHC4
age: 337683
x-amz-id-2: N96FlvWk5f08Cl3y2Q2kzptl15eVoZu2U71tXtz7KFJdqDKZXDKhADuftOvbi4i5dMSaaCW/nJE=
last-modified: Mon, 28 Jun 2021 17:11:03 GMT
server: cloudflare
etag: W/"4a11627ef528135908c58c6547674343"
access-control-max-age: 3000
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
access-control-allow-methods: GET
access-control-allow-origin: *
content-type: text/css
cache-control: max-age=31556926
cf-ray: 795d2ee2ddd33cf9-CDG

GET
H2 200 webfont.js Show response
ajax.googleapis.com/ajax/libs/webfont/1.6.26/ 13 KB
6 KB 87ms
26ms Script
text/javascript 2a00:1450:4001:828::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ajax.googleapis.com/ajax/libs/webfont/1.6.26/webfont.js

Requested by

Host: sdqk.me
URL: https://sdqk.me/p/nexus-mods-giveaway-BeJoqO1L?_sqf=ZbffAw4L&_sqt=BeJoqO1L&utm_campaign=sideqik&utm_medium=sideqik&utm_source=sideqik

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

81016ac6be850b72df5d4faa0c3cec8e2c1b0ba0045712144a6766adfad40bee

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://sdqk.me/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Tue, 07 Feb 2023 00:40:12 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 53585
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 5437
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 19:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="hosted-libraries-pushers"
vary: Accept-Encoding
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 07 Feb 2024 00:40:12 GMT

GET
H2 200 webfont.js Show response
ajax.googleapis.com/ajax/libs/webfont/1.4.7/ 17 KB
17 KB 27ms
26ms Script
text/javascript 2a00:1450:4001:828::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ajax.googleapis.com/ajax/libs/webfont/1.4.7/webfont.js

Requested by

Host: sdqk.me
URL: https://sdqk.me/p/nexus-mods-giveaway-BeJoqO1L?_sqf=ZbffAw4L&_sqt=BeJoqO1L&utm_campaign=sideqik&utm_medium=sideqik&utm_source=sideqik

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d142a29dfc233602672353f1bfaf7d8e72331ec6902d8dd12cb56e5eaf794fc2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://sdqk.me/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Fri, 03 Feb 2023 03:49:46 GMT
x-content-type-options: nosniff
age: 387812
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 17698
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 19:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="hosted-libraries-pushers"
vary: Accept-Encoding
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 03 Feb 2024 03:49:46 GMT

GET
H2 200 tbo7phn.js Show response
use.typekit.net/ 16 KB
7 KB 300ms
162ms Script
text/javascript 2a02:26f0:11a::217:9a48
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://use.typekit.net/tbo7phn.js

Requested by

Host: ajax.googleapis.com
URL: https://ajax.googleapis.com/ajax/libs/webfont/1.4.7/webfont.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:11a::217:9a48 Vienna, Austria, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

nginx /

Resource Hash

4ccde82c7240a89d5871c046b94934c0a9ffebc2f69966b955d6862942062fde

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains;

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://sdqk.me/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains;
content-encoding: gzip
date: Tue, 07 Feb 2023 15:33:18 GMT
server: nginx
vary: Accept-Encoding
content-type: text/javascript;charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=600, stale-while-revalidate=604800
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 6597

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 95 KB
38 KB 167ms
68ms Script
application/javascript 2a00:1450:400d:80e::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-PQQVSXF

Requested by

Host: sdqk.me
URL: https://sdqk.me/p/nexus-mods-giveaway-BeJoqO1L?_sqf=ZbffAw4L&_sqt=BeJoqO1L&utm_campaign=sideqik&utm_medium=sideqik&utm_source=sideqik

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:80e::2008 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

a0b8355f4fb54619d0a356efb49c7b84b97bf58505bc735934235287bd8a318c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://sdqk.me/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Tue, 07 Feb 2023 15:33:18 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 38175
x-xss-protection: 0
last-modified: Tue, 07 Feb 2023 15:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Tue, 07 Feb 2023 15:33:18 GMT

GET
H2 200 sideqik-api-1.2.js Show response
d1hrk5gt3yn7pi.cloudfront.net/api/ 14 KB
14 KB 105ms
27ms Script
application/x-javascript 52.222.250.201
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d1hrk5gt3yn7pi.cloudfront.net/api/sideqik-api-1.2.js
Requested by: Host: sdqk.me
URL: https://sdqk.me/p/nexus-mods-giveaway-BeJoqO1L?_sqf=ZbffAw4L&_sqt=BeJoqO1L&utm_campaign=sideqik&utm_medium=sideqik&utm_source=sideqik
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.222.250.201 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-52-222-250-201.fra60.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 9ee826117d17294b9f77cdde03ad1553eceacca074ace1eba0f1d989aecb4200

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://sdqk.me/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Tue, 07 Feb 2023 07:08:41 GMT
via: 1.1 7395d1816622756cd6753f5e1281200c.cloudfront.net (CloudFront)
last-modified: Mon, 09 May 2022 12:33:07 GMT
server: AmazonS3
x-amz-cf-pop: FRA60-P3
age: 30278
etag: "a242f84597fa7add0f16a537ac5630dd"
x-cache: Hit from cloudfront
content-type: application/x-javascript
cache-control: max-age=86400
accept-ranges: bytes
content-length: 14473
x-amz-cf-id: D2LF7BPPwX8hHHHsdaKZXWXkqB2wxbOi4ILscfrQTU7mg-eHWAICGw==

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 49 KB
20 KB 86ms
26ms Script
text/javascript 2a00:1450:4001:82a::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: sdqk.me
URL: https://sdqk.me/p/nexus-mods-giveaway-BeJoqO1L?_sqf=ZbffAw4L&_sqt=BeJoqO1L&utm_campaign=sideqik&utm_medium=sideqik&utm_source=sideqik

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

5971b095cff574a66d35ada016d4c077c86e2dea62e9c0f14cf7c94b258619de

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://sdqk.me/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Tue, 07 Feb 2023 14:54:50 GMT
last-modified: Tue, 10 Jan 2023 21:29:14 GMT
server: Golfe2
age: 2308
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20085
expires: Tue, 07 Feb 2023 16:54:50 GMT

GET
H2 200 eng-37e56b3045db4b55a7eb30ba8ad1b7222cb5411a72a3cbc394a57f7cc4bfaec8.json Show response
d3v7rsyt5bz8s8.cloudfront.net/assets/ 8 KB
3 KB 71ms
24ms XHR
application/json 2600:9000:2250:5c00:1a:5e61:8e00:21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d3v7rsyt5bz8s8.cloudfront.net/assets/eng-37e56b3045db4b55a7eb30ba8ad1b7222cb5411a72a3cbc394a57f7cc4bfaec8.json
Requested by: Host: browser.sentry-cdn.com
URL: https://browser.sentry-cdn.com/5.18.1/bundle.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2250:5c00:1a:5e61:8e00:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: Cowboy /
Resource Hash: 37e56b3045db4b55a7eb30ba8ad1b7222cb5411a72a3cbc394a57f7cc4bfaec8

Request headers

Accept: application/json, text/javascript, */*; q=0.01
Referer: https://sdqk.me/
accept-language: fr-FR,fr;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Tue, 07 Feb 2023 10:12:36 GMT
content-encoding: gzip
via: 1.1 vegur, 1.1 da4de4427d18bee1d3254f1bbdad25f2.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA60-P2
age: 22985
x-cache: Hit from cloudfront
last-modified: Wed, 24 Mar 2021 19:25:23 GMT
server: Cowboy
access-control-max-age: 7200
access-control-allow-methods: GET, POST, OPTIONS, PUT, DELETE, PATCH
content-type: application/json
access-control-allow-origin: https://sdqk.me
access-control-expose-headers
vary: Origin,Accept-Encoding
access-control-allow-credentials: true
x-amz-cf-id: rgOHtq-71fiPX8AKdotOteedt7YYw7cu4dO7v1xJvZAmoetDS9mcKw==

POST
H/1.1 201
Created track Show response
sdqk.me/api/promotions/5a1c3831b501240020000002/ 15 B
1 KB 112ms
112ms XHR
application/json 52.202.168.65
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://sdqk.me/api/promotions/5a1c3831b501240020000002/track
Requested by: Host: browser.sentry-cdn.com
URL: https://browser.sentry-cdn.com/5.18.1/bundle.min.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 52.202.168.65 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-202-168-65.compute-1.amazonaws.com
Software: Cowboy /
Resource Hash: 1aad36b0fb02621b951649811957ba7ad67d4838c2932d02088f7d6e8db74313

Request headers

X-CSRF-Token: g4t3lq/Mte0fjHauwugLJO+/tUYY4rj74ZtSS7tZGBc1FeSKQvQ+ZnR+G2ZeizAsDIFF51ndFVuzpMWaIerPSg==
X-Sideqik-Account-Id: 555b75c63264620007412c00
accept-language: fr-FR,fr;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
Content-Type: application/x-www-form-urlencoded; charset=UTF-8
Accept: */*
Referer: https://sdqk.me/p/nexus-mods-giveaway-BeJoqO1L?_sqf=ZbffAw4L&_sqt=BeJoqO1L&utm_campaign=sideqik&utm_medium=sideqik&utm_source=sideqik
X-Requested-With: XMLHttpRequest

Response headers

Date: Tue, 07 Feb 2023 15:33:17 GMT
Content-Encoding: gzip
Via: 1.1 vegur
Transfer-Encoding: chunked
Connection: keep-alive
X-Request-Id: 43035112-8588-49ee-a9f7-efe8fa8b2059
X-Runtime: 0.013327
Server: Cowboy
Etag: W/"1aad36b0fb02621b951649811957ba7a"
Access-Control-Max-Age: 7200
Access-Control-Allow-Methods: GET, POST, OPTIONS, PUT, DELETE, PATCH
Content-Type: application/json
Access-Control-Allow-Origin: https://sdqk.me
Access-Control-Expose-Headers
Cache-Control: no-store, must-revalidate
Access-Control-Allow-Credentials: true
Vary: Origin,Accept-Encoding

GET
H2 200 fa-light-300.woff2
pro.fontawesome.com/releases/v5.13.1/webfonts/ 186 KB
186 KB 32ms
32ms Font
font/woff2 2606:4700::6812:1634
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://pro.fontawesome.com/releases/v5.13.1/webfonts/fa-light-300.woff2
Requested by: Host: pro.fontawesome.com
URL: https://pro.fontawesome.com/releases/v5.13.1/css/all.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:1634 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 69885c352b73c062750dd828a00cb617eea070cd1053590cedd947a7b5d5b152

Request headers

Referer: https://pro.fontawesome.com/releases/v5.13.1/css/all.css
Origin: https://sdqk.me
accept-language: fr-FR,fr;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Tue, 07 Feb 2023 15:33:18 GMT
cf-cache-status: HIT
x-amz-request-id: FT6VC52TPJWTKNAH
age: 30954
content-length: 190452
x-amz-id-2: xh4WmrjkVJhjn1EDa1fSOXMHWg6OK5/5NqDSn4UMeHjP/hajvLHjcbDA1p5BuhyNVMGeUGWZedVIc5Qvj+IzhA==
last-modified: Mon, 28 Jun 2021 17:12:46 GMT
server: cloudflare
etag: "4f6e39d6b47d32e8323f46d91deba199"
access-control-max-age: 3000
access-control-allow-methods: GET
content-type: font/woff2
access-control-allow-origin: *
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
cache-control: max-age=31556926
accept-ranges: bytes
cf-ray: 795d2ee4c8de3cf9-CDG

GET
H2 200 kxnuonyk3djyfj3qpudv
res.cloudinary.com/sideqik/image/upload/dpr_1.0,f_auto,q_auto,t_promotion_banner/ 641 KB
642 KB 280ms
222ms Image
image/webp 2a04:4e42:600::393
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://res.cloudinary.com/sideqik/image/upload/dpr_1.0,f_auto,q_auto,t_promotion_banner/kxnuonyk3djyfj3qpudv

Requested by

Host: sdqk.me
URL: https://sdqk.me/p/nexus-mods-giveaway-BeJoqO1L?_sqf=ZbffAw4L&_sqt=BeJoqO1L&utm_campaign=sideqik&utm_medium=sideqik&utm_source=sideqik

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a04:4e42:600::393 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Cloudinary /

Resource Hash

34e6c35d59992742db8cbdc9649126fcfc7151efafd5c0b9f38dfeb9a2a377c7

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800
X-Content-Type-Options	nosniff

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://sdqk.me/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Tue, 07 Feb 2023 15:33:18 GMT
strict-transport-security: max-age=604800
x-content-type-options: nosniff
content-disposition: inline; filename="kxnuonyk3djyfj3qpudv.webp"
server-timing: fastly;dur=202;cpu=3;start=2023-02-07T15:33:18.272Z;desc=miss,rtt;dur=18,cloudinary;dur=119;start=2023-02-07T15:33:18.314Z
content-length: 656826
last-modified: Mon, 27 Nov 2017 19:19:52 GMT
server: Cloudinary
etag: "0dc0152ad447b8f575758d828e4622e2"
vary: Save-Data
content-type: image/webp
access-control-allow-origin: *
access-control-expose-headers: Content-Length,Content-Disposition,ETag,Server-Timing,Vary,X-Content-Type-Options
cache-control: private, no-transform, immutable, max-age=2592000
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 bzxb4l6pkyp12mkvho3z
res.cloudinary.com/sideqik/image/upload/t_logo-sm/ 2 KB
3 KB 82ms
23ms Image
image/png 2a04:4e42:600::393
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://res.cloudinary.com/sideqik/image/upload/t_logo-sm/bzxb4l6pkyp12mkvho3z

Requested by

Host: sdqk.me
URL: https://sdqk.me/p/nexus-mods-giveaway-BeJoqO1L?_sqf=ZbffAw4L&_sqt=BeJoqO1L&utm_campaign=sideqik&utm_medium=sideqik&utm_source=sideqik

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a04:4e42:600::393 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Cloudinary /

Resource Hash

77af2346e734b1ad71b93285b998cbcfbe82ac1693fcd60e81b432de800ce39f

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800
X-Content-Type-Options	nosniff

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://sdqk.me/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Tue, 07 Feb 2023 15:33:18 GMT
strict-transport-security: max-age=604800
x-content-type-options: nosniff
last-modified: Wed, 14 Oct 2020 13:06:10 GMT
server: Cloudinary
etag: "d623c609f1e4be545dbec2061969d4cb"
content-type: image/png
access-control-allow-origin: *
access-control-expose-headers: Content-Length,ETag,Server-Timing,X-Content-Type-Options
cache-control: public, no-transform, immutable, max-age=2592000
server-timing: fastly;dur=4;cpu=3;start=2023-02-07T15:33:18.272Z;desc=hit,rtt;dur=18
accept-ranges: bytes
timing-allow-origin: *
content-length: 2512

GET
H2 200 powered-by-sideqik-dark-3bbfb6c9b7fa4c11493cbd5450ec7d50b0773b18d4edbb02cf4356672ffcd4bf.png
d3v7rsyt5bz8s8.cloudfront.net/assets/logo/ 1 KB
2 KB 25ms
24ms Image
image/png 2600:9000:2250:5c00:1a:5e61:8e00:21
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d3v7rsyt5bz8s8.cloudfront.net/assets/logo/powered-by-sideqik-dark-3bbfb6c9b7fa4c11493cbd5450ec7d50b0773b18d4edbb02cf4356672ffcd4bf.png
Requested by: Host: sdqk.me
URL: https://sdqk.me/p/nexus-mods-giveaway-BeJoqO1L?_sqf=ZbffAw4L&_sqt=BeJoqO1L&utm_campaign=sideqik&utm_medium=sideqik&utm_source=sideqik
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2250:5c00:1a:5e61:8e00:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: Cowboy /
Resource Hash: 3bbfb6c9b7fa4c11493cbd5450ec7d50b0773b18d4edbb02cf4356672ffcd4bf

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://sdqk.me/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Tue, 07 Feb 2023 06:40:00 GMT
content-encoding: gzip
via: 1.1 vegur, 1.1 615f944336054ae07b8e7c415ddbad44.cloudfront.net (CloudFront)
last-modified: Wed, 24 Mar 2021 19:25:23 GMT
server: Cowboy
x-amz-cf-pop: FRA60-P2
age: 31998
vary: Origin,Accept-Encoding
x-cache: Hit from cloudfront
content-type: image/png
x-amz-cf-id: iO48Y_YKu145kIVCLtHIf3VNKbPDc6E2fX0FXSSs8jAKDcCRRbZrLA==

GET
H2 200 fa-brands-400.woff2
pro.fontawesome.com/releases/v5.13.1/webfonts/ 76 KB
76 KB 41ms
41ms Font
font/woff2 2606:4700::6812:1634
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://pro.fontawesome.com/releases/v5.13.1/webfonts/fa-brands-400.woff2
Requested by: Host: pro.fontawesome.com
URL: https://pro.fontawesome.com/releases/v5.13.1/css/all.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:1634 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 479a88b36a9e0fd38bdfd22e19701576cd6cb01f36a21ce9935ad6a2d746e620

Request headers

Referer: https://pro.fontawesome.com/releases/v5.13.1/css/all.css
Origin: https://sdqk.me
accept-language: fr-FR,fr;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Tue, 07 Feb 2023 15:33:18 GMT
cf-cache-status: HIT
x-amz-request-id: 48TPPW87QK07Z9AS
age: 99772
content-length: 77452
x-amz-id-2: 5tIzcAPcAGDLn6T8Nma7PnwMHOARZGRLrkjw9VZ7ihcQzZUjMmV2c/PmJ2JPNpeMm0Vx6uiyvCfbw+jKnONjYQ==
last-modified: Mon, 28 Jun 2021 17:12:46 GMT
server: cloudflare
etag: "ffb23988351909f888077ad3ec003185"
access-control-max-age: 3000
access-control-allow-methods: GET
content-type: font/woff2
access-control-allow-origin: *
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
cache-control: max-age=31556926
accept-ranges: bytes
cf-ray: 795d2ee4e90a3cf9-CDG

POST
H2 200 collect Show response
www.google-analytics.com/j/ 4 B
141 B 33ms
31ms XHR
text/plain 2a00:1450:4001:82a::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j99&a=901807489&t=pageview&_s=1&dl=https%3A%2F%2Fsdqk.me%2Fp%2Fnexus-mods-giveaway-BeJoqO1L%3F_sqf%3DZbffAw4L%26_sqt%3DBeJoqO1L%26utm_campaign%3Dsideqik%26utm_medium%3Dsideqik%26utm_source%3Dsideqik&ul=en-us&de=UTF-8&dt=Nexus%20Mods%20Giveaway&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=IEBAAEABAAAAACAAI~&jid=752436804&gjid=1896222159&cid=1126245440.1675783998&tid=UA-26588430-1&_gid=906326667.1675783998&_r=1&_slc=1&z=1624726611

Requested by

Host: browser.sentry-cdn.com
URL: https://browser.sentry-cdn.com/5.18.1/bundle.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://sdqk.me/
accept-language: fr-FR,fr;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Tue, 07 Feb 2023 15:33:18 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://sdqk.me
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 collect Show response
www.google-analytics.com/j/ 2 B
69 B 33ms
32ms XHR
text/plain 2a00:1450:4001:82a::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j99&a=901807489&t=pageview&_s=1&dl=https%3A%2F%2Fsdqk.me%2Fp%2Fnexus-mods-giveaway-BeJoqO1L%3F_sqf%3DZbffAw4L%26_sqt%3DBeJoqO1L%26utm_campaign%3Dsideqik%26utm_medium%3Dsideqik%26utm_source%3Dsideqik&ul=en-us&de=UTF-8&dt=Nexus%20Mods%20Giveaway&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=IEDAAEABAAAAACAAI~&jid=2065608391&gjid=961461920&cid=1126245440.1675783998&tid=UA-54932114-1&_gid=906326667.1675783998&_r=1&_slc=1&z=134989963

Requested by

Host: browser.sentry-cdn.com
URL: https://browser.sentry-cdn.com/5.18.1/bundle.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

a048e640908046be06e00eab37742b5d5ff80964af58cfd22f7cb2de4dfe375f

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://sdqk.me/
accept-language: fr-FR,fr;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Tue, 07 Feb 2023 15:33:18 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://sdqk.me
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 collect
www.google-analytics.com/ 35 B
194 B 25ms
25ms Image
image/gif 2a00:1450:4001:82a::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j99&a=901807489&t=pageview&_s=2&dl=https%3A%2F%2Fsdqk.me%2Fp%2Fnexus-mods-giveaway-BeJoqO1L%3F_sqf%3DZbffAw4L%26_sqt%3DBeJoqO1L%26utm_campaign%3Dsideqik%26utm_medium%3Dsideqik%26utm_source%3Dsideqik&dp=%2Fp%2Fnexus-mods-giveaway-BeJoqO1L%2Fenter&ul=en-us&de=UTF-8&dt=Nexus%20Mods%20Giveaway&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YEDAAEABAAAAACAAI~&jid=&gjid=&cid=1126245440.1675783998&tid=UA-26588430-1&_gid=906326667.1675783998&cd1=555b75c63264620007412c00&cd2=CORSAIR&cd7=5a1c3831b501240020000002&cd8=Nexus%20Mods%20Giveaway&cd11=5a1c3831b501240020000006&cd12=CORSAIR&z=994685506

Requested by

Host: sdqk.me
URL: https://sdqk.me/p/nexus-mods-giveaway-BeJoqO1L?_sqf=ZbffAw4L&_sqt=BeJoqO1L&utm_campaign=sideqik&utm_medium=sideqik&utm_source=sideqik

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://sdqk.me/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 07 Feb 2023 12:03:49 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 12569
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 1 B
340 B 80ms
28ms XHR
text/plain 2a00:1450:4025:401::9c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j99&tid=UA-26588430-1&cid=1126245440.1675783998&jid=752436804&gjid=1896222159&_gid=906326667.1675783998&_u=IEBAAEAAAAAAACAAI~&z=179008687

Requested by

Host: browser.sentry-cdn.com
URL: https://browser.sentry-cdn.com/5.18.1/bundle.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4025:401::9c Den Helder, Netherlands, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://sdqk.me/
accept-language: fr-FR,fr;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
date: Tue, 07 Feb 2023 15:33:18 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://sdqk.me
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 l
use.typekit.net/af/e984ad/0000000000000000000118b5/27/ 15 KB
15 KB 158ms
48ms Font
application/font-woff2 2a02:26f0:11a::217:9a48
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://use.typekit.net/af/e984ad/0000000000000000000118b5/27/l?subset_id=2&fvd=n4&v=3
Requested by: Host: sdqk.me
URL: https://sdqk.me/p/nexus-mods-giveaway-BeJoqO1L
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:11a::217:9a48 Vienna, Austria, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: nginx /
Resource Hash: ac307701293c80bb40051757bf0e35f913d7c5311eb01aefc2386e498f0285a8

Request headers

Referer: https://sdqk.me/
Origin: https://sdqk.me
accept-language: fr-FR,fr;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Tue, 07 Feb 2023 15:33:18 GMT
server: nginx
etag: "cc897814c10efef87a08319546853586cd10b2c9"
content-type: application/font-woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 15172

GET
H2 200 p.gif
p.typekit.net/ 35 B
228 B 120ms
26ms Image
image/gif 2a02:26f0:3500:16::215:1495
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://p.typekit.net/p.gif?s=1&k=tbo7phn&ht=tk&h=sdqk.me&f=12093&a=140449351&js=1.21.0&app=typekit&e=js&_=1675783998542
Requested by: Host: sdqk.me
URL: https://sdqk.me/p/nexus-mods-giveaway-BeJoqO1L
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:3500:16::215:1495 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: nginx /
Resource Hash: 9b9265c69a5cc295d1ab0d04e0273b3677db1a6216ce2ccf4efc8c277ed84b39

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://sdqk.me/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

unused62: 8096267
date: Tue, 07 Feb 2023 15:33:18 GMT
last-modified: Sat, 09 Oct 2021 02:10:03 GMT
server: nginx
etag: "6160f9fb-23"
content-type: image/gif
access-control-allow-origin: *
cache-control: public, max-age=604800
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
content-length: 35

GET
H2 200 sdk.js Show response
connect.facebook.net/en_US/ 3 KB
2 KB 83ms
28ms Script
application/x-javascript 2a03:2880:f01c:8012:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/sdk.js

Requested by

Host: sdqk.me
URL: https://sdqk.me/p/nexus-mods-giveaway-BeJoqO1L?_sqf=ZbffAw4L&_sqt=BeJoqO1L&utm_campaign=sideqik&utm_medium=sideqik&utm_source=sideqik

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

55d0a62ed3f0b08832321110a74111452d1afc28ac7877af0017b6645afdd851

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://sdqk.me/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
date: Tue, 07 Feb 2023 15:33:18 GMT
content-md5: LjyQmd08ODdfRZrUJSg/eg==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 1685
x-fb-rlafr: 0
x-fb-debug: cvdDzg9c3k1vMHpEgFZv9tQMa2dT/brYXqB+yCDjJ5xpRyvB53vKU98WwiiYYxgjtjH0ALok3gO0BEBJGdaRDA==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
x-fb-trip-id: 686109401
x-fb-content-md5: 62210b884cb98496e94af1503fd9ad87
cross-origin-opener-policy: same-origin-allow-popups
etag: "64fcb74dc40f954b65d48a2ffe40d3ab"
vary: Accept-Encoding
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: X-FB-Content-MD5
cache-control: public,max-age=1200,stale-while-revalidate=3600
x-frame-options: DENY
timing-allow-origin: *
priority: u=3,i
expires: Tue, 07 Feb 2023 15:39:08 GMT

GET
H2 200 client.js Show response
apis.google.com/js/ 17 KB
7 KB 112ms
37ms Script
text/javascript 2a00:1450:4001:812::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://apis.google.com/js/client.js?onload=googleAsyncInit

Requested by

Host: sdqk.me
URL: https://sdqk.me/p/nexus-mods-giveaway-BeJoqO1L?_sqf=ZbffAw4L&_sqt=BeJoqO1L&utm_campaign=sideqik&utm_medium=sideqik&utm_source=sideqik

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

65e19c4fef4e01566ca5468195c3d629bb54b486f82ce5f91d26c25632533de5

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/gapi-team
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://sdqk.me/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

content-security-policy: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/gapi-team
content-encoding: gzip
x-content-type-options: nosniff
date: Tue, 07 Feb 2023 15:33:18 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6898
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="gapi-team"
etag: "c108d7c645506f47"
vary: Accept-Encoding
report-to: {"group":"gapi-team","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/gapi-team"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: private, max-age=1800, stale-while-revalidate=1800
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 07 Feb 2023 15:33:18 GMT

GET
H/1.1 200
OK widgets.js Show response
platform.twitter.com/ 91 KB
28 KB 127ms
22ms Script
application/javascript 2606:2800:234:46c:e8b:1e2f:2bd:694
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://platform.twitter.com/widgets.js
Requested by: Host: sdqk.me
URL: https://sdqk.me/p/nexus-mods-giveaway-BeJoqO1L?_sqf=ZbffAw4L&_sqt=BeJoqO1L&utm_campaign=sideqik&utm_medium=sideqik&utm_source=sideqik
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2606:2800:234:46c:e8b:1e2f:2bd:694 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECS (pab/6F9B) /
Resource Hash: 392c9fa9cd1273a2a89d1a83a69cd1f63f21d1d55e7be21e1d8f51f25145668b

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://sdqk.me/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

Date: Tue, 07 Feb 2023 15:33:18 GMT
Content-Encoding: gzip
Age: 276
X-Cache: HIT
P3P: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server-Timing: x-cache;desc= HIT,x-tw-cdn;desc=VZ
Content-Length: 27630
x-amzn-internal-status: 304
Last-Modified: Tue, 24 Jan 2023 21:41:51 GMT
Server: ECS (pab/6F9B)
Etag: "9e99725b7a4cd730a934afba2a438bb5+gzip"
Vary: Accept-Encoding
Access-Control-Allow-Methods: GET
Content-Type: application/javascript; charset=utf-8
Access-Control-Allow-Origin: *
x-tw-cdn: VZ
Cache-Control: public, max-age=1800

GET
H2 200 pinit.js Show response
assets.pinterest.com/js/ 361 B
485 B 165ms
42ms Script
application/javascript 2a04:4e42:41::84
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.pinterest.com/js/pinit.js
Requested by: Host: sdqk.me
URL: https://sdqk.me/p/nexus-mods-giveaway-BeJoqO1L?_sqf=ZbffAw4L&_sqt=BeJoqO1L&utm_campaign=sideqik&utm_medium=sideqik&utm_source=sideqik
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a04:4e42:41::84 Vienna, Austria, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 3faadebc89cdb21d11634a032816f152462d1cb8903eb21d0642501fcad065de

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://sdqk.me/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Tue, 07 Feb 2023 15:33:18 GMT
content-encoding: br
x-cdn: fastly
etag: "62d32c28f14783b94192cd8d35bc010d"
access-control-max-age: 86400
access-control-allow-methods: GET
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: X-CDN
vary: Accept-Encoding, Origin
cache-control: max-age=300
alt-svc: h3=":443";ma=600,h3-29=":443";ma=600,h3-27=":443";ma=600
content-length: 203

GET
H2 200 in.js Show response
platform.linkedin.com/ 509 KB
160 KB 289ms
26ms Script
text/javascript 2a02:26f0:3500:16::215:149b
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://platform.linkedin.com/in.js
Requested by: Host: sdqk.me
URL: https://sdqk.me/p/nexus-mods-giveaway-BeJoqO1L?_sqf=ZbffAw4L&_sqt=BeJoqO1L&utm_campaign=sideqik&utm_medium=sideqik&utm_source=sideqik
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:3500:16::215:149b Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: Play /
Resource Hash: c1ccab95bc0f673ce9b5463e33ce8368617607e9a8e186322b7fc5221c1330d1

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://sdqk.me/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Tue, 07 Feb 2023 15:33:18 GMT
content-encoding: gzip
x-cdn-client-ip-version: IPV6
server: Play
x-li-pop: prod-ltx1-x
x-cdn: AKAM
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
x-li-fabric: prod-ltx1
cache-control: public, max-age=3600
x-li-proto: http/1.1
content-length: 163383
x-li-uuid: AAX0Hcy1yP1GOS7CgRWqFg==
expires: Tue, 7 Feb 2023 16:28:29 GMT

GET
H3 200 sdk.js Show response
connect.facebook.net/en_US/ 306 KB
86 KB 57ms
27ms Script
application/x-javascript 2a03:2880:f01c:8012:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/sdk.js?hash=3edb3fa9bf240bd273c39f2d91afbf6e

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/sdk.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

164b2f2317a5a8bd7b964bb67bb6f6efc44cf2a1d31aee78f447419d1bc35ee2

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Referer: https://sdqk.me/
Origin: https://sdqk.me
accept-language: fr-FR,fr;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
date: Tue, 07 Feb 2023 15:33:18 GMT
content-md5: 1EcJ3F9JSqFvSWfDMNf94w==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 88469
x-fb-rlafr: 0
x-fb-debug: w0urKH3L4+V6KnlNeb1JeFUKALySmBvzierPJ2bsZEFEJaBPpRaOjYBmF6kgoiem5kWH0LRBniQVNwTKJG5oDA==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
x-fb-content-md5: ca440908a853aa45fbaeb2b506619a3a
cross-origin-opener-policy: same-origin-allow-popups
etag: "ec179bd4615ba7b718860ca3463c32aa"
vary: Accept-Encoding
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: X-FB-Content-MD5
cache-control: public,max-age=31536000,stale-while-revalidate=3600,immutable
x-frame-options: DENY
timing-allow-origin: *
priority: u=3,i
expires: Wed, 07 Feb 2024 12:24:17 GMT

GET
H2 200 cb=gapi.loaded_0 Show response
apis.google.com/_/scs/abc-static/_/js/k=gapi.lb.fr.CAOyDGt5mKU.O/m=client/rt=j/sv=1/d=1/ed=1/rs=AHpOoo_3N2T_xTSzzfu-Lp8hVcRjkVoYFQ/ 314 KB
108 KB 27ms
27ms Script
text/javascript 2a00:1450:4001:812::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://apis.google.com/_/scs/abc-static/_/js/k=gapi.lb.fr.CAOyDGt5mKU.O/m=client/rt=j/sv=1/d=1/ed=1/rs=AHpOoo_3N2T_xTSzzfu-Lp8hVcRjkVoYFQ/cb=gapi.loaded_0?le=scs

Requested by

Host: apis.google.com
URL: https://apis.google.com/js/client.js?onload=googleAsyncInit

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

447c3b29f6b1e4efa2b08c792cb413203f8fcf4f374824c6220d9777521932b9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://sdqk.me/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Thu, 02 Feb 2023 19:35:28 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 417470
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/social-frontend-mpm-access
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 109671
x-xss-protection: 0
last-modified: Sat, 07 Jan 2023 15:19:07 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="social-frontend-mpm-access"
vary: Accept-Encoding
report-to: {"group":"social-frontend-mpm-access","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/social-frontend-mpm-access"}]}
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Fri, 02 Feb 2024 19:35:28 GMT

GET
H/1.1 200
OK widget_iframe.2b2d73daf636805223fb11d48f3e94f7.html Show response
platform.twitter.com/widgets/ Frame 8CEC 320 KB
104 KB 20ms
20ms Document
text/html 2606:2800:234:46c:e8b:1e2f:2bd:694
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://platform.twitter.com/widgets/widget_iframe.2b2d73daf636805223fb11d48f3e94f7.html?origin=https%3A%2F%2Fsdqk.me
Requested by: Host: platform.twitter.com
URL: https://platform.twitter.com/widgets.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2606:2800:234:46c:e8b:1e2f:2bd:694 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECS (pab/6FA4) /
Resource Hash: 4002d65e95f94dc87ae8ad170eb8dbc3644921032ac76dcb376537d9304a6fbf

Request headers

Referer: https://sdqk.me/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
accept-language: fr-FR,fr;q=0.9

Response headers

Access-Control-Allow-Methods: GET
Access-Control-Allow-Origin: *
Age: 1187402
Cache-Control: public, max-age=315360000
Content-Encoding: gzip
Content-Length: 105435
Content-Type: text/html; charset=utf-8
Date: Tue, 07 Feb 2023 15:33:18 GMT
Etag: "95e1b50b0c179aefb47b5b211bb347b5+gzip"
Last-Modified: Tue, 24 Jan 2023 21:41:13 GMT
P3P: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server: ECS (pab/6FA4)
Server-Timing: x-cache;desc= HIT,x-tw-cdn;desc=VZ
Vary: Accept-Encoding
X-Cache: HIT
x-tw-cdn: VZ

GET
H2 200 settings Show response
syndication.twitter.com/ Frame 8CEC 919 B
647 B 193ms
131ms Fetch
application/json 104.244.42.200
TWITTER

General

Check archive.org

Show headers Download Go to

Full URL

https://syndication.twitter.com/settings?session_id=a3a1d4b779154b76079c909d23bf05e037f652c6

Requested by

Host: platform.twitter.com
URL: https://platform.twitter.com/widgets/widget_iframe.2b2d73daf636805223fb11d48f3e94f7.html?origin=https%3A%2F%2Fsdqk.me

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.244.42.200 , United States, ASN13414 (TWITTER, US),

Reverse DNS

Software

tsa_f /

Resource Hash

ee80cf3b15ea6f7dd08ba1b6bbb065994092b94415845536e0db3476ea80fad4

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://platform.twitter.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

x-response-time: 107
date: Tue, 07 Feb 2023 15:33:18 GMT
content-encoding: gzip
strict-transport-security: max-age=631138519
last-modified: Tue, 07 Feb 2023 15:33:19 GMT
server: tsa_f
vary: Origin
content-type: application/json; charset=utf-8
access-control-allow-origin: https://platform.twitter.com
x-transaction-id: 23889f8a1564fff0
cache-control: must-revalidate, max-age=600
access-control-allow-credentials: true
perf: 7626143928
x-connection-hash: e2510eef6fe8aafeacac157912d3b4f7c66bf8b908f56e741c8c56b2781ebfef
content-length: 326

GET
H2 200 pinit_main.js Show response
assets.pinterest.com/js/ 66 KB
18 KB 42ms
42ms Script
application/javascript 2a04:4e42:41::84
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.pinterest.com/js/pinit_main.js?0.6080495165087978
Requested by: Host: assets.pinterest.com
URL: https://assets.pinterest.com/js/pinit.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a04:4e42:41::84 Vienna, Austria, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 20f0315c97ff7007f2e7a94d659e094a7efc01b8306da53987538c1101489e0e

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://sdqk.me/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Tue, 07 Feb 2023 15:33:18 GMT
content-encoding: br
x-cdn: fastly
etag: "3725764cf05d1a0938de73d398772331"
access-control-max-age: 86400
access-control-allow-methods: GET
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: X-CDN
vary: Accept-Encoding, Origin
cache-control: max-age=300
alt-svc: h3=":443";ma=600,h3-29=":443";ma=600,h3-27=":443";ma=600
content-length: 18679

GET
H2 200 status
www.facebook.com/x/oauth/ 0
0 180ms
128ms Fetch
text/plain 2a03:2880:f176:181:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/x/oauth/status?client_id=268533483171014&input_token&origin=1&redirect_uri=https%3A%2F%2Fsdqk.me%2Fp%2Fnexus-mods-giveaway-BeJoqO1L%23%2Fenter&sdk=joey&wants_cookie_data=true

Requested by

Host: browser.sentry-cdn.com
URL: https://browser.sentry-cdn.com/5.18.1/bundle.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f176:181:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://sdqk.me/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

strict-transport-security: max-age=15552000; preload
date: Tue, 07 Feb 2023 15:33:19 GMT
x-content-type-options: nosniff
nel: {"report_to":"network-errors","max_age":3600,"failure_fraction":0.01}
document-policy: force-load-at-top
alt-svc: h3=":443"; ma=86400
content-length: 0
x-fb-rlafr: 0
pragma: no-cache
x-fb-debug: PkyqS0YuLFaKMq8426J70dVSvJ+FjdwRpe6AaXGvgJD/uT2ImyLGV9lVIvcdrC8fK5SDZPmFNBv85ScY5nb6JA==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
fb-s: unknown
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}, {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown"}]}, {"max_age":3600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown"}],"group":"network-errors"}
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://sdqk.me
origin-agent-cluster: ?0
access-control-expose-headers: fb-s
cache-control: private, no-cache, no-store, must-revalidate
access-control-allow-credentials: true
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H3

200

feedback.php Show response
www.facebook.com/plugins/ Frame 8308
Redirect Chain

https://web.facebook.com/v6.0/plugins/comments.php?app_id=268533483171014&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df2197f85b43eaa8%26domain%3D...
https://www.facebook.com/v6.0/plugins/comments.php?app_id=268533483171014&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df2197f85b43eaa8%26domain%3D...
https://www.facebook.com/plugins/comments.php?app_id=268533483171014&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df2197f85b43eaa8%26domain%3Dsdqk....
https://www.facebook.com/plugins/feedback.php?app_id=268533483171014&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df2197f85b43eaa8%26domain%3Dsdqk....

167 KB
36 KB

495ms
495ms

Document
text/html

2a03:2880:f176:181:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/plugins/feedback.php?app_id=268533483171014&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df2197f85b43eaa8%26domain%3Dsdqk.me%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Fsdqk.me%252Ff10be6ecbf864d%26relation%3Dparent.parent&color_scheme=dark&container_width=740&height=100&href=https%3A%2F%2Fsdqk.me%2Fp%2Fnexus-mods-giveaway-BeJoqO1L&locale=en_US&sdk=joey&version=v6.0&width=550

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/sdk.js?hash=3edb3fa9bf240bd273c39f2d91afbf6e

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f176:181:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

dff1699e292b305d53fee94b349ff2b24b47a36585e693abaf026d3ef00730d1

Security Headers

Name	Value
Content-Security-Policy	default-src data: blob: 'self' https://.fbsbx.com 'unsafe-inline' .facebook.com .fbcdn.net 'unsafe-eval';script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'unsafe-eval';style-src fonts.googleapis.com .fbcdn.net data: .facebook.com 'unsafe-inline';connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com:* wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: .cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net .fbsbx.com .fb.com;font-src data: .gstatic.com .facebook.com .fbcdn.net .fbsbx.com;img-src .fbcdn.net .facebook.com data: https://.fbsbx.com .tenor.co media.tenor.com facebook.com .cdninstagram.com fbsbx.com fbcdn.net .giphy.com connect.facebook.net .carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com .whatsapp.net .fb.com .oculuscdn.com;media-src .cdninstagram.com blob: .fbcdn.net .fbsbx.com www.facebook.com .facebook.com https://.giphy.com data:;frame-src .doubleclick.net .google.com .facebook.com www.googleadservices.com .fbsbx.com fbsbx.com data: www.instagram.com .fbcdn.net https://paywithmybank.com https://sandbox.paywithmybank.com;worker-src blob: .facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://sdqk.me/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
accept-language: fr-FR,fr;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400
cache-control: private, no-cache, no-store, must-revalidate
content-encoding: br
content-security-policy: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net 'unsafe-eval';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'unsafe-eval';style-src fonts.googleapis.com *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co media.tenor.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com *.whatsapp.net *.fb.com *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com https://*.giphy.com data:;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com https://sandbox.paywithmybank.com;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
content-type: text/html; charset="utf-8"
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: same-origin
date: Tue, 07 Feb 2023 15:33:20 GMT
document-policy: force-load-at-top
expires: Sat, 01 Jan 2000 00:00:00 GMT
nel: {"report_to":"network-errors","max_age":3600,"failure_fraction":0.01}
origin-agent-cluster: ?0
pragma: no-cache
priority: u=0
report-to: {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown"}]}, {"max_age":3600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown"}],"group":"network-errors"}
strict-transport-security: max-age=15552000; preload
vary: Accept-Encoding
x-content-type-options: nosniff
x-fb-debug: 2RpFNojW0otF2wnhHSLOD/lnZS0sALruGTJUZYiJMPIdQs4W24kjEcnkRD7EpfDUILn89nMkNFY/kpCTEt7kpA==
x-fb-rlafr: 0
x-xss-protection: 0

Redirect headers

alt-svc: h3=":443"; ma=86400
content-length: 0
content-type: text/html; charset="utf-8"
cross-origin-opener-policy: same-origin-allow-popups
date: Tue, 07 Feb 2023 15:33:19 GMT
location: https://www.facebook.com/plugins/feedback.php?app_id=268533483171014&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df2197f85b43eaa8%26domain%3Dsdqk.me%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Fsdqk.me%252Ff10be6ecbf864d%26relation%3Dparent.parent&color_scheme=dark&container_width=740&height=100&href=https%3A%2F%2Fsdqk.me%2Fp%2Fnexus-mods-giveaway-BeJoqO1L&locale=en_US&sdk=joey&version=v6.0&width=550
origin-agent-cluster: ?0
priority: u=0
strict-transport-security: max-age=15552000; preload
x-fb-debug: QThinR5kq6O92IOpno1nDEWA964Y76si4ZJ3seJoeUSjdSDoBXG5orrxiorSjuRWB1M7o7mqC2Sd0t145nZhdQ==

GET
H2 200 /
log.pinterest.com/ 0
333 B 88ms
43ms Image
text/plain 151.101.192.84
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://log.pinterest.com/?type=pidget&guid=aL2K8e6ENz47&tv=2021110201&event=init&sub=www&button_count=0&follow_count=0&pin_count=0&profile_count=0&board_count=0&section_count=0&lang=en&nvl=en-US&via=https%3A%2F%2Fsdqk.me%2Fp%2Fnexus-mods-giveaway-BeJoqO1L
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.192.84 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: envoy /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://sdqk.me/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

x-cache-hits: 0
date: Tue, 07 Feb 2023 15:33:20 GMT
via: 1.1 varnish
x-cache: MISS
x-envoy-upstream-service-time: 5
x-pinterest-rid: 8909788408259638
content-length: 0
x-served-by: cache-cdg20775-CDG
pragma: no-cache
server: envoy
x-timer: S1675784000.991142,VS0,VE23
access-control-max-age: 86400
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: *
cache-control: no-cache,no-store,must-revalidate,max-age=0
accept-ranges: bytes
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 Mk94vMMnE0_.css
static.xx.fbcdn.net/rsrc.php/v3/y8/l/0,cross/ Frame 8308 721 B
840 B 85ms
28ms Stylesheet
text/css 2a03:2880:f01c:8012:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://static.xx.fbcdn.net/rsrc.php/v3/y8/l/0,cross/Mk94vMMnE0_.css?_nc_x=Ij3Wp8lg5Kz

Requested by

Host: www.facebook.com
URL: https://www.facebook.com/plugins/feedback.php?app_id=268533483171014&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df2197f85b43eaa8%26domain%3Dsdqk.me%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Fsdqk.me%252Ff10be6ecbf864d%26relation%3Dparent.parent&color_scheme=dark&container_width=740&height=100&href=https%3A%2F%2Fsdqk.me%2Fp%2Fnexus-mods-giveaway-BeJoqO1L&locale=en_US&sdk=joey&version=v6.0&width=550

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

fe4cbace9fd4820232a3ef9ebfef646bb3948bec6a5fbf5015a7caa1eb09718e

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.facebook.com/
Origin: https://www.facebook.com
accept-language: fr-FR,fr;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Tue, 07 Feb 2023 15:33:20 GMT
content-encoding: br
x-content-type-options: nosniff
content-md5: 8PXgZwd+47LIQZAIO7K6FA==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 393
x-fb-rlafr: 0
x-fb-debug: SPFczCaNNhb80rmwrW6TS4e0Lg/vH9saLR9bQl4jW2v7enrpVEEjaXLo7LgH1I+QRIbILsLRi1AwAHhf+9dXbw==
x-fb-trip-id: 686109401
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
vary: Origin
content-type: text/css; charset=utf-8
access-control-allow-origin: https://www.facebook.com
cache-control: public,max-age=31536000,immutable
timing-allow-origin: *
expires: Thu, 25 Jan 2024 17:31:11 GMT

GET
H2 200 FkXY9nGdD0s.css
static.xx.fbcdn.net/rsrc.php/v3/yG/l/0,cross/ Frame 8308 122 KB
20 KB 137ms
80ms Stylesheet
text/css 2a03:2880:f01c:8012:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://static.xx.fbcdn.net/rsrc.php/v3/yG/l/0,cross/FkXY9nGdD0s.css?_nc_x=Ij3Wp8lg5Kz

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

bf6e9d76b7cc1e63e1ba486621c82bebddde9613bd158f55006517b66744698f

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.facebook.com/
Origin: https://www.facebook.com
accept-language: fr-FR,fr;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Tue, 07 Feb 2023 15:33:20 GMT
content-encoding: br
x-content-type-options: nosniff
content-md5: B2adLQBg90b1gNnxRx6PSg==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 19928
x-fb-rlafr: 0
x-fb-debug: Ap1m091RNXTvzfIGlKKGLiFNDvqcVJOZRwhIfgGjwgPkyUW92Rm+CuZn2j1m2VwLoGzVTOjRVr68/T6bSlp1kw==
x-fb-trip-id: 686109401
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
vary: Origin
content-type: text/css; charset=utf-8
access-control-allow-origin: https://www.facebook.com
origin-agent-cluster: ?0
cache-control: public,max-age=31536000,immutable
timing-allow-origin: *
priority: u=3,i
expires: Tue, 30 Jan 2024 18:22:47 GMT

GET
H2 200 FxYDsoPEr0-.js Show response
static.xx.fbcdn.net/rsrc.php/v3/yQ/r/ Frame 8308 306 KB
81 KB 86ms
28ms Script
application/x-javascript 2a03:2880:f01c:8012:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://static.xx.fbcdn.net/rsrc.php/v3/yQ/r/FxYDsoPEr0-.js?_nc_x=Ij3Wp8lg5Kz

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

4cba09cd8f27b5c0d5c5654f071af9d3aca43b3bc7455de21abfe9f8f1c22e2b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.facebook.com/
Origin: https://www.facebook.com
accept-language: fr-FR,fr;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Tue, 07 Feb 2023 15:33:20 GMT
content-encoding: br
x-content-type-options: nosniff
content-md5: NXfyqudRPmgKtO00O8zbmA==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 82941
x-fb-rlafr: 0
x-fb-debug: 0hUPdz6NqiVL3pfEFtenvWwcfX74sebN4Q+9QMjsLwoxkB4ukQxCsbF/wXknSHHtDg6MrSsUU9CyImY7Mc8dRA==
x-fb-trip-id: 686109401
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
vary: Origin
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: https://www.facebook.com
origin-agent-cluster: ?0
cache-control: public,max-age=31536000,immutable
timing-allow-origin: *
expires: Wed, 07 Feb 2024 01:22:15 GMT

GET
H2 200 iWgtsnQ0jAA.js Show response
static.xx.fbcdn.net/rsrc.php/v3i7M54/yq/l/en_US/ Frame 8308 156 KB
43 KB 135ms
78ms Script
application/x-javascript 2a03:2880:f01c:8012:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://static.xx.fbcdn.net/rsrc.php/v3i7M54/yq/l/en_US/iWgtsnQ0jAA.js?_nc_x=Ij3Wp8lg5Kz

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

04b95a3d9251147f17bdb819578d611a66ca1cfb1323fd9ac8d116e6ed2736c0

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.facebook.com/
Origin: https://www.facebook.com
accept-language: fr-FR,fr;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Tue, 07 Feb 2023 15:33:20 GMT
content-encoding: br
x-content-type-options: nosniff
content-md5: Z6lU2LKyaOtBFHgvVlIaXQ==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 44017
x-fb-rlafr: 0
x-fb-debug: Lvh8FhEkXtU5cfvdwUJlTQxjsfxE5aGxTEtDlhLBqyWUnFx0G+iM+xTeCJJ2DKOcRB5Iu0wCe4EeI4FlT423Uw==
x-fb-trip-id: 686109401
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
vary: Origin
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: https://www.facebook.com
cache-control: public,max-age=31536000,immutable
timing-allow-origin: *
expires: Sat, 03 Feb 2024 18:30:57 GMT

GET
H2 200 IRe9S2KDjV-.js Show response
static.xx.fbcdn.net/rsrc.php/v3iFip4/yV/l/en_US/ Frame 8308 1 MB
280 KB 135ms
78ms Script
application/x-javascript 2a03:2880:f01c:8012:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://static.xx.fbcdn.net/rsrc.php/v3iFip4/yV/l/en_US/IRe9S2KDjV-.js?_nc_x=Ij3Wp8lg5Kz

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

aa8cada956623901af827f7b58b9049e0c257c8cbce0c4e90d11deb3c30d5221

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.facebook.com/
Origin: https://www.facebook.com
accept-language: fr-FR,fr;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Tue, 07 Feb 2023 15:33:20 GMT
content-encoding: br
x-content-type-options: nosniff
content-md5: sKi9mROxnoMRzccIscvvIg==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 286019
x-fb-rlafr: 0
x-fb-debug: RMmQ5Pp8PqevZm859QXqb/rXh60nGKaHwynmQJ9kioI4fX2kfD+4w5A9g1nP7enB4t7MG62ody+HmO0POlKsUA==
x-fb-trip-id: 686109401
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
vary: Origin
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: https://www.facebook.com
origin-agent-cluster: ?0
cache-control: public,max-age=31536000,immutable
timing-allow-origin: *
priority: u=3,i
expires: Tue, 06 Feb 2024 21:09:02 GMT

GET
H2 200 p55HfXW__mM.js Show response
static.xx.fbcdn.net/rsrc.php/v3/yF/r/ Frame 8308 507 B
487 B 136ms
79ms Script
application/x-javascript 2a03:2880:f01c:8012:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://static.xx.fbcdn.net/rsrc.php/v3/yF/r/p55HfXW__mM.js?_nc_x=Ij3Wp8lg5Kz

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

9e57fedb96b3686621bccd5521f43a2037a823c74f062176952890b179b3955b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.facebook.com/
Origin: https://www.facebook.com
accept-language: fr-FR,fr;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Tue, 07 Feb 2023 15:33:20 GMT
content-encoding: br
x-content-type-options: nosniff
content-md5: L5E9gSgR735vyjAzTFly4g==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 293
x-fb-rlafr: 0
x-fb-debug: nfHADV9P01HWkyBHMiXCDJRwrRt/Z3+bysd02KPH0NAVPYaV/ATxkkU57Bz0z3ImmuLWjrcoy7LAqb+J0Zb6bg==
x-fb-trip-id: 686109401
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
vary: Origin
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: https://www.facebook.com
cache-control: public,max-age=31536000,immutable
timing-allow-origin: *
priority: u=3,i
expires: Thu, 25 Jan 2024 20:43:20 GMT

GET
H2 200 ikPhBcNObVw.js Show response
static.xx.fbcdn.net/rsrc.php/v3/y7/r/ Frame 8308 26 KB
8 KB 136ms
79ms Script
application/x-javascript 2a03:2880:f01c:8012:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://static.xx.fbcdn.net/rsrc.php/v3/y7/r/ikPhBcNObVw.js?_nc_x=Ij3Wp8lg5Kz

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

3956efc94844868c411bf297e92ec4cd059fc6c9b6e8c0038f94295b44216142

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.facebook.com/
Origin: https://www.facebook.com
accept-language: fr-FR,fr;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Tue, 07 Feb 2023 15:33:20 GMT
content-encoding: br
x-content-type-options: nosniff
content-md5: st+D8r0iHB6dcJROObFQOQ==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 8509
x-fb-rlafr: 0
x-fb-debug: ya2KOCigD2O/yQj6INq3xUNlVU8kNo52CLunN0m6z7XyD7K7Axe+FQLL5puaaKN5bWbrIgUwJFN8k295uhfR4w==
x-fb-trip-id: 686109401
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
vary: Origin
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: https://www.facebook.com
cache-control: public,max-age=31536000,immutable
timing-allow-origin: *
priority: u=3,i
expires: Thu, 25 Jan 2024 20:34:41 GMT

GET
H2 200 AmXTSX-e48c.js Show response
static.xx.fbcdn.net/rsrc.php/v3/yz/r/ Frame 8308 57 KB
15 KB 136ms
80ms Script
application/x-javascript 2a03:2880:f01c:8012:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://static.xx.fbcdn.net/rsrc.php/v3/yz/r/AmXTSX-e48c.js?_nc_x=Ij3Wp8lg5Kz

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

d59ee5c042752f61e5b31bafe02c46f869d6e1ba0482ae974d08b99299357196

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.facebook.com/
Origin: https://www.facebook.com
accept-language: fr-FR,fr;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Tue, 07 Feb 2023 15:33:20 GMT
content-encoding: br
x-content-type-options: nosniff
content-md5: GCHU8Ve5unONaMXgQTJ5lA==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 15490
x-fb-rlafr: 0
x-fb-debug: KtXKELw7B8gnL9ySYBOyZ7azhcjYGshj6c+N4a9Adx+rdsNSDDTPQ2D7M6Q+baEQen8u6e87fijEO8QwSJapXg==
x-fb-trip-id: 686109401
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
vary: Origin
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: https://www.facebook.com
origin-agent-cluster: ?0
cache-control: public,max-age=31536000,immutable
timing-allow-origin: *
priority: u=3,i
expires: Thu, 25 Jan 2024 14:39:26 GMT

GET
H2 200 v4-JZBODoP1.js Show response
static.xx.fbcdn.net/rsrc.php/v3iPwL4/ye/l/en_US/ Frame 8308 43 KB
13 KB 171ms
115ms Script
application/x-javascript 2a03:2880:f01c:8012:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://static.xx.fbcdn.net/rsrc.php/v3iPwL4/ye/l/en_US/v4-JZBODoP1.js?_nc_x=Ij3Wp8lg5Kz

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

db54b8f2e01ed59bc1553b235876774391e8f1623c7334f650a817a10fbdbcd3

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.facebook.com/
Origin: https://www.facebook.com
accept-language: fr-FR,fr;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Tue, 07 Feb 2023 15:33:20 GMT
content-encoding: br
x-content-type-options: nosniff
content-md5: gbQh9FiAwJc3nlIf7EXwGg==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 12996
x-fb-rlafr: 0
x-fb-debug: 1vmL0AIMJMUQni2PHTp0GjsXXts+eey5O9ZfBwxymyPBsaRGLoBhYpJqX+/bx1NWbKDup/BR8Z6KEdD2gYdz8w==
x-fb-trip-id: 686109401
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
vary: Origin
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: https://www.facebook.com
origin-agent-cluster: ?0
cache-control: public,max-age=31536000,immutable
timing-allow-origin: *
expires: Wed, 31 Jan 2024 06:06:52 GMT

GET
H3 200 rNjpykvZ3Mg.png
static.xx.fbcdn.net/rsrc.php/v3/yp/r/ Frame 8308 258 KB
258 KB 56ms
27ms Image
image/png 2a03:2880:f01c:8012:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.xx.fbcdn.net/rsrc.php/v3/yp/r/rNjpykvZ3Mg.png

Requested by

Host: static.xx.fbcdn.net
URL: https://static.xx.fbcdn.net/rsrc.php/v3/yG/l/0,cross/FkXY9nGdD0s.css?_nc_x=Ij3Wp8lg5Kz

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

a9d565c4a609072e342813a66dbe7458e68d1f89b36fc7e191a862baadd602cb

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://static.xx.fbcdn.net/rsrc.php/v3/yG/l/0,cross/FkXY9nGdD0s.css?_nc_x=Ij3Wp8lg5Kz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Tue, 07 Feb 2023 15:33:20 GMT
x-content-type-options: nosniff
content-md5: YBPeju9R7Vktk7hZ82ZeCw==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 263997
x-fb-rlafr: 0
x-fb-debug: zIdUa+M6Yz+/BMLhNT6PdXShX50cH5Do8i3w9RLEdEp8wghDNZeJZwvgBIiP9Gcpvb4PIa196efBk78xG2dt5Q==
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
content-type: image/png
access-control-allow-origin: *
origin-agent-cluster: ?0
cache-control: public,max-age=31536000,immutable
timing-allow-origin: *
priority: u=1
expires: Fri, 02 Feb 2024 06:25:39 GMT

Verdicts & Comments Add Verdict or Comment

178 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

6 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.sdqk.me/	1970-01-20 19:05:43	Name: _ga Value: GA1.2.1126245440.1675783998
.sdqk.me/	1970-01-20 09:31:10	Name: _gid Value: GA1.2.906326667.1675783998
sdqk.me/	1969-12-31 23:59:59	Name: _session_id Value: RUNRUnNCanJZTkZQN3hXbUlVblJVTk93ckRCSEZxZWFxcjFpVDlUd1VUdEZCS0RZNG5PNHlLT1pBaFZDZmtMNVNoOG5HU0dYNDlzRldqR1dEVklYSGZBN09vN243L20yWTd5SWd1MUEyd3B2eGtpbUEvelI5allxcTB5RTFkaGNFT0lPSnVDR0JvZHo2ZVltdWZQV1FUa1IzaktVTm5yZEVvUm1GTm5JRDlOM1YvZ3ZZRW52N1NrbjJnZEdiTHJBMzNaaE81dmhPWU52QXhQeUVVT0NwN2tUdWNhNDAzOWo2UnJKNkJ6NlVIZjRObTBnYzdRdEFmNFJZMTRITVBpSi0tdXdxU0RISW40OFl4T3o3U2t4T28ydz09--7012586cbe9992cadac9b1bd9d89cdd8536fa769
.sdqk.me/	1970-01-20 09:29:44	Name: _gat Value: 1
.sdqk.me/	1970-01-20 09:29:44	Name: _gat_clientTracker Value: 1
sdqk.me/	1970-01-20 19:05:43	Name: _sqz Value: 1%7C02e9c5c8-a345-4e1d-9761-a1de7ed6b88f%7C1675783998240%7CBeJoqO1L%7C%7CZbffAw4L

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ajax.googleapis.com
apis.google.com
assets.pinterest.com
browser.sentry-cdn.com
connect.facebook.net
d1hrk5gt3yn7pi.cloudfront.net
d3v7rsyt5bz8s8.cloudfront.net
log.pinterest.com
p.typekit.net
platform.linkedin.com
platform.twitter.com
pro.fontawesome.com
res.cloudinary.com
sdqk.me
static.xx.fbcdn.net
stats.g.doubleclick.net
syndication.twitter.com
use.typekit.net
web.facebook.com
www.facebook.com
www.google-analytics.com
www.googletagmanager.com
104.244.42.200
151.101.192.84
2600:9000:2250:5c00:1a:5e61:8e00:21
2606:2800:234:46c:e8b:1e2f:2bd:694
2606:4700::6812:1634
2a00:1450:4001:812::200e
2a00:1450:4001:828::200a
2a00:1450:4001:82a::200e
2a00:1450:400d:80e::2008
2a00:1450:4025:401::9c
2a02:26f0:11a::217:9a48
2a02:26f0:3500:16::215:1495
2a02:26f0:3500:16::215:149b
2a03:2880:f01c:800e:face:b00c:0:2
2a03:2880:f01c:8012:face:b00c:0:3
2a03:2880:f176:181:face:b00c:0:25de
2a04:4e42:200::729
2a04:4e42:41::84
2a04:4e42:600::393
52.202.168.65
52.222.250.201
04b95a3d9251147f17bdb819578d611a66ca1cfb1323fd9ac8d116e6ed2736c0
164b2f2317a5a8bd7b964bb67bb6f6efc44cf2a1d31aee78f447419d1bc35ee2
1aad36b0fb02621b951649811957ba7ad67d4838c2932d02088f7d6e8db74313
20f0315c97ff7007f2e7a94d659e094a7efc01b8306da53987538c1101489e0e
34e6c35d59992742db8cbdc9649126fcfc7151efafd5c0b9f38dfeb9a2a377c7
37e56b3045db4b55a7eb30ba8ad1b7222cb5411a72a3cbc394a57f7cc4bfaec8
392c9fa9cd1273a2a89d1a83a69cd1f63f21d1d55e7be21e1d8f51f25145668b
3956efc94844868c411bf297e92ec4cd059fc6c9b6e8c0038f94295b44216142
3bbfb6c9b7fa4c11493cbd5450ec7d50b0773b18d4edbb02cf4356672ffcd4bf
3faadebc89cdb21d11634a032816f152462d1cb8903eb21d0642501fcad065de
4002d65e95f94dc87ae8ad170eb8dbc3644921032ac76dcb376537d9304a6fbf
447c3b29f6b1e4efa2b08c792cb413203f8fcf4f374824c6220d9777521932b9
479a88b36a9e0fd38bdfd22e19701576cd6cb01f36a21ce9935ad6a2d746e620
4cba09cd8f27b5c0d5c5654f071af9d3aca43b3bc7455de21abfe9f8f1c22e2b
4ccde82c7240a89d5871c046b94934c0a9ffebc2f69966b955d6862942062fde
55d0a62ed3f0b08832321110a74111452d1afc28ac7877af0017b6645afdd851
5971b095cff574a66d35ada016d4c077c86e2dea62e9c0f14cf7c94b258619de
5dd1bf1083162c29601c268f35f4e78df929195dd336fff60f25fc09df6dbbc0
61211e07f31c0ecffcfd64b2a373a590a9a639905e64bded9072ad33b690dc45
643ffe7d84ef297f65807fc71d4d846f8c0154317394bb920b66b34332ddfea6
65e19c4fef4e01566ca5468195c3d629bb54b486f82ce5f91d26c25632533de5
69885c352b73c062750dd828a00cb617eea070cd1053590cedd947a7b5d5b152
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
77af2346e734b1ad71b93285b998cbcfbe82ac1693fcd60e81b432de800ce39f
81016ac6be850b72df5d4faa0c3cec8e2c1b0ba0045712144a6766adfad40bee
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
8440ff98d060523a1d5fd3190979e1ee021ae6203b9fa04c9961136fae34b70d
849ab4fec0cf851d187a99fe85dd6f245673db1fdbff84056d7fb15769571823
9b9265c69a5cc295d1ab0d04e0273b3677db1a6216ce2ccf4efc8c277ed84b39
9e57fedb96b3686621bccd5521f43a2037a823c74f062176952890b179b3955b
9ee826117d17294b9f77cdde03ad1553eceacca074ace1eba0f1d989aecb4200
a048e640908046be06e00eab37742b5d5ff80964af58cfd22f7cb2de4dfe375f
a0b8355f4fb54619d0a356efb49c7b84b97bf58505bc735934235287bd8a318c
a1a471052f9d94fa7e7a1ca1f03cb01eb66715682be87529c6c1fc94772ef3ec
a9d565c4a609072e342813a66dbe7458e68d1f89b36fc7e191a862baadd602cb
aa8cada956623901af827f7b58b9049e0c257c8cbce0c4e90d11deb3c30d5221
ac307701293c80bb40051757bf0e35f913d7c5311eb01aefc2386e498f0285a8
aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8
bf6e9d76b7cc1e63e1ba486621c82bebddde9613bd158f55006517b66744698f
c1ccab95bc0f673ce9b5463e33ce8368617607e9a8e186322b7fc5221c1330d1
d142a29dfc233602672353f1bfaf7d8e72331ec6902d8dd12cb56e5eaf794fc2
d59ee5c042752f61e5b31bafe02c46f869d6e1ba0482ae974d08b99299357196
db54b8f2e01ed59bc1553b235876774391e8f1623c7334f650a817a10fbdbcd3
dff1699e292b305d53fee94b349ff2b24b47a36585e693abaf026d3ef00730d1
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
ee80cf3b15ea6f7dd08ba1b6bbb065994092b94415845536e0db3476ea80fad4
fe4cbace9fd4820232a3ef9ebfef646bb3948bec6a5fbf5015a7caa1eb09718e

sdqk.me Open in urlscan Pro 52.202.168.65 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

48 Requests

100 %HTTPS

81 %IPv6

17 Domains

22 Subdomains

20 IPs

5 Countries

2907 kBTransfer

7436 kBSize

6 Cookies

3 Outgoing links

Page URL History

Redirected requests

48 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

sdqk.me Open in urlscan Pro
52.202.168.65 Public Scan

Screenshot
Live screenshot

Full Image

48
Requests

100 %
HTTPS

81 %
IPv6

17
Domains

22
Subdomains

20
IPs

5
Countries

2907 kB
Transfer

7436 kB
Size

6
Cookies

48 HTTP transactions
0 data transactions