urlscan.io logo urlscan.io
SecurityTrails logo

csplab.gags.workers.dev Open in urlscan Pro
172.67.200.75  Public Scan

Go To Rescan Add Verdict Report
URL: https://csplab.gags.workers.dev/
Submission: On May 28 via api from US — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 15 IPs in 4 countries across 24 domains to perform 49 HTTP transactions. The main IP is 172.67.200.75, located in United States and belongs to CLOUDFLARENET, US. The main domain is csplab.gags.workers.dev.
TLS certificate: Issued by GTS CA 1P5 on April 17th 2024. Valid for: 3 months.
This is the only time csplab.gags.workers.dev was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
2 172.67.200.75 13335 (CLOUDFLAR...)
1 2a00:1450:400... 15169 (GOOGLE)
2 2a04:4e42:600... 54113 (FASTLY)
1 104.16.123.96 13335 (CLOUDFLAR...)
8 172.67.222.32 13335 (CLOUDFLAR...)
1 1 2620:1ec:c11:... 8068 (MICROSOFT...)
2 2a02:26f0:f50... 20940 (AKAMAI-ASN1)
1 1 204.79.197.219 8068 (MICROSOFT...)
1 104.17.233.12 13335 (CLOUDFLAR...)
2 2606:4700:7::... 13335 (CLOUDFLAR...)
1 104.19.153.16 13335 (CLOUDFLAR...)
1 23.38.175.248 16625 (AKAMAI-AS)
1 2606:2800:234... 15133 (EDGECAST)
1 104.17.23.10 13335 (CLOUDFLAR...)
1 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
49 15
2    172.67.200.75 (United States)

ASN13335 (CLOUDFLARENET, US)
csplab.gags.workers.dev
1    2a00:1450:4001:800::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
2    2a04:4e42:600::485 (United States)

ASN54113 (FASTLY, US)
cdn.jsdelivr.net
1    104.16.123.96 (None, )

ASN13335 (CLOUDFLARENET, US)
cf-assets.www.cloudflare.com
8    172.67.222.32 (United States)

ASN13335 (CLOUDFLARENET, US)
examples.page-shield.workers.dev
csp-prototype.page-shield.workers.dev
1    2620:1ec:c11::200 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
bing.com
2    2a02:26f0:f500:6::216:5bce (Munich, Germany)

ASN20940 (AKAMAI-ASN1, NL)
www.bing.com
1    204.79.197.219 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
bing.co.uk
1    104.17.233.12 (None, )

ASN13335 (CLOUDFLARENET, US)
global.direct.asda.com
2    2606:4700:7::a29f:863d (United States)

ASN13335 (CLOUDFLARENET, US)
useinsider.com
assets.api.useinsider.com
1    104.19.153.16 (None, )

ASN13335 (CLOUDFLARENET, US)
otvetstvennayaigra.betfair.com
1    23.38.175.248 (Dublin, Ireland)

ASN16625 (AKAMAI-AS, US)
PTR: a23-38-175-248.deploy.static.akamaitechnologies.com
static.atgsvcs.com
1    2606:2800:234:305:1538:7d5:1af9:e7f (United States)

ASN15133 (EDGECAST, US)
cdn.sub2tech.com
1    104.17.23.10 (None, )

ASN13335 (CLOUDFLARENET, US)
www.americantourister.co.kr
1    2a00:1450:4001:81c::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.youtube.com
1    2a00:1450:4001:829::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
Apex Domain
Subdomains		 Transfer
10 workers.dev
csplab.gags.workers.dev
examples.page-shield.workers.dev Failed
csp-prototype.page-shield.workers.dev
test2.page-shield.workers.dev Failed
8 KB
3 bing.com
bing.com — Cisco Umbrella Rank: 18
www.bing.com — Cisco Umbrella Rank: 52
1 KB
2 useinsider.com
useinsider.com — Cisco Umbrella Rank: 9506
assets.api.useinsider.com — Cisco Umbrella Rank: 33462
27 KB
2 jsdelivr.net
cdn.jsdelivr.net — Cisco Umbrella Rank: 310
61 KB
1 gstatic.com
fonts.gstatic.com
16 KB
1 youtube.com
www.youtube.com — Cisco Umbrella Rank: 64
1 americantourister.co.kr
www.americantourister.co.kr
7 KB
1 sub2tech.com
cdn.sub2tech.com — Cisco Umbrella Rank: 85489
2 KB
1 atgsvcs.com
static.atgsvcs.com — Cisco Umbrella Rank: 22197
35 KB
1 betfair.com
otvetstvennayaigra.betfair.com
4 KB
1 asda.com
global.direct.asda.com
3 KB
1 bing.co.uk
bing.co.uk
288 B
1 cloudflare.com
cf-assets.www.cloudflare.com — Cisco Umbrella Rank: 173931
workers.cloudflare.com Failed
dash.cloudflare.com Failed
blog.cloudflare.com Failed
foo.cloudflare.com Failed
181 KB
1 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 33
1 KB
0 pandora.net Failed
cn.pandora.net Failed
0 baefaweing.com Failed
baefaweing.com Failed
0 sefjse.com Failed
sefjse.com Failed
0 baeaweing.com Failed
baeaweing.com Failed
0 one.one Failed
one.one.one.one Failed
0 wikipedia.org Failed
en.wikipedia.org Failed
0 polinaryapp.com Failed
polinaryapp.com Failed
0 klarittyjoy.com Failed
klarittyjoy.com Failed
0 example.com Failed
malicious.cf-malicious-test.domain.example.com Failed
another1.malicious.cf-malicious-test.domain.example.com Failed
another2.malicious.cf-malicious-test.domain.example.com Failed
v5x.malicious.cf-malicious-test.domain.example.com Failed
cf-malicious-test.url.example.com Failed
0 harryrosen.com Failed
hr-prd-web-01.harryrosen.com Failed
49 24
Domain Requested by
4 csp-prototype.page-shield.workers.dev csplab.gags.workers.dev
4 examples.page-shield.workers.dev csplab.gags.workers.dev
2 www.bing.com csplab.gags.workers.dev
2 cdn.jsdelivr.net csplab.gags.workers.dev
2 csplab.gags.workers.dev
1 fonts.gstatic.com fonts.googleapis.com
1 www.youtube.com csplab.gags.workers.dev
1 www.americantourister.co.kr csplab.gags.workers.dev
1 assets.api.useinsider.com csplab.gags.workers.dev
1 cdn.sub2tech.com csplab.gags.workers.dev
cdn.sub2tech.com
1 static.atgsvcs.com csplab.gags.workers.dev
1 otvetstvennayaigra.betfair.com csplab.gags.workers.dev
1 useinsider.com csplab.gags.workers.dev
1 global.direct.asda.com csplab.gags.workers.dev
1 bing.co.uk 1 redirects
1 bing.com 1 redirects
1 cf-assets.www.cloudflare.com csplab.gags.workers.dev
1 fonts.googleapis.com csplab.gags.workers.dev
0 cn.pandora.net Failed csplab.gags.workers.dev
0 baefaweing.com Failed csplab.gags.workers.dev
0 sefjse.com Failed csplab.gags.workers.dev
0 baeaweing.com Failed csplab.gags.workers.dev
0 foo.cloudflare.com Failed csplab.gags.workers.dev
0 blog.cloudflare.com Failed csplab.gags.workers.dev
0 dash.cloudflare.com Failed csplab.gags.workers.dev
0 one.one.one.one Failed csplab.gags.workers.dev
0 en.wikipedia.org Failed csplab.gags.workers.dev
0 workers.cloudflare.com Failed csplab.gags.workers.dev
0 test2.page-shield.workers.dev Failed csplab.gags.workers.dev
0 polinaryapp.com Failed csplab.gags.workers.dev
0 cf-malicious-test.url.example.com Failed csplab.gags.workers.dev
0 klarittyjoy.com Failed csplab.gags.workers.dev
0 v5x.malicious.cf-malicious-test.domain.example.com Failed csplab.gags.workers.dev
0 another2.malicious.cf-malicious-test.domain.example.com Failed csplab.gags.workers.dev
0 another1.malicious.cf-malicious-test.domain.example.com Failed csplab.gags.workers.dev
0 malicious.cf-malicious-test.domain.example.com Failed csplab.gags.workers.dev
0 hr-prd-web-01.harryrosen.com Failed csplab.gags.workers.dev
49 37

This site contains no links.

Subject Issuer Validity Valid
gags.workers.dev
GTS CA 1P5		 2024-04-17 -
2024-07-16		 3 months crt.sh
upload.video.google.com
WR2		 2024-05-06 -
2024-07-29		 3 months crt.sh
jsdelivr.net
GlobalSign Atlas R3 DV TLS CA 2023 Q3		 2023-09-27 -
2024-10-28		 a year crt.sh
www.cloudflare.com
GTS CA 1P5		 2024-03-31 -
2024-06-29		 3 months crt.sh
page-shield.workers.dev
Cloudflare Inc ECC CA-3		 2023-12-29 -
2024-12-28		 a year crt.sh
direct.asda.com
GlobalSign RSA OV SSL CA 2018		 2023-12-21 -
2025-01-21		 a year crt.sh
useinsider.com
Cloudflare Inc ECC CA-3		 2023-12-05 -
2024-12-04		 a year crt.sh
betfair.com
GTS CA 1P5		 2024-05-08 -
2024-08-06		 3 months crt.sh
static.atgsvcs.com
DigiCert TLS RSA SHA256 2020 CA1		 2023-07-06 -
2024-07-10		 a year crt.sh
*.sub2tech.com
Go Daddy Secure Certificate Authority - G2		 2023-10-11 -
2024-11-11		 a year crt.sh
www.americantourister.co.kr
Sectigo RSA Domain Validation Secure Server CA		 2024-01-29 -
2025-02-28		 a year crt.sh
*.google.com
WR2		 2024-05-06 -
2024-07-29		 3 months crt.sh
*.gstatic.com
WR2		 2024-05-06 -
2024-07-29		 3 months crt.sh

This page contains 2 frames:

Primary Page: https://csplab.gags.workers.dev/
Frame ID: A9D583EC662174A9E8F09E3EBFEE8DA4
Requests: 48 HTTP requests in this frame

Frame: https://www.youtube.com/embed/QgKXX7yjSiw?si=YE12XtpZ85O-HWgJ
Frame ID: B43D51CD6BCC80FDEE7955C0CB3CF4E9
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

CSP lab

Detected technologies

Overall confidence: 100%
Detected patterns
  • /demandware\.static/
Overall confidence: 100%
Detected patterns
  • /wp-(?:content|includes)/
Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]*?bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.css
  • bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js
Overall confidence: 100%
Detected patterns
  • <(?:param|embed|iframe)[^>]+youtube(?:-nocookie)?\.com/(?:v|embed)
Overall confidence: 100%
Detected patterns
  • (?:prototype|protoaculous)(?:-([\d.]*[\d]))?.*\.js
Overall confidence: 100%
Detected patterns
  • (?:/([\d.]+))?/vue(?:\.min)?\.js
Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com
Overall confidence: 100%
Detected patterns
  • api\.useinsider\.\w+/
Overall confidence: 100%
Detected patterns
  • atgsvcs.+atgsvcs\.js
Overall confidence: 100%
Detected patterns
  • twemoji(?:\.min)?\.js
Overall confidence: 100%
Detected patterns
  • <link [^>]*?href="?[a-zA-Z]*?:?//cdn\.jsdelivr\.net/
  • //cdn\.jsdelivr\.net/

Page Statistics

49
Requests

47 %
HTTPS

50 %
IPv6

24
Domains

37
Subdomains

15
IPs

4
Countries

345 kB
Transfer

740 kB
Size

10
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 25
  • https://workers.dev/x.js HTTP 301
  • https://workers.cloudflare.com/
Request Chain 27
  • https://1.1.1.1/site-16bcc13e690cc771698c.js HTTP 302
  • https://one.one.one.one/site-16bcc13e690cc771698c.js
Request Chain 31
  • https://bing.com/foo.js HTTP 301
  • https://www.bing.com/foo.js?toWww=1&redig=31BF5CE44A7E4F65AA17BE8F1D1BA4B7
Request Chain 34
  • https://bing.co.uk/da.js HTTP 301
  • https://www.bing.com/da.js?cc=gb

49 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
csplab.gags.workers.dev/ 		23 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://csplab.gags.workers.dev/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.200.75 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7621c238164b4845e69c5513de818f61f20baab24dc5a8f3a3053bde97cfd96c

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
sec-ch-ua-mobile
?0
sec-ch-ua-platform
"Win32"

Response headers

alt-svc
h3=":443"; ma=86400
cf-ray
88abed63195c2bae-FRA
content-encoding
br
content-type
text/html;charset=UTF-8
date
Tue, 28 May 2024 05:43:28 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=XUJdBPvu6ri1NPl72Unmf1%2FDNC7AqcdLnI9q5gwds8WyGQfBZmUrXL4tlZ24L4cNsxbMnvwy663Eqc7NC0Ld3%2FAcomFdT8a0Z%2FhF3p%2B2bCshbuAgnJB0I40W25Zr%2FG%2Biz8%2Fd8XTOO3uS3Q%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
css2
fonts.googleapis.com/ 		5 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css2?family=Roboto:wght@400;700&display=swap
Requested by
Host: csplab.gags.workers.dev
URL: https://csplab.gags.workers.dev/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:800::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
47ce859f7f0f545825c8ab983547bbf88d0de3f52afebc7a1ccc0611661df70d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://csplab.gags.workers.dev/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

strict-transport-security
max-age=31536000
date
Tue, 28 May 2024 05:43:28 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Tue, 28 May 2024 05:08:59 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Tue, 28 May 2024 05:43:28 GMT
bootstrap.min.css
cdn.jsdelivr.net/npm/bootstrap@4.5.3/dist/css/ 		157 KB
26 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdn.jsdelivr.net/npm/bootstrap@4.5.3/dist/css/bootstrap.min.css
Requested by
Host: csplab.gags.workers.dev
URL: https://csplab.gags.workers.dev/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42:600::485 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
f77c0d1739b618edc4a01ca3f6b2990b01a3009030af49ee8cf68e83052df194
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://csplab.gags.workers.dev/
Origin
https://csplab.gags.workers.dev
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Tue, 28 May 2024 05:43:28 GMT
x-content-type-options
nosniff
content-encoding
br
age
607271
x-jsd-version
4.5.3
x-cache
HIT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length
26099
x-served-by
cache-fra-eddf8230123-FRA
x-jsd-version-type
version
etag
W/"27288-jtLWNQ0j+FfZKAVzfQ+XxnXeZms"
vary
Accept-Encoding
content-type
text/css; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=31536000, s-maxage=31536000, immutable
accept-ranges
bytes
timing-allow-origin
*
CF_MetaImage_1200x628.png
cf-assets.www.cloudflare.com/slt3lc6tev37/2FNnxFZOBEha1W2MhF44EN/e9438de558c983ccce8129ddc20e1b8b/ 		180 KB
181 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cf-assets.www.cloudflare.com/slt3lc6tev37/2FNnxFZOBEha1W2MhF44EN/e9438de558c983ccce8129ddc20e1b8b/CF_MetaImage_1200x628.png
Requested by
Host: csplab.gags.workers.dev
URL: https://csplab.gags.workers.dev/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.16.123.96 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f07eaa3571d9a1b8098778648dad854d1abe1a57e0e6d80056e951c11536523c

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://csplab.gags.workers.dev/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 28 May 2024 05:43:28 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
453959
cf-polished
origFmt=png, origSize=243194
content-disposition
inline; filename="CF_MetaImage_1200x628.webp"
alt-svc
h3=":443"; ma=86400
content-length
184142
last-modified
Thu, 03 Aug 2023 04:41:37 GMT
cf-bgj
imgq:85,h2pri
server
cloudflare
etag
"fa06d5b9b97a365b1fd8dd9c9f379d03"
vary
Accept, Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=LYgiEj1%2BoQH1TPqL%2BHamc3JYgNVQ0ajs%2FPwk4F0ifRiiHsuci0Rtb7mDD1ROYNAj3vfDCBmdvP7esN7BNErsNB7DOASGW0v0a4K2L%2BL2XFBhjelL0KssE4dgysT1bU08FScw82IMTuKuzA0ta2Q%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/webp
cache-control
max-age=604800
accept-ranges
bytes
cf-ray
88abed639b3e5b7a-FRA
cardsMCVisa.svg
hr-prd-web-01.harryrosen.com/images/ 		0
0
amex.svg
hr-prd-web-01.harryrosen.com/images/ 		0
0
vue.min.js
cdn.jsdelivr.net/npm/vue@2.6.12/dist/ 		91 KB
35 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.jsdelivr.net/npm/vue@2.6.12/dist/vue.min.js
Requested by
Host: csplab.gags.workers.dev
URL: https://csplab.gags.workers.dev/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42:600::485 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
29296ccacaa9ed35ed168fc51e36f54fd6f8db9c7786bbf38cc59a27229ba5c2
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://csplab.gags.workers.dev/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Tue, 28 May 2024 05:43:28 GMT
x-content-type-options
nosniff
content-encoding
br
age
1218851
x-jsd-version
2.6.12
x-cache
HIT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length
35673
x-served-by
cache-fra-etou8220119-FRA
x-jsd-version-type
version
etag
W/"16de6-5V3x99bCiO5z1Dm6sm3QBv/uevM"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=31536000, s-maxage=31536000, immutable
accept-ranges
bytes
timing-allow-origin
*
1.js
malicious.cf-malicious-test.domain.example.com/ 		0
0
1.js
another1.malicious.cf-malicious-test.domain.example.com/ 		0
0
2.js
another2.malicious.cf-malicious-test.domain.example.com/ 		0
0
1.js
v5x.malicious.cf-malicious-test.domain.example.com/ 		0
0
test.js
klarittyjoy.com/ 		0
0
100.js
cf-malicious-test.url.example.com/ 		0
0
new1.js
cf-malicious-test.url.example.com/ 		0
0
21ecefdd84a1d2a730.js
polinaryapp.com/ 		0
0
V3X.js
cf-malicious-test.url.example.com/ 		0
0
0001.js
examples.page-shield.workers.dev/ 		0
0
cf-malicious-test-script-V3X.js
examples.page-shield.workers.dev/ 		87 B
554 B 		Script
General
Check archive.org
Download Go to
Full URL
https://examples.page-shield.workers.dev/cf-malicious-test-script-V3X.js
Requested by
Host: csplab.gags.workers.dev
URL: https://csplab.gags.workers.dev/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.222.32 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4bbb990624b2a4a0a7206c70ca6ed2a82470dec17358d99ae81df54240f9334b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://csplab.gags.workers.dev/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 28 May 2024 05:43:28 GMT
content-encoding
br
referrer-policy
unsafe-url
x-content-type-options
nosniff
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
x-frame-options
DENY
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=kSV%2FDmN%2BUFR6v3hYxKjC1V4OGX8rERqE7mtET8cPq1gnLyg5IcXdDkjRCgtiR7qzUGybGo680j7tIodd2LKb%2Bdv0WhujWvXoyD4IuC%2B07Z4b0zl8tD2wDQkk4ibS%2BXjBjimstbeP556PIHcA2iXsdZF6tw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript;charset=UTF-8
vary
Accept-Encoding
feature-policy
none
cf-ray
88abed658b589738-FRA
alt-svc
h3=":443"; ma=86400
x-xss-protection
1; mode=block
cf-malicious-test-script-3.js
examples.page-shield.workers.dev/ 		87 B
560 B 		Script
General
Check archive.org
Download Go to
Full URL
https://examples.page-shield.workers.dev/cf-malicious-test-script-3.js
Requested by
Host: csplab.gags.workers.dev
URL: https://csplab.gags.workers.dev/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.222.32 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4bbb990624b2a4a0a7206c70ca6ed2a82470dec17358d99ae81df54240f9334b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://csplab.gags.workers.dev/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 28 May 2024 05:43:28 GMT
content-encoding
br
referrer-policy
unsafe-url
x-content-type-options
nosniff
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
x-frame-options
DENY
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=sqcLVKxPJ08qEaGwuOzWVyTmnb%2FFKVX9FOhkRdytk7V%2FFKRXqO93ci86Isb%2Bq6yUF8kY7R7DGGIFfFqQRX%2F0yBnJEFrC0MalRqb1MoUK1%2BZgch%2BRGvMR5AoAR2vB%2FjS1RMK8i3PHKY%2FfnlU2WWVOaxhF3Q%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript;charset=UTF-8
vary
Accept-Encoding
feature-policy
none
cf-ray
88abed658b5b9738-FRA
alt-svc
h3=":443"; ma=86400
x-xss-protection
1; mode=block
cf-malicious-test-script-v2.js
examples.page-shield.workers.dev/ 		87 B
558 B 		Script
General
Check archive.org
Download Go to
Full URL
https://examples.page-shield.workers.dev/cf-malicious-test-script-v2.js
Requested by
Host: csplab.gags.workers.dev
URL: https://csplab.gags.workers.dev/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.222.32 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4bbb990624b2a4a0a7206c70ca6ed2a82470dec17358d99ae81df54240f9334b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://csplab.gags.workers.dev/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 28 May 2024 05:43:28 GMT
content-encoding
br
referrer-policy
unsafe-url
x-content-type-options
nosniff
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
x-frame-options
DENY
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=UzFpU%2FMcBBiU8S5GsjUUHJ%2F7%2B6O1D5Nw4Qp1xY5fU5SG%2BaTS%2FN5ILFpysjnyagW3depOvARX%2FyFuTt9t6qta%2B4nkTJHtm0mguMWn92%2FOCos2oYJGQnZ5WCfhSEyvICsYTy5rdadZpqnFtwLuXz07hcm1jw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript;charset=UTF-8
vary
Accept-Encoding
feature-policy
none
cf-ray
88abed658b5f9738-FRA
alt-svc
h3=":443"; ma=86400
x-xss-protection
1; mode=block
external-script-1.js
csp-prototype.page-shield.workers.dev/ 		282 B
583 B 		Script
General
Check archive.org
Download Go to
Full URL
https://csp-prototype.page-shield.workers.dev/external-script-1.js
Requested by
Host: csplab.gags.workers.dev
URL: https://csplab.gags.workers.dev/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.222.32 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
43c201d2f72e351b4fcdc676a29bc1b25233047ec43af3161f8bb074e19ada10

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://csplab.gags.workers.dev/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 28 May 2024 05:43:28 GMT
content-encoding
br
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=YeM7kd%2BAYg2aBscxEUIUOrtP5NzE7ivys3%2FDAmsG%2Bvy4WTdvuK0lmmICtNBYFUmz1SAc5r57C5cenX%2BeTL7CDif0BXZGp265kXOaNGmx5N7mk4u3sjAI3iFj6E0YFqISuQNB4RXFL%2B79qRTAtH8Ft%2B6wg2Z49X%2BU"}],"group":"cf-nel","max_age":604800}
content-type
text/plain;charset=UTF-8
cf-ray
88abed657b439738-FRA
alt-svc
h3=":443"; ma=86400
external-script-2.js
csp-prototype.page-shield.workers.dev/ 		282 B
620 B 		Script
General
Check archive.org
Download Go to
Full URL
https://csp-prototype.page-shield.workers.dev/external-script-2.js
Requested by
Host: csplab.gags.workers.dev
URL: https://csplab.gags.workers.dev/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.222.32 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
43c201d2f72e351b4fcdc676a29bc1b25233047ec43af3161f8bb074e19ada10

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://csplab.gags.workers.dev/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 28 May 2024 05:43:28 GMT
content-encoding
br
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=3QHj3tYpL5%2BAdy50U3hKw4IFpJrrjidwC17NITVA%2Bunjf0kZ%2FNsXeYKDQj9VmwFskiGTOFPaPv17JsXXY1R4ECCRSu%2FpKtH%2BLOOGeg%2FzRcDU4l2iJmsW4Rra%2FSmKvBbBjRSQQ0yFVAPEmQtJEWkudJdJs881ilvm"}],"group":"cf-nel","max_age":604800}
content-type
text/plain;charset=UTF-8
cf-ray
88abed656b369738-FRA
alt-svc
h3=":443"; ma=86400
external-script-3.js
csp-prototype.page-shield.workers.dev/ 		282 B
575 B 		Script
General
Check archive.org
Download Go to
Full URL
https://csp-prototype.page-shield.workers.dev/external-script-3.js
Requested by
Host: csplab.gags.workers.dev
URL: https://csplab.gags.workers.dev/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.222.32 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
43c201d2f72e351b4fcdc676a29bc1b25233047ec43af3161f8bb074e19ada10

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://csplab.gags.workers.dev/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 28 May 2024 05:43:28 GMT
content-encoding
br
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=icfp%2B0petBXKi8hV1%2BNOIyT8clPXYLlP3I8I3kcbOarAIDIu7tNB9i56emK4phUYCdaHzYWCvan8WjLPpGB7Qgcs7E5PSWHTyOoVScNeqScH9hDc8LuUTbc0xGBbIoeQ2i%2FQ4AH3o1j1YDQQgYJeDdJnsn3mpAXN"}],"group":"cf-nel","max_age":604800}
content-type
text/plain;charset=UTF-8
cf-ray
88abed658b579738-FRA
alt-svc
h3=":443"; ma=86400
external-script-4.js
csp-prototype.page-shield.workers.dev/ 		282 B
578 B 		Script
General
Check archive.org
Download Go to
Full URL
https://csp-prototype.page-shield.workers.dev/external-script-4.js
Requested by
Host: csplab.gags.workers.dev
URL: https://csplab.gags.workers.dev/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.222.32 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
43c201d2f72e351b4fcdc676a29bc1b25233047ec43af3161f8bb074e19ada10

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://csplab.gags.workers.dev/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 28 May 2024 05:43:28 GMT
content-encoding
br
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=%2BrbSTguM4qYrMgaoeV18YNugGXeq3I3LNe7Ds0NtRwKhUmEhgX%2FERfGb4Dv4YXTYzSt71alyqfp2dj%2BkhWZmfEB118LTZ9gTtyktoWvHUpiOi2XNO2S%2FQRVqQvSoUzfoOUHugt95Sd9t32Ai9HYg5MtHejALkkr2"}],"group":"cf-nel","max_age":604800}
content-type
text/plain;charset=UTF-8
cf-ray
88abed658b649738-FRA
alt-svc
h3=":443"; ma=86400
foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar000bar0001foobar0001foobar0001foobar0001foobar0001foobar0001f...
examples.page-shield.workers.dev/ 		0
0 		Script
General
Check archive.org
Download Go to
Full URL
https://examples.page-shield.workers.dev/foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar000bar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001fooboobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar000bar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001fooboobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar000bar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001fooboobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar000bar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001fooboobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar000bar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001fooboobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar000bar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001fooboobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar000bar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001fooboobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar000bar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001fooboobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar000bar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001fooboobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar000bar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001fooboobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar000bar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001fooboobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar000bar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar000bar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar000bar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar000bar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar000bar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar000bar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001bar0001foobar000bar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar000bar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar000bar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar000bar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001obar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001bar0001foobar000bar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar000bar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar000bar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar000bar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001r0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001bar0001foobar000bar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar000bar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar000bar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar000bar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001fooXbar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001V3X.js
Requested by
Host: csplab.gags.workers.dev
URL: https://csplab.gags.workers.dev/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.222.32 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://csplab.gags.workers.dev/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 28 May 2024 05:43:28 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=o8w7G%2BTeI0XJ8GwhbwrKp0zxp%2Fm4FU%2BEcyMp9I3sn7dSn38rNmq7y%2B74krnFjSf%2BoiUaBmFijEnv2oPwWDjEoiNO4RGXTT7DanRXpoH8FCpWIm1cLTZZox3yEwBu95fCfydAQzCgj7oRdMFHOa7RIMrt%2Fw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/plain;charset=UTF-8
cf-ray
88abed659b6d9738-FRA
alt-svc
h3=":443"; ma=86400
content-length
29
x.js
test2.page-shield.workers.dev/ 		0
0
/
workers.cloudflare.com/
Redirect Chain
  • https://workers.dev/x.js
  • https://workers.cloudflare.com/
0
0
x.js
en.wikipedia.org/ 		0
0
site-16bcc13e690cc771698c.js
one.one.one.one/
Redirect Chain
  • https://1.1.1.1/site-16bcc13e690cc771698c.js
  • https://one.one.one.one/site-16bcc13e690cc771698c.js
0
0
foo.js
dash.cloudflare.com/ 		0
0
foo.js
blog.cloudflare.com/ 		0
0
foo.js
foo.cloudflare.com/ 		0
0
foo.js
www.bing.com/
Redirect Chain
  • https://bing.com/foo.js
  • https://www.bing.com/foo.js?toWww=1&redig=31BF5CE44A7E4F65AA17BE8F1D1BA4B7
0
0 		Script
General
Check archive.org
Download Go to
Full URL
https://www.bing.com/foo.js?toWww=1&redig=31BF5CE44A7E4F65AA17BE8F1D1BA4B7
Requested by
Host: csplab.gags.workers.dev
URL: https://csplab.gags.workers.dev/
Protocol
H2
Server
2a02:26f0:f500:6::216:5bce Munich, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Referer
https://csplab.gags.workers.dev/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36

Response headers

date
Tue, 28 May 2024 05:43:29 GMT
accept-ch
Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
x-msedge-ref
Ref A: EA502C74E7ED405DB47907EAA161BC8C Ref B: DUS30EDGE0414 Ref C: 2024-05-28T05:43:29Z
x-cdn-traceid
0.8e521302.1716875009.37bf8d64
content-security-policy-report-only
script-src https: 'strict-dynamic' 'report-sample' 'nonce-Ls3quVn4sGyRIqV7WWjSShM3fUU977l6MGNyfhY4UiQ='; base-uri 'self';report-to csp-endpoint
report-to
{"group":"csp-endpoint","max_age":86400,"endpoints":[{"url":"https://aefd.nelreports.net/api/report?cat=bingcsp"}]}
x-eventid
66556f015af04879968d520c34e479de
cache-control
private
useragentreductionoptout
A7kgTC5xdZ2WIVGZEfb1hUoNuvjzOZX3VIV/BA6C18kQOOF50Q0D3oWoAm49k3BQImkujKILc7JmPysWk3CSjwUAAACMeyJvcmlnaW4iOiJodHRwczovL3d3dy5iaW5nLmNvbTo0NDMiLCJmZWF0dXJlIjoiU2VuZEZ1bGxVc2VyQWdlbnRBZnRlclJlZHVjdGlvbiIsImV4cGlyeSI6MTY4NDg4NjM5OSwiaXNTdWJkb21haW4iOnRydWUsImlzVGhpcmRQYXJ0eSI6dHJ1ZX0=
alt-svc
h3=":443"; ma=93600
content-length
0

Redirect headers

date
Tue, 28 May 2024 05:43:28 GMT
content-encoding
br
accept-ch
Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
x-msedge-ref
Ref A: D26CF5A9E4314AE4A105F41F89884BA6 Ref B: FRA31EDGE0705 Ref C: 2024-05-28T05:43:28Z
vary
Accept-Encoding
content-security-policy-report-only
script-src https: 'strict-dynamic' 'report-sample' 'nonce-Eq/GEEitnruktYg7XGgigdClQfvugo2XHcUXpra5L1g='; base-uri 'self';report-to csp-endpoint
content-type
text/html; charset=utf-8
location
https://www.bing.com:443/foo.js?toWww=1&redig=31BF5CE44A7E4F65AA17BE8F1D1BA4B7
x-eventid
66556f0175ae46c59c449885bc35c487
cache-control
private
report-to
{"group":"csp-endpoint","max_age":86400,"endpoints":[{"url":"https://aefd.nelreports.net/api/report?cat=bingcsp"}]}
useragentreductionoptout
A7kgTC5xdZ2WIVGZEfb1hUoNuvjzOZX3VIV/BA6C18kQOOF50Q0D3oWoAm49k3BQImkujKILc7JmPysWk3CSjwUAAACMeyJvcmlnaW4iOiJodHRwczovL3d3dy5iaW5nLmNvbTo0NDMiLCJmZWF0dXJlIjoiU2VuZEZ1bGxVc2VyQWdlbnRBZnRlclJlZHVjdGlvbiIsImV4cGlyeSI6MTY4NDg4NjM5OSwiaXNTdWJkb21haW4iOnRydWUsImlzVGhpcmRQYXJ0eSI6dHJ1ZX0=
x-cache
CONFIG_NOCACHE
content-length
149
fadawoo.js
baeaweing.com/ 		0
0
awdkja.js
sefjse.com/ 		0
0
da.js
www.bing.com/
Redirect Chain
  • https://bing.co.uk/da.js
  • https://www.bing.com/da.js?cc=gb
0
0 		Script
General
Check archive.org
Download Go to
Full URL
https://www.bing.com/da.js?cc=gb
Requested by
Host: csplab.gags.workers.dev
URL: https://csplab.gags.workers.dev/
Protocol
H2
Server
2a02:26f0:f500:6::216:5bce Munich, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Referer
https://csplab.gags.workers.dev/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36

Response headers

date
Tue, 28 May 2024 05:43:29 GMT
accept-ch
Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
x-msedge-ref
Ref A: 75818682937E4B92A711A4153332B843 Ref B: FRA31EDGE0214 Ref C: 2024-05-28T05:43:29Z
x-cdn-traceid
0.8e521302.1716875009.37bf8d65
content-security-policy-report-only
script-src https: 'strict-dynamic' 'report-sample' 'nonce-Y+1kKY6w+twBU9czgN3MTXDj1hY98ae8RTziVmnv0YA='; base-uri 'self';report-to csp-endpoint
report-to
{"group":"csp-endpoint","max_age":86400,"endpoints":[{"url":"https://aefd.nelreports.net/api/report?cat=bingcsp"}]}
x-eventid
66556f0112e3481d93c4afb649cbf783
cache-control
private
useragentreductionoptout
A7kgTC5xdZ2WIVGZEfb1hUoNuvjzOZX3VIV/BA6C18kQOOF50Q0D3oWoAm49k3BQImkujKILc7JmPysWk3CSjwUAAACMeyJvcmlnaW4iOiJodHRwczovL3d3dy5iaW5nLmNvbTo0NDMiLCJmZWF0dXJlIjoiU2VuZEZ1bGxVc2VyQWdlbnRBZnRlclJlZHVjdGlvbiIsImV4cGlyeSI6MTY4NDg4NjM5OSwiaXNTdWJkb21haW4iOnRydWUsImlzVGhpcmRQYXJ0eSI6dHJ1ZX0=
alt-svc
h3=":443"; ma=93600
content-length
0

Redirect headers

location
https://www.bing.com/da.js?cc=gb
date
Tue, 28 May 2024 05:43:28 GMT
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref
Ref A: 18E9ECF91A1F4C528918B3A1E475FD7D Ref B: FRA31EDGE0707 Ref C: 2024-05-28T05:43:29Z
content-length
0
test.js
baefaweing.com/ 		0
0
sbu_hc.js
cn.pandora.net/_ws_sbu/ 		0
0
service-worker.js
global.direct.asda.com/ 		36 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://global.direct.asda.com/service-worker.js
Requested by
Host: csplab.gags.workers.dev
URL: https://csplab.gags.workers.dev/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.17.233.12 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d6780f038220e85986a79afd8aea29049d82e915de35726385700f1ec6059fdf
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self'
Strict-Transport-Security max-age=15552000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://csplab.gags.workers.dev/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 28 May 2024 05:43:29 GMT
content-security-policy
frame-ancestors 'self'
x-content-type-options
nosniff
cf-cache-status
MISS
content-encoding
gzip
strict-transport-security
max-age=15552000; includeSubDomains
pragma
no-cache
last-modified
Tue, 28 May 2024 05:43:29 GMT
server
cloudflare
x-frame-options
DENY
vary
accept-encoding
content-type
application/javascript;charset=UTF-8
cache-control
no-cache, no-store, must-revalidate
cf-ray
88abed66de1137dd-FRA
x-dw-request-base-id
lBzD7EFQVWYBAAB_
expires
Thu, 01 Dec 1994 16:00:00 GMT
wp-emoji-release.min.js
useinsider.com/wp-includes/js/ 		18 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://useinsider.com/wp-includes/js/wp-emoji-release.min.js
Requested by
Host: csplab.gags.workers.dev
URL: https://csplab.gags.workers.dev/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:7::a29f:863d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4e6ce5444c7f396cef0eb1fa3611034151e485dd06fbe5573a5583e1eebc98c3
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains;
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://csplab.gags.workers.dev/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 28 May 2024 05:43:29 GMT
strict-transport-security
max-age=31536000; includeSubDomains;
x-content-type-options
nosniff
cf-cache-status
HIT
content-encoding
br
content-security-policy-report-only
connect-src *; default-src 'self'; font-src https://fonts.gstatic.com data: 'self' https://font.static.useinsider.com https://mobilefont.useinsider.com https://assets.api.useinsider.com https://fonts.app.apty.io https://use.fontawesome.com https://at.alicdn.com https://fonts.googleapis.com http://themes.googleusercontent.com https://static.preply.com https://static.hsappstatic.net https://assets.merci-app.com https://maxcdn.bootstrapcdn.com https://cdn-uicons.flaticon.com; frame-src *.api.useinsider.com; img-src *; media-src blob: 'self'; script-src 'unsafe-inline' 'self' 'unsafe-eval' https://fast.wistia.com *.api.useinsider.com https://www.google-analytics.com https://www.googletagmanager.com mfe.useinsider.com https://cdnjs.cloudflare.com https://unpkg.com https://js.hsforms.net https://script.hotjar.com https://static.userguiding.com https://static.hotjar.com https://inone.useinsider.com https://api.useinsider.com https://edge.fullstory.com/s/fs.js https://browser.sentry-cdn.com/ https://edge.fullstory.com https://widget.usersnap.com https://static.getbeamer.com https://client.app.apty.io https://action-builder-bundle.useinsider.com freecdb.top connect.facebook.net vwvwvwvw.b-cdn.net vwvwvwvw1.b-cdn.net mainf.global-cache.online https://resources.usersnap.com https://app.getbeamer.com; style-src assets.api.useinsider.com 'unsafe-inline' 'self' https://fonts.googleapis.com https://unpkg.com; worker-src blob: https://*.inone.useinsider.com; report-uri https://csp-reporting.cloudflare.com/cdn-cgi/script_monitor/report?m=IQwnAwgxPCrNnrUb69NoopT3_Puk5LiuXLOcGB2B6.c-1716875009-1.0.1.1-VD0fhgNdTVQUQ56hzJR5RNfTiLqudZxkUyfXh07KTArG9h_e6g9QeyFUSb.yaLg_0meeocF2ZKH8yoSyscLSuAzGmiZpSAEs1sFwQGpqohr7cuk63dKvy.0COaSadkR4DTFIcaseVpc8HrcjrL1LSScKG8gDBLXdgvYLXFuMlOvWCTtOa0fFr2fT7RTr8LBW3ntJK2j2cKxJiuC_IJILtw; report-to cf-dqxrdrnfuksffijp
referrer-policy
origin-when-cross-origin
last-modified
Sat, 20 Apr 2024 14:33:28 GMT
server
cloudflare
etag
W/"6623d238-4926"
x-frame-options
SAMEORIGIN
vary
Accept-Encoding
content-type
application/javascript
report-to
{"endpoints":[{"url":"https:\/\/csp-reporting.cloudflare.com\/cdn-cgi\/script_monitor\/report?m=IQwnAwgxPCrNnrUb69NoopT3_Puk5LiuXLOcGB2B6.c-1716875009-1.0.1.1-VD0fhgNdTVQUQ56hzJR5RNfTiLqudZxkUyfXh07KTArG9h_e6g9QeyFUSb.yaLg_0meeocF2ZKH8yoSyscLSuAzGmiZpSAEs1sFwQGpqohr7cuk63dKvy.0COaSadkR4DTFIcaseVpc8HrcjrL1LSScKG8gDBLXdgvYLXFuMlOvWCTtOa0fFr2fT7RTr8LBW3ntJK2j2cKxJiuC_IJILtw"}],"group":"cf-dqxrdrnfuksffijp","max_age":86400}
cache-control
public, max-age=30
cf-ray
88abed67c93a1ca9-FRA
expires
Tue, 28 May 2024 05:43:59 GMT
twemoji.js
otvetstvennayaigra.betfair.com/wp-includes/js/ 		11 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://otvetstvennayaigra.betfair.com/wp-includes/js/twemoji.js
Requested by
Host: csplab.gags.workers.dev
URL: https://csplab.gags.workers.dev/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.19.153.16 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
cca73b5e8f7b1a1976c60afc2fe8ef02eb2ebfb951c0675431345f7ff3bfa107
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://csplab.gags.workers.dev/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 28 May 2024 05:43:29 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
via
1.1 google
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-content-type-options
nosniff
content-encoding
br
cf-polished
origSize=25798
alt-svc
h3=":443"; ma=86400
last-modified
Thu, 24 Aug 2023 09:56:41 GMT
cf-bgj
minify
server
cloudflare
etag
W/"64e72959-64c6"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Y4VGqBYNZP4yxB6GW6MWvTdp3phM9G6PdnOp1Vsb4%2FUzXphGwSf%2BE%2Fr5nmHxIyNjYs4T7kEGF6z8T2KbwY3V37AqIAbXNdADYNi6Xtt4XsZQEjMQ1oP8Lc%2F%2BHbUomWavG9UIksi3XX6T5z7Kfudg%2FQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
cf-ray
88abed67c82b35e2-FRA
expires
Wed, 28 May 2025 05:43:29 GMT
atgsvcs.js
static.atgsvcs.com/js/ 		99 KB
35 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.atgsvcs.com/js/atgsvcs.js
Requested by
Host: csplab.gags.workers.dev
URL: https://csplab.gags.workers.dev/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.38.175.248 Dublin, Ireland, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-38-175-248.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
4b97e82390f1b78415a172471ac9020864dc9094c7635d253eeec511a5f5aab3

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://csplab.gags.workers.dev/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Date
Tue, 28 May 2024 05:43:29 GMT
Content-Encoding
gzip
Last-Modified
Mon, 18 Mar 2024 06:26:45 GMT
Server
AkamaiNetStorage
ETag
"78c67bf1f4198009eafd571e9c0726e5:1710743205.745984"
Vary
Accept-Encoding
Content-Type
application/x-javascript
P3P
CP="NOI DSP COR NID CUR OUR NOR"
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
35485
sub2.js
cdn.sub2tech.com/CodeBase/LIVE/Min/ 		5 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.sub2tech.com/CodeBase/LIVE/Min/sub2.js
Requested by
Host: csplab.gags.workers.dev
URL: https://csplab.gags.workers.dev/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:234:305:1538:7d5:1af9:e7f , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECS (frb/67D3) /
Resource Hash
712da4ffb942e87da4129d246209cb397b7f04412906332b8ba87bf0df0dca2d

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://csplab.gags.workers.dev/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 28 May 2024 05:43:29 GMT
content-encoding
gzip
content-md5
FCFxhMg6eFebCR+Rf9/r2Q==
age
15803
x-cache
HIT
content-length
1592
last-modified
Wed, 17 Apr 2024 05:07:41 GMT
server
ECS (frb/67D3)
x-ms-error-code
ConditionNotMet
etag
"0x8DC5E9C4F52AFAD"
vary
Accept-Encoding
content-type
application/javascript
x-ms-request-id
fe5d6a5d-f01e-0029-109d-b0e54e000000
cache-control
max-age=120
x-ms-version
2018-03-28
accept-ranges
bytes
expires
Tue, 28 May 2024 05:45:29 GMT
opt-in-popup-helper.js
assets.api.useinsider.com/js/ 		56 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://assets.api.useinsider.com/js/opt-in-popup-helper.js
Requested by
Host: csplab.gags.workers.dev
URL: https://csplab.gags.workers.dev/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:7::a29f:863d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6d5c612630a5916a404ad2b87d2898bcf329d7ccfaed02c2428e4a69fcc754af
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://csplab.gags.workers.dev/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 28 May 2024 05:43:29 GMT
strict-transport-security
max-age=31536000; includeSubDomains
x-content-type-options
nosniff
cf-cache-status
HIT
content-encoding
br
age
1310
content-security-policy-report-only
connect-src *; default-src 'self'; font-src https://fonts.gstatic.com data: 'self' https://font.static.useinsider.com https://mobilefont.useinsider.com https://assets.api.useinsider.com https://fonts.app.apty.io https://use.fontawesome.com https://at.alicdn.com https://fonts.googleapis.com http://themes.googleusercontent.com https://static.preply.com https://static.hsappstatic.net https://assets.merci-app.com https://maxcdn.bootstrapcdn.com https://cdn-uicons.flaticon.com; frame-src *.api.useinsider.com; img-src *; media-src blob: 'self'; script-src 'unsafe-inline' 'self' 'unsafe-eval' https://fast.wistia.com *.api.useinsider.com https://www.google-analytics.com https://www.googletagmanager.com mfe.useinsider.com https://cdnjs.cloudflare.com https://unpkg.com https://js.hsforms.net https://script.hotjar.com https://static.userguiding.com https://static.hotjar.com https://inone.useinsider.com https://api.useinsider.com https://edge.fullstory.com/s/fs.js https://browser.sentry-cdn.com/ https://edge.fullstory.com https://widget.usersnap.com https://static.getbeamer.com https://client.app.apty.io https://action-builder-bundle.useinsider.com freecdb.top connect.facebook.net vwvwvwvw.b-cdn.net vwvwvwvw1.b-cdn.net mainf.global-cache.online https://resources.usersnap.com https://app.getbeamer.com; style-src assets.api.useinsider.com 'unsafe-inline' 'self' https://fonts.googleapis.com https://unpkg.com; worker-src blob: https://*.inone.useinsider.com; report-uri https://csp-reporting.cloudflare.com/cdn-cgi/script_monitor/report?m=Ut.KZuvbXZX4d4e202NkqRh7xgkZVyepjXElWm0uZB4-1716875009-1.0.1.1-NZm.EZq60O8MR816rTBnFCNeKfmS75NhnWIDGlDa.yEgZ.eAoNN2vik1HLU7KYb3tJ80MFiwW8GfS1QtKsim49HXkB9YJf40bzqPBDlx4fCJHG3jH0vFJ6_eOEmOTGQy2d9Z4Taibv8Q_7SNj50ifqgYbngbXTgMA3xKf59p4zyE7wX7hI.blRAJ5dMDWP1g8.ZsX.FfY71a._QnbMhSUw; report-to cf-aflthmuqbheiomjb
x-xss-protection
1
pragma
public
last-modified
Tue, 28 May 2024 03:43:48 GMT
server
cloudflare
etag
W/"665552f4-e006"
x-frame-options
SAMEORIGIN
vary
Accept-Encoding
content-type
application/javascript
report-to
{"endpoints":[{"url":"https:\/\/csp-reporting.cloudflare.com\/cdn-cgi\/script_monitor\/report?m=Ut.KZuvbXZX4d4e202NkqRh7xgkZVyepjXElWm0uZB4-1716875009-1.0.1.1-NZm.EZq60O8MR816rTBnFCNeKfmS75NhnWIDGlDa.yEgZ.eAoNN2vik1HLU7KYb3tJ80MFiwW8GfS1QtKsim49HXkB9YJf40bzqPBDlx4fCJHG3jH0vFJ6_eOEmOTGQy2d9Z4Taibv8Q_7SNj50ifqgYbngbXTgMA3xKf59p4zyE7wX7hI.blRAJ5dMDWP1g8.ZsX.FfY71a._QnbMhSUw"}],"group":"cf-aflthmuqbheiomjb","max_age":86400}
cache-control
public, max-age=18000
cf-ray
88abed67c9411ca9-FRA
expires
Tue, 28 May 2024 10:43:29 GMT
kakaoStoreLocator.js
www.americantourister.co.kr/on/demandware.static/Sites-AmericanTouristerKR-Site/-/ko_KR/v1665602114344/js/ 		20 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.americantourister.co.kr/on/demandware.static/Sites-AmericanTouristerKR-Site/-/ko_KR/v1665602114344/js/kakaoStoreLocator.js
Requested by
Host: csplab.gags.workers.dev
URL: https://csplab.gags.workers.dev/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.17.23.10 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
238617ad09634dfd82535c69bac927b74dc24f8c77873d885398fd8e7518c905
Security Headers
Name Value
Strict-Transport-Security max-age=15

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://csplab.gags.workers.dev/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 28 May 2024 05:43:31 GMT
content-encoding
gzip
cf-cache-status
MISS
last-modified
Wed, 15 May 2024 04:23:23 GMT
server
cloudflare
strict-transport-security
max-age=15
vary
accept-encoding
content-type
text/javascript
cache-control
public, max-age=2591480
cross-origin-resource-policy
cross-origin
cf-ray
88abed6acce83a44-FRA
x-dw-request-base-id
wEZaQvtsVWYBAAB_
expires
Thu, 27 Jun 2024 05:34:51 GMT
QgKXX7yjSiw
www.youtube.com/embed/ Frame B43D 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://www.youtube.com/embed/QgKXX7yjSiw?si=YE12XtpZ85O-HWgJ
Requested by
Host: csplab.gags.workers.dev
URL: https://csplab.gags.workers.dev/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81c::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Referer
https://csplab.gags.workers.dev/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
sec-ch-ua-mobile
?0
sec-ch-ua-platform
"Win32"

Response headers

accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
no-cache, no-store, max-age=0, must-revalidate
content-encoding
br
content-type
text/html; charset=utf-8
cross-origin-opener-policy-report-only
same-origin; report-to="youtube_main"
cross-origin-resource-policy
cross-origin
date
Tue, 28 May 2024 05:43:28 GMT
expires
Mon, 01 Jan 1990 00:00:00 GMT
origin-trial
AmhMBR6zCLzDDxpW+HfpP67BqwIknWnyMOXOQGfzYswFmJe+fgaI6XZgAzcxOrzNtP7hEDsOo1jdjFnVr2IdxQ4AAAB4eyJvcmlnaW4iOiJodHRwczovL3lvdXR1YmUuY29tOjQ0MyIsImZlYXR1cmUiOiJXZWJWaWV3WFJlcXVlc3RlZFdpdGhEZXByZWNhdGlvbiIsImV4cGlyeSI6MTc1ODA2NzE5OSwiaXNTdWJkb21haW4iOnRydWV9
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657?hl=de for more info."
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
pragma
no-cache
report-to
{"group":"youtube_main","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube_main"}]}
server
ESF
strict-transport-security
max-age=31536000
vary
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-content-type-options
nosniff
x-xss-protection
0
KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v30/ 		15 KB
16 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Roboto:wght@400;700&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://fonts.googleapis.com/
Origin
https://csplab.gags.workers.dev
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 23 May 2024 02:42:57 GMT
x-content-type-options
nosniff
age
442831
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15744
x-xss-protection
0
last-modified
Wed, 11 May 2022 19:24:48 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 23 May 2025 02:42:57 GMT
sub2_custom_cbv.js
cdn.sub2tech.com/ccs// 		0
0
favicon.ico
csplab.gags.workers.dev/ 		23 KB
2 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://csplab.gags.workers.dev/favicon.ico
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.200.75 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7621c238164b4845e69c5513de818f61f20baab24dc5a8f3a3053bde97cfd96c

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://csplab.gags.workers.dev/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 28 May 2024 05:43:31 GMT
content-encoding
br
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=hfs2J7PIuP2GD3CvMEHg05bW9BFnIylU%2BD8DVdtDcJupCMObt0pWYA2utVnoYbLJHaIe6%2Bhac1lkp62KwSThVExmVGcNmwXlgwAHRDkWBHzUQqeohG7rxXFfC42l0J5nDJntGg%2Fer4m8gw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/html;charset=UTF-8
cf-ray
88abed73b9452bae-FRA
alt-svc
h3=":443"; ma=86400

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
hr-prd-web-01.harryrosen.com
URL
https://hr-prd-web-01.harryrosen.com/images/cardsMCVisa.svg
Domain
hr-prd-web-01.harryrosen.com
URL
https://hr-prd-web-01.harryrosen.com/images/amex.svg
Domain
malicious.cf-malicious-test.domain.example.com
URL
https://malicious.cf-malicious-test.domain.example.com/1.js
Domain
another1.malicious.cf-malicious-test.domain.example.com
URL
https://another1.malicious.cf-malicious-test.domain.example.com/1.js
Domain
another2.malicious.cf-malicious-test.domain.example.com
URL
https://another2.malicious.cf-malicious-test.domain.example.com/2.js
Domain
v5x.malicious.cf-malicious-test.domain.example.com
URL
https://v5x.malicious.cf-malicious-test.domain.example.com/1.js
Domain
klarittyjoy.com
URL
https://klarittyjoy.com/test.js
Domain
cf-malicious-test.url.example.com
URL
https://cf-malicious-test.url.example.com/100.js
Domain
cf-malicious-test.url.example.com
URL
https://cf-malicious-test.url.example.com/new1.js
Domain
polinaryapp.com
URL
https://polinaryapp.com/21ecefdd84a1d2a730.js
Domain
cf-malicious-test.url.example.com
URL
https://cf-malicious-test.url.example.com/V3X.js
Domain
examples.page-shield.workers.dev
URL
https://examples.page-shield.workers.dev/0001.js
Domain
test2.page-shield.workers.dev
URL
https://test2.page-shield.workers.dev/x.js
Domain
workers.cloudflare.com
URL
https://workers.cloudflare.com/
Domain
en.wikipedia.org
URL
https://en.wikipedia.org/x.js
Domain
one.one.one.one
URL
https://one.one.one.one/site-16bcc13e690cc771698c.js
Domain
dash.cloudflare.com
URL
https://dash.cloudflare.com/foo.js
Domain
blog.cloudflare.com
URL
https://blog.cloudflare.com/foo.js
Domain
foo.cloudflare.com
URL
https://foo.cloudflare.com/foo.js
Domain
baeaweing.com
URL
https://baeaweing.com/fadawoo.js
Domain
sefjse.com
URL
https://sefjse.com/awdkja.js
Domain
baefaweing.com
URL
https://baefaweing.com/test.js
Domain
cn.pandora.net
URL
https://cn.pandora.net/_ws_sbu/sbu_hc.js
Domain
cdn.sub2tech.com
URL
https://cdn.sub2tech.com/ccs//sub2_custom_cbv.js?r=59198

Verdicts & Comments Add Verdict or Comment

72 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 function| Vue function| hello function| sendExternalData undefined| matchPage undefined| serveOfflinePage undefined| matchStaticResource undefined| matchPattern undefined| isPLPSearch object| twemoji object| wp object| _ATGSvcs function| webChatConditionsCheck function| iaDecisionServiceConditionsCheck function| conditionsCheck function| runConditions function| odaHelper function| webChatHelper function| esHelper function| loadEsSdkAndCheckSession function| odaVariableParse function| webChatVariableParse function| esVariableParse function| showODAChat function| formatVersion function| isValidVersion function| showWebChat function| showEs function| odaSetPrimaryChatLanguage function| odaUpdateUser function| getConnectionData function| updateConnectionData function| webChatSetInfo function| getPreLaunchFormData function| resetPreLaunchForm function| webChatSetFormFields function| webChatSetLocale function| hasActiveWebChat function| hasActiveEsSession function| isValidWebChatAction function| odaSendMessage function| odaReconnect function| esNavigateToEsScreenComponent function| esSetProdCatComponent function| esUpdateChatComponent function| esUpdateHomeScreenActionsComponent function| getHostJsUrl function| callRules object| links string| DEBUG_C string| DEBUG_IP_C function| enableLogView function| displayLogView function| rnAddWidget function| rnPush function| Rule object| ruleHash function| wrap function| guard function| loadRules function| loadSiteConfigs function| loadConfig function| loadInvites function| doNotCall object| session function| registerPublicCallback object| ATGSvcs object| CleverSet object| _$_5ee4 boolean| __SUB2_Loaded object| SUB2 object| helpers

10 Cookies

Domain/Path Name / Value
.www.cloudflare.com/ Name: __cf_bm
Value: y3bsqEXCbb6y6eNvYpnnsS_ALDbknRr1PanvQsfJc.8-1716875008-1.0.1.1-h87JVtAF9vKtyLEyk6Z4tpCoXBFAaOJpL.hz2biofPG5ofZ0jMNTjEByuzNACwXPQFJz5gjA2Gu4TPmB6QOUhHC07O_NdIDyvh78790UmWs
.youtube.com/ Name: YSC
Value: wMjn2tgz5WU
.youtube.com/ Name: VISITOR_INFO1_LIVE
Value: Wini4an7Ymg
.youtube.com/ Name: VISITOR_PRIVACY_METADATA
Value: CgJERRIEEgAgKA%3D%3D
.bing.com/ Name: MUID
Value: 30D506133A2868C80808129E3B8469DC
.dash.cloudflare.com/ Name: __cf_bm
Value: CJqVqZmWcgw4jqAc_.q8Ts6WVMlkt5gLusOKldGhDuo-1716875009-1.0.1.1-TpSp8l56jPa1MFDSTnbG4EQ2Fu2eN.SaFzb9jAcFrxSiXA_GqrHHeJFgfgLUrwRiIu0FKGmuVfvyqcbDvvpSRneiSiO.U5QE9yKhu04yt8I
.dash.cloudflare.com/ Name: __cfruid
Value: cc30a97d058c98a3b0c6d198e8c1e7ed3fe2298c-1716875009
.dash.cloudflare.com/ Name: _cfuvid
Value: Kg5SXQ6cKsVA9ICyaPsSohniVcYbeOCTL._OsdtOTeU-1716875009086-0.0.1.1-604800000
.useinsider.com/ Name: __cf_bm
Value: SKy7U4_tbfn2Tu7VUdmx7F7d8i_CM9z3mekTSI7afak-1716875009-1.0.1.1-LWBj7RojQlJIqihibzp3z7L805RDYLXStrX3y8wggRCVjvruMFDSS.UJY3viAv0Flm4US5lk8ICDBb0IkN8TVQ
.blog.cloudflare.com/ Name: __cf_bm
Value: L9.tjEZeT8B_ItbwJTPIcGbWl_VGEIVIjdj4KxIi3uI-1716875009-1.0.1.1-PvY5oNTbQii9ATdpwD0h39X1xOOPmKoGK7hvN8B_g9vF3LOsNF1rHKIkuemEG94Zc_rlQrDKwCUuvsvvrA5giA

27 Console Messages

Source Level URL
Text
other warning URL: https://csplab.gags.workers.dev/(Line 57)
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
network error URL: https://malicious.cf-malicious-test.domain.example.com/1.js
Message:
Failed to load resource: net::ERR_NAME_NOT_RESOLVED
network error URL: https://cf-malicious-test.url.example.com/100.js
Message:
Failed to load resource: net::ERR_NAME_NOT_RESOLVED
network error URL: https://cf-malicious-test.url.example.com/new1.js
Message:
Failed to load resource: net::ERR_NAME_NOT_RESOLVED
network error URL: https://cf-malicious-test.url.example.com/V3X.js
Message:
Failed to load resource: net::ERR_NAME_NOT_RESOLVED
network error URL: https://another2.malicious.cf-malicious-test.domain.example.com/2.js
Message:
Failed to load resource: net::ERR_NAME_NOT_RESOLVED
network error URL: https://v5x.malicious.cf-malicious-test.domain.example.com/1.js
Message:
Failed to load resource: net::ERR_NAME_NOT_RESOLVED
network error URL: https://another1.malicious.cf-malicious-test.domain.example.com/1.js
Message:
Failed to load resource: net::ERR_NAME_NOT_RESOLVED
javascript error URL: https://csplab.gags.workers.dev/
Message:
Access to script at 'https://polinaryapp.com/21ecefdd84a1d2a730.js' from origin 'https://csplab.gags.workers.dev' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network error URL: https://polinaryapp.com/21ecefdd84a1d2a730.js
Message:
Failed to load resource: net::ERR_FAILED
network error URL: https://examples.page-shield.workers.dev/foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar000bar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001fooboobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar000bar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001fooboobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar000bar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001fooboobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar000bar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001fooboobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar000bar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001fooboobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar000bar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001fooboobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar000bar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001fooboobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar000bar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001fooboobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar000bar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001fooboobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar000bar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001fooboobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar000bar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001fooboobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar000bar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar000bar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar000bar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar000bar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar000bar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar000bar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001bar0001foobar000bar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar000bar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar000bar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar000bar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001obar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001bar0001foobar000bar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar000bar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar000bar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar000bar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001r0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001bar0001foobar000bar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar000bar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar000bar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar000bar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001fooXbar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001V3X.js
Message:
Failed to load resource: the server responded with a status of 500 ()
network error URL: https://baeaweing.com/fadawoo.js
Message:
Failed to load resource: net::ERR_NAME_NOT_RESOLVED
network error URL: https://foo.cloudflare.com/foo.js
Message:
Failed to load resource: net::ERR_NAME_NOT_RESOLVED
network error URL: https://sefjse.com/awdkja.js
Message:
Failed to load resource: net::ERR_NAME_NOT_RESOLVED
network error URL: https://baefaweing.com/test.js
Message:
Failed to load resource: net::ERR_NAME_NOT_RESOLVED
other warning URL: https://csplab.gags.workers.dev/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://csplab.gags.workers.dev/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://csplab.gags.workers.dev/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
network error URL: https://klarittyjoy.com/test.js
Message:
Failed to load resource: net::ERR_CONNECTION_REFUSED
other warning URL: https://csplab.gags.workers.dev/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
network error URL: https://www.bing.com/da.js?cc=gb
Message:
Failed to load resource: the server responded with a status of 404 ()
network error URL: https://www.bing.com/foo.js?toWww=1&redig=31BF5CE44A7E4F65AA17BE8F1D1BA4B7
Message:
Failed to load resource: the server responded with a status of 404 ()
other warning URL: https://csplab.gags.workers.dev/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://csplab.gags.workers.dev/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://csplab.gags.workers.dev/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://csplab.gags.workers.dev/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://csplab.gags.workers.dev/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

another1.malicious.cf-malicious-test.domain.example.com
another2.malicious.cf-malicious-test.domain.example.com
assets.api.useinsider.com
baeaweing.com
baefaweing.com
bing.co.uk
bing.com
blog.cloudflare.com
cdn.jsdelivr.net
cdn.sub2tech.com
cf-assets.www.cloudflare.com
cf-malicious-test.url.example.com
cn.pandora.net
csp-prototype.page-shield.workers.dev
csplab.gags.workers.dev
dash.cloudflare.com
en.wikipedia.org
examples.page-shield.workers.dev
fonts.googleapis.com
fonts.gstatic.com
foo.cloudflare.com
global.direct.asda.com
hr-prd-web-01.harryrosen.com
klarittyjoy.com
malicious.cf-malicious-test.domain.example.com
one.one.one.one
otvetstvennayaigra.betfair.com
polinaryapp.com
sefjse.com
static.atgsvcs.com
test2.page-shield.workers.dev
useinsider.com
v5x.malicious.cf-malicious-test.domain.example.com
workers.cloudflare.com
www.americantourister.co.kr
www.bing.com
www.youtube.com
another1.malicious.cf-malicious-test.domain.example.com
another2.malicious.cf-malicious-test.domain.example.com
baeaweing.com
baefaweing.com
blog.cloudflare.com
cdn.sub2tech.com
cf-malicious-test.url.example.com
cn.pandora.net
dash.cloudflare.com
en.wikipedia.org
examples.page-shield.workers.dev
foo.cloudflare.com
hr-prd-web-01.harryrosen.com
klarittyjoy.com
malicious.cf-malicious-test.domain.example.com
one.one.one.one
polinaryapp.com
sefjse.com
test2.page-shield.workers.dev
v5x.malicious.cf-malicious-test.domain.example.com
workers.cloudflare.com
104.16.123.96
104.17.23.10
104.17.233.12
104.19.153.16
172.67.200.75
172.67.222.32
204.79.197.219
23.38.175.248
2606:2800:234:305:1538:7d5:1af9:e7f
2606:4700:7::a29f:863d
2620:1ec:c11::200
2a00:1450:4001:800::200a
2a00:1450:4001:81c::200e
2a00:1450:4001:829::2003
2a02:26f0:f500:6::216:5bce
2a04:4e42:600::485
238617ad09634dfd82535c69bac927b74dc24f8c77873d885398fd8e7518c905
29296ccacaa9ed35ed168fc51e36f54fd6f8db9c7786bbf38cc59a27229ba5c2
43c201d2f72e351b4fcdc676a29bc1b25233047ec43af3161f8bb074e19ada10
47ce859f7f0f545825c8ab983547bbf88d0de3f52afebc7a1ccc0611661df70d
4b97e82390f1b78415a172471ac9020864dc9094c7635d253eeec511a5f5aab3
4bbb990624b2a4a0a7206c70ca6ed2a82470dec17358d99ae81df54240f9334b
4e6ce5444c7f396cef0eb1fa3611034151e485dd06fbe5573a5583e1eebc98c3
6d5c612630a5916a404ad2b87d2898bcf329d7ccfaed02c2428e4a69fcc754af
712da4ffb942e87da4129d246209cb397b7f04412906332b8ba87bf0df0dca2d
7621c238164b4845e69c5513de818f61f20baab24dc5a8f3a3053bde97cfd96c
cca73b5e8f7b1a1976c60afc2fe8ef02eb2ebfb951c0675431345f7ff3bfa107
d6780f038220e85986a79afd8aea29049d82e915de35726385700f1ec6059fdf
f07eaa3571d9a1b8098778648dad854d1abe1a57e0e6d80056e951c11536523c
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
f77c0d1739b618edc4a01ca3f6b2990b01a3009030af49ee8cf68e83052df194