fir3.net Open in urlscan Pro
2606:4700:3030::6815:5ae7 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://fir3.net/lpuFW
Submission Tags: falconsandbox
Submission: On December 30 via api (December 30th 2024, 5:43:55 pm UTC) from US — Scanned from US

Summary HTTP 41 Redirects Links 6 Behaviour Indicators

Summary

This website contacted 15 IPs in 3 countries across 10 domains to perform 41 HTTP transactions. The main IP is 2606:4700:3030::6815:5ae7, located in United States and belongs to CLOUDFLARENET, US. The main domain is fir3.net.
TLS certificate: Issued by WE1 on November 21st 2024. Valid for: 3 months.

This is the only time fir3.net was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
15	2606:4700:303... 2606:4700:3030::6815:5ae7	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2607:f8b0:400... 2607:f8b0:4006:80f::200a	15169 (GOOGLE) (GOOGLE)
1	13.249.91.20 13.249.91.20	16509 (AMAZON-02) (AMAZON-02)
1	2606:4700:303... 2606:4700:3030::6815:1b49	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2607:f8b0:400... 2607:f8b0:4006:80d::2001	15169 (GOOGLE) (GOOGLE)
3	2607:f8b0:400... 2607:f8b0:4006:822::2003	15169 (GOOGLE) (GOOGLE)
1	104.21.5.227 104.21.5.227	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3	2607:f8b0:400... 2607:f8b0:4006:817::2003	15169 (GOOGLE) (GOOGLE)
1	2600:9000:266... 2600:9000:266a:8600:c:abe:f440:93a1	16509 (AMAZON-02) (AMAZON-02)
1	18.189.181.222 18.189.181.222	16509 (AMAZON-02) (AMAZON-02)
2	139.45.197.106 139.45.197.106	9002 (RETN-AS R...) (RETN-AS RETN Limited)
1	18.238.49.110 18.238.49.110	16509 (AMAZON-02) (AMAZON-02)
1	18.173.219.25 18.173.219.25	16509 (AMAZON-02) (AMAZON-02)
8	2600:9000:21d... 2600:9000:21da:ba00:1d:85c3:6640:93a1	16509 (AMAZON-02) (AMAZON-02)
1	2606:4700:303... 2606:4700:3030::ac43:a99d	13335 (CLOUDFLAR...) (CLOUDFLARENET)
41	15

15 2606:4700:3030::6815:5ae7 (United States)

ASN13335 (CLOUDFLARENET, US)

fir3.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2607:f8b0:4006:80f::200a (United States)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.249.91.20 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-249-91-20.jfk52.r.cloudfront.net

platform-api.sharethis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:3030::6815:1b49 (United States)

ASN13335 (CLOUDFLARENET, US)

blog.encurta.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2607:f8b0:4006:80d::2001 (United States)

ASN15169 (GOOGLE, US)

1.bp.blogspot.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2607:f8b0:4006:822::2003 (United States)

ASN15169 (GOOGLE, US)

www.recaptcha.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.21.5.227 (None, )

ASN13335 (CLOUDFLARENET, US)

gekeebsirs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2607:f8b0:4006:817::2003 (United States)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:266a:8600:c:abe:f440:93a1 (United States)

ASN16509 (AMAZON-02, US)

buttons-config.sharethis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.189.181.222 (Columbus, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-189-181-222.us-east-2.compute.amazonaws.com

l.sharethis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 139.45.197.106 (United Kingdom)

ASN9002 (RETN-AS RETN Limited, GB)

aiveemtomsaix.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.238.49.110 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-238-49-110.jfk52.r.cloudfront.net

datasphere-sbsvc.sharethis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.173.219.25 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-173-219-25.jfk52.r.cloudfront.net

count-server.sharethis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 2600:9000:21da:ba00:1d:85c3:6640:93a1 (United States)

ASN16509 (AMAZON-02, US)

platform-cdn.sharethis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:3030::ac43:a99d (United States)

ASN13335 (CLOUDFLARENET, US)

my.rtmark.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
15	fir3.net fir3.net	120 KB
13	sharethis.com platform-api.sharethis.com — Cisco Umbrella Rank: 5010 buttons-config.sharethis.com — Cisco Umbrella Rank: 5845 l.sharethis.com — Cisco Umbrella Rank: 5470 datasphere-sbsvc.sharethis.com — Cisco Umbrella Rank: 36457 count-server.sharethis.com — Cisco Umbrella Rank: 12129 platform-cdn.sharethis.com — Cisco Umbrella Rank: 10787	56 KB
3	gstatic.com fonts.gstatic.com www.gstatic.com	245 KB
3	recaptcha.net www.recaptcha.net — Cisco Umbrella Rank: 1188	2 KB
2	aiveemtomsaix.net aiveemtomsaix.net — Cisco Umbrella Rank: 69060	5 KB
1	rtmark.net my.rtmark.net — Cisco Umbrella Rank: 10565	969 B
1	gekeebsirs.com gekeebsirs.com — Cisco Umbrella Rank: 132140	30 KB
1	blogspot.com 1.bp.blogspot.com — Cisco Umbrella Rank: 22106	7 KB
1	encurta.net blog.encurta.net	20 KB
1	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 29	1 KB
41	10

	Domain	Requested by
15	fir3.net	fir3.net
8	platform-cdn.sharethis.com	fir3.net
3	www.recaptcha.net	fir3.net www.gstatic.com
2	aiveemtomsaix.net	gekeebsirs.com
2	fonts.gstatic.com	fonts.googleapis.com
1	my.rtmark.net	gekeebsirs.com
1	count-server.sharethis.com	platform-api.sharethis.com
1	datasphere-sbsvc.sharethis.com	platform-api.sharethis.com
1	www.gstatic.com	www.recaptcha.net
1	l.sharethis.com	platform-api.sharethis.com
1	buttons-config.sharethis.com	platform-api.sharethis.com
1	gekeebsirs.com	fir3.net
1	1.bp.blogspot.com	fir3.net
1	blog.encurta.net	fir3.net
1	platform-api.sharethis.com	fir3.net
1	fonts.googleapis.com	fir3.net
41	16

This site contains links to these domains. Also see Links.

Domain
encurta.net
dev.encurta.app
ads.mundotutors.net

Subject Issuer	Validity	Valid
fir3.net WE1	`2024-11-21` - `2025-02-19`	3 months	crt.sh
upload.video.google.com WR2	`2024-12-02` - `2025-02-24`	3 months	crt.sh
sharethis.com Amazon RSA 2048 M03	`2024-04-19` - `2025-05-17`	a year	crt.sh
encurta.net WE1	`2024-12-08` - `2025-03-08`	3 months	crt.sh
misc-sni.blogspot.com WR2	`2024-12-02` - `2025-02-24`	3 months	crt.sh
misc.google.com WR2	`2024-12-02` - `2025-02-24`	3 months	crt.sh
gekeebsirs.com WE1	`2024-12-09` - `2025-03-09`	3 months	crt.sh
*.gstatic.com WR2	`2024-12-02` - `2025-02-24`	3 months	crt.sh
aiveemtomsaix.net R11	`2024-11-14` - `2025-02-12`	3 months	crt.sh
my.rtmark.net WE1	`2024-11-06` - `2025-02-04`	3 months	crt.sh

This page contains 3 frames:

Primary Page: https://fir3.net/lpuFW
Frame ID: 607285945224B51296C159EE0D17F257
Requests: 39 HTTP requests in this frame

Frame: https://www.recaptcha.net/recaptcha/api2/anchor?ar=1&k=6LdJ2AYfAAAAAEThIOw_prAL10YazukIVFKI2D7U&co=aHR0cHM6Ly9maXIzLm5ldDo0NDM.&hl=en&v=zIriijn3uj5Vpknvt_LnfNbF&size=invisible&cb=kkw52y2aaktm
Frame ID: BEF185675D701D56EE3607A65158100F
Requests: 1 HTTP requests in this frame

Frame: https://www.recaptcha.net/recaptcha/api2/bframe?hl=en&v=zIriijn3uj5Vpknvt_LnfNbF&k=6LdJ2AYfAAAAAEThIOw_prAL10YazukIVFKI2D7U
Frame ID: F039437849DDF86A7C78BB3CCBFD5438
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

EncurtaNet

Detected technologies

WordPress (CMS) Expand

Overall confidence: 100%
Detected patterns

/wp-(?:content|includes)/

Bootstrap (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]*?bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.css
bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js

Clipboard.js (Miscellaneous) Expand

Overall confidence: 100%
Detected patterns

clipboard(?:-([\d.]+))?(?:\.min)?\.js

Font Awesome (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+(?:([\d.]+)/)?(?:css/)?font-awesome(?:\.min)?\.css
<link[^>]* href=[^>]*?(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

reCAPTCHA (Captchas) Expand

Overall confidence: 100%
Detected patterns

/recaptcha/api\.js

Page Statistics

41
Requests

100 %
HTTPS

60 %
IPv6

10
Domains

16
Subdomains

15
IPs

3
Countries

488 kB
Transfer

1372 kB
Size

9
Cookies

6 Outgoing links

These are links going to different origins than the main page.

URL: https://encurta.net/

Search URL Search Domain Scan URL

URL: https://dev.encurta.app/lp1
Title: CONTINUE

Search URL Search Domain Scan URL

URL: https://ads.mundotutors.net/link2irparalp

Search URL Search Domain Scan URL

URL: https://ads.mundotutors.net/linkloop
Title: Clique aqui e saiba mais

Search URL Search Domain Scan URL

URL: https://encurta.net/pages/privacy
Title: Privacy Policy

Search URL Search Domain Scan URL

URL: https://encurta.net/pages/terms
Title: Terms of Use

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

41 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H3 200 Primary Request lpuFW Show response
fir3.net/ 9 KB
4 KB 191ms
105ms Document
text/html 2606:4700:3030::6815:5ae7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://fir3.net/lpuFW

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3030::6815:5ae7 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

5ff99c8663dee672c50e45adde3f720287b82906a17f6a7721457c1c6eca0bed

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN,SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

alt-svc: h3=":443"; ma=86400
cache-control: no-store, no-cache, must-revalidate
cf-cache-status: DYNAMIC
cf-ray: 8fa3d598db2d443e-EWR
content-encoding: zstd
content-type: text/html; charset=UTF-8
date: Mon, 30 Dec 2024 17:43:49 GMT
expires: Thu, 19 Nov 1981 08:52:00 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
pragma: no-cache
priority: u=0,i
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=ItyV84aAwzAK6QjaiGVSFmNgyLYw5DXOdYABTez98Ju0gW8VID5780f6xK9o4An5RGJ0rqALZOn1dkPFHTUowWOJCNfUPua4IfQ2kpm%2F22LYkDxyuGlRhkIYmYXxB1xt9MZUcUvXjQ%3D%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
server-timing: cfL4;desc="?proto=QUIC&rtt=27223&min_rtt=24051&rtt_var=9908&sent=13&recv=10&lost=0&retrans=0&sent_bytes=4171&recv_bytes=4425&delivery_rate=595&cwnd=12000&unsent_bytes=0&cid=519eb521b8bcbdc4&ts=110&x=1" cfExtPri cfHdrFlush;dur=0
vary: Accept-Encoding,User-Agent
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN,SAMEORIGIN
x-robots-tag: noindex, nofollow
x-turbo-charged-by: LiteSpeed
x-xss-protection: 1; mode=block

GET
H2 200 css
fonts.googleapis.com/ 17 KB
1 KB 162ms
61ms Stylesheet
text/css 2607:f8b0:4006:80f::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Source+Sans+Pro:300,400,600,700,300italic,400italic,600italic

Requested by

Host: fir3.net
URL: https://fir3.net/lpuFW

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:80f::200a , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

4bdaee4307fd2ad79788f19bf761cb943565be43b8641c98ab92ae96e795ee92

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://fir3.net/

Response headers

content-encoding: gzip
x-content-type-options: nosniff
expires: Mon, 30 Dec 2024 17:43:50 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Mon, 30 Dec 2024 17:43:50 GMT
content-type: text/css; charset=utf-8
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
last-modified: Mon, 30 Dec 2024 17:32:52 GMT
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=31536000
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
x-xss-protection: 0
server: ESF

GET
H3 200 bootstrap.min.css
fir3.net/vendor/bootstrap/css/ 119 KB
22 KB 39ms
37ms Stylesheet
text/css 2606:4700:3030::6815:5ae7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://fir3.net/vendor/bootstrap/css/bootstrap.min.css?ver=6.4.0

Requested by

Host: fir3.net
URL: https://fir3.net/lpuFW

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3030::6815:5ae7 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

6d92dfc1700fd38cd130ad818e23bc8aef697f815b2ea5face2b5dfad22f2e11

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://fir3.net/lpuFW

Response headers

content-encoding: zstd
cf-cache-status: HIT
age: 1683620
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=z9K4p6vY5BLAnhckiHcSN3Tw2qAh8yRC1wxI2Iw0tqIPN7OdjoRS1EyzBXbscbbGiYEMt7xnh4JTYHNu%2BqghWMVeLPIwsz%2F3auLxHSE4dFNGlCnZ8vLiRbJJHtroKfrKbMAkSxGfBA%3D%3D"}],"group":"cf-nel","max_age":604800}
x-content-type-options: nosniff
expires: Fri, 10 Jan 2025 06:03:30 GMT
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=25549&min_rtt=22010&rtt_var=6676&sent=19&recv=17&lost=0&retrans=0&sent_bytes=8897&recv_bytes=6799&delivery_rate=213675&cwnd=12000&unsent_bytes=0&cid=519eb521b8bcbdc4&ts=158&x=1", cfExtPri, cfHdrFlush;dur=0
date: Mon, 30 Dec 2024 17:43:50 GMT
content-type: text/css
last-modified: Fri, 20 Dec 2019 05:52:40 GMT
vary: Accept-Encoding,User-Agent
priority: u=0,i=?0
x-frame-options: SAMEORIGIN
cache-control: public, max-age=2592000
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 8fa3d5998c13443e-EWR
x-xss-protection: 1; mode=block
x-turbo-charged-by: LiteSpeed
server: cloudflare

GET
H3 200 font-awesome.min.css
fir3.net/vendor/font-awesome/css/ 30 KB
8 KB 60ms
57ms Stylesheet
text/css 2606:4700:3030::6815:5ae7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://fir3.net/vendor/font-awesome/css/font-awesome.min.css?ver=6.4.0

Requested by

Host: fir3.net
URL: https://fir3.net/lpuFW

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3030::6815:5ae7 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

49f2536799fe69214edf8a7e469c6d7124307a4e4e913651469a247c7244e81f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://fir3.net/lpuFW

Response headers

content-encoding: zstd
cf-cache-status: HIT
age: 125140
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=8He4ESakLvm%2BCaSCofdFHCjDbGdkQPFWfwyfvflAeEvgeFbYt%2Fqfm0cZGilrrAhIMYgiKGTYIIFugrray5BotiSTTYovcvFrtnVumXXWqJlR0G6ytycbpV6n%2FJqhc8kMQMO93c3iQg%3D%3D"}],"group":"cf-nel","max_age":604800}
x-content-type-options: nosniff
expires: Tue, 28 Jan 2025 06:58:10 GMT
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=25549&min_rtt=22010&rtt_var=6676&sent=29&recv=17&lost=0&retrans=0&sent_bytes=20897&recv_bytes=6799&delivery_rate=213675&cwnd=12000&unsent_bytes=0&cid=519eb521b8bcbdc4&ts=164&x=1", cfExtPri, cfHdrFlush;dur=18
date: Mon, 30 Dec 2024 17:43:50 GMT
content-type: text/css
last-modified: Fri, 20 Dec 2019 05:52:49 GMT
vary: Accept-Encoding,User-Agent
priority: u=0,i=?0
x-frame-options: SAMEORIGIN
cache-control: public, max-age=2592000
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 8fa3d5998c15443e-EWR
x-xss-protection: 1; mode=block
x-turbo-charged-by: LiteSpeed
server: cloudflare

GET
H3 200 AdminLTE.min.css
fir3.net/vendor/dashboard/css/ 88 KB
17 KB 62ms
60ms Stylesheet
text/css 2606:4700:3030::6815:5ae7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://fir3.net/vendor/dashboard/css/AdminLTE.min.css?ver=6.4.0

Requested by

Host: fir3.net
URL: https://fir3.net/lpuFW

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3030::6815:5ae7 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

6a67b1809a10680da524de5b59e10ec07e187e7f41db360f2758b3bf2db7d766

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://fir3.net/lpuFW

Response headers

content-encoding: zstd
cf-cache-status: HIT
age: 762527
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=9TjA3zZT5OJiYwil13B2%2BE8ANiGqFe9CiF6mMQTYMf4eKcHS0lzXfuVXqYcnvfjlTtZ8jY2IYoZOL572Vz1CGCkj2jGhB%2B41yOxjx5sxL6cos2MfhkScQ3akFgXn0VdZ8%2BnRdxs2YA%3D%3D"}],"group":"cf-nel","max_age":604800}
x-content-type-options: nosniff
expires: Mon, 20 Jan 2025 21:55:03 GMT
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=25549&min_rtt=22010&rtt_var=6676&sent=29&recv=17&lost=0&retrans=0&sent_bytes=20897&recv_bytes=6799&delivery_rate=213675&cwnd=12000&unsent_bytes=0&cid=519eb521b8bcbdc4&ts=160&x=1", cfExtPri, cfHdrFlush;dur=22
date: Mon, 30 Dec 2024 17:43:50 GMT
content-type: text/css
last-modified: Fri, 20 Dec 2019 05:52:46 GMT
vary: Accept-Encoding,User-Agent
priority: u=0,i=?0
x-frame-options: SAMEORIGIN
cache-control: public, max-age=2592000
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 8fa3d5998c17443e-EWR
x-xss-protection: 1; mode=block
x-turbo-charged-by: LiteSpeed
server: cloudflare

GET
H3 200 _all-skins.min.css
fir3.net/vendor/dashboard/css/skins/ 40 KB
5 KB 81ms
79ms Stylesheet
text/css 2606:4700:3030::6815:5ae7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://fir3.net/vendor/dashboard/css/skins/_all-skins.min.css?ver=6.4.0

Requested by

Host: fir3.net
URL: https://fir3.net/lpuFW

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3030::6815:5ae7 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e5e998ea42306cdbaca43e5fbc23a2ca1631d41664c57f60ebaed459d3487451

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://fir3.net/lpuFW

Response headers

content-encoding: zstd
cf-cache-status: HIT
age: 2446690
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=kPU%2F2yXb209T%2FUFSub2rQrjnhD1iaWG%2F%2Bo9UWYriXvRNW05MidqHbBwuwTSYf4jqH1qUJxYhABTQpy6JbFxrqaeEsr159Spg84niD1Gp1MLs1koOHtq2dKJ1FV9soPJlCgvpxWS%2FLQ%3D%3D"}],"group":"cf-nel","max_age":604800}
x-content-type-options: nosniff
expires: Wed, 01 Jan 2025 10:05:40 GMT
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=25549&min_rtt=22010&rtt_var=6676&sent=29&recv=17&lost=0&retrans=0&sent_bytes=20897&recv_bytes=6799&delivery_rate=213675&cwnd=12000&unsent_bytes=0&cid=519eb521b8bcbdc4&ts=159&x=1", cfExtPri, cfHdrFlush;dur=23
date: Mon, 30 Dec 2024 17:43:50 GMT
content-type: text/css
last-modified: Fri, 20 Dec 2019 05:52:54 GMT
vary: Accept-Encoding,User-Agent
priority: u=0,i=?0
x-frame-options: SAMEORIGIN
cache-control: public, max-age=2592000
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 8fa3d5998c19443e-EWR
x-xss-protection: 1; mode=block
x-turbo-charged-by: LiteSpeed
server: cloudflare

GET
H3 200 app.css
fir3.net/css/ 5 KB
2 KB 82ms
80ms Stylesheet
text/css 2606:4700:3030::6815:5ae7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://fir3.net/css/app.css?ver=6.4.0

Requested by

Host: fir3.net
URL: https://fir3.net/lpuFW

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3030::6815:5ae7 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

3bba0a18a31057789bd2a52c163cc83be2c43f8956461506969579af2d57cafa

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://fir3.net/lpuFW

Response headers

content-encoding: zstd
cf-cache-status: HIT
age: 843364
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=AcP5JXsk8IRybwyVDI0zZ1zqgb9e6j94KTZtsbT%2BdyjftUd3PDFUiGmg%2BKOc710wpc%2BRJHC%2FfCWT5IJvwVPUnMpzn2ooQC3Zc87er4QY4Q4%2Bq1M9PvzTYWKoYfvxe4pcH6w4%2FQEeog%3D%3D"}],"group":"cf-nel","max_age":604800}
x-content-type-options: nosniff
expires: Sun, 19 Jan 2025 23:27:46 GMT
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=25549&min_rtt=22010&rtt_var=6676&sent=29&recv=17&lost=0&retrans=0&sent_bytes=20897&recv_bytes=6799&delivery_rate=213675&cwnd=12000&unsent_bytes=0&cid=519eb521b8bcbdc4&ts=160&x=1", cfExtPri, cfHdrFlush;dur=22
date: Mon, 30 Dec 2024 17:43:50 GMT
content-type: text/css
last-modified: Fri, 20 Dec 2019 05:51:25 GMT
vary: Accept-Encoding,User-Agent
priority: u=0,i=?0
x-frame-options: SAMEORIGIN
cache-control: public, max-age=2592000
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 8fa3d5998c1a443e-EWR
x-xss-protection: 1; mode=block
x-turbo-charged-by: LiteSpeed
server: cloudflare

GET
H2 200 sharethis.js Show response
platform-api.sharethis.com/js/ 206 KB
46 KB 123ms
23ms Script
text/javascript 13.249.91.20
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://platform-api.sharethis.com/js/sharethis.js

Requested by

Host: fir3.net
URL: https://fir3.net/lpuFW

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.249.91.20 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-249-91-20.jfk52.r.cloudfront.net

Software

Resource Hash

98d32b00fca86fc6994df33302e051a6ad03461a43ff5797d5b10ace4cf4772f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Frame-Options	SAMEORIGIN

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://fir3.net/

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
cache-control: max-age=600, public
content-encoding: gzip
etag: W/"336d0-g/6wprihOkYe7HpMswOVDodT6lU"
age: 139
via: 1.1 6d409dafbe1b40e4e583b2c766e44510.cloudfront.net (CloudFront)
x-cache: Hit from cloudfront
x-amz-cf-id: 8NLwQfjm_ngtSkxpguFywWN8N64tW7Ruyn_C6S5I5FUy4rGKJSzBEg==
edge-control: cache-maxage=60m,downstream-ttl=60m
date: Mon, 30 Dec 2024 17:41:31 GMT
content-type: text/javascript; charset=utf-8
vary: Accept-Encoding
x-amz-cf-pop: JFK52-P9
x-frame-options: SAMEORIGIN

GET
H3 200 Logo-Nova-2.png
blog.encurta.net/wp-content/uploads/2017/02/ 19 KB
20 KB 159ms
32ms Image
image/png 2606:4700:3030::6815:1b49
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://blog.encurta.net/wp-content/uploads/2017/02/Logo-Nova-2.png
Requested by: Host: fir3.net
URL: https://fir3.net/lpuFW
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3030::6815:1b49 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4b5419da69b46c79af03f015c77aa26599869034c95ce63b2a4b8f3975b2593a

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://fir3.net/

Response headers

cf-cache-status: HIT
age: 193200
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=%2FnHmZjqjeFGYvoFpVqqtz%2BV70pbpqFsELmWkoRy8gkpWlGQx%2F1JqshBrCJP1mDfWOfnTKhqzU%2B50MBDfwFIMwaOcRONUAVsmIMYQ3vFbRs3JzRb4jdZMiabT3mVVlf2o2rcMcnf%2Bg%2BGD28XDWjDv"}],"group":"cf-nel","max_age":604800}
expires: Sat, 04 Jan 2025 12:03:50 GMT
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=26063&min_rtt=25655&rtt_var=9911&sent=10&recv=7&lost=0&retrans=0&sent_bytes=4111&recv_bytes=4272&delivery_rate=107908&cwnd=12000&unsent_bytes=0&cid=cd8146433982a9d9&ts=47&x=1", cfExtPri, cfHdrFlush;dur=0
date: Mon, 30 Dec 2024 17:43:50 GMT
content-type: image/png
last-modified: Thu, 02 Feb 2017 14:44:09 GMT
vary: Accept-Encoding
priority: u=2,i
cache-control: public, max-age=604800
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 8fa3d59a5b020f93-EWR
accept-ranges: bytes
content-length: 19763
x-turbo-charged-by: LiteSpeed
server: cloudflare

GET
H2 200 Continuar%2B%25282%2529.png
1.bp.blogspot.com/-kcTGwNfMBUA/XY4pBKoksTI/AAAAAAAAIlY/TsAXaSyXjbIDmh1PynFyoXBAhtS56J44QCPcBGAYYCw/s640/ 7 KB
7 KB 154ms
30ms Image
image/png 2607:f8b0:4006:80d::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://1.bp.blogspot.com/-kcTGwNfMBUA/XY4pBKoksTI/AAAAAAAAIlY/TsAXaSyXjbIDmh1PynFyoXBAhtS56J44QCPcBGAYYCw/s640/Continuar%2B%25282%2529.png

Requested by

Host: fir3.net
URL: https://fir3.net/lpuFW

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:80d::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

63aecc1fcc3b836462906c0f57ea36a4f7391c6af6260481dc6b4fae3047b2b5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://fir3.net/

Response headers

access-control-expose-headers: Content-Length
etag: "v2256"
age: 12806
x-content-type-options: nosniff
expires: Tue, 31 Dec 2024 14:10:24 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Mon, 30 Dec 2024 14:10:24 GMT
content-disposition: inline;filename="Continuar (2).png"
content-type: image/png
vary: Origin
cache-control: public, max-age=86400, no-transform
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
content-length: 6725
x-xss-protection: 0
server: fife

GET
H3 200 email-decode.min.js Show response
fir3.net/cdn-cgi/scripts/5c5dd728/cloudflare-static/ 1 KB
1 KB 25ms
24ms Script
application/javascript 2606:4700:3030::6815:5ae7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://fir3.net/cdn-cgi/scripts/5c5dd728/cloudflare-static/email-decode.min.js

Requested by

Host: fir3.net
URL: https://fir3.net/lpuFW

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3030::6815:5ae7 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2595496fe48df6fcf9b1bc57c29a744c121eb4dd11566466bc13d2e52e6bbcc8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://fir3.net/lpuFW

Response headers

x-frame-options: DENY
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cache-control: max-age=172800, public
content-encoding: gzip
etag: W/"675fc4cd-4d7"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=8G7ED4953fmARrtdCEvU5koTIr8HJfWhnmUcGNpTTDihGwAo6kNRirl%2FpafcH8H3XkB0WMTchJdAL59vpI%2B52GeLVF52PmgLMVcbGE0tHnK1IkYICDPwOoPp3dl23vS1Rvxyo0SzJw%3D%3D"}],"group":"cf-nel","max_age":604800}
x-content-type-options: nosniff
cf-ray: 8fa3d59a8d37443e-EWR
expires: Wed, 01 Jan 2025 17:43:50 GMT
date: Mon, 30 Dec 2024 17:43:50 GMT
content-type: application/javascript
last-modified: Mon, 16 Dec 2024 06:12:29 GMT
server: cloudflare
vary: Accept-Encoding

GET
H3 200 ads.js Show response
fir3.net/js/ 191 B
915 B 58ms
56ms Script
application/javascript 2606:4700:3030::6815:5ae7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://fir3.net/js/ads.js

Requested by

Host: fir3.net
URL: https://fir3.net/lpuFW

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3030::6815:5ae7 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

347f6365abfcb020615486b3d7e0a6021a507bc720e5fc70efb8bacce6a160ca

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://fir3.net/lpuFW

Response headers

content-encoding: zstd
cf-cache-status: HIT
age: 350015
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=U4jknEYt8qUTUmih6BM9QHVzXcMClYhjvMH4goGE%2FqyIx7GXM7GSlqJwuFEIN3wpw36Mk03KhQ5PJ0RycQVPfFc2NXF0G5IC3oEQ8e%2BbRGUL%2FLNbEthP6cSrKtvpN60LN9pg9qXm4Q%3D%3D"}],"group":"cf-nel","max_age":604800}
x-content-type-options: nosniff
expires: Sat, 25 Jan 2025 16:30:15 GMT
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=23354&min_rtt=20626&rtt_var=3064&sent=107&recv=51&lost=0&retrans=1&sent_bytes=100683&recv_bytes=11007&delivery_rate=22192&cwnd=34800&unsent_bytes=0&cid=519eb521b8bcbdc4&ts=323&x=1", cfExtPri, cfHdrFlush;dur=19
date: Mon, 30 Dec 2024 17:43:50 GMT
content-type: application/javascript
last-modified: Fri, 20 Dec 2019 05:51:28 GMT
vary: User-Agent, Accept-Encoding
priority: u=2,i=?0
x-frame-options: SAMEORIGIN
cache-control: public, max-age=2592000
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 8fa3d59a8d40443e-EWR
x-xss-protection: 1; mode=block
x-turbo-charged-by: LiteSpeed
server: cloudflare

GET
H3 200 jquery.min.js Show response
fir3.net/vendor/ 84 KB
32 KB 37ms
34ms Script
application/javascript 2606:4700:3030::6815:5ae7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://fir3.net/vendor/jquery.min.js?ver=6.4.0

Requested by

Host: fir3.net
URL: https://fir3.net/lpuFW

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3030::6815:5ae7 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

fdce77a6d0053f32d231518a84a71bcab5c86045ed52369da00b89d4284aef46

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://fir3.net/lpuFW

Response headers

content-encoding: zstd
cf-cache-status: HIT
age: 105143
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=G%2BdC%2Fcb%2BTcSjItNwDilcGRu0uQU5d0y7Bf7m%2Fh8zMZiZGIXpyg0H5ewzjK8cQmMm1oa9HPuTWy%2FJbLfgIHRfkOsx3pgCLLlkhkqAr%2FIhi4hilGU3dg8FRQ3sQnRsbHWK9YBrX8U2Pg%3D%3D"}],"group":"cf-nel","max_age":604800}
x-content-type-options: nosniff
expires: Tue, 28 Jan 2025 12:31:27 GMT
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=23354&min_rtt=20626&rtt_var=3064&sent=85&recv=51&lost=0&retrans=1&sent_bytes=74391&recv_bytes=11007&delivery_rate=22192&cwnd=34800&unsent_bytes=0&cid=519eb521b8bcbdc4&ts=322&x=1", cfExtPri, cfHdrFlush;dur=0
date: Mon, 30 Dec 2024 17:43:50 GMT
content-type: application/javascript
last-modified: Fri, 20 Dec 2019 05:51:31 GMT
vary: Accept-Encoding,User-Agent
priority: u=2,i=?0
x-frame-options: SAMEORIGIN
cache-control: public, max-age=2592000
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 8fa3d59a9d41443e-EWR
x-xss-protection: 1; mode=block
x-turbo-charged-by: LiteSpeed
server: cloudflare

GET
H3 200 bootstrap.min.js Show response
fir3.net/vendor/bootstrap/js/ 39 KB
12 KB 60ms
57ms Script
application/javascript 2606:4700:3030::6815:5ae7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://fir3.net/vendor/bootstrap/js/bootstrap.min.js?ver=6.4.0

Requested by

Host: fir3.net
URL: https://fir3.net/lpuFW

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3030::6815:5ae7 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

9ee2fcff6709e4d0d24b09ca0fc56aade12b4961ed9c43fd13b03248bfb57afe

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://fir3.net/lpuFW

Response headers

content-encoding: zstd
cf-cache-status: HIT
age: 1449256
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=5PunKxpGPjWtFeIC5MWPi3WaKsxFhzc47diwDgtbLJ%2F0leeiCs%2FT0FbEEZTafpYGVLzatGLiOsSiAywaMS6qba%2F1Ih7wX9AGA6fzl%2By%2BZlJa3T5Jj6suYdzFkVaWEowXXRYaN2nf6Q%3D%3D"}],"group":"cf-nel","max_age":604800}
x-content-type-options: nosniff
expires: Sun, 12 Jan 2025 23:09:34 GMT
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=23354&min_rtt=20626&rtt_var=3064&sent=95&recv=51&lost=0&retrans=1&sent_bytes=86391&recv_bytes=11007&delivery_rate=22192&cwnd=34800&unsent_bytes=0&cid=519eb521b8bcbdc4&ts=322&x=1", cfExtPri, cfHdrFlush;dur=20
date: Mon, 30 Dec 2024 17:43:50 GMT
content-type: application/javascript
last-modified: Fri, 20 Dec 2019 05:52:44 GMT
vary: Accept-Encoding,User-Agent
priority: u=2,i=?0
x-frame-options: SAMEORIGIN
cache-control: public, max-age=2592000
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 8fa3d59a9d42443e-EWR
x-xss-protection: 1; mode=block
x-turbo-charged-by: LiteSpeed
server: cloudflare

GET
H3 200 clipboard.min.js Show response
fir3.net/vendor/ 11 KB
4 KB 61ms
58ms Script
application/javascript 2606:4700:3030::6815:5ae7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://fir3.net/vendor/clipboard.min.js?ver=6.4.0

Requested by

Host: fir3.net
URL: https://fir3.net/lpuFW

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3030::6815:5ae7 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

a966b18ec6e3b2e6676df4cd8e274cfba051df4bc26ae0d783a978f5533d2bb4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://fir3.net/lpuFW

Response headers

content-encoding: zstd
cf-cache-status: HIT
age: 1907775
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=BJIFU76lz7y7hrRmpfY2YYDHUfMvWWg%2FeS15ItBFdHzamtO6jpyjIc0Bpn7lq1NYrqwCv62dBU9AJC4Rcx4sFoccTpCPQoxsUs2GOd3O7zfXV4rMZL0srptPM8pdXEfNATDr%2B8gYZQ%3D%3D"}],"group":"cf-nel","max_age":604800}
x-content-type-options: nosniff
expires: Tue, 07 Jan 2025 15:47:35 GMT
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=23354&min_rtt=20626&rtt_var=3064&sent=107&recv=51&lost=0&retrans=1&sent_bytes=100683&recv_bytes=11007&delivery_rate=22192&cwnd=34800&unsent_bytes=0&cid=519eb521b8bcbdc4&ts=324&x=1", cfExtPri, cfHdrFlush;dur=18
date: Mon, 30 Dec 2024 17:43:50 GMT
content-type: application/javascript
last-modified: Fri, 20 Dec 2019 05:51:30 GMT
vary: Accept-Encoding,User-Agent
priority: u=2,i=?0
x-frame-options: SAMEORIGIN
cache-control: public, max-age=2592000
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 8fa3d59a9d43443e-EWR
x-xss-protection: 1; mode=block
x-turbo-charged-by: LiteSpeed
server: cloudflare

GET
H3 200 app.js Show response
fir3.net/js/ 29 KB
7 KB 35ms
33ms Script
application/javascript 2606:4700:3030::6815:5ae7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://fir3.net/js/app.js?ver=6.4.0

Requested by

Host: fir3.net
URL: https://fir3.net/lpuFW

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3030::6815:5ae7 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f8f7883a3de9397521d2e218ee6ceb6b48ab58a17bb90f10171c75d5e92b5b78

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://fir3.net/lpuFW

Response headers

content-encoding: zstd
cf-cache-status: HIT
age: 2495144
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=q4blRBATqijKg62XOVrH4N4e3vvQPtal%2FHvWf7f0LEGh%2BBr0l8%2B7BALAn%2BSC4bSvwxZOb1BKlP8wYzG79jzqtaoZ0ftTF1Jw0bCG%2BP%2BMLfZcMdapMZNJxyFVOr1Yhi%2Bc1hRGwVYrig%3D%3D"}],"group":"cf-nel","max_age":604800}
x-content-type-options: nosniff
expires: Tue, 31 Dec 2024 20:38:06 GMT
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=23354&min_rtt=20626&rtt_var=3064&sent=78&recv=51&lost=0&retrans=1&sent_bytes=67019&recv_bytes=11007&delivery_rate=22192&cwnd=34800&unsent_bytes=0&cid=519eb521b8bcbdc4&ts=321&x=1", cfExtPri, cfHdrFlush;dur=0
date: Mon, 30 Dec 2024 17:43:50 GMT
content-type: application/javascript
last-modified: Tue, 11 Jun 2024 18:59:06 GMT
vary: Accept-Encoding,User-Agent
priority: u=2,i=?0
x-frame-options: SAMEORIGIN
cache-control: public, max-age=2592000
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 8fa3d59a9d45443e-EWR
x-xss-protection: 1; mode=block
x-turbo-charged-by: LiteSpeed
server: cloudflare

GET
H3 200 app.min.js Show response
fir3.net/vendor/dashboard/js/ 10 KB
4 KB 61ms
58ms Script
application/javascript 2606:4700:3030::6815:5ae7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://fir3.net/vendor/dashboard/js/app.min.js?ver=6.4.0

Requested by

Host: fir3.net
URL: https://fir3.net/lpuFW

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3030::6815:5ae7 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

7a67b6c4dba7eceb6504af73c37a21b1d92a86f7331c85d7024ba36fcaff6236

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://fir3.net/lpuFW

Response headers

content-encoding: zstd
cf-cache-status: HIT
age: 2104367
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=vX7B4lxoNs4rptk2cnyQQr8Ofk1o2wHwk01mIoKPF9CboKOpFiyOAJQvtq7xVl97yIyK70wK0TF0O6tG%2Fn%2Boh2R8Mebgex5YI4gaKVArqZ6s4hAbozL4BpjLQZ7Ylwyhdv8srqRw4Q%3D%3D"}],"group":"cf-nel","max_age":604800}
x-content-type-options: nosniff
expires: Sun, 05 Jan 2025 09:11:02 GMT
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=23354&min_rtt=20626&rtt_var=3064&sent=107&recv=51&lost=0&retrans=1&sent_bytes=100683&recv_bytes=11007&delivery_rate=22192&cwnd=34800&unsent_bytes=0&cid=519eb521b8bcbdc4&ts=323&x=1", cfExtPri, cfHdrFlush;dur=19
date: Mon, 30 Dec 2024 17:43:50 GMT
content-type: application/javascript
last-modified: Fri, 20 Dec 2019 05:52:48 GMT
vary: Accept-Encoding,User-Agent
priority: u=2,i=?0
x-frame-options: SAMEORIGIN
cache-control: public, max-age=2592000
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 8fa3d59a9d47443e-EWR
x-xss-protection: 1; mode=block
x-turbo-charged-by: LiteSpeed
server: cloudflare

GET
H2 200 api.js Show response
www.recaptcha.net/recaptcha/ 2 KB
2 KB 162ms
54ms Script
text/javascript 2607:f8b0:4006:822::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.recaptcha.net/recaptcha/api.js?onload=onloadRecaptchaCallback&render=explicit

Requested by

Host: fir3.net
URL: https://fir3.net/lpuFW

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:822::2003 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

d87a6dc22cd0022b94a9f09959bd8fead41f7f264ce0fca5f52b33ecaa1a4e04

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://fir3.net/

Response headers

cache-control: private, max-age=300
content-encoding: gzip
cross-origin-resource-policy: cross-origin
report-to: {"group":"coop_38fac9d5b82543fc4729580d18ff2d3d","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/38fac9d5b82543fc4729580d18ff2d3d"}]}
x-content-type-options: nosniff
expires: Mon, 30 Dec 2024 17:43:50 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cross-origin-opener-policy-report-only: same-origin; report-to="coop_38fac9d5b82543fc4729580d18ff2d3d"
date: Mon, 30 Dec 2024 17:43:50 GMT
x-xss-protection: 0
content-type: text/javascript; charset=utf-8
server: ESF
x-frame-options: SAMEORIGIN

GET
H3 200 tag.min.js Show response
gekeebsirs.com/ 70 KB
30 KB 129ms
45ms Script
text/javascript 104.21.5.227
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://gekeebsirs.com/tag.min.js
Requested by: Host: fir3.net
URL: https://fir3.net/lpuFW
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.21.5.227 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 760821f2acf6074d4d5198ee78f1ad94c529f1a928d0dc7f0a95e055d9576598

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://fir3.net/

Response headers

access-control-max-age: 86400
content-encoding: zstd
cf-cache-status: HIT
age: 39127
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=7M8VTv%2BDRSTF991DAgXkeGcGVpBVFyQy5bifIPao2XAcKqFcDHu%2FIbPNiDTCbYAiNup2sA4qe6EsZ4hfd9vsH30MCbG8JJIlzHfETPcSX8saqiS0UA%2BVErNin64aGmFV2Q%3D%3D"}],"group":"cf-nel","max_age":604800}
access-control-allow-methods: GET, POST, OPTIONS
expires: Tue, 31 Dec 2024 06:51:43 GMT
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=20066&min_rtt=19828&rtt_var=4371&sent=12&recv=9&lost=0&retrans=0&sent_bytes=4164&recv_bytes=4318&delivery_rate=29351&cwnd=12000&unsent_bytes=0&cid=839524d4d6c0ed42&ts=57&x=1", cfExtPri, cfHdrFlush;dur=0
date: Mon, 30 Dec 2024 17:43:50 GMT
content-type: text/javascript; charset=utf-8
last-modified: Mon, 23 Dec 2024 17:19:58 GMT
vary: Accept-Encoding
priority: u=3,i=?0
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, baggage, sentry-trace, favicon
cache-control: max-age=86400
timing-allow-origin: *
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
accept-ch: Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version
pragma: no-cache
access-control-allow-credentials: true
x-trace-id: 3dd02bd97202c8526b392db38b255bff
cf-ray: 8fa3d59b1a860f6b-EWR
access-control-allow-origin: *
server: cloudflare

GET
H3 200 6xK3dSBYKcSV-LCoeQqfX1RYOo3qOK7l.woff2
fonts.gstatic.com/s/sourcesanspro/v22/ 15 KB
15 KB 92ms
22ms Font
font/woff2 2607:f8b0:4006:817::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/sourcesanspro/v22/6xK3dSBYKcSV-LCoeQqfX1RYOo3qOK7l.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Source+Sans+Pro:300,400,600,700,300italic,400italic,600italic

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:817::2003 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7b348b30ea1fe43857e68fc462c29e5c6e63c97666af75135c4396a272e54762

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin: https://fir3.net
Referer: https://fonts.googleapis.com/

Response headers

age: 337860
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
x-content-type-options: nosniff
expires: Fri, 26 Dec 2025 19:52:50 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Thu, 26 Dec 2024 19:52:50 GMT
last-modified: Thu, 01 Jun 2023 22:52:56 GMT
content-type: font/woff2
cache-control: public, max-age=31536000
timing-allow-origin: *
cross-origin-opener-policy: same-origin; report-to="apps-themes"
cross-origin-resource-policy: cross-origin
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
accept-ranges: bytes
access-control-allow-origin: *
content-length: 14892
x-xss-protection: 0
server: sffe

GET
H3 200 6xKydSBYKcSV-LCoeQqfX1RYOo3ig4vwlxdu.woff2
fonts.gstatic.com/s/sourcesanspro/v22/ 14 KB
14 KB 27ms
26ms Font
font/woff2 2607:f8b0:4006:817::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/sourcesanspro/v22/6xKydSBYKcSV-LCoeQqfX1RYOo3ig4vwlxdu.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Source+Sans+Pro:300,400,600,700,300italic,400italic,600italic

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:817::2003 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0d0a6262c545e8bbc895116e5afb22579c468d7abb77e378f377d6fed57c1dce

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin: https://fir3.net
Referer: https://fonts.googleapis.com/

Response headers

age: 316822
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
x-content-type-options: nosniff
expires: Sat, 27 Dec 2025 01:43:28 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Fri, 27 Dec 2024 01:43:28 GMT
last-modified: Thu, 01 Jun 2023 22:52:57 GMT
content-type: font/woff2
cache-control: public, max-age=31536000
timing-allow-origin: *
cross-origin-opener-policy: same-origin; report-to="apps-themes"
cross-origin-resource-policy: cross-origin
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
accept-ranges: bytes
access-control-allow-origin: *
content-length: 14712
x-xss-protection: 0
server: sffe

GET
H2 200 6508c17a14de310019c9e910.js Show response
buttons-config.sharethis.com/js/ 1 KB
892 B 193ms
53ms Script
text/javascript 2600:9000:266a:8600:c:abe:f440:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://buttons-config.sharethis.com/js/6508c17a14de310019c9e910.js

Requested by

Host: platform-api.sharethis.com
URL: https://platform-api.sharethis.com/js/sharethis.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:266a:8600:c:abe:f440:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

f567082b85926b63970e9be76dfc7cad668db611f0b2d07df9d3419fa768b579

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://fir3.net/

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
vary: accept-encoding
cache-control: public, max-age=60
content-encoding: gzip
etag: W/"fef0f71b0b04bfef550e20a631021239"
age: 8
via: 1.1 b67b60901a678f2f5872beaa2033c562.cloudfront.net (CloudFront)
x-cache: Hit from cloudfront
x-amz-cf-id: kQ1Oh8c6dojknSdemCl7bSix6ihb7sIKgv-L7L9F7GqnpJM9c7Xw_g==
date: Mon, 30 Dec 2024 17:43:43 GMT
content-type: text/javascript
last-modified: Mon, 18 Sep 2023 22:03:25 GMT
server: AmazonS3
x-amz-cf-pop: JFK52-P5
x-amz-server-side-encryption: AES256

GET
H/1.1 204
No Content pview Show response
l.sharethis.com/ 0
428 B 223ms
38ms XHR
text/plain 18.189.181.222
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://l.sharethis.com/pview?event=pview&hostname=fir3.net&location=%2FlpuFW&product=inline-share-buttons&url=https%3A%2F%2Ffir3.net%2FlpuFW&source=sharethis.js&fcmp=false&fcmpv2=false&has_segmentio=false&title=EncurtaNet&cms=unknown&publisher=6508c17a14de310019c9e910&sop=true&version=st_sop.js&lang=en&ua=&ua_mobile=false&ua_full_version_list=&uuid=847ddd1c-55fd-4779-861f-257883a6719e

Requested by

Host: platform-api.sharethis.com
URL: https://platform-api.sharethis.com/js/sharethis.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

18.189.181.222 Columbus, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-18-189-181-222.us-east-2.compute.amazonaws.com

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains;

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://fir3.net/

Response headers

Strict-Transport-Security: max-age=63072000; includeSubDomains;
X-Robots-Tag: noindex, nofollow
Access-Control-Max-Age: 1728000
Access-Control-Expose-Headers: stid
Cache-Control: no-cache, no-store, must-revalidate
Connection: keep-alive
Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: https://fir3.net
Date: Mon, 30 Dec 2024 17:43:50 GMT
Access-Control-Allow-Headers: *

GET
H2 200 / Show response
aiveemtomsaix.net/5/5271460/ 4 KB
3 KB 481ms
169ms XHR
application/json 139.45.197.106
RETN-AS RETN Limited

General

Check archive.org

Show headers Download Go to

Full URL: https://aiveemtomsaix.net/5/5271460/?oo=1&js_build=iclick-v1.1028.0&dmn=gekeebsirs.com&tt=2&ix=0&is_mobile=false
Requested by: Host: gekeebsirs.com
URL: https://gekeebsirs.com/tag.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 139.45.197.106 , United Kingdom, ASN9002 (RETN-AS RETN Limited, GB),
Reverse DNS
Software: nginx /
Resource Hash: f75ecb2c62db7a6b8dcf361b591de7b103b3aef94a33e71be196e95617c0acac

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://fir3.net/

Response headers

access-control-max-age: 86400
content-encoding: gzip
access-control-allow-methods: GET, POST, OPTIONS
expires: Tue, 11 Jan 1994 10:00:00 GMT, Mon, 26 Jul 1997 05:00:00 GMT
date: Mon, 30 Dec 2024 17:43:50 GMT
content-type: application/json
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, baggage, sentry-trace, favicon
link: <https://my.rtmark.net>; rel="preconnect dns-prefetch"
cache-control: no-transform, no-store, no-cache, must-revalidate, max-age=0, no-store, no-cache, must-revalidate, max-age=0
timing-allow-origin: *
accept-ch: Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version
pragma: no-cache, no-cache
access-control-allow-credentials: true
x-trace-id: 4cf3c57283fe943398a33e8661803353
access-control-allow-origin: https://fir3.net
server: nginx

GET
H2 200 recaptcha__en.js Show response
www.gstatic.com/recaptcha/releases/zIriijn3uj5Vpknvt_LnfNbF/ 547 KB
216 KB 120ms
30ms Script
text/javascript 2607:f8b0:4006:817::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/zIriijn3uj5Vpknvt_LnfNbF/recaptcha__en.js

Requested by

Host: www.recaptcha.net
URL: https://www.recaptcha.net/recaptcha/api.js?onload=onloadRecaptchaCallback&render=explicit

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:817::2003 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b261530f05e272e18b5b5c86d860c4979c82b5b6c538e1643b3c94fc9ba76dd6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin: https://fir3.net
Referer: https://fir3.net/

Response headers

content-encoding: gzip
age: 35217
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
x-content-type-options: nosniff
expires: Tue, 30 Dec 2025 07:56:53 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Mon, 30 Dec 2024 07:56:53 GMT
last-modified: Tue, 10 Dec 2024 23:05:10 GMT
content-type: text/javascript
vary: Accept-Encoding
cache-control: public, max-age=31536000
timing-allow-origin: *
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
cross-origin-resource-policy: cross-origin
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
accept-ranges: bytes
access-control-allow-origin: *
content-length: 220882
x-xss-protection: 0
server: sffe

GET
H2 200 / Show response
datasphere-sbsvc.sharethis.com/ 217 B
520 B 230ms
83ms XHR
application/json 18.238.49.110
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://datasphere-sbsvc.sharethis.com/?n=6&debug
Requested by: Host: platform-api.sharethis.com
URL: https://platform-api.sharethis.com/js/sharethis.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.238.49.110 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-238-49-110.jfk52.r.cloudfront.net
Software: /
Resource Hash: 6d10e174263f5e8b2afe46579fd13c98d2726ecf3f63381b4a6acf3901f8b395

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://fir3.net/

Response headers

cache-control: public, max-age=60
via: 1.1 145a3c1a881b9a37bb761d4b0890859a.cloudfront.net (CloudFront)
apigw-requestid: DndJmgYRIAMEadg=
access-control-allow-origin: *
x-cache: Miss from cloudfront
content-length: 217
x-amz-cf-id: QVHoSeE_dUBEHz_566jrTGiIuFHfaOUggEpD02y16q_gUHm0V-lhKQ==
date: Mon, 30 Dec 2024 17:43:50 GMT
content-type: application/json
x-amz-cf-pop: JFK52-P3

GET
H2 200 anchor
www.recaptcha.net/recaptcha/api2/ Frame BEF1 0
0 146ms
62ms Document
text/html 2607:f8b0:4006:822::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.recaptcha.net/recaptcha/api2/anchor?ar=1&k=6LdJ2AYfAAAAAEThIOw_prAL10YazukIVFKI2D7U&co=aHR0cHM6Ly9maXIzLm5ldDo0NDM.&hl=en&v=zIriijn3uj5Vpknvt_LnfNbF&size=invisible&cb=kkw52y2aaktm

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/zIriijn3uj5Vpknvt_LnfNbF/recaptcha__en.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:822::2003 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-wkmht7VI0lGBYwGefXK_Lg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fir3.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-encoding: gzip
content-security-policy: script-src 'report-sample' 'nonce-wkmht7VI0lGBYwGefXK_Lg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-opener-policy-report-only: same-origin; report-to="coop_38fac9d5b82543fc4729580d18ff2d3d"
cross-origin-resource-policy: cross-origin
date: Mon, 30 Dec 2024 17:43:50 GMT
expires: Mon, 01 Jan 1990 00:00:00 GMT
pragma: no-cache
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]} {"group":"coop_38fac9d5b82543fc4729580d18ff2d3d","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/38fac9d5b82543fc4729580d18ff2d3d"}]}
server: ESF
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 get_counts Show response
count-server.sharethis.com/v2.0/ 294 B
674 B 171ms
59ms Script
text/javascript 18.173.219.25
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://count-server.sharethis.com/v2.0/get_counts?cb=window.__sharethis__.cb&url=https%3A%2F%2Ffir3.net%2FlpuFW

Requested by

Host: platform-api.sharethis.com
URL: https://platform-api.sharethis.com/js/sharethis.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.173.219.25 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-173-219-25.jfk52.r.cloudfront.net

Software

Resource Hash

1e85aeab53fb3a928423fc26acfb146e4b52cd4523a1959cd0f5a57e00eb4491

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://fir3.net/

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
cache-control: public, max-age=900
etag: 06f5bc798964779014ea01d3c0fbf818
age: 189
via: 1.1 7bd20765fb335de036eff4682be365d4.cloudfront.net (CloudFront)
apigw-requestid: Dk-aFgNyoAMEaWg=
x-cache: Hit from cloudfront
content-length: 294
x-amz-cf-id: De2FhDg2WDwsWMB_MnqpryENs2OZKlahiUnPUNZZYd6YsPluiFpAOQ==
date: Mon, 30 Dec 2024 17:43:50 GMT
content-type: text/javascript
vary: Accept-Encoding
x-amz-cf-pop: JFK52-P1

GET
H2 200 facebook.svg
platform-cdn.sharethis.com/img/ 301 B
744 B 142ms
33ms Image
image/svg+xml 2600:9000:21da:ba00:1d:85c3:6640:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://platform-cdn.sharethis.com/img/facebook.svg

Requested by

Host: fir3.net
URL: https://fir3.net/lpuFW

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:21da:ba00:1d:85c3:6640:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

768d97ec0916217ae82c70aeda3a61b9b0dab344edc4a3240a4f7cd94af00307

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://fir3.net/

Response headers

etag: "c6e9be45643e197ce1db1d7e24a99adc"
age: 783041
x-cache: Hit from cloudfront
x-amz-cf-id: GjrBTkYMGu7cdiDDPSGmFvdjftiKFxfjm_qMtmPptyKjeHkwP5vhNA==
date: Sat, 21 Dec 2024 16:13:10 GMT
content-type: image/svg+xml
vary: accept-encoding
last-modified: Thu, 10 Oct 2019 01:20:12 GMT
strict-transport-security: max-age=31536000; includeSubDomains
cache-control: public, max-age=2592000
via: 1.1 284419e56e7f935ce4c1c55765241348.cloudfront.net (CloudFront)
accept-ranges: bytes
content-length: 301
x-amz-cf-pop: EWR53-C1
server: AmazonS3
x-amz-server-side-encryption: AES256

GET
H2 200 twitter.svg
platform-cdn.sharethis.com/img/ 368 B
777 B 141ms
32ms Image
image/svg+xml 2600:9000:21da:ba00:1d:85c3:6640:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://platform-cdn.sharethis.com/img/twitter.svg

Requested by

Host: fir3.net
URL: https://fir3.net/lpuFW

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:21da:ba00:1d:85c3:6640:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

76ffdc5337cd5a509f15d70767b85a793aead82975d0d86912e1607e963c9aed

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://fir3.net/

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
vary: accept-encoding
etag: "2deb3d5121d475d195577a70b0a91a0c"
age: 234
via: 1.1 284419e56e7f935ce4c1c55765241348.cloudfront.net (CloudFront)
accept-ranges: bytes
x-cache: Hit from cloudfront
content-length: 368
x-amz-cf-id: c4PabIyArsn4l_cm9OlwVFYuV22g7Or_l1Q36R3UzjQ2HYed5KrosA==
date: Mon, 30 Dec 2024 17:39:57 GMT
content-type: image/svg+xml
last-modified: Fri, 15 Sep 2023 16:58:49 GMT
server: AmazonS3
x-amz-cf-pop: EWR53-C1
x-amz-server-side-encryption: AES256

GET
H2 200 print.svg
platform-cdn.sharethis.com/img/ 384 B
807 B 140ms
32ms Image
image/svg+xml 2600:9000:21da:ba00:1d:85c3:6640:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://platform-cdn.sharethis.com/img/print.svg

Requested by

Host: fir3.net
URL: https://fir3.net/lpuFW

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:21da:ba00:1d:85c3:6640:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

30e817756a474c7f893057d069f7ed56e1fd4617d70fcf40ac5d58fae5890ede

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://fir3.net/

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
cache-control: public, max-age=2592000
etag: "f13e866e7f19263a292ab3997e01fb17"
age: 1451695
via: 1.1 284419e56e7f935ce4c1c55765241348.cloudfront.net (CloudFront)
accept-ranges: bytes
x-cache: Hit from cloudfront
content-length: 384
x-amz-cf-id: bGbPcoIaJSLPTu_scsc0fgneASaYoxItlk6s9gUOr6PKZ2dL9FOV9w==
date: Fri, 13 Dec 2024 22:28:56 GMT
content-type: image/svg+xml
last-modified: Thu, 10 Oct 2019 01:20:13 GMT
server: AmazonS3
x-amz-cf-pop: EWR53-C1
x-amz-server-side-encryption: AES256

GET
H2 200 pinterest.svg
platform-cdn.sharethis.com/img/ 771 B
1 KB 139ms
31ms Image
image/svg+xml 2600:9000:21da:ba00:1d:85c3:6640:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://platform-cdn.sharethis.com/img/pinterest.svg

Requested by

Host: fir3.net
URL: https://fir3.net/lpuFW

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:21da:ba00:1d:85c3:6640:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

efc737b4f58cfe73a9bd0e57d7570365701381da31e628b269e7217a0ce3359d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://fir3.net/

Response headers

etag: "2b10a062e719c64b686e2e8fcdc216dc"
age: 833184
x-cache: Hit from cloudfront
x-amz-cf-id: lkE-vQkAtGXqwqF1W64MyDUDlKISM5oMJFjpmbUwyiKBS_Ixkp_LxQ==
date: Sat, 21 Dec 2024 02:17:27 GMT
content-type: image/svg+xml
vary: accept-encoding
last-modified: Thu, 10 Oct 2019 01:20:13 GMT
strict-transport-security: max-age=31536000; includeSubDomains
cache-control: public, max-age=2592000
via: 1.1 284419e56e7f935ce4c1c55765241348.cloudfront.net (CloudFront)
accept-ranges: bytes
content-length: 771
x-amz-cf-pop: EWR53-C1
server: AmazonS3
x-amz-server-side-encryption: AES256

GET
H2 200 whatsapp.svg
platform-cdn.sharethis.com/img/ 832 B
1 KB 136ms
28ms Image
image/svg+xml 2600:9000:21da:ba00:1d:85c3:6640:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://platform-cdn.sharethis.com/img/whatsapp.svg

Requested by

Host: fir3.net
URL: https://fir3.net/lpuFW

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:21da:ba00:1d:85c3:6640:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

847eb36b4dc4b05f94052dcd98077319e74d882334a106bb9ca451ba211c9c2c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://fir3.net/

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
cache-control: public, max-age=2592000
etag: "afe7fc60ed757db39a88d2950fce69c9"
age: 1451718
via: 1.1 284419e56e7f935ce4c1c55765241348.cloudfront.net (CloudFront)
accept-ranges: bytes
x-cache: Hit from cloudfront
content-length: 832
x-amz-cf-id: G7AtLEPxqpwpyxqjAQgZV9EPw93qN-c5pBeCdOiYqxR1MeYOWDh_qw==
date: Fri, 13 Dec 2024 22:28:33 GMT
content-type: image/svg+xml
last-modified: Thu, 10 Oct 2019 01:20:13 GMT
server: AmazonS3
x-amz-cf-pop: EWR53-C1
x-amz-server-side-encryption: AES256

GET
H2 200 email.svg
platform-cdn.sharethis.com/img/ 343 B
769 B 136ms
30ms Image
image/svg+xml 2600:9000:21da:ba00:1d:85c3:6640:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://platform-cdn.sharethis.com/img/email.svg

Requested by

Host: fir3.net
URL: https://fir3.net/lpuFW

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:21da:ba00:1d:85c3:6640:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

5f5012132c752db2433e17712d91ef8689f1bc95167b2720e23224c2ae62e009

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://fir3.net/

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
cache-control: public, max-age=2592000
etag: "5977437466e857c7ddcadda6f6d88c2a"
age: 1451688
via: 1.1 284419e56e7f935ce4c1c55765241348.cloudfront.net (CloudFront)
accept-ranges: bytes
x-cache: Hit from cloudfront
content-length: 343
x-amz-cf-id: IyY6auYKxvryxOC-8mwyydAzcobAUqpHJOHkwIoV_31LIC-69n5dyw==
date: Fri, 13 Dec 2024 22:29:03 GMT
content-type: image/svg+xml
last-modified: Thu, 10 Oct 2019 01:20:12 GMT
server: AmazonS3
x-amz-cf-pop: EWR53-C1
x-amz-server-side-encryption: AES256

GET
H2 200 arrow_left.svg
platform-cdn.sharethis.com/img/ 565 B
1009 B 61ms
57ms Image
image/svg+xml 2600:9000:21da:ba00:1d:85c3:6640:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://platform-cdn.sharethis.com/img/arrow_left.svg

Requested by

Host: fir3.net
URL: https://fir3.net/lpuFW

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:21da:ba00:1d:85c3:6640:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

5c833b1818762f1e134fbb158447fb0b92f2b018b15aa36f2e2405213f830d38

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://fir3.net/

Response headers

etag: "b55d8d2b9321e381a3c38a4bddb74037"
age: 620978
x-cache: Hit from cloudfront
x-amz-cf-id: dJfUGPHEMnY_FIuNcrt6POc83DMra6nONXFEAXHqsJVifxjZQbPVUg==
date: Mon, 23 Dec 2024 13:14:13 GMT
content-type: image/svg+xml
vary: accept-encoding
last-modified: Thu, 10 Oct 2019 01:20:12 GMT
strict-transport-security: max-age=31536000; includeSubDomains
cache-control: public, max-age=2592000
via: 1.1 284419e56e7f935ce4c1c55765241348.cloudfront.net (CloudFront)
accept-ranges: bytes
content-length: 565
x-amz-cf-pop: EWR53-C1
server: AmazonS3
x-amz-server-side-encryption: AES256

GET
H2 200 arrow_right.svg
platform-cdn.sharethis.com/img/ 565 B
1007 B 102ms
99ms Image
image/svg+xml 2600:9000:21da:ba00:1d:85c3:6640:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://platform-cdn.sharethis.com/img/arrow_right.svg

Requested by

Host: fir3.net
URL: https://fir3.net/lpuFW

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:21da:ba00:1d:85c3:6640:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

1bae747c7fd090f56608956a97c870391e1c43f89d24d5766129b75628985c1e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://fir3.net/

Response headers

etag: "9928d025bd5792b718ee0a185f62e67c"
age: 706571
x-cache: Hit from cloudfront
x-amz-cf-id: Nco6JRY9Ryfb1-aETyeNID9rWt7Z4CctU_LOseBqdUAlZwD6G92nNQ==
date: Sun, 22 Dec 2024 13:27:40 GMT
content-type: image/svg+xml
vary: accept-encoding
last-modified: Thu, 10 Oct 2019 01:20:12 GMT
strict-transport-security: max-age=31536000; includeSubDomains
cache-control: public, max-age=2592000
via: 1.1 284419e56e7f935ce4c1c55765241348.cloudfront.net (CloudFront)
accept-ranges: bytes
content-length: 565
x-amz-cf-pop: EWR53-C1
server: AmazonS3
x-amz-server-side-encryption: AES256

GET
H3 200 gid.js Show response
my.rtmark.net/ 65 B
969 B 198ms
118ms XHR
application/json 2606:4700:3030::ac43:a99d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://my.rtmark.net/gid.js?userId=0081428d73c84c34f90f99975aa31940

Requested by

Host: gekeebsirs.com
URL: https://gekeebsirs.com/tag.min.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3030::ac43:a99d , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ff0a8dba0136643d290e879c3d359d86833e08d2b91b55aca7c09b5541a301d6

Security Headers

Name	Value
Strict-Transport-Security	max-age=1
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://fir3.net/

Response headers

access-control-expose-headers: Authorization
content-encoding: zstd
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=NrUFvQpHtrSPWhNo9VSnCDUZhcCp38R2y9g6Y2suZefMByvqRKNNHATf0R6kucR5jMocAOg90nzGkWZKR7j%2FwdQ6QADphIedRUPA26HYPWgGH9TAqhVChkBNlkn0Dgcg4ZNNQW0UnukLW%2BLX"}],"group":"cf-nel","max_age":604800}
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=20865&min_rtt=20558&rtt_var=3723&sent=12&recv=10&lost=0&retrans=0&sent_bytes=4165&recv_bytes=4365&delivery_rate=599&cwnd=12000&unsent_bytes=0&cid=7522177704e815dd&ts=124&x=1", cfExtPri, cfHdrFlush;dur=0
date: Mon, 30 Dec 2024 17:43:51 GMT
content-type: application/json; charset=utf-8
priority: u=1,i
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, Authorization,X-CSRF-Token
strict-transport-security: max-age=1
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
timing-allow-origin: *, *
access-control-allow-credentials: true
cf-ray: 8fa3d59f8a44c33b-EWR
access-control-allow-origin: https://fir3.net
server: cloudflare

GET
H2 200 / Show response
aiveemtomsaix.net/ 3 KB
3 KB 208ms
200ms Fetch
application/json 139.45.197.106
RETN-AS RETN Limited

General

Check archive.org

Show headers Download Go to

Full URL

https://aiveemtomsaix.net/?rb=0zsIpNN21V9scvzoYEEcbXVBg5Kkl6HaH8jtL-d95IB187pClrZmbW82NgbOy-WqVQJW27upjL0_gRJznUWhdYyYMaZsWu4XB8f_yJ3KusJPRVfBxyFuRwGNiGuyfcfFk01nAh2TxxuvHZog5DqgD25MkgIjkHhUHNB51aH4BJIVGNKuHdYHdoF6jBFFEyC3GS5HUNU9IJypzWU7EF5gVKdRMUgmLKYQpfqBLEEDs6zidoftzWunzmlCxyQEavprkGHr4rAY37CfuFzv7cOy45v7MZn1WoGL09Yz9OkVMalrksqtF4pysGFzG3NWQ2Hw&request_ab2=0&zoneid=5271460&js_build=iclick-v1.1028.0&jsp=1&fs=0&cf=0&sw=1600&sh=1200&wih=1200&wiw=1600&ww=1600&wh=1285&sah=1200&wx=210&wy=210&cw=1600&wfc=1&pl=https%3A%2F%2Ffir3.net%2FlpuFW&drf=&np=1&pt=0&nb=1&ng=1&ix=0&nw=1&tb=false&btz=Pacific%2FHonolulu&bto=600&tt=2&wgl=Intel%20Iris%20OpenGL%20Engine&js_build=iclick-v1.1028.0&navlng=en-US&vsbl=true&pnt=0&pnrc=0&bml=1&bmi=1&bs=fb9de12b-22cb-403d-ad37-abc13e8106d1&wasm=1&userId=0081428d73c84c34f90f99975aa31940&is_mobile=false&m=link

Requested by

Host: gekeebsirs.com
URL: https://gekeebsirs.com/tag.min.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

139.45.197.106 , United Kingdom, ASN9002 (RETN-AS RETN Limited, GB),

Reverse DNS

Software

nginx /

Resource Hash

4c918bff6071c28060630057ad81db39b73867abd60246702b74e41fc11c4eaa

Security Headers

Name	Value
Strict-Transport-Security	max-age=1
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://fir3.net/

Response headers

access-control-max-age: 86400
content-encoding: gzip
access-control-allow-methods: GET, POST, OPTIONS
x-content-type-options: nosniff
expires: Tue, 11 Jan 1994 10:00:00 GMT
date: Mon, 30 Dec 2024 17:43:51 GMT
content-type: application/json
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, baggage, sentry-trace, favicon
strict-transport-security: max-age=1
cache-control: no-transform, no-store, no-cache, must-revalidate, max-age=0
timing-allow-origin: *, *
accept-ch: Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version
pragma: no-cache
access-control-allow-credentials: true
x-trace-id: 7edcb590068a3a9949923278b0376c8f
access-control-allow-origin: https://fir3.net
server: nginx

GET
H3 200 favicon.ico
fir3.net/ 198 B
815 B 35ms
34ms Other
image/x-icon 2606:4700:3030::6815:5ae7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://fir3.net/favicon.ico

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3030::6815:5ae7 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

9deb629637088856fe61dc868bf40a7d21ed942e4117659f3d6c3408f59b906b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://fir3.net/lpuFW

Response headers

content-encoding: zstd
cf-cache-status: HIT
age: 6033234
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=ujVRR8MW3HORzZH1cu3WCsRp2C1DUk71ITcAI0rQS9h7vpRcYqIVR4HfeMnNid5CkaBukgNBZufMmalufR%2FKnS%2BKJhGiO0rdwl6Cg98M95kkZbODBBJr2oEE4vbTH74lB4aSLlhI4A%3D%3D"}],"group":"cf-nel","max_age":604800}
x-content-type-options: nosniff
expires: Tue, 21 Oct 2025 21:49:57 GMT
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=23490&min_rtt=20618&rtt_var=1232&sent=136&recv=70&lost=0&retrans=1&sent_bytes=130105&recv_bytes=12297&delivery_rate=1169408&cwnd=50400&unsent_bytes=0&cid=519eb521b8bcbdc4&ts=1373&x=1", cfExtPri, cfHdrFlush;dur=0
date: Mon, 30 Dec 2024 17:43:51 GMT
content-type: image/x-icon
last-modified: Fri, 20 Dec 2019 05:51:23 GMT
vary: User-Agent, Accept-Encoding
priority: u=1,i
x-frame-options: SAMEORIGIN
cache-control: public, max-age=31536000
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 8fa3d5a12d6f443e-EWR
x-xss-protection: 1; mode=block
x-turbo-charged-by: LiteSpeed
server: cloudflare

GET
H3 200 favicon.ico
fir3.net/ 198 B
0 0ms
0ms Other
image/x-icon 2606:4700:3030::6815:5ae7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://fir3.net/favicon.ico

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3030::6815:5ae7 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

9deb629637088856fe61dc868bf40a7d21ed942e4117659f3d6c3408f59b906b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://fir3.net/lpuFW

Response headers

content-encoding: zstd
cf-cache-status: HIT
age: 6033234
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=ujVRR8MW3HORzZH1cu3WCsRp2C1DUk71ITcAI0rQS9h7vpRcYqIVR4HfeMnNid5CkaBukgNBZufMmalufR%2FKnS%2BKJhGiO0rdwl6Cg98M95kkZbODBBJr2oEE4vbTH74lB4aSLlhI4A%3D%3D"}],"group":"cf-nel","max_age":604800}
x-content-type-options: nosniff
expires: Tue, 21 Oct 2025 21:49:57 GMT
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=23490&min_rtt=20618&rtt_var=1232&sent=136&recv=70&lost=0&retrans=1&sent_bytes=130105&recv_bytes=12297&delivery_rate=1169408&cwnd=50400&unsent_bytes=0&cid=519eb521b8bcbdc4&ts=1373&x=1", cfExtPri, cfHdrFlush;dur=0
date: Mon, 30 Dec 2024 17:43:51 GMT
content-type: image/x-icon
last-modified: Fri, 20 Dec 2019 05:51:23 GMT
vary: User-Agent, Accept-Encoding
priority: u=1,i
x-frame-options: SAMEORIGIN
cache-control: public, max-age=31536000
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 8fa3d5a12d6f443e-EWR
x-xss-protection: 1; mode=block
x-turbo-charged-by: LiteSpeed
server: cloudflare

GET
H3 200 bframe
www.recaptcha.net/recaptcha/api2/ Frame F039 0
0 43ms
42ms Document
text/html 2607:f8b0:4006:822::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.recaptcha.net/recaptcha/api2/bframe?hl=en&v=zIriijn3uj5Vpknvt_LnfNbF&k=6LdJ2AYfAAAAAEThIOw_prAL10YazukIVFKI2D7U

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/zIriijn3uj5Vpknvt_LnfNbF/recaptcha__en.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:822::2003 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-zAmRxD2XGTXAxgaGERxU4g' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fir3.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-encoding: gzip
content-security-policy: script-src 'report-sample' 'nonce-zAmRxD2XGTXAxgaGERxU4g' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-opener-policy-report-only: same-origin; report-to="coop_38fac9d5b82543fc4729580d18ff2d3d"
cross-origin-resource-policy: cross-origin
date: Mon, 30 Dec 2024 17:43:51 GMT
expires: Mon, 01 Jan 1990 00:00:00 GMT
pragma: no-cache
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]} {"group":"coop_38fac9d5b82543fc4729580d18ff2d3d","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/38fac9d5b82543fc4729580d18ff2d3d"}]}
server: ESF
x-content-type-options: nosniff
x-xss-protection: 0

Verdicts & Comments Add Verdict or Comment

41 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

9 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
www.recaptcha.net/recaptcha	1970-01-21 06:25:32	Name: _GRECAPTCHA Value: 09AJNbFncLwKBOrgkI_hpVbWu1tB2to03pQgePPCLkOlcF-aVH_tvlyf9tvmLzbQJCSBt_cBRXmdRyz_rLY3vf_Ec
fir3.net/	1969-12-31 23:59:59	Name: AppSession Value: 73aa2e950d19fdd530997c1215e2793b
fir3.net/	1969-12-31 23:59:59	Name: csrfToken Value: 11b52facbf94effc3bd9e4676c31a9c29ba41e7f7e0da91da28e6ceb714e5bcd317b63cf6f597be5236db0d2146cf3d83e5d4f6adc104b3a2cb15409f416ed04
fir3.net/	1969-12-31 23:59:59	Name: ab Value: 2
aiveemtomsaix.net/	1970-01-21 10:51:56	Name: OAID Value: 0081428d73c84c34f90f99975aa31940
my.rtmark.net/	1970-01-21 10:51:56	Name: ID Value: 0081428d73c84c34f90f99975aa31940
fir3.net/	1970-01-21 02:06:20	Name: prefetchAd_5271460 Value: true
aiveemtomsaix.net/	1970-01-21 10:51:56	Name: oaidts Value: 1735580631
aiveemtomsaix.net/	1970-01-21 02:16:25	Name: syncedCookie Value: true

1 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
rendering	warning	URL: https://fir3.net/lpuFW Message: [GroupMarkerNotSet(crbug.com/242999)!:A0F0B015E4040000]Automatic fallback to software WebGL has been deprecated. Please use the --enable-unsafe-swiftshader flag to opt in to lower security guarantees for trusted content.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN,SAMEORIGIN
X-Xss-Protection	1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

1.bp.blogspot.com
aiveemtomsaix.net
blog.encurta.net
buttons-config.sharethis.com
count-server.sharethis.com
datasphere-sbsvc.sharethis.com
fir3.net
fonts.googleapis.com
fonts.gstatic.com
gekeebsirs.com
l.sharethis.com
my.rtmark.net
platform-api.sharethis.com
platform-cdn.sharethis.com
www.gstatic.com
www.recaptcha.net
104.21.5.227
13.249.91.20
139.45.197.106
18.173.219.25
18.189.181.222
18.238.49.110
2600:9000:21da:ba00:1d:85c3:6640:93a1
2600:9000:266a:8600:c:abe:f440:93a1
2606:4700:3030::6815:1b49
2606:4700:3030::6815:5ae7
2606:4700:3030::ac43:a99d
2607:f8b0:4006:80d::2001
2607:f8b0:4006:80f::200a
2607:f8b0:4006:817::2003
2607:f8b0:4006:822::2003
0d0a6262c545e8bbc895116e5afb22579c468d7abb77e378f377d6fed57c1dce
1bae747c7fd090f56608956a97c870391e1c43f89d24d5766129b75628985c1e
1e85aeab53fb3a928423fc26acfb146e4b52cd4523a1959cd0f5a57e00eb4491
2595496fe48df6fcf9b1bc57c29a744c121eb4dd11566466bc13d2e52e6bbcc8
30e817756a474c7f893057d069f7ed56e1fd4617d70fcf40ac5d58fae5890ede
347f6365abfcb020615486b3d7e0a6021a507bc720e5fc70efb8bacce6a160ca
3bba0a18a31057789bd2a52c163cc83be2c43f8956461506969579af2d57cafa
49f2536799fe69214edf8a7e469c6d7124307a4e4e913651469a247c7244e81f
4b5419da69b46c79af03f015c77aa26599869034c95ce63b2a4b8f3975b2593a
4bdaee4307fd2ad79788f19bf761cb943565be43b8641c98ab92ae96e795ee92
4c918bff6071c28060630057ad81db39b73867abd60246702b74e41fc11c4eaa
5c833b1818762f1e134fbb158447fb0b92f2b018b15aa36f2e2405213f830d38
5f5012132c752db2433e17712d91ef8689f1bc95167b2720e23224c2ae62e009
5ff99c8663dee672c50e45adde3f720287b82906a17f6a7721457c1c6eca0bed
63aecc1fcc3b836462906c0f57ea36a4f7391c6af6260481dc6b4fae3047b2b5
6a67b1809a10680da524de5b59e10ec07e187e7f41db360f2758b3bf2db7d766
6d10e174263f5e8b2afe46579fd13c98d2726ecf3f63381b4a6acf3901f8b395
6d92dfc1700fd38cd130ad818e23bc8aef697f815b2ea5face2b5dfad22f2e11
760821f2acf6074d4d5198ee78f1ad94c529f1a928d0dc7f0a95e055d9576598
768d97ec0916217ae82c70aeda3a61b9b0dab344edc4a3240a4f7cd94af00307
76ffdc5337cd5a509f15d70767b85a793aead82975d0d86912e1607e963c9aed
7a67b6c4dba7eceb6504af73c37a21b1d92a86f7331c85d7024ba36fcaff6236
7b348b30ea1fe43857e68fc462c29e5c6e63c97666af75135c4396a272e54762
847eb36b4dc4b05f94052dcd98077319e74d882334a106bb9ca451ba211c9c2c
98d32b00fca86fc6994df33302e051a6ad03461a43ff5797d5b10ace4cf4772f
9deb629637088856fe61dc868bf40a7d21ed942e4117659f3d6c3408f59b906b
9ee2fcff6709e4d0d24b09ca0fc56aade12b4961ed9c43fd13b03248bfb57afe
a966b18ec6e3b2e6676df4cd8e274cfba051df4bc26ae0d783a978f5533d2bb4
b261530f05e272e18b5b5c86d860c4979c82b5b6c538e1643b3c94fc9ba76dd6
d87a6dc22cd0022b94a9f09959bd8fead41f7f264ce0fca5f52b33ecaa1a4e04
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e5e998ea42306cdbaca43e5fbc23a2ca1631d41664c57f60ebaed459d3487451
efc737b4f58cfe73a9bd0e57d7570365701381da31e628b269e7217a0ce3359d
f567082b85926b63970e9be76dfc7cad668db611f0b2d07df9d3419fa768b579
f75ecb2c62db7a6b8dcf361b591de7b103b3aef94a33e71be196e95617c0acac
f8f7883a3de9397521d2e218ee6ceb6b48ab58a17bb90f10171c75d5e92b5b78
fdce77a6d0053f32d231518a84a71bcab5c86045ed52369da00b89d4284aef46
ff0a8dba0136643d290e879c3d359d86833e08d2b91b55aca7c09b5541a301d6

fir3.net Open in urlscan Pro 2606:4700:3030::6815:5ae7 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

41 Requests

100 %HTTPS

60 %IPv6

10 Domains

16 Subdomains

15 IPs

3 Countries

488 kBTransfer

1372 kBSize

9 Cookies

6 Outgoing links

Redirected requests

41 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

fir3.net Open in urlscan Pro
2606:4700:3030::6815:5ae7 Public Scan

Screenshot
Live screenshot

Full Image

41
Requests

100 %
HTTPS

60 %
IPv6

10
Domains

16
Subdomains

15
IPs

3
Countries

488 kB
Transfer

1372 kB
Size

9
Cookies

41 HTTP transactions
0 data transactions