www.bing.com Open in urlscan Pro
204.79.197.237 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://recruiteasegithub.com/
Effective URL:
https://www.bing.com/news
Submission Tags: falconsandbox
Submission: On December 12 via api (December 12th 2024, 11:27:38 am UTC) from US — Scanned from US

Summary HTTP 113 Redirects Behaviour Indicators

Summary

This website contacted 8 IPs in 2 countries across 9 domains to perform 113 HTTP transactions. The main IP is 204.79.197.237, located in and belongs to . The main domain is www.bing.com.
TLS certificate: Issued by Microsoft Azure RSA TLS Issuing CA 03 on September 16th 2024. Valid for: 6 months.

This is the only time www.bing.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 2	96.126.123.244 96.126.123.244	63949 (AKAMAI-LI...) (AKAMAI-LINODE-AP Akamai Connected Cloud)
1 2	54.82.7.206 54.82.7.206	14618 (AMAZON-AES) (AMAZON-AES)
1 1	147.182.253.216 147.182.253.216	14061 (DIGITALOC...) (DIGITALOCEAN-ASN)
1 1	172.67.186.42 172.67.186.42	13335 (CLOUDFLAR...) (CLOUDFLARENET)
47	104.21.19.248 104.21.19.248	13335 (CLOUDFLAR...) (CLOUDFLARENET)
4	142.251.111.94 142.251.111.94	15169 (GOOGLE) (GOOGLE)
20	172.67.190.135 172.67.190.135	13335 (CLOUDFLAR...) (CLOUDFLARENET)
22	204.79.197.237 204.79.197.237	() ()
8	23.73.207.8 23.73.207.8	() ()
113	8

2 96.126.123.244 (Richardson, United States) 1 redirects

ASN63949 (AKAMAI-LINODE-AP Akamai Connected Cloud, SG)
PTR: li372-244.members.linode.com

recruiteasegithub.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 54.82.7.206 (Ashburn, United States) 1 redirects

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-82-7-206.compute-1.amazonaws.com

ernus-dop.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 147.182.253.216 (Santa Clara, United States) 1 redirects

ASN14061 (DIGITALOCEAN-ASN, US)

main.proffering.xyz	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 172.67.186.42 (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

qwfuu.altaircastor.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

47 104.21.19.248 (None, )

ASN13335 (CLOUDFLARENET, US)

qwfuu.topads-site.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 142.251.111.94 (Farmingdale, United States)

ASN15169 (GOOGLE, US)
PTR: bk-in-f94.1e100.net

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

20 172.67.190.135 (United States)

ASN13335 (CLOUDFLARENET, US)

ea.topads-site.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

22 204.79.197.237 (None, )

ASN- ()

www.bing.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 23.73.207.8 (None, )

ASN- ()

r.bing.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
67	topads-site.com qwfuu.topads-site.com ea.topads-site.com	807 KB
30	bing.com www.bing.com r.bing.com	300 KB
4	gstatic.com www.gstatic.com	19 KB
2	ernus-dop.com 1 redirects ernus-dop.com	4 KB
2	recruiteasegithub.com 1 redirects recruiteasegithub.com	1 KB
1	altaircastor.com 1 redirects qwfuu.altaircastor.com	1 KB
1	proffering.xyz 1 redirects main.proffering.xyz	713 B
0	clarity.ms Failed www.clarity.ms Failed
0	msn.com Failed ads.msn.com Failed
113	9

	Domain	Requested by
47	qwfuu.topads-site.com	ernus-dop.com qwfuu.topads-site.com
22	www.bing.com	ea.topads-site.com www.bing.com
20	ea.topads-site.com	qwfuu.topads-site.com ea.topads-site.com
8	r.bing.com	www.bing.com
4	www.gstatic.com	qwfuu.topads-site.com
2	ernus-dop.com	1 redirects recruiteasegithub.com
2	recruiteasegithub.com	1 redirects
1	qwfuu.altaircastor.com	1 redirects
1	main.proffering.xyz	1 redirects
0	www.clarity.ms Failed	www.bing.com
0	ads.msn.com Failed	www.bing.com
113	11

This site contains no links.

Subject Issuer	Validity	Valid
recruiteasegithub.com R11	`2024-12-12` - `2025-03-12`	3 months	crt.sh
ernus-dop.com Amazon RSA 2048 M02	`2024-11-22` - `2025-12-22`	a year	crt.sh
topads-site.com WE1	`2024-12-06` - `2025-03-06`	3 months	crt.sh
*.gstatic.com WR2	`2024-11-04` - `2025-01-27`	3 months	crt.sh
www.bing.com Microsoft Azure RSA TLS Issuing CA 03	`2024-09-16` - `2025-03-15`	6 months	crt.sh
r.bing.com Microsoft Azure ECC TLS Issuing CA 04	`2024-06-24` - `2025-06-19`	a year	crt.sh

This page contains 1 frames:

Primary Page: https://www.bing.com/news
Frame ID: 0809B49EDC80929013B5F2A6A1EFEEE8
Requests: 139 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page URL History Show full URLs

https://recruiteasegithub.com/ Page URL
https://recruiteasegithub.com/?gp=1&js=1&uuid=1734002848.0023769889&other_args=eyJ1cmkiOiAiLyIsICJhcmdzIjo... HTTP 302
https://ernus-dop.com/zclkvisitor/123f2b82-b87c-11ef-9c33-0affca48d617/f8472a30-a5e5-11ec-9226-0a7... Page URL
https://ernus-dop.com/zclkredirect?visitid=123f2b82-b87c-11ef-9c33-0affca48d617&type=js&browserWid... HTTP 302
https://main.proffering.xyz/15GUIL?zoneid=erythraean-weasel&campaignid=2471437&target=quebec-day-1lmowp5... HTTP 302
https://qwfuu.altaircastor.com/?pl=W7-lkuObDEWXzHM4LgqUhA&tbd=864000&sub_id=parkdom&click_id=83085908d2e17c... HTTP 302
https://qwfuu.topads-site.com/fdze4mod1i/?pl=W7-lkuObDEWXzHM4LgqUhA&sm=phn&click_id=83085908d2e17c30e3d82d... Page URL
https://qwfuu.topads-site.com/fdze4mod1i/?pl=W7-lkuObDEWXzHM4LgqUhA&sm=phn&click_id=83085908d2e17c30e3d82d... Page URL
https://ea.topads-site.com/fdze4mod1i/?pl=W7-lkuObDEWXzHM4LgqUhA&sm=phn&click_id=83085908d2e17c30e3d82d... Page URL
https://www.bing.com/news Page URL

Detected technologies

Firebase (Databases) Expand

Overall confidence: 100%
Detected patterns

/firebasejs/([\d.]+)/firebase

Page Statistics

113
Requests

91 %
HTTPS

0 %
IPv6

9
Domains

11
Subdomains

8
IPs

2
Countries

1130 kB
Transfer

2330 kB
Size

9
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://recruiteasegithub.com/ Page URL
https://recruiteasegithub.com/?gp=1&js=1&uuid=1734002848.0023769889&other_args=eyJ1cmkiOiAiLyIsICJhcmdzIjogIiIsICJyZWZlcmVyIjogIiIsICJhY2NlcHQiOiAidGV4dC9odG1sLGFwcGxpY2F0aW9uL3hodG1sK3htbCxhcHBsaWNhdGlvbi94bWw7cT0wLjksaW1hZ2UvYXZpZixpbWFnZS93ZWJwLGltYWdlL2FwbmcsKi8qO3E9MC44LGFwcGxpY2F0aW9uL3NpZ25lZC1leGNoYW5nZTt2PWIzO3E9MC43In0= HTTP 302
https://ernus-dop.com/zclkvisitor/123f2b82-b87c-11ef-9c33-0affca48d617/f8472a30-a5e5-11ec-9226-0a76dcc61f13?campaignid=201c7200-9877-11ef-a47d-12832fc4c381 Page URL
https://ernus-dop.com/zclkredirect?visitid=123f2b82-b87c-11ef-9c33-0affca48d617&type=js&browserWidth=1600&browserHeight=1200&iframeDetected=false&webdriverDetected=false&gpu=Intel%20Inc.%3B%20Intel%20Iris%20OpenGL%20Engine&timezone=UTC-10%3A00&timezoneName=Pacific%2FHonolulu HTTP 302
https://main.proffering.xyz/15GUIL?zoneid=erythraean-weasel&campaignid=2471437&target=quebec-day-1lmowp53zd&cost=0.001300&external_id=NON-ADULT HTTP 302
https://qwfuu.altaircastor.com/?pl=W7-lkuObDEWXzHM4LgqUhA&tbd=864000&sub_id=parkdom&click_id=83085908d2e17c30e3d82de0289174a2-11246-1212 HTTP 302
https://qwfuu.topads-site.com/fdze4mod1i/?pl=W7-lkuObDEWXzHM4LgqUhA&sm=phn&click_id=83085908d2e17c30e3d82de0289174a2-11246-1212&sub_id=parkdom&nrid=94f6e98d59c5499aa23fc71d588b2cda&tbd=864000&hash=KCMMnbORxxextYm1yUCh9w&exp=1734003151 Page URL
https://qwfuu.topads-site.com/fdze4mod1i/?pl=W7-lkuObDEWXzHM4LgqUhA&sm=phn&click_id=83085908d2e17c30e3d82de0289174a2-11246-1212&sub_id=parkdom&nrid=94f6e98d59c5499aa23fc71d588b2cda&tbd=864000&hash=KCMMnbORxxextYm1yUCh9w&exp=1734003151 Page URL
https://ea.topads-site.com/fdze4mod1i/?pl=W7-lkuObDEWXzHM4LgqUhA&sm=phn&click_id=83085908d2e17c30e3d82de0289174a2-11246-1212&sub_id=parkdom&nrid=94f6e98d59c5499aa23fc71d588b2cda&tbd=864000&hash=KCMMnbORxxextYm1yUCh9w&exp=1734003151 Page URL
https://www.bing.com/news Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 1

https://recruiteasegithub.com/?gp=1&js=1&uuid=1734002848.0023769889&other_args=eyJ1cmkiOiAiLyIsICJhcmdzIjogIiIsICJyZWZlcmVyIjogIiIsICJhY2NlcHQiOiAidGV4dC9odG1sLGFwcGxpY2F0aW9uL3hodG1sK3htbCxhcHBsaWNhdGlvbi94bWw7cT0wLjksaW1hZ2UvYXZpZixpbWFnZS93ZWJwLGltYWdlL2FwbmcsKi8qO3E9MC44LGFwcGxpY2F0aW9uL3NpZ25lZC1leGNoYW5nZTt2PWIzO3E9MC43In0= HTTP 302
https://ernus-dop.com/zclkvisitor/123f2b82-b87c-11ef-9c33-0affca48d617/f8472a30-a5e5-11ec-9226-0a76dcc61f13?campaignid=201c7200-9877-11ef-a47d-12832fc4c381

Request Chain 2

https://ernus-dop.com/zclkredirect?visitid=123f2b82-b87c-11ef-9c33-0affca48d617&type=js&browserWidth=1600&browserHeight=1200&iframeDetected=false&webdriverDetected=false&gpu=Intel%20Inc.%3B%20Intel%20Iris%20OpenGL%20Engine&timezone=UTC-10%3A00&timezoneName=Pacific%2FHonolulu HTTP 302
https://main.proffering.xyz/15GUIL?zoneid=erythraean-weasel&campaignid=2471437&target=quebec-day-1lmowp53zd&cost=0.001300&external_id=NON-ADULT HTTP 302
https://qwfuu.altaircastor.com/?pl=W7-lkuObDEWXzHM4LgqUhA&tbd=864000&sub_id=parkdom&click_id=83085908d2e17c30e3d82de0289174a2-11246-1212 HTTP 302
https://qwfuu.topads-site.com/fdze4mod1i/?pl=W7-lkuObDEWXzHM4LgqUhA&sm=phn&click_id=83085908d2e17c30e3d82de0289174a2-11246-1212&sub_id=parkdom&nrid=94f6e98d59c5499aa23fc71d588b2cda&tbd=864000&hash=KCMMnbORxxextYm1yUCh9w&exp=1734003151

113 HTTP transactions
27 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1 200
OK / Show response
recruiteasegithub.com/ 1011 B
756 B 1014ms
182ms Document
text/html 96.126.123.244
AKAMAI-LINODE-AP ...

General

Check archive.org

Show headers Download Go to

Full URL: https://recruiteasegithub.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 96.126.123.244 Richardson, United States, ASN63949 (AKAMAI-LINODE-AP Akamai Connected Cloud, SG),
Reverse DNS: li372-244.members.linode.com
Software: openresty/1.13.6.1 /
Resource Hash: a6e0450ca5ec912352d6c99c13658c16879e002a10f8dbfb49ab0e8b5d5a10c9

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

content-encoding: gzip
content-type: text/html
date: Thu, 12 Dec 2024 11:27:28 GMT
server: openresty/1.13.6.1
transfer-encoding: chunked

GET
H2

200

f8472a30-a5e5-11ec-9226-0a76dcc61f13 Show response
ernus-dop.com/zclkvisitor/123f2b82-b87c-11ef-9c33-0affca48d617/
Redirect Chain

https://recruiteasegithub.com/?gp=1&js=1&uuid=1734002848.0023769889&other_args=eyJ1cmkiOiAiLyIsICJhcmdzIjogIiIsICJyZWZlcmVyIjogIiIsICJhY2NlcHQiOiAidGV4dC9odG1sLGFwcGxpY2F0aW9uL3hodG1sK3htbCxhcHBsaW...
https://ernus-dop.com/zclkvisitor/123f2b82-b87c-11ef-9c33-0affca48d617/f8472a30-a5e5-11ec-9226-0a76dcc61f13?campaignid=201c7200-9877-11ef-a47d-12832fc4c381

3 KB
3 KB

222ms
45ms

Document
text/html

54.82.7.206
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://ernus-dop.com/zclkvisitor/123f2b82-b87c-11ef-9c33-0affca48d617/f8472a30-a5e5-11ec-9226-0a76dcc61f13?campaignid=201c7200-9877-11ef-a47d-12832fc4c381

Requested by

Host: recruiteasegithub.com
URL: https://recruiteasegithub.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

54.82.7.206 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-54-82-7-206.compute-1.amazonaws.com

Software

Resource Hash

8f12b9c5d41f11b0254d36cb7bb4a0ec2f0bd98bf36629fdea15df5ac6fa1fc4

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; script-src 'self' 'unsafe-inline'

Request headers

Referer: https://recruiteasegithub.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

access-control-allow-headers: X-Requested-With,Content-Type
access-control-allow-methods: GET,POST,OPTIONS
access-control-allow-origin: *
cache-control: no-store, no-cache, pre-check=0, post-check=0
content-length: 3088
content-security-policy: default-src 'self'; script-src 'self' 'unsafe-inline'
content-type: text/html;charset=UTF-8
date: Thu, 12 Dec 2024 11:27:29 GMT

Redirect headers

content-language: en
content-length: 0
content-type: text/html; charset=utf-8
date: Thu, 12 Dec 2024 11:27:29 GMT
location: https://ernus-dop.com/zclkvisitor/123f2b82-b87c-11ef-9c33-0affca48d617/f8472a30-a5e5-11ec-9226-0a76dcc61f13?campaignid=201c7200-9877-11ef-a47d-12832fc4c381
referrer-policy: no-referrer
server: openresty/1.13.6.1
vary: Accept-Language

GET
H2

200

/ Show response
qwfuu.topads-site.com/fdze4mod1i/
Redirect Chain

https://ernus-dop.com/zclkredirect?visitid=123f2b82-b87c-11ef-9c33-0affca48d617&type=js&browserWidth=1600&browserHeight=1200&iframeDetected=false&webdriverDetected=false&gpu=Intel%20Inc.%3B%20Intel...
https://main.proffering.xyz/15GUIL?zoneid=erythraean-weasel&campaignid=2471437&target=quebec-day-1lmowp53zd&cost=0.001300&external_id=NON-ADULT
https://qwfuu.altaircastor.com/?pl=W7-lkuObDEWXzHM4LgqUhA&tbd=864000&sub_id=parkdom&click_id=83085908d2e17c30e3d82de0289174a2-11246-1212
https://qwfuu.topads-site.com/fdze4mod1i/?pl=W7-lkuObDEWXzHM4LgqUhA&sm=phn&click_id=83085908d2e17c30e3d82de0289174a2-11246-1212&sub_id=parkdom&nrid=94f6e98d59c5499aa23fc71d588b2cda&tbd=864000&hash=...

60 KB
17 KB

376ms
256ms

Document
text/html

104.21.19.248
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://qwfuu.topads-site.com/fdze4mod1i/?pl=W7-lkuObDEWXzHM4LgqUhA&sm=phn&click_id=83085908d2e17c30e3d82de0289174a2-11246-1212&sub_id=parkdom&nrid=94f6e98d59c5499aa23fc71d588b2cda&tbd=864000&hash=KCMMnbORxxextYm1yUCh9w&exp=1734003151
Requested by: Host: ernus-dop.com
URL: https://ernus-dop.com/zclkvisitor/123f2b82-b87c-11ef-9c33-0affca48d617/f8472a30-a5e5-11ec-9226-0a76dcc61f13?campaignid=201c7200-9877-11ef-a47d-12832fc4c381
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.21.19.248 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: cd2332792852c2a4c36d68e5eca29051c31d1644d61646b691615aa6ceeaa49e

Request headers

Referer: https://ernus-dop.com/zclkvisitor/123f2b82-b87c-11ef-9c33-0affca48d617/f8472a30-a5e5-11ec-9226-0a76dcc61f13?campaignid=201c7200-9877-11ef-a47d-12832fc4c381
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

alt-svc: h3=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 8f0d5d9fdd1e42e4-EWR
content-encoding: zstd
content-type: text/html
date: Thu, 12 Dec 2024 11:27:32 GMT
last-modified: Wed, 27 Nov 2024 15:15:38 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=ru0HaBXSb9wYfm0bOPDsMzN6MfyqBH5rOW3MsCqCzKfytbuQh71XJtVvBcHXEjCkORVUtthHEHjmELvesbi0Y1mSQGM%2FJwIKgrw82tn2bRZzlZqIVAnywPoyOycnsiCYSKIU%2F0Alezc%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
server-timing: cfL4;desc="?proto=TCP&rtt=8745&min_rtt=8659&rtt_var=2501&sent=7&recv=8&lost=0&retrans=0&sent_bytes=4004&recv_bytes=2521&delivery_rate=505832&cwnd=253&unsent_bytes=0&cid=34d0c65d4c8a296a&ts=250&x=0"

Redirect headers

accept-ch: Sec-CH-UA, Sec-CH-UA-Platform, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version
alt-svc: h3=":443"; ma=86400
cache-control: max-age=0, no-cache, no-store, must-revalidate
cf-cache-status: DYNAMIC
cf-ray: 8f0d5d9db9c041ff-EWR
content-length: 0
date: Thu, 12 Dec 2024 11:27:31 GMT
location: https://qwfuu.topads-site.com/fdze4mod1i/?pl=W7-lkuObDEWXzHM4LgqUhA&sm=phn&click_id=83085908d2e17c30e3d82de0289174a2-11246-1212&sub_id=parkdom&nrid=94f6e98d59c5499aa23fc71d588b2cda&tbd=864000&hash=KCMMnbORxxextYm1yUCh9w&exp=1734003151
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
priority: u=0,i
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=06X0YToOFQiab6DAXVYHx9Oxlqfv9tZLmu%2BzrjCCYGncUqYfHnijHp%2FdDPvwZ3kEEjS240lrFFfhk60WtM07jsoQZZvJxfKZWqeuVb6ZI5KBbn9EKis2ydViriKW9IkHn83qxzy4jh5i"}],"group":"cf-nel","max_age":604800}
server: cloudflare
server-timing: cfL4;desc="?proto=QUIC&rtt=27302&min_rtt=26759&rtt_var=5034&sent=13&recv=10&lost=0&retrans=0&sent_bytes=4254&recv_bytes=4572&delivery_rate=537&cwnd=12000&unsent_bytes=0&cid=6a3c93d907e267d5&ts=214&x=1" cfExtPri cfHdrFlush;dur=0

GET
H2 200 main.js Show response
qwfuu.topads-site.com/fdze4mod1i/assets/ 7 KB
3 KB 45ms
42ms Script
application/javascript 104.21.19.248
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://qwfuu.topads-site.com/fdze4mod1i/assets/main.js
Requested by: Host: qwfuu.topads-site.com
URL: https://qwfuu.topads-site.com/fdze4mod1i/?pl=W7-lkuObDEWXzHM4LgqUhA&sm=phn&click_id=83085908d2e17c30e3d82de0289174a2-11246-1212&sub_id=parkdom&nrid=94f6e98d59c5499aa23fc71d588b2cda&tbd=864000&hash=KCMMnbORxxextYm1yUCh9w&exp=1734003151
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.21.19.248 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 1824cd327adc006e13218157aa28338d22249c3b2a7fcfa090072b8dfdf08a87

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://qwfuu.topads-site.com/fdze4mod1i/?pl=W7-lkuObDEWXzHM4LgqUhA&sm=phn&click_id=83085908d2e17c30e3d82de0289174a2-11246-1212&sub_id=parkdom&nrid=94f6e98d59c5499aa23fc71d588b2cda&tbd=864000&hash=KCMMnbORxxextYm1yUCh9w&exp=1734003151

Response headers

cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding: zstd
cf-cache-status: HIT
etag: W/"6747379a-1d62"
age: 7063
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=uj%2FYBT%2F7kfOvZwDj%2Bkbz9LFGTpgOxs%2FsXT9BUhGgQYXLHVNXUSf2mlaDUwu9JylKwnZ0RMKi%2F7f23YMhx0dSvDkRt8dnIkQc5wNw6Tu9DbqScHjHYELXpQpe9lYVm7yD4K9QMpVVWh8%3D"}],"group":"cf-nel","max_age":604800}
cf-ray: 8f0d5da29f6842e4-EWR
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=TCP&rtt=8750&min_rtt=8659&rtt_var=815&sent=28&recv=14&lost=0&retrans=0&sent_bytes=25800&recv_bytes=3105&delivery_rate=1654390&cwnd=257&unsent_bytes=0&cid=34d0c65d4c8a296a&ts=489&x=0"
date: Thu, 12 Dec 2024 11:27:32 GMT
content-type: application/javascript
last-modified: Wed, 27 Nov 2024 15:15:38 GMT
vary: Accept-Encoding
server: cloudflare

GET
H2 200 style.css
qwfuu.topads-site.com/fdze4mod1i/assets/ 22 KB
4 KB 37ms
35ms Stylesheet
text/css 104.21.19.248
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://qwfuu.topads-site.com/fdze4mod1i/assets/style.css
Requested by: Host: qwfuu.topads-site.com
URL: https://qwfuu.topads-site.com/fdze4mod1i/?pl=W7-lkuObDEWXzHM4LgqUhA&sm=phn&click_id=83085908d2e17c30e3d82de0289174a2-11246-1212&sub_id=parkdom&nrid=94f6e98d59c5499aa23fc71d588b2cda&tbd=864000&hash=KCMMnbORxxextYm1yUCh9w&exp=1734003151
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.21.19.248 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e9de09f269bed108c6c88f6f5f0650db1547a23e6f180b5fd212869cd7b4990c

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://qwfuu.topads-site.com/fdze4mod1i/?pl=W7-lkuObDEWXzHM4LgqUhA&sm=phn&click_id=83085908d2e17c30e3d82de0289174a2-11246-1212&sub_id=parkdom&nrid=94f6e98d59c5499aa23fc71d588b2cda&tbd=864000&hash=KCMMnbORxxextYm1yUCh9w&exp=1734003151

Response headers

cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding: gzip
cf-cache-status: HIT
etag: W/"6747379a-58e5"
age: 7063
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=eCocAE7L4ZEE3zLut3PVDd81%2FonFct9IKtH3mRPl3UCRg%2BmtwRon0K4uGpbm3sHy9PMttoL0BHd2n5PPjZAxYyylD4RKxDUdbxNeAZq9tEzULP9w5xx31tcQnffxz1bAQuwgamWMwlA%3D"}],"group":"cf-nel","max_age":604800}
cf-ray: 8f0d5da28f5a42e4-EWR
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=TCP&rtt=8750&min_rtt=8659&rtt_var=815&sent=22&recv=13&lost=0&retrans=0&sent_bytes=21567&recv_bytes=2809&delivery_rate=1654390&cwnd=257&unsent_bytes=0&cid=34d0c65d4c8a296a&ts=481&x=0"
date: Thu, 12 Dec 2024 11:27:32 GMT
content-type: text/css
last-modified: Wed, 27 Nov 2024 15:15:38 GMT
vary: Accept-Encoding
server: cloudflare

GET
H2 200 thumb-big.jpg
qwfuu.topads-site.com/fdze4mod1i/assets/ 81 KB
81 KB 45ms
44ms Image
image/jpeg 104.21.19.248
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://qwfuu.topads-site.com/fdze4mod1i/assets/thumb-big.jpg
Requested by: Host: qwfuu.topads-site.com
URL: https://qwfuu.topads-site.com/fdze4mod1i/?pl=W7-lkuObDEWXzHM4LgqUhA&sm=phn&click_id=83085908d2e17c30e3d82de0289174a2-11246-1212&sub_id=parkdom&nrid=94f6e98d59c5499aa23fc71d588b2cda&tbd=864000&hash=KCMMnbORxxextYm1yUCh9w&exp=1734003151
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.21.19.248 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: deaddba93625d2c7610076927fcd37afadad9324ca3210a2bb12784d313dd788

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://qwfuu.topads-site.com/fdze4mod1i/?pl=W7-lkuObDEWXzHM4LgqUhA&sm=phn&click_id=83085908d2e17c30e3d82de0289174a2-11246-1212&sub_id=parkdom&nrid=94f6e98d59c5499aa23fc71d588b2cda&tbd=864000&hash=KCMMnbORxxextYm1yUCh9w&exp=1734003151

Response headers

cf-cache-status: HIT
etag: "6747379a-142bf"
age: 7062
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=QnW3QHNGMqfhtrrRK%2FhYedRPgZyF12cT2KbW8lb%2BZ9Zph4eww8022ewBmW4DnAKz9Gx4go9h6PlnieL25LBj%2BV%2FU0%2BABFFfNMBfyXX6rVs0OjrJ5TARybr7WqVBfZ9p4XNPITZ%2F7pco%3D"}],"group":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=TCP&rtt=8747&min_rtt=8636&rtt_var=616&sent=33&recv=15&lost=0&retrans=0&sent_bytes=29462&recv_bytes=3105&delivery_rate=1654390&cwnd=257&unsent_bytes=0&cid=34d0c65d4c8a296a&ts=490&x=0"
date: Thu, 12 Dec 2024 11:27:32 GMT
content-type: image/jpeg
last-modified: Wed, 27 Nov 2024 15:15:38 GMT
vary: Accept-Encoding
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 8f0d5da29f6a42e4-EWR
accept-ranges: bytes
content-length: 82623
server: cloudflare

GET
H2 200 terms.js Show response
qwfuu.topads-site.com/shared-js/assets/ 15 KB
5 KB 62ms
62ms Script
application/javascript 104.21.19.248
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://qwfuu.topads-site.com/shared-js/assets/terms.js?v=3
Requested by: Host: qwfuu.topads-site.com
URL: https://qwfuu.topads-site.com/fdze4mod1i/?pl=W7-lkuObDEWXzHM4LgqUhA&sm=phn&click_id=83085908d2e17c30e3d82de0289174a2-11246-1212&sub_id=parkdom&nrid=94f6e98d59c5499aa23fc71d588b2cda&tbd=864000&hash=KCMMnbORxxextYm1yUCh9w&exp=1734003151
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.21.19.248 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c46c955ff315766d3f9454fae48c7043233a2490689086c8613dbb37bca8fc46

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://qwfuu.topads-site.com/fdze4mod1i/?pl=W7-lkuObDEWXzHM4LgqUhA&sm=phn&click_id=83085908d2e17c30e3d82de0289174a2-11246-1212&sub_id=parkdom&nrid=94f6e98d59c5499aa23fc71d588b2cda&tbd=864000&hash=KCMMnbORxxextYm1yUCh9w&exp=1734003151

Response headers

cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding: zstd
cf-cache-status: HIT
etag: W/"67475928-3c54"
age: 7080
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=9Tbncp41g8r1dRNTDIba54%2F3W%2F2pFyTCMn0pahhgqEhISzZRIBgWR3%2BDHt0oT%2FY2UEGypn1E3pxlPLTUyhGi8%2F5Nz8WDfYlbgTfjmeuwho%2FchMRvp7V8d3HwZMEUOs1JL5BisjS7TfU%3D"}],"group":"cf-nel","max_age":604800}
cf-ray: 8f0d5da29f6b42e4-EWR
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=TCP&rtt=8747&min_rtt=8636&rtt_var=616&sent=95&recv=15&lost=0&retrans=0&sent_bytes=113371&recv_bytes=3105&delivery_rate=1654390&cwnd=257&unsent_bytes=0&cid=34d0c65d4c8a296a&ts=492&x=0"
date: Thu, 12 Dec 2024 11:27:32 GMT
content-type: application/javascript
last-modified: Wed, 27 Nov 2024 17:38:48 GMT
vary: Accept-Encoding
server: cloudflare

GET
H2 200 static-pl.js Show response
qwfuu.topads-site.com/shared-js/assets/ 5 KB
2 KB 42ms
42ms Script
application/javascript 104.21.19.248
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://qwfuu.topads-site.com/shared-js/assets/static-pl.js?v=6
Requested by: Host: qwfuu.topads-site.com
URL: https://qwfuu.topads-site.com/fdze4mod1i/?pl=W7-lkuObDEWXzHM4LgqUhA&sm=phn&click_id=83085908d2e17c30e3d82de0289174a2-11246-1212&sub_id=parkdom&nrid=94f6e98d59c5499aa23fc71d588b2cda&tbd=864000&hash=KCMMnbORxxextYm1yUCh9w&exp=1734003151
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.21.19.248 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f98b22d07cb47175205b82d6d2a60409799180788712f097facbe2cdfffc6a28

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://qwfuu.topads-site.com/fdze4mod1i/?pl=W7-lkuObDEWXzHM4LgqUhA&sm=phn&click_id=83085908d2e17c30e3d82de0289174a2-11246-1212&sub_id=parkdom&nrid=94f6e98d59c5499aa23fc71d588b2cda&tbd=864000&hash=KCMMnbORxxextYm1yUCh9w&exp=1734003151

Response headers

cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding: zstd
cf-cache-status: HIT
etag: W/"6747379a-1261"
age: 7019
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=x3%2BH5MLKwAUveTD%2FjnOyNeOxD9Ki%2BXmVmOUZsUw%2FHPhoW6uv6cAZWBeGngIt15mBdqSWWsS156orR1NHcZdmQsEBAJzPPXVjV1qU0T%2FWjFFAH45NDaLR8CnCcKbvaj3HwdTUPXWoJdA%3D"}],"group":"cf-nel","max_age":604800}
cf-ray: 8f0d5da2dfab42e4-EWR
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=TCP&rtt=8904&min_rtt=8630&rtt_var=298&sent=101&recv=32&lost=0&retrans=0&sent_bytes=118942&recv_bytes=3180&delivery_rate=10487284&cwnd=287&unsent_bytes=0&cid=34d0c65d4c8a296a&ts=529&x=0"
date: Thu, 12 Dec 2024 11:27:32 GMT
content-type: application/javascript
last-modified: Wed, 27 Nov 2024 15:15:38 GMT
vary: Accept-Encoding
server: cloudflare

GET
DATA 200
OK truncated
/ 2 KB
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: e7547c638fcf80efaf78ad599a3c81598071b8bab934f288d8792968f39f7838

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ 246 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: b43ef171c22c73c4c2644ee0b8094997496c3b7e7886deb93380ac5fa975a8fd

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ 237 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 8fe7a1ca687ce722902004dae991d26544e415043eac429d4cc153611712df16

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ 370 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: bfa510c4b10dcd3c82b78bebe5a955e3b9a04565a46a3d5df27024af2e547668

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ 2 KB
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 5d4408762f9d1774f06dabc68534482080329ec4d0b9a6c342a4435a7930dcd7

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer

Response headers

Content-Type: image/png

GET
H2 200 /
qwfuu.topads-site.com/fdze4mod1i/ 60 KB
60 KB 0ms
0ms Image
text/html 104.21.19.248
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://qwfuu.topads-site.com/fdze4mod1i/?pl=W7-lkuObDEWXzHM4LgqUhA&sm=phn&click_id=83085908d2e17c30e3d82de0289174a2-11246-1212&sub_id=parkdom&nrid=94f6e98d59c5499aa23fc71d588b2cda&tbd=864000&hash=KCMMnbORxxextYm1yUCh9w&exp=1734003151
Requested by: Host: qwfuu.topads-site.com
URL: https://qwfuu.topads-site.com/fdze4mod1i/?pl=W7-lkuObDEWXzHM4LgqUhA&sm=phn&click_id=83085908d2e17c30e3d82de0289174a2-11246-1212&sub_id=parkdom&nrid=94f6e98d59c5499aa23fc71d588b2cda&tbd=864000&hash=KCMMnbORxxextYm1yUCh9w&exp=1734003151
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.21.19.248 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://qwfuu.topads-site.com/fdze4mod1i/?pl=W7-lkuObDEWXzHM4LgqUhA&sm=phn&click_id=83085908d2e17c30e3d82de0289174a2-11246-1212&sub_id=parkdom&nrid=94f6e98d59c5499aa23fc71d588b2cda&tbd=864000&hash=KCMMnbORxxextYm1yUCh9w&exp=1734003151

Response headers

nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding: zstd
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=ru0HaBXSb9wYfm0bOPDsMzN6MfyqBH5rOW3MsCqCzKfytbuQh71XJtVvBcHXEjCkORVUtthHEHjmELvesbi0Y1mSQGM%2FJwIKgrw82tn2bRZzlZqIVAnywPoyOycnsiCYSKIU%2F0Alezc%3D"}],"group":"cf-nel","max_age":604800}
cf-ray: 8f0d5d9fdd1e42e4-EWR
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=TCP&rtt=8745&min_rtt=8659&rtt_var=2501&sent=7&recv=8&lost=0&retrans=0&sent_bytes=4004&recv_bytes=2521&delivery_rate=505832&cwnd=253&unsent_bytes=0&cid=34d0c65d4c8a296a&ts=250&x=0"
date: Thu, 12 Dec 2024 11:27:32 GMT
content-type: text/html
last-modified: Wed, 27 Nov 2024 15:15:38 GMT
server: cloudflare

GET
DATA 200
OK truncated
/ 241 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 350f1f402cbef880c0609948ef9c67d90bf7ec4a9ad1e48cbbd81b43becdfafd

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ 608 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 49ed9b1e7e3fe88fb51a8a4c1adc5d3c24cb11f7363bd02e294fb732758edb21

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ 3 KB
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 7482cf4d44518772564144cead954c6bce6aeb83c6339205100bc718145228c6

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer

Response headers

Content-Type: image/png

GET
H3 200 ps.js Show response
qwfuu.topads-site.com/ps/ 36 KB
15 KB 349ms
348ms Script
application/javascript 104.21.19.248
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://qwfuu.topads-site.com/ps/ps.js?&edg=true&sw=&fullscreen=true&pl=true&pp=false&id=W7-lkuObDEWXzHM4LgqUhA&sm=phn&click_id=83085908d2e17c30e3d82de0289174a2-11246-1212&sub_id=parkdom&appspot=&d=https%3A%2F%2Fqwfuu.topads-site.com&timeout=864000&tb=true&nrid=94f6e98d59c5499aa23fc71d588b2cda
Requested by: Host: qwfuu.topads-site.com
URL: https://qwfuu.topads-site.com/shared-js/assets/static-pl.js?v=6
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.21.19.248 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: af744c0b109bdc2152dc85939ba17b05c44ac4774fbbc19fb936551ca022371f

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://qwfuu.topads-site.com/fdze4mod1i/?pl=W7-lkuObDEWXzHM4LgqUhA&sm=phn&click_id=83085908d2e17c30e3d82de0289174a2-11246-1212&sub_id=parkdom&nrid=94f6e98d59c5499aa23fc71d588b2cda&tbd=864000&hash=KCMMnbORxxextYm1yUCh9w&exp=1734003151

Response headers

cache-control: max-age=0, no-cache, no-store, must-revalidate
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding: zstd
cf-cache-status: BYPASS
accept-ch: Sec-CH-UA, Sec-CH-UA-Platform, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=t3uBPJkM2tkpowm75SUeMpUfKskbw%2F5BrwCCLmuChDSx2TF7%2F8MLVfJ4tXtHqMNivQDxqeI5iWSJElR6nR6HjAMlMS01%2Bup7rkthn%2F5KDEd%2BzojfL1Se5enrrXdIW961vF0yJfvTjrM%3D"}],"group":"cf-nel","max_age":604800}
cf-ray: 8f0d5da329275e74-EWR
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=38404&min_rtt=26165&rtt_var=14492&sent=13&recv=10&lost=0&retrans=0&sent_bytes=4308&recv_bytes=4714&delivery_rate=357&cwnd=12000&unsent_bytes=0&cid=4c691b60e8b4b59b&ts=377&x=1", cfExtPri, cfHdrFlush;dur=0
date: Thu, 12 Dec 2024 11:27:32 GMT
content-type: application/javascript
vary: Accept-Encoding
server: cloudflare
priority: u=3,i=?0

GET
H3 200 config.js Show response
qwfuu.topads-site.com/ps/ 364 B
987 B 160ms
159ms Script
application/javascript 104.21.19.248
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://qwfuu.topads-site.com/ps/config.js?id=W7-lkuObDEWXzHM4LgqUhA
Requested by: Host: qwfuu.topads-site.com
URL: https://qwfuu.topads-site.com/ps/ps.js?&edg=true&sw=&fullscreen=true&pl=true&pp=false&id=W7-lkuObDEWXzHM4LgqUhA&sm=phn&click_id=83085908d2e17c30e3d82de0289174a2-11246-1212&sub_id=parkdom&appspot=&d=https%3A%2F%2Fqwfuu.topads-site.com&timeout=864000&tb=true&nrid=94f6e98d59c5499aa23fc71d588b2cda
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.21.19.248 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: af0bb8b7a4d64839b86f8ee7fd4c1e9e0cd914e00e73006921ebace3cdc24047

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://qwfuu.topads-site.com/fdze4mod1i/?pl=W7-lkuObDEWXzHM4LgqUhA&sm=phn&click_id=83085908d2e17c30e3d82de0289174a2-11246-1212&sub_id=parkdom&nrid=94f6e98d59c5499aa23fc71d588b2cda&tbd=864000&hash=KCMMnbORxxextYm1yUCh9w&exp=1734003151

Response headers

cache-control: max-age=0, no-cache, no-store, must-revalidate
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding: zstd
cf-cache-status: BYPASS
accept-ch: Sec-CH-UA, Sec-CH-UA-Platform, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=3K6uAoR%2FF9j1nwgOSM3HUpYJlzD%2BF2lHxinV3iAdmFpvJ0coPsjLjD%2F7wejmE7ovBmTZvupG%2BSC0hgdLhk6SE%2BqTkxcvMCzCbyWrn8I%2BoYA78MmbZ0wAxtfTuAk7AOJNYMrxpeu61ME%3D"}],"group":"cf-nel","max_age":604800}
cf-ray: 8f0d5da58b185e74-EWR
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=31752&min_rtt=26165&rtt_var=6809&sent=50&recv=31&lost=0&retrans=0&sent_bytes=35993&recv_bytes=12487&delivery_rate=334226&cwnd=15600&unsent_bytes=0&cid=4c691b60e8b4b59b&ts=560&x=1", cfExtPri, cfHdrFlush;dur=8
date: Thu, 12 Dec 2024 11:27:32 GMT
content-type: application/javascript
vary: Accept-Encoding
server: cloudflare
priority: u=3,i=?0

GET
H3 200 rec-1.jpg
qwfuu.topads-site.com/fdze4mod1i/assets/ 14 KB
15 KB 53ms
51ms Image
image/jpeg 104.21.19.248
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://qwfuu.topads-site.com/fdze4mod1i/assets/rec-1.jpg
Requested by: Host: qwfuu.topads-site.com
URL: https://qwfuu.topads-site.com/fdze4mod1i/?pl=W7-lkuObDEWXzHM4LgqUhA&sm=phn&click_id=83085908d2e17c30e3d82de0289174a2-11246-1212&sub_id=parkdom&nrid=94f6e98d59c5499aa23fc71d588b2cda&tbd=864000&hash=KCMMnbORxxextYm1yUCh9w&exp=1734003151
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.21.19.248 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 098b2a4c2b05fc238c6eae8654ea2a3bc9d5fac7c59cb420242d405fcc83ed47

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://qwfuu.topads-site.com/fdze4mod1i/?pl=W7-lkuObDEWXzHM4LgqUhA&sm=phn&click_id=83085908d2e17c30e3d82de0289174a2-11246-1212&sub_id=parkdom&nrid=94f6e98d59c5499aa23fc71d588b2cda&tbd=864000&hash=KCMMnbORxxextYm1yUCh9w&exp=1734003151

Response headers

cf-cache-status: HIT
etag: "6747379a-3844"
age: 6993
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=plGRR5%2BuzF2YKXscBgGhEDHX4R9Y5ybT0Ti4YPSljGiPS1WrugoLcPcoi6P4MFh3KZD5C0yp5oJZZs8XoMeScWZVJv749phLm54day6hlyxLc4Eg%2Bm6B7OEXdEWlE5d%2BCaoL73HmVg0%3D"}],"group":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=31752&min_rtt=26165&rtt_var=6809&sent=37&recv=31&lost=0&retrans=0&sent_bytes=20596&recv_bytes=12487&delivery_rate=334226&cwnd=15600&unsent_bytes=0&cid=4c691b60e8b4b59b&ts=526&x=1", cfExtPri, cfHdrFlush;dur=0
date: Thu, 12 Dec 2024 11:27:32 GMT
content-type: image/jpeg
last-modified: Wed, 27 Nov 2024 15:15:38 GMT
vary: Accept-Encoding
priority: u=3,i
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 8f0d5da60bf15e74-EWR
accept-ranges: bytes
content-length: 14404
server: cloudflare

GET
H3 200 rec-2.jpg
qwfuu.topads-site.com/fdze4mod1i/assets/ 11 KB
11 KB 84ms
81ms Image
image/jpeg 104.21.19.248
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://qwfuu.topads-site.com/fdze4mod1i/assets/rec-2.jpg
Requested by: Host: qwfuu.topads-site.com
URL: https://qwfuu.topads-site.com/fdze4mod1i/?pl=W7-lkuObDEWXzHM4LgqUhA&sm=phn&click_id=83085908d2e17c30e3d82de0289174a2-11246-1212&sub_id=parkdom&nrid=94f6e98d59c5499aa23fc71d588b2cda&tbd=864000&hash=KCMMnbORxxextYm1yUCh9w&exp=1734003151
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.21.19.248 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b0fe8ace388ec8556bcdd46cd30a03ddaadcf80d124e9052f2a19a27061829f7

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://qwfuu.topads-site.com/fdze4mod1i/?pl=W7-lkuObDEWXzHM4LgqUhA&sm=phn&click_id=83085908d2e17c30e3d82de0289174a2-11246-1212&sub_id=parkdom&nrid=94f6e98d59c5499aa23fc71d588b2cda&tbd=864000&hash=KCMMnbORxxextYm1yUCh9w&exp=1734003151

Response headers

cf-cache-status: HIT
etag: "6747379a-2a8a"
age: 6993
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=%2F6EN5hjurNMuV27EystXeUgoU3bwFSPNoUpopy1pYcBP3dAtitmciw7sqKWDRSgktxnoLYzCZAxGcLjdTvHTT3BUQOc8OJpUJfzA1suzh8GVQnfFnRVMGh6%2BAT0XkXd2uQs1QK73I5Y%3D"}],"group":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=31752&min_rtt=26165&rtt_var=6809&sent=50&recv=31&lost=0&retrans=0&sent_bytes=35993&recv_bytes=12487&delivery_rate=334226&cwnd=15600&unsent_bytes=0&cid=4c691b60e8b4b59b&ts=531&x=1", cfExtPri, cfHdrFlush;dur=37
date: Thu, 12 Dec 2024 11:27:32 GMT
content-type: image/jpeg
last-modified: Wed, 27 Nov 2024 15:15:38 GMT
vary: Accept-Encoding
priority: u=3,i
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 8f0d5da60bf55e74-EWR
accept-ranges: bytes
content-length: 10890
server: cloudflare

GET
H3 200 rec-3.jpg
qwfuu.topads-site.com/fdze4mod1i/assets/ 15 KB
16 KB 86ms
83ms Image
image/jpeg 104.21.19.248
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://qwfuu.topads-site.com/fdze4mod1i/assets/rec-3.jpg
Requested by: Host: qwfuu.topads-site.com
URL: https://qwfuu.topads-site.com/fdze4mod1i/?pl=W7-lkuObDEWXzHM4LgqUhA&sm=phn&click_id=83085908d2e17c30e3d82de0289174a2-11246-1212&sub_id=parkdom&nrid=94f6e98d59c5499aa23fc71d588b2cda&tbd=864000&hash=KCMMnbORxxextYm1yUCh9w&exp=1734003151
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.21.19.248 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 9ee7f1aecdeb64f4ce54c5d0b7ea3d92b2e9d06a7f9cb7b793e39262cda05996

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://qwfuu.topads-site.com/fdze4mod1i/?pl=W7-lkuObDEWXzHM4LgqUhA&sm=phn&click_id=83085908d2e17c30e3d82de0289174a2-11246-1212&sub_id=parkdom&nrid=94f6e98d59c5499aa23fc71d588b2cda&tbd=864000&hash=KCMMnbORxxextYm1yUCh9w&exp=1734003151

Response headers

cf-cache-status: HIT
etag: "6747379a-3b71"
age: 6993
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=epsNDDwfGor1I22MvgQwXdmUZV7cGYdF8VdruiFZ6kUErN%2Fx2%2FpcgT6Q6F7FdGDfLmVhfaF%2FaRKJgG3S3YzCVA8UEGO1tYnG4xW5YqJ3kQHc6dwJEbqAd243DTr0Pxqbc0p815jFLro%3D"}],"group":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=31752&min_rtt=26165&rtt_var=6809&sent=50&recv=31&lost=0&retrans=0&sent_bytes=35993&recv_bytes=12487&delivery_rate=334226&cwnd=15600&unsent_bytes=0&cid=4c691b60e8b4b59b&ts=527&x=1", cfExtPri, cfHdrFlush;dur=42
date: Thu, 12 Dec 2024 11:27:32 GMT
content-type: image/jpeg
last-modified: Wed, 27 Nov 2024 15:15:38 GMT
vary: Accept-Encoding
priority: u=3,i
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 8f0d5da60bf85e74-EWR
accept-ranges: bytes
content-length: 15217
server: cloudflare

GET
H3 200 rec-4.jpg
qwfuu.topads-site.com/fdze4mod1i/assets/ 9 KB
9 KB 88ms
85ms Image
image/jpeg 104.21.19.248
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://qwfuu.topads-site.com/fdze4mod1i/assets/rec-4.jpg
Requested by: Host: qwfuu.topads-site.com
URL: https://qwfuu.topads-site.com/fdze4mod1i/?pl=W7-lkuObDEWXzHM4LgqUhA&sm=phn&click_id=83085908d2e17c30e3d82de0289174a2-11246-1212&sub_id=parkdom&nrid=94f6e98d59c5499aa23fc71d588b2cda&tbd=864000&hash=KCMMnbORxxextYm1yUCh9w&exp=1734003151
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.21.19.248 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f71320d61eb339fdb7b5d20249d4f6aa6e37e22e618dc83e8459da1db3f79483

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://qwfuu.topads-site.com/fdze4mod1i/?pl=W7-lkuObDEWXzHM4LgqUhA&sm=phn&click_id=83085908d2e17c30e3d82de0289174a2-11246-1212&sub_id=parkdom&nrid=94f6e98d59c5499aa23fc71d588b2cda&tbd=864000&hash=KCMMnbORxxextYm1yUCh9w&exp=1734003151

Response headers

cf-cache-status: HIT
etag: "6747379a-22c4"
age: 6993
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=750wyO5%2F9b43nGmALXGAs%2B4qniIi47idAs4ePASMdYX4DyAPMbv1Bu3XuQINRGhEwmjxEYrC%2BonWc3wu7iZXPJny8YVaa5bbSkSPoRtEBARzgG0QFqnrSNi2G2cKsB4M76YA%2FTAktAM%3D"}],"group":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=31752&min_rtt=26165&rtt_var=6809&sent=50&recv=31&lost=0&retrans=0&sent_bytes=35993&recv_bytes=12487&delivery_rate=334226&cwnd=15600&unsent_bytes=0&cid=4c691b60e8b4b59b&ts=529&x=1", cfExtPri, cfHdrFlush;dur=41
date: Thu, 12 Dec 2024 11:27:32 GMT
content-type: image/jpeg
last-modified: Wed, 27 Nov 2024 15:15:38 GMT
vary: Accept-Encoding
priority: u=3,i
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 8f0d5da60bfb5e74-EWR
accept-ranges: bytes
content-length: 8900
server: cloudflare

GET
H3 200 rec-5.jpg
qwfuu.topads-site.com/fdze4mod1i/assets/ 13 KB
14 KB 87ms
84ms Image
image/jpeg 104.21.19.248
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://qwfuu.topads-site.com/fdze4mod1i/assets/rec-5.jpg
Requested by: Host: qwfuu.topads-site.com
URL: https://qwfuu.topads-site.com/fdze4mod1i/?pl=W7-lkuObDEWXzHM4LgqUhA&sm=phn&click_id=83085908d2e17c30e3d82de0289174a2-11246-1212&sub_id=parkdom&nrid=94f6e98d59c5499aa23fc71d588b2cda&tbd=864000&hash=KCMMnbORxxextYm1yUCh9w&exp=1734003151
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.21.19.248 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a77b6918c2799981aa1a09fc5f787ff109883093f2efd28beaf79031f5a8ac02

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://qwfuu.topads-site.com/fdze4mod1i/?pl=W7-lkuObDEWXzHM4LgqUhA&sm=phn&click_id=83085908d2e17c30e3d82de0289174a2-11246-1212&sub_id=parkdom&nrid=94f6e98d59c5499aa23fc71d588b2cda&tbd=864000&hash=KCMMnbORxxextYm1yUCh9w&exp=1734003151

Response headers

cf-cache-status: HIT
etag: "6747379a-335d"
age: 6993
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=kYqm6Ju9mlKwzhRTQbIsY%2BLLooHVvh%2FRBnF%2BTHQTj462qYdUZgeEkrrntuMn02K45U%2FsKsVTQCSsAYtDE7xGBRTaIw8EBurlRRePse4gZxFgZxKurlpgCAj3ryO63qNLO3K6P6hiIac%3D"}],"group":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=31752&min_rtt=26165&rtt_var=6809&sent=50&recv=31&lost=0&retrans=0&sent_bytes=35993&recv_bytes=12487&delivery_rate=334226&cwnd=15600&unsent_bytes=0&cid=4c691b60e8b4b59b&ts=528&x=1", cfExtPri, cfHdrFlush;dur=42
date: Thu, 12 Dec 2024 11:27:32 GMT
content-type: image/jpeg
last-modified: Wed, 27 Nov 2024 15:15:38 GMT
vary: Accept-Encoding
priority: u=3,i
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 8f0d5da60bfc5e74-EWR
accept-ranges: bytes
content-length: 13149
server: cloudflare

GET
H3 200 rec-6.jpg
qwfuu.topads-site.com/fdze4mod1i/assets/ 16 KB
16 KB 87ms
85ms Image
image/jpeg 104.21.19.248
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://qwfuu.topads-site.com/fdze4mod1i/assets/rec-6.jpg
Requested by: Host: qwfuu.topads-site.com
URL: https://qwfuu.topads-site.com/fdze4mod1i/?pl=W7-lkuObDEWXzHM4LgqUhA&sm=phn&click_id=83085908d2e17c30e3d82de0289174a2-11246-1212&sub_id=parkdom&nrid=94f6e98d59c5499aa23fc71d588b2cda&tbd=864000&hash=KCMMnbORxxextYm1yUCh9w&exp=1734003151
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.21.19.248 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6e1e474a8fc326cd06593e0c1a55d0e73126ada3bf169713b847e82d28646773

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://qwfuu.topads-site.com/fdze4mod1i/?pl=W7-lkuObDEWXzHM4LgqUhA&sm=phn&click_id=83085908d2e17c30e3d82de0289174a2-11246-1212&sub_id=parkdom&nrid=94f6e98d59c5499aa23fc71d588b2cda&tbd=864000&hash=KCMMnbORxxextYm1yUCh9w&exp=1734003151

Response headers

cf-cache-status: HIT
etag: "6747379a-3e74"
age: 6993
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=tDW7dhWgMbevfyDGMEDsSlYkNldAZsCrt2Nb1usS9r695ImyL%2FmHJ2dGClipxb7t7iK5YQBir9qLnlV8hCbcRD1BgfqXjQsttmEO6DB0E028%2FcIl8FvbCWjFB1gjGd5JPZKK88JSRAs%3D"}],"group":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=31752&min_rtt=26165&rtt_var=6809&sent=50&recv=31&lost=0&retrans=0&sent_bytes=35993&recv_bytes=12487&delivery_rate=334226&cwnd=15600&unsent_bytes=0&cid=4c691b60e8b4b59b&ts=530&x=1", cfExtPri, cfHdrFlush;dur=41
date: Thu, 12 Dec 2024 11:27:32 GMT
content-type: image/jpeg
last-modified: Wed, 27 Nov 2024 15:15:38 GMT
vary: Accept-Encoding
priority: u=3,i
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 8f0d5da60bfe5e74-EWR
accept-ranges: bytes
content-length: 15988
server: cloudflare

GET
H3 200 rec-7.jpg
qwfuu.topads-site.com/fdze4mod1i/assets/ 14 KB
14 KB 89ms
86ms Image
image/jpeg 104.21.19.248
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://qwfuu.topads-site.com/fdze4mod1i/assets/rec-7.jpg
Requested by: Host: qwfuu.topads-site.com
URL: https://qwfuu.topads-site.com/fdze4mod1i/?pl=W7-lkuObDEWXzHM4LgqUhA&sm=phn&click_id=83085908d2e17c30e3d82de0289174a2-11246-1212&sub_id=parkdom&nrid=94f6e98d59c5499aa23fc71d588b2cda&tbd=864000&hash=KCMMnbORxxextYm1yUCh9w&exp=1734003151
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.21.19.248 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: edb8c2bdc0f5612a5bf789af233ccaa63dd3751fbfaffb01be48e6e43e78b0bc

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://qwfuu.topads-site.com/fdze4mod1i/?pl=W7-lkuObDEWXzHM4LgqUhA&sm=phn&click_id=83085908d2e17c30e3d82de0289174a2-11246-1212&sub_id=parkdom&nrid=94f6e98d59c5499aa23fc71d588b2cda&tbd=864000&hash=KCMMnbORxxextYm1yUCh9w&exp=1734003151

Response headers

cf-cache-status: HIT
etag: "6747379a-368b"
age: 6993
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=31NwjB2w39l1iIndYSvZJxawkN4iaO1k6TzVymyocu65fHNTKEEYfFJzKUR%2FkmJEC8CF8UAsj4Agl9jybwsxKdNiNA2OdNqVB2l7cBI2SIzbl3C7X50C3d3m3J3GcVl07m1D0x2qGaY%3D"}],"group":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=31752&min_rtt=26165&rtt_var=6809&sent=50&recv=31&lost=0&retrans=0&sent_bytes=35993&recv_bytes=12487&delivery_rate=334226&cwnd=15600&unsent_bytes=0&cid=4c691b60e8b4b59b&ts=530&x=1", cfExtPri, cfHdrFlush;dur=41
date: Thu, 12 Dec 2024 11:27:32 GMT
content-type: image/jpeg
last-modified: Wed, 27 Nov 2024 15:15:38 GMT
vary: Accept-Encoding
priority: u=3,i
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 8f0d5da60bff5e74-EWR
accept-ranges: bytes
content-length: 13963
server: cloudflare

GET
H3 200 rec-8.jpg
qwfuu.topads-site.com/fdze4mod1i/assets/ 13 KB
13 KB 108ms
106ms Image
image/jpeg 104.21.19.248
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://qwfuu.topads-site.com/fdze4mod1i/assets/rec-8.jpg
Requested by: Host: qwfuu.topads-site.com
URL: https://qwfuu.topads-site.com/fdze4mod1i/?pl=W7-lkuObDEWXzHM4LgqUhA&sm=phn&click_id=83085908d2e17c30e3d82de0289174a2-11246-1212&sub_id=parkdom&nrid=94f6e98d59c5499aa23fc71d588b2cda&tbd=864000&hash=KCMMnbORxxextYm1yUCh9w&exp=1734003151
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.21.19.248 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4fad6c5d1cd5bdb7eea1b216774e831a6e59a11ddcc8b0881747a4d278d86940

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://qwfuu.topads-site.com/fdze4mod1i/?pl=W7-lkuObDEWXzHM4LgqUhA&sm=phn&click_id=83085908d2e17c30e3d82de0289174a2-11246-1212&sub_id=parkdom&nrid=94f6e98d59c5499aa23fc71d588b2cda&tbd=864000&hash=KCMMnbORxxextYm1yUCh9w&exp=1734003151

Response headers

cf-cache-status: HIT
etag: "6747379a-32c0"
age: 6993
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=86poPaXTn2QezywlWc%2BvcirboWrZ9qOv8wwZM0CFsJK%2F3JyFjOD5EpJhtV1OcqU8ZnTAxSYrpgmxVwZzJ5zsErQHtdWVmT%2Ff6MNYDJdSInLlJf5LQWjoL%2Bbyh9OIeIZymfw%2Fg4Irkjw%3D"}],"group":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=31752&min_rtt=26165&rtt_var=6809&sent=50&recv=31&lost=0&retrans=0&sent_bytes=35993&recv_bytes=12487&delivery_rate=334226&cwnd=15600&unsent_bytes=0&cid=4c691b60e8b4b59b&ts=530&x=1", cfExtPri, cfHdrFlush;dur=66
date: Thu, 12 Dec 2024 11:27:32 GMT
content-type: image/jpeg
last-modified: Wed, 27 Nov 2024 15:15:38 GMT
vary: Accept-Encoding
priority: u=3,i
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 8f0d5da60c005e74-EWR
accept-ranges: bytes
content-length: 12992
server: cloudflare

GET
H3 200 1.jpg
qwfuu.topads-site.com/fdze4mod1i/assets/ 14 KB
15 KB 109ms
107ms Image
image/jpeg 104.21.19.248
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://qwfuu.topads-site.com/fdze4mod1i/assets/1.jpg
Requested by: Host: qwfuu.topads-site.com
URL: https://qwfuu.topads-site.com/fdze4mod1i/?pl=W7-lkuObDEWXzHM4LgqUhA&sm=phn&click_id=83085908d2e17c30e3d82de0289174a2-11246-1212&sub_id=parkdom&nrid=94f6e98d59c5499aa23fc71d588b2cda&tbd=864000&hash=KCMMnbORxxextYm1yUCh9w&exp=1734003151
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.21.19.248 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 098b2a4c2b05fc238c6eae8654ea2a3bc9d5fac7c59cb420242d405fcc83ed47

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://qwfuu.topads-site.com/fdze4mod1i/?pl=W7-lkuObDEWXzHM4LgqUhA&sm=phn&click_id=83085908d2e17c30e3d82de0289174a2-11246-1212&sub_id=parkdom&nrid=94f6e98d59c5499aa23fc71d588b2cda&tbd=864000&hash=KCMMnbORxxextYm1yUCh9w&exp=1734003151

Response headers

cf-cache-status: HIT
etag: "6747379a-3844"
age: 6993
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=ZbG8rLVqYhin%2BweIR6KwEcfW30KLy1kUHDlp0mPOZKDGMMnO7Hr%2FDgCBTF%2F1L4wf8jo47QCXDB6vNOp0QPRsMZvxT0xzkUV%2BUQp0T6wjB6f7SbYcrbHT3GJR%2F4mbTSLdwFWGz4UXbRA%3D"}],"group":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=31752&min_rtt=26165&rtt_var=6809&sent=50&recv=31&lost=0&retrans=0&sent_bytes=35993&recv_bytes=12487&delivery_rate=334226&cwnd=15600&unsent_bytes=0&cid=4c691b60e8b4b59b&ts=531&x=1", cfExtPri, cfHdrFlush;dur=68
date: Thu, 12 Dec 2024 11:27:32 GMT
content-type: image/jpeg
last-modified: Wed, 27 Nov 2024 15:15:38 GMT
vary: Accept-Encoding
priority: u=3,i
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 8f0d5da60c015e74-EWR
accept-ranges: bytes
content-length: 14404
server: cloudflare

GET
H3 200 2.jpg
qwfuu.topads-site.com/fdze4mod1i/assets/ 21 KB
21 KB 110ms
108ms Image
image/jpeg 104.21.19.248
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://qwfuu.topads-site.com/fdze4mod1i/assets/2.jpg
Requested by: Host: qwfuu.topads-site.com
URL: https://qwfuu.topads-site.com/fdze4mod1i/?pl=W7-lkuObDEWXzHM4LgqUhA&sm=phn&click_id=83085908d2e17c30e3d82de0289174a2-11246-1212&sub_id=parkdom&nrid=94f6e98d59c5499aa23fc71d588b2cda&tbd=864000&hash=KCMMnbORxxextYm1yUCh9w&exp=1734003151
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.21.19.248 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 626b570f2ffdf83add77f51246ccb195fec4c15e4289173b8183cd47e7cfd763

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://qwfuu.topads-site.com/fdze4mod1i/?pl=W7-lkuObDEWXzHM4LgqUhA&sm=phn&click_id=83085908d2e17c30e3d82de0289174a2-11246-1212&sub_id=parkdom&nrid=94f6e98d59c5499aa23fc71d588b2cda&tbd=864000&hash=KCMMnbORxxextYm1yUCh9w&exp=1734003151

Response headers

cf-cache-status: HIT
etag: "6747379a-5305"
age: 6993
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=a1GCOcsrlYh7PQ3C6qll2ZwEdG6LOX%2Bky1QTUslW6wW%2FkoumhLRQmF2F%2BlPrOKO5XF8EdE0Rr73ZghtNljcjUwWc7yq%2Fj%2F3%2BUWv7saQHVEWHm6lKBIUackonvlk7DkRt6qvprNQrKJ8%3D"}],"group":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=31752&min_rtt=26165&rtt_var=6809&sent=50&recv=31&lost=0&retrans=0&sent_bytes=35993&recv_bytes=12487&delivery_rate=334226&cwnd=15600&unsent_bytes=0&cid=4c691b60e8b4b59b&ts=534&x=1", cfExtPri, cfHdrFlush;dur=66
date: Thu, 12 Dec 2024 11:27:32 GMT
content-type: image/jpeg
last-modified: Wed, 27 Nov 2024 15:15:38 GMT
vary: Accept-Encoding
priority: u=3,i
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 8f0d5da60c025e74-EWR
accept-ranges: bytes
content-length: 21253
server: cloudflare

GET
H3 200 3.jpg
qwfuu.topads-site.com/fdze4mod1i/assets/ 11 KB
12 KB 120ms
118ms Image
image/jpeg 104.21.19.248
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://qwfuu.topads-site.com/fdze4mod1i/assets/3.jpg
Requested by: Host: qwfuu.topads-site.com
URL: https://qwfuu.topads-site.com/fdze4mod1i/?pl=W7-lkuObDEWXzHM4LgqUhA&sm=phn&click_id=83085908d2e17c30e3d82de0289174a2-11246-1212&sub_id=parkdom&nrid=94f6e98d59c5499aa23fc71d588b2cda&tbd=864000&hash=KCMMnbORxxextYm1yUCh9w&exp=1734003151
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.21.19.248 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 55fddecdb3ed8e536018523555d995f39f85304bbc00f65ab96472236b57a49a

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://qwfuu.topads-site.com/fdze4mod1i/?pl=W7-lkuObDEWXzHM4LgqUhA&sm=phn&click_id=83085908d2e17c30e3d82de0289174a2-11246-1212&sub_id=parkdom&nrid=94f6e98d59c5499aa23fc71d588b2cda&tbd=864000&hash=KCMMnbORxxextYm1yUCh9w&exp=1734003151

Response headers

cf-cache-status: HIT
etag: "6747379a-2b56"
age: 6993
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=G7b6GkIxFn4qk4QJ4skTJE5DpQD5itwCBKN8lvEbuLDkgRxJAy3rwRluUv%2BMuKn0NLK5ZvRNxa1aLAMjak4eb%2FChcvt2DEywcBfOtQhfsdj4quzZedm34As8%2FHCKxkMlzsD1sjjo7YM%3D"}],"group":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=31752&min_rtt=26165&rtt_var=6809&sent=50&recv=31&lost=0&retrans=0&sent_bytes=35993&recv_bytes=12487&delivery_rate=334226&cwnd=15600&unsent_bytes=0&cid=4c691b60e8b4b59b&ts=534&x=1", cfExtPri, cfHdrFlush;dur=67
date: Thu, 12 Dec 2024 11:27:32 GMT
content-type: image/jpeg
last-modified: Wed, 27 Nov 2024 15:15:38 GMT
vary: Accept-Encoding
priority: u=3,i
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 8f0d5da60c035e74-EWR
accept-ranges: bytes
content-length: 11094
server: cloudflare

GET
H3 200 4.jpg
qwfuu.topads-site.com/fdze4mod1i/assets/ 13 KB
14 KB 120ms
118ms Image
image/jpeg 104.21.19.248
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://qwfuu.topads-site.com/fdze4mod1i/assets/4.jpg
Requested by: Host: qwfuu.topads-site.com
URL: https://qwfuu.topads-site.com/fdze4mod1i/?pl=W7-lkuObDEWXzHM4LgqUhA&sm=phn&click_id=83085908d2e17c30e3d82de0289174a2-11246-1212&sub_id=parkdom&nrid=94f6e98d59c5499aa23fc71d588b2cda&tbd=864000&hash=KCMMnbORxxextYm1yUCh9w&exp=1734003151
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.21.19.248 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 44d3bf237a20f5d36a663aedd4a909a6118e6e35d6fe84971861f5638c070ecd

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://qwfuu.topads-site.com/fdze4mod1i/?pl=W7-lkuObDEWXzHM4LgqUhA&sm=phn&click_id=83085908d2e17c30e3d82de0289174a2-11246-1212&sub_id=parkdom&nrid=94f6e98d59c5499aa23fc71d588b2cda&tbd=864000&hash=KCMMnbORxxextYm1yUCh9w&exp=1734003151

Response headers

cf-cache-status: HIT
etag: "6747379a-352b"
age: 6993
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Ue1qXoUrmdEZF%2F%2FQTfUzfsLrNGIc%2BVmUrHidAj2ZrdvjWFgoHAAu7Va0tmJrI9z8XN%2FctznFKEMlZ3JrvW3vEDC10%2FWdAAtXs1KhufvGQFLfhT1GOH3gWDTGBR7tUL%2B6EosbWEI5OWY%3D"}],"group":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=31752&min_rtt=26165&rtt_var=6809&sent=50&recv=31&lost=0&retrans=0&sent_bytes=35993&recv_bytes=12487&delivery_rate=334226&cwnd=15600&unsent_bytes=0&cid=4c691b60e8b4b59b&ts=532&x=1", cfExtPri, cfHdrFlush;dur=70
date: Thu, 12 Dec 2024 11:27:32 GMT
content-type: image/jpeg
last-modified: Wed, 27 Nov 2024 15:15:38 GMT
vary: Accept-Encoding
priority: u=3,i
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 8f0d5da60c045e74-EWR
accept-ranges: bytes
content-length: 13611
server: cloudflare

GET
H3 200 5.jpg
qwfuu.topads-site.com/fdze4mod1i/assets/ 11 KB
12 KB 121ms
119ms Image
image/jpeg 104.21.19.248
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://qwfuu.topads-site.com/fdze4mod1i/assets/5.jpg
Requested by: Host: qwfuu.topads-site.com
URL: https://qwfuu.topads-site.com/fdze4mod1i/?pl=W7-lkuObDEWXzHM4LgqUhA&sm=phn&click_id=83085908d2e17c30e3d82de0289174a2-11246-1212&sub_id=parkdom&nrid=94f6e98d59c5499aa23fc71d588b2cda&tbd=864000&hash=KCMMnbORxxextYm1yUCh9w&exp=1734003151
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.21.19.248 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 34a3bc9a7aee67e35d57d4bb0bdccf08c3639da85d2421c58f6c4a92f5eee5e1

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://qwfuu.topads-site.com/fdze4mod1i/?pl=W7-lkuObDEWXzHM4LgqUhA&sm=phn&click_id=83085908d2e17c30e3d82de0289174a2-11246-1212&sub_id=parkdom&nrid=94f6e98d59c5499aa23fc71d588b2cda&tbd=864000&hash=KCMMnbORxxextYm1yUCh9w&exp=1734003151

Response headers

cf-cache-status: HIT
etag: "6747379a-2dc1"
age: 6992
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=yM%2FEiVFdzguHWEOCOQbskEm8p0ncwrLXJmyA0SoWYhJ16ZwDRXdl%2BCM4FhMOVVMvxh%2Ba2MwKpkjLv74NjdQBxOfusWZC5mvCYQJuQOzhz%2BtSCEnI4kJLYPHG59XX7I%2BM0hBwpaTkSDg%3D"}],"group":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=31752&min_rtt=26165&rtt_var=6809&sent=50&recv=31&lost=0&retrans=0&sent_bytes=35993&recv_bytes=12487&delivery_rate=334226&cwnd=15600&unsent_bytes=0&cid=4c691b60e8b4b59b&ts=540&x=1", cfExtPri, cfHdrFlush;dur=62
date: Thu, 12 Dec 2024 11:27:32 GMT
content-type: image/jpeg
last-modified: Wed, 27 Nov 2024 15:15:38 GMT
vary: Accept-Encoding
priority: u=3,i
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 8f0d5da60c075e74-EWR
accept-ranges: bytes
content-length: 11713
server: cloudflare

GET
H2 200 firebase-app-compat.js Show response
www.gstatic.com/firebasejs/10.3.1/ 28 KB
10 KB 448ms
44ms Script
text/javascript 142.251.111.94
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/firebasejs/10.3.1/firebase-app-compat.js

Requested by

Host: qwfuu.topads-site.com
URL: https://qwfuu.topads-site.com/ps/ps.js?&edg=true&sw=&fullscreen=true&pl=true&pp=false&id=W7-lkuObDEWXzHM4LgqUhA&sm=phn&click_id=83085908d2e17c30e3d82de0289174a2-11246-1212&sub_id=parkdom&appspot=&d=https%3A%2F%2Fqwfuu.topads-site.com&timeout=864000&tb=true&nrid=94f6e98d59c5499aa23fc71d588b2cda

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.111.94 Farmingdale, United States, ASN15169 (GOOGLE, US),

Reverse DNS

bk-in-f94.1e100.net

Software

sffe /

Resource Hash

a202b2051ea9810cd9ba592b3f9418a89e2062f5c185e29e288080b28eb64fe5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://qwfuu.topads-site.com/

Response headers

content-encoding: gzip
age: 454194
report-to: {"group":"firebase-js","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/firebase-js"}]}
x-content-type-options: nosniff
expires: Sun, 07 Dec 2025 05:17:39 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Sat, 07 Dec 2024 05:17:39 GMT
last-modified: Thu, 31 Aug 2023 15:20:38 GMT
content-type: text/javascript; charset=UTF-8
vary: Accept-Encoding
cache-control: public, max-age=31536000
cross-origin-opener-policy: same-origin-allow-popups; report-to="firebase-js"
cross-origin-resource-policy: cross-origin
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/firebase-js
accept-ranges: bytes
access-control-allow-origin: *
content-length: 9308
x-xss-protection: 0
server: sffe

GET
H2 200 firebase-messaging-compat.js Show response
www.gstatic.com/firebasejs/10.3.1/ 37 KB
10 KB 39ms
38ms Script
text/javascript 142.251.111.94
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/firebasejs/10.3.1/firebase-messaging-compat.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.111.94 Farmingdale, United States, ASN15169 (GOOGLE, US),

Reverse DNS

bk-in-f94.1e100.net

Software

sffe /

Resource Hash

21f1d62f222007068c793f0947d98f4ccb7c1595adb68efeb783390fdd8b5522

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://qwfuu.topads-site.com/

Response headers

content-encoding: gzip
age: 480384
report-to: {"group":"firebase-js","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/firebase-js"}]}
x-content-type-options: nosniff
expires: Sat, 06 Dec 2025 22:01:09 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Fri, 06 Dec 2024 22:01:09 GMT
last-modified: Thu, 31 Aug 2023 15:20:50 GMT
content-type: text/javascript; charset=UTF-8
vary: Accept-Encoding
cache-control: public, max-age=31536000
cross-origin-opener-policy: same-origin-allow-popups; report-to="firebase-js"
cross-origin-resource-policy: cross-origin
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/firebase-js
accept-ranges: bytes
access-control-allow-origin: *
content-length: 9934
x-xss-protection: 0
server: sffe

GET
H3 204 favicon.ico
qwfuu.topads-site.com/ 0
639 B 36ms
35ms Other
text/plain 104.21.19.248
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://qwfuu.topads-site.com/favicon.ico
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.21.19.248 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://qwfuu.topads-site.com/fdze4mod1i/?pl=W7-lkuObDEWXzHM4LgqUhA&sm=phn&click_id=83085908d2e17c30e3d82de0289174a2-11246-1212&sub_id=parkdom&nrid=94f6e98d59c5499aa23fc71d588b2cda&tbd=864000&hash=KCMMnbORxxextYm1yUCh9w&exp=1734003151

Response headers

cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-cache-status: HIT
age: 7019
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=hYN1DbMDnnV61FeD%2FzqkQhM4tB02kO52cxRnzPvSROEVENK79YiTa5XoY3rCGnXZEkm%2BZIZSv5R9SOzaO99bwYEySOU80WelVvRTAnpqpVvLLDsfp%2F%2Bj1ClhM7IGlEpgK7%2BuFk7n8CY%3D"}],"group":"cf-nel","max_age":604800}
cf-ray: 8f0d5da9bf825e74-EWR
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=42142&min_rtt=26165&rtt_var=5888&sent=245&recv=83&lost=0&retrans=0&sent_bytes=213166&recv_bytes=15782&delivery_rate=2493229&cwnd=101400&unsent_bytes=0&cid=4c691b60e8b4b59b&ts=1121&x=1", cfExtPri, cfHdrFlush;dur=0
date: Thu, 12 Dec 2024 11:27:33 GMT
vary: Accept-Encoding
server: cloudflare
priority: u=1,i

GET
H3 204 favicon.ico
qwfuu.topads-site.com/ 0
0 0ms
0ms Other
text/plain 104.21.19.248
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://qwfuu.topads-site.com/favicon.ico
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.21.19.248 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://qwfuu.topads-site.com/fdze4mod1i/?pl=W7-lkuObDEWXzHM4LgqUhA&sm=phn&click_id=83085908d2e17c30e3d82de0289174a2-11246-1212&sub_id=parkdom&nrid=94f6e98d59c5499aa23fc71d588b2cda&tbd=864000&hash=KCMMnbORxxextYm1yUCh9w&exp=1734003151

Response headers

cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-cache-status: HIT
age: 7019
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=hYN1DbMDnnV61FeD%2FzqkQhM4tB02kO52cxRnzPvSROEVENK79YiTa5XoY3rCGnXZEkm%2BZIZSv5R9SOzaO99bwYEySOU80WelVvRTAnpqpVvLLDsfp%2F%2Bj1ClhM7IGlEpgK7%2BuFk7n8CY%3D"}],"group":"cf-nel","max_age":604800}
cf-ray: 8f0d5da9bf825e74-EWR
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=42142&min_rtt=26165&rtt_var=5888&sent=245&recv=83&lost=0&retrans=0&sent_bytes=213166&recv_bytes=15782&delivery_rate=2493229&cwnd=101400&unsent_bytes=0&cid=4c691b60e8b4b59b&ts=1121&x=1", cfExtPri, cfHdrFlush;dur=0
date: Thu, 12 Dec 2024 11:27:33 GMT
vary: Accept-Encoding
server: cloudflare
priority: u=1,i

GET
H2 200 / Show response
qwfuu.topads-site.com/fdze4mod1i/ 60 KB
648 B 137ms
137ms Document
text/html 104.21.19.248
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://qwfuu.topads-site.com/fdze4mod1i/?pl=W7-lkuObDEWXzHM4LgqUhA&sm=phn&click_id=83085908d2e17c30e3d82de0289174a2-11246-1212&sub_id=parkdom&nrid=94f6e98d59c5499aa23fc71d588b2cda&tbd=864000&hash=KCMMnbORxxextYm1yUCh9w&exp=1734003151
Requested by: Host: qwfuu.topads-site.com
URL: https://qwfuu.topads-site.com/ps/ps.js?&edg=true&sw=&fullscreen=true&pl=true&pp=false&id=W7-lkuObDEWXzHM4LgqUhA&sm=phn&click_id=83085908d2e17c30e3d82de0289174a2-11246-1212&sub_id=parkdom&appspot=&d=https%3A%2F%2Fqwfuu.topads-site.com&timeout=864000&tb=true&nrid=94f6e98d59c5499aa23fc71d588b2cda
Protocol: H2
Security: QUIC, , AES_128_GCM
Server: 104.21.19.248 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: cd2332792852c2a4c36d68e5eca29051c31d1644d61646b691615aa6ceeaa49e

Request headers

Referer: https://qwfuu.topads-site.com/fdze4mod1i/?pl=W7-lkuObDEWXzHM4LgqUhA&sm=phn&click_id=83085908d2e17c30e3d82de0289174a2-11246-1212&sub_id=parkdom&nrid=94f6e98d59c5499aa23fc71d588b2cda&tbd=864000&hash=KCMMnbORxxextYm1yUCh9w&exp=1734003151
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

alt-svc: h3=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 8f0d5db37f5e5e74-EWR
content-encoding: zstd
content-type: text/html
date: Thu, 12 Dec 2024 11:27:35 GMT
last-modified: Wed, 27 Nov 2024 15:15:38 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
priority: u=0,i
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=OpqnCJXjeTSkVoYKpmfLEaAdNfu3I8ZWVHGOeL9lfWYGZuAuqCtB9Ib%2F5hDfzevZ9h9NqcjXpjqNGxmD6%2FOTa7mvL%2FWmF7giArMBsbWPNyyA%2B4Yj5sWyNQ8jFf%2BnkeLENZJm72VzgIY%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
server-timing: cfL4;desc="?proto=QUIC&rtt=40449&min_rtt=26165&rtt_var=7803&sent=249&recv=85&lost=0&retrans=0&sent_bytes=215584&recv_bytes=16593&delivery_rate=59313&cwnd=101400&unsent_bytes=0&cid=4c691b60e8b4b59b&ts=2780&x=1" cfExtPri cfHdrFlush;dur=0

GET
H2 200 main.js Show response
qwfuu.topads-site.com/fdze4mod1i/assets/ 7 KB
0 1ms
1ms Script
application/javascript 104.21.19.248
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://qwfuu.topads-site.com/fdze4mod1i/assets/main.js
Requested by: Host: qwfuu.topads-site.com
URL: https://qwfuu.topads-site.com/fdze4mod1i/?pl=W7-lkuObDEWXzHM4LgqUhA&sm=phn&click_id=83085908d2e17c30e3d82de0289174a2-11246-1212&sub_id=parkdom&nrid=94f6e98d59c5499aa23fc71d588b2cda&tbd=864000&hash=KCMMnbORxxextYm1yUCh9w&exp=1734003151
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.21.19.248 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 1824cd327adc006e13218157aa28338d22249c3b2a7fcfa090072b8dfdf08a87

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://qwfuu.topads-site.com/fdze4mod1i/?pl=W7-lkuObDEWXzHM4LgqUhA&sm=phn&click_id=83085908d2e17c30e3d82de0289174a2-11246-1212&sub_id=parkdom&nrid=94f6e98d59c5499aa23fc71d588b2cda&tbd=864000&hash=KCMMnbORxxextYm1yUCh9w&exp=1734003151

Response headers

cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding: zstd
cf-cache-status: HIT
etag: W/"6747379a-1d62"
age: 7063
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=uj%2FYBT%2F7kfOvZwDj%2Bkbz9LFGTpgOxs%2FsXT9BUhGgQYXLHVNXUSf2mlaDUwu9JylKwnZ0RMKi%2F7f23YMhx0dSvDkRt8dnIkQc5wNw6Tu9DbqScHjHYELXpQpe9lYVm7yD4K9QMpVVWh8%3D"}],"group":"cf-nel","max_age":604800}
cf-ray: 8f0d5da29f6842e4-EWR
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=TCP&rtt=8750&min_rtt=8659&rtt_var=815&sent=28&recv=14&lost=0&retrans=0&sent_bytes=25800&recv_bytes=3105&delivery_rate=1654390&cwnd=257&unsent_bytes=0&cid=34d0c65d4c8a296a&ts=489&x=0"
date: Thu, 12 Dec 2024 11:27:32 GMT
content-type: application/javascript
last-modified: Wed, 27 Nov 2024 15:15:38 GMT
vary: Accept-Encoding
server: cloudflare

GET
H2 200 style.css
qwfuu.topads-site.com/fdze4mod1i/assets/ 22 KB
0 2ms
2ms Stylesheet
text/css 104.21.19.248
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://qwfuu.topads-site.com/fdze4mod1i/assets/style.css
Requested by: Host: qwfuu.topads-site.com
URL: https://qwfuu.topads-site.com/fdze4mod1i/?pl=W7-lkuObDEWXzHM4LgqUhA&sm=phn&click_id=83085908d2e17c30e3d82de0289174a2-11246-1212&sub_id=parkdom&nrid=94f6e98d59c5499aa23fc71d588b2cda&tbd=864000&hash=KCMMnbORxxextYm1yUCh9w&exp=1734003151
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.21.19.248 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e9de09f269bed108c6c88f6f5f0650db1547a23e6f180b5fd212869cd7b4990c

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://qwfuu.topads-site.com/fdze4mod1i/?pl=W7-lkuObDEWXzHM4LgqUhA&sm=phn&click_id=83085908d2e17c30e3d82de0289174a2-11246-1212&sub_id=parkdom&nrid=94f6e98d59c5499aa23fc71d588b2cda&tbd=864000&hash=KCMMnbORxxextYm1yUCh9w&exp=1734003151

Response headers

cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding: gzip
cf-cache-status: HIT
etag: W/"6747379a-58e5"
age: 7063
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=eCocAE7L4ZEE3zLut3PVDd81%2FonFct9IKtH3mRPl3UCRg%2BmtwRon0K4uGpbm3sHy9PMttoL0BHd2n5PPjZAxYyylD4RKxDUdbxNeAZq9tEzULP9w5xx31tcQnffxz1bAQuwgamWMwlA%3D"}],"group":"cf-nel","max_age":604800}
cf-ray: 8f0d5da28f5a42e4-EWR
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=TCP&rtt=8750&min_rtt=8659&rtt_var=815&sent=22&recv=13&lost=0&retrans=0&sent_bytes=21567&recv_bytes=2809&delivery_rate=1654390&cwnd=257&unsent_bytes=0&cid=34d0c65d4c8a296a&ts=481&x=0"
date: Thu, 12 Dec 2024 11:27:32 GMT
content-type: text/css
last-modified: Wed, 27 Nov 2024 15:15:38 GMT
vary: Accept-Encoding
server: cloudflare

GET
H2 200 thumb-big.jpg
qwfuu.topads-site.com/fdze4mod1i/assets/ 81 KB
0 2ms
2ms Image
image/jpeg 104.21.19.248
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://qwfuu.topads-site.com/fdze4mod1i/assets/thumb-big.jpg
Requested by: Host: qwfuu.topads-site.com
URL: https://qwfuu.topads-site.com/fdze4mod1i/?pl=W7-lkuObDEWXzHM4LgqUhA&sm=phn&click_id=83085908d2e17c30e3d82de0289174a2-11246-1212&sub_id=parkdom&nrid=94f6e98d59c5499aa23fc71d588b2cda&tbd=864000&hash=KCMMnbORxxextYm1yUCh9w&exp=1734003151
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.21.19.248 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: deaddba93625d2c7610076927fcd37afadad9324ca3210a2bb12784d313dd788

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://qwfuu.topads-site.com/fdze4mod1i/?pl=W7-lkuObDEWXzHM4LgqUhA&sm=phn&click_id=83085908d2e17c30e3d82de0289174a2-11246-1212&sub_id=parkdom&nrid=94f6e98d59c5499aa23fc71d588b2cda&tbd=864000&hash=KCMMnbORxxextYm1yUCh9w&exp=1734003151

Response headers

cf-cache-status: HIT
etag: "6747379a-142bf"
age: 7062
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=QnW3QHNGMqfhtrrRK%2FhYedRPgZyF12cT2KbW8lb%2BZ9Zph4eww8022ewBmW4DnAKz9Gx4go9h6PlnieL25LBj%2BV%2FU0%2BABFFfNMBfyXX6rVs0OjrJ5TARybr7WqVBfZ9p4XNPITZ%2F7pco%3D"}],"group":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=TCP&rtt=8747&min_rtt=8636&rtt_var=616&sent=33&recv=15&lost=0&retrans=0&sent_bytes=29462&recv_bytes=3105&delivery_rate=1654390&cwnd=257&unsent_bytes=0&cid=34d0c65d4c8a296a&ts=490&x=0"
date: Thu, 12 Dec 2024 11:27:32 GMT
content-type: image/jpeg
last-modified: Wed, 27 Nov 2024 15:15:38 GMT
vary: Accept-Encoding
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 8f0d5da29f6a42e4-EWR
accept-ranges: bytes
content-length: 82623
server: cloudflare

GET
H2 200 terms.js Show response
qwfuu.topads-site.com/shared-js/assets/ 15 KB
0 3ms
2ms Script
application/javascript 104.21.19.248
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://qwfuu.topads-site.com/shared-js/assets/terms.js?v=3
Requested by: Host: qwfuu.topads-site.com
URL: https://qwfuu.topads-site.com/fdze4mod1i/?pl=W7-lkuObDEWXzHM4LgqUhA&sm=phn&click_id=83085908d2e17c30e3d82de0289174a2-11246-1212&sub_id=parkdom&nrid=94f6e98d59c5499aa23fc71d588b2cda&tbd=864000&hash=KCMMnbORxxextYm1yUCh9w&exp=1734003151
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.21.19.248 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c46c955ff315766d3f9454fae48c7043233a2490689086c8613dbb37bca8fc46

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://qwfuu.topads-site.com/fdze4mod1i/?pl=W7-lkuObDEWXzHM4LgqUhA&sm=phn&click_id=83085908d2e17c30e3d82de0289174a2-11246-1212&sub_id=parkdom&nrid=94f6e98d59c5499aa23fc71d588b2cda&tbd=864000&hash=KCMMnbORxxextYm1yUCh9w&exp=1734003151

Response headers

cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding: zstd
cf-cache-status: HIT
etag: W/"67475928-3c54"
age: 7080
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=9Tbncp41g8r1dRNTDIba54%2F3W%2F2pFyTCMn0pahhgqEhISzZRIBgWR3%2BDHt0oT%2FY2UEGypn1E3pxlPLTUyhGi8%2F5Nz8WDfYlbgTfjmeuwho%2FchMRvp7V8d3HwZMEUOs1JL5BisjS7TfU%3D"}],"group":"cf-nel","max_age":604800}
cf-ray: 8f0d5da29f6b42e4-EWR
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=TCP&rtt=8747&min_rtt=8636&rtt_var=616&sent=95&recv=15&lost=0&retrans=0&sent_bytes=113371&recv_bytes=3105&delivery_rate=1654390&cwnd=257&unsent_bytes=0&cid=34d0c65d4c8a296a&ts=492&x=0"
date: Thu, 12 Dec 2024 11:27:32 GMT
content-type: application/javascript
last-modified: Wed, 27 Nov 2024 17:38:48 GMT
vary: Accept-Encoding
server: cloudflare

GET
H2 200 static-pl.js Show response
qwfuu.topads-site.com/shared-js/assets/ 5 KB
0 0ms
0ms Script
application/javascript 104.21.19.248
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://qwfuu.topads-site.com/shared-js/assets/static-pl.js?v=6
Requested by: Host: qwfuu.topads-site.com
URL: https://qwfuu.topads-site.com/fdze4mod1i/?pl=W7-lkuObDEWXzHM4LgqUhA&sm=phn&click_id=83085908d2e17c30e3d82de0289174a2-11246-1212&sub_id=parkdom&nrid=94f6e98d59c5499aa23fc71d588b2cda&tbd=864000&hash=KCMMnbORxxextYm1yUCh9w&exp=1734003151
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.21.19.248 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f98b22d07cb47175205b82d6d2a60409799180788712f097facbe2cdfffc6a28

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://qwfuu.topads-site.com/fdze4mod1i/?pl=W7-lkuObDEWXzHM4LgqUhA&sm=phn&click_id=83085908d2e17c30e3d82de0289174a2-11246-1212&sub_id=parkdom&nrid=94f6e98d59c5499aa23fc71d588b2cda&tbd=864000&hash=KCMMnbORxxextYm1yUCh9w&exp=1734003151

Response headers

cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding: zstd
cf-cache-status: HIT
etag: W/"6747379a-1261"
age: 7019
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=x3%2BH5MLKwAUveTD%2FjnOyNeOxD9Ki%2BXmVmOUZsUw%2FHPhoW6uv6cAZWBeGngIt15mBdqSWWsS156orR1NHcZdmQsEBAJzPPXVjV1qU0T%2FWjFFAH45NDaLR8CnCcKbvaj3HwdTUPXWoJdA%3D"}],"group":"cf-nel","max_age":604800}
cf-ray: 8f0d5da2dfab42e4-EWR
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=TCP&rtt=8904&min_rtt=8630&rtt_var=298&sent=101&recv=32&lost=0&retrans=0&sent_bytes=118942&recv_bytes=3180&delivery_rate=10487284&cwnd=287&unsent_bytes=0&cid=34d0c65d4c8a296a&ts=529&x=0"
date: Thu, 12 Dec 2024 11:27:32 GMT
content-type: application/javascript
last-modified: Wed, 27 Nov 2024 15:15:38 GMT
vary: Accept-Encoding
server: cloudflare

GET
DATA 200
OK truncated
/ 2 KB
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: e7547c638fcf80efaf78ad599a3c81598071b8bab934f288d8792968f39f7838

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ 246 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: b43ef171c22c73c4c2644ee0b8094997496c3b7e7886deb93380ac5fa975a8fd

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ 237 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 8fe7a1ca687ce722902004dae991d26544e415043eac429d4cc153611712df16

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ 370 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: bfa510c4b10dcd3c82b78bebe5a955e3b9a04565a46a3d5df27024af2e547668

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ 2 KB
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 5d4408762f9d1774f06dabc68534482080329ec4d0b9a6c342a4435a7930dcd7

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer

Response headers

Content-Type: image/png

GET
H2 200 /
qwfuu.topads-site.com/fdze4mod1i/ 60 KB
60 KB 0ms
0ms Image
text/html 104.21.19.248
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://qwfuu.topads-site.com/fdze4mod1i/?pl=W7-lkuObDEWXzHM4LgqUhA&sm=phn&click_id=83085908d2e17c30e3d82de0289174a2-11246-1212&sub_id=parkdom&nrid=94f6e98d59c5499aa23fc71d588b2cda&tbd=864000&hash=KCMMnbORxxextYm1yUCh9w&exp=1734003151
Requested by: Host: qwfuu.topads-site.com
URL: https://qwfuu.topads-site.com/fdze4mod1i/?pl=W7-lkuObDEWXzHM4LgqUhA&sm=phn&click_id=83085908d2e17c30e3d82de0289174a2-11246-1212&sub_id=parkdom&nrid=94f6e98d59c5499aa23fc71d588b2cda&tbd=864000&hash=KCMMnbORxxextYm1yUCh9w&exp=1734003151
Protocol: H2
Security: QUIC, , AES_128_GCM
Server: 104.21.19.248 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://qwfuu.topads-site.com/fdze4mod1i/?pl=W7-lkuObDEWXzHM4LgqUhA&sm=phn&click_id=83085908d2e17c30e3d82de0289174a2-11246-1212&sub_id=parkdom&nrid=94f6e98d59c5499aa23fc71d588b2cda&tbd=864000&hash=KCMMnbORxxextYm1yUCh9w&exp=1734003151

Response headers

nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding: zstd
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=OpqnCJXjeTSkVoYKpmfLEaAdNfu3I8ZWVHGOeL9lfWYGZuAuqCtB9Ib%2F5hDfzevZ9h9NqcjXpjqNGxmD6%2FOTa7mvL%2FWmF7giArMBsbWPNyyA%2B4Yj5sWyNQ8jFf%2BnkeLENZJm72VzgIY%3D"}],"group":"cf-nel","max_age":604800}
cf-ray: 8f0d5db37f5e5e74-EWR
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=40449&min_rtt=26165&rtt_var=7803&sent=249&recv=85&lost=0&retrans=0&sent_bytes=215584&recv_bytes=16593&delivery_rate=59313&cwnd=101400&unsent_bytes=0&cid=4c691b60e8b4b59b&ts=2780&x=1", cfExtPri, cfHdrFlush;dur=0
date: Thu, 12 Dec 2024 11:27:35 GMT
last-modified: Wed, 27 Nov 2024 15:15:38 GMT
content-type: text/html
server: cloudflare
priority: u=0,i

GET
DATA 200
OK truncated
/ 241 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 350f1f402cbef880c0609948ef9c67d90bf7ec4a9ad1e48cbbd81b43becdfafd

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ 608 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 49ed9b1e7e3fe88fb51a8a4c1adc5d3c24cb11f7363bd02e294fb732758edb21

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ 3 KB
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 7482cf4d44518772564144cead954c6bce6aeb83c6339205100bc718145228c6

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer

Response headers

Content-Type: image/png

GET
H3 200 ps.js Show response
qwfuu.topads-site.com/ps/ 36 KB
15 KB 247ms
246ms Script
application/javascript 104.21.19.248
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://qwfuu.topads-site.com/ps/ps.js?&edg=true&sw=&fullscreen=true&pl=true&pp=false&id=W7-lkuObDEWXzHM4LgqUhA&sm=phn&click_id=83085908d2e17c30e3d82de0289174a2-11246-1212&sub_id=parkdom&appspot=&d=https%3A%2F%2Fqwfuu.topads-site.com&timeout=864000&tb=true&nrid=94f6e98d59c5499aa23fc71d588b2cda
Requested by: Host: qwfuu.topads-site.com
URL: https://qwfuu.topads-site.com/shared-js/assets/static-pl.js?v=6
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.21.19.248 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 91e49d7515621ec468b306acccd36598c3bc072e4335841d4a30b1755a511c9d

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://qwfuu.topads-site.com/fdze4mod1i/?pl=W7-lkuObDEWXzHM4LgqUhA&sm=phn&click_id=83085908d2e17c30e3d82de0289174a2-11246-1212&sub_id=parkdom&nrid=94f6e98d59c5499aa23fc71d588b2cda&tbd=864000&hash=KCMMnbORxxextYm1yUCh9w&exp=1734003151

Response headers

cache-control: max-age=0, no-cache, no-store, must-revalidate
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding: zstd
cf-cache-status: BYPASS
accept-ch: Sec-CH-UA, Sec-CH-UA-Platform, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=3cOVJsDZouHjfdKybshURAGdii2u1Gd1uko4MQP1aSFcOmH1vWaEWsQA%2Bzb0g%2Bi7YFQj9sqF99YuISAW8yleWNDtEvRXYTk5b3W0CzWWm%2B9Y3Jgh4h4v164ymwvr3lNQ4eTWA5Gp278%3D"}],"group":"cf-nel","max_age":604800}
cf-ray: 8f0d5db4c8545e74-EWR
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=39251&min_rtt=26165&rtt_var=8247&sent=251&recv=87&lost=0&retrans=0&sent_bytes=216281&recv_bytes=17282&delivery_rate=4753&cwnd=101400&unsent_bytes=0&cid=4c691b60e8b4b59b&ts=3096&x=1", cfExtPri, cfHdrFlush;dur=0
date: Thu, 12 Dec 2024 11:27:35 GMT
content-type: application/javascript
vary: Accept-Encoding
server: cloudflare
priority: u=3,i=?0

GET
H3 200 config.js Show response
qwfuu.topads-site.com/ps/ 364 B
989 B 149ms
149ms Script
application/javascript 104.21.19.248
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://qwfuu.topads-site.com/ps/config.js?id=W7-lkuObDEWXzHM4LgqUhA
Requested by: Host: qwfuu.topads-site.com
URL: https://qwfuu.topads-site.com/ps/ps.js?&edg=true&sw=&fullscreen=true&pl=true&pp=false&id=W7-lkuObDEWXzHM4LgqUhA&sm=phn&click_id=83085908d2e17c30e3d82de0289174a2-11246-1212&sub_id=parkdom&appspot=&d=https%3A%2F%2Fqwfuu.topads-site.com&timeout=864000&tb=true&nrid=94f6e98d59c5499aa23fc71d588b2cda
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.21.19.248 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: af0bb8b7a4d64839b86f8ee7fd4c1e9e0cd914e00e73006921ebace3cdc24047

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://qwfuu.topads-site.com/fdze4mod1i/?pl=W7-lkuObDEWXzHM4LgqUhA&sm=phn&click_id=83085908d2e17c30e3d82de0289174a2-11246-1212&sub_id=parkdom&nrid=94f6e98d59c5499aa23fc71d588b2cda&tbd=864000&hash=KCMMnbORxxextYm1yUCh9w&exp=1734003151

Response headers

cache-control: max-age=0, no-cache, no-store, must-revalidate
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding: zstd
cf-cache-status: BYPASS
accept-ch: Sec-CH-UA, Sec-CH-UA-Platform, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=ls1Wf0HL%2FoH5Ry5LYU2FfOL7Ck7SRVjUAfJblmquf2KyvBpzCuWGoBDxbef1WVNJ6hV6aUazh%2BBU6yHUAo%2BXEjXo%2Bm%2BZ5CenPdO34hGdfTThSZ1Z5vSSl53EqPzRbrhXtv9wjC4JUH0%3D"}],"group":"cf-nel","max_age":604800}
cf-ray: 8f0d5db6599b5e74-EWR
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=37568&min_rtt=26165&rtt_var=7522&sent=266&recv=90&lost=0&retrans=0&sent_bytes=232250&recv_bytes=17850&delivery_rate=63812&cwnd=101400&unsent_bytes=0&cid=4c691b60e8b4b59b&ts=3255&x=1", cfExtPri, cfHdrFlush;dur=0
date: Thu, 12 Dec 2024 11:27:35 GMT
content-type: application/javascript
vary: Accept-Encoding
server: cloudflare
priority: u=3,i=?0

GET
H2 200 firebase-app-compat.js Show response
www.gstatic.com/firebasejs/10.3.1/ 28 KB
0 0ms
0ms Script
text/javascript 142.251.111.94
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/firebasejs/10.3.1/firebase-app-compat.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.111.94 Farmingdale, United States, ASN15169 (GOOGLE, US),

Reverse DNS

bk-in-f94.1e100.net

Software

sffe /

Resource Hash

a202b2051ea9810cd9ba592b3f9418a89e2062f5c185e29e288080b28eb64fe5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://qwfuu.topads-site.com/

Response headers

content-encoding: gzip
age: 454194
report-to: {"group":"firebase-js","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/firebase-js"}]}
x-content-type-options: nosniff
expires: Sun, 07 Dec 2025 05:17:39 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Sat, 07 Dec 2024 05:17:39 GMT
last-modified: Thu, 31 Aug 2023 15:20:38 GMT
content-type: text/javascript; charset=UTF-8
vary: Accept-Encoding
cache-control: public, max-age=31536000
cross-origin-opener-policy: same-origin-allow-popups; report-to="firebase-js"
cross-origin-resource-policy: cross-origin
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/firebase-js
accept-ranges: bytes
access-control-allow-origin: *
content-length: 9308
x-xss-protection: 0
server: sffe

GET
H2 200 firebase-messaging-compat.js Show response
www.gstatic.com/firebasejs/10.3.1/ 37 KB
0 0ms
0ms Script
text/javascript 142.251.111.94
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/firebasejs/10.3.1/firebase-messaging-compat.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.111.94 Farmingdale, United States, ASN15169 (GOOGLE, US),

Reverse DNS

bk-in-f94.1e100.net

Software

sffe /

Resource Hash

21f1d62f222007068c793f0947d98f4ccb7c1595adb68efeb783390fdd8b5522

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://qwfuu.topads-site.com/

Response headers

content-encoding: gzip
age: 480384
report-to: {"group":"firebase-js","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/firebase-js"}]}
x-content-type-options: nosniff
expires: Sat, 06 Dec 2025 22:01:09 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Fri, 06 Dec 2024 22:01:09 GMT
last-modified: Thu, 31 Aug 2023 15:20:50 GMT
content-type: text/javascript; charset=UTF-8
vary: Accept-Encoding
cache-control: public, max-age=31536000
cross-origin-opener-policy: same-origin-allow-popups; report-to="firebase-js"
cross-origin-resource-policy: cross-origin
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/firebase-js
accept-ranges: bytes
access-control-allow-origin: *
content-length: 9934
x-xss-protection: 0
server: sffe

GET
H3 204 favicon.ico
qwfuu.topads-site.com/ 0
0 0ms
0ms Other
text/plain 104.21.19.248
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://qwfuu.topads-site.com/favicon.ico
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.21.19.248 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://qwfuu.topads-site.com/fdze4mod1i/?pl=W7-lkuObDEWXzHM4LgqUhA&sm=phn&click_id=83085908d2e17c30e3d82de0289174a2-11246-1212&sub_id=parkdom&nrid=94f6e98d59c5499aa23fc71d588b2cda&tbd=864000&hash=KCMMnbORxxextYm1yUCh9w&exp=1734003151

Response headers

cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-cache-status: HIT
age: 7019
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=hYN1DbMDnnV61FeD%2FzqkQhM4tB02kO52cxRnzPvSROEVENK79YiTa5XoY3rCGnXZEkm%2BZIZSv5R9SOzaO99bwYEySOU80WelVvRTAnpqpVvLLDsfp%2F%2Bj1ClhM7IGlEpgK7%2BuFk7n8CY%3D"}],"group":"cf-nel","max_age":604800}
cf-ray: 8f0d5da9bf825e74-EWR
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=42142&min_rtt=26165&rtt_var=5888&sent=245&recv=83&lost=0&retrans=0&sent_bytes=213166&recv_bytes=15782&delivery_rate=2493229&cwnd=101400&unsent_bytes=0&cid=4c691b60e8b4b59b&ts=1121&x=1", cfExtPri, cfHdrFlush;dur=0
date: Thu, 12 Dec 2024 11:27:33 GMT
vary: Accept-Encoding
server: cloudflare
priority: u=1,i

GET
H3 200 / Show response
ea.topads-site.com/fdze4mod1i/ 60 KB
17 KB 586ms
245ms Document
text/html 172.67.190.135
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ea.topads-site.com/fdze4mod1i/?pl=W7-lkuObDEWXzHM4LgqUhA&sm=phn&click_id=83085908d2e17c30e3d82de0289174a2-11246-1212&sub_id=parkdom&nrid=94f6e98d59c5499aa23fc71d588b2cda&tbd=864000&hash=KCMMnbORxxextYm1yUCh9w&exp=1734003151
Requested by: Host: qwfuu.topads-site.com
URL: https://qwfuu.topads-site.com/ps/ps.js?&edg=true&sw=&fullscreen=true&pl=true&pp=false&id=W7-lkuObDEWXzHM4LgqUhA&sm=phn&click_id=83085908d2e17c30e3d82de0289174a2-11246-1212&sub_id=parkdom&appspot=&d=https%3A%2F%2Fqwfuu.topads-site.com&timeout=864000&tb=true&nrid=94f6e98d59c5499aa23fc71d588b2cda
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.190.135 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: cd2332792852c2a4c36d68e5eca29051c31d1644d61646b691615aa6ceeaa49e

Request headers

Referer: https://qwfuu.topads-site.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

alt-svc: h3=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 8f0d5db9bb2cc463-EWR
content-encoding: zstd
content-type: text/html
date: Thu, 12 Dec 2024 11:27:36 GMT
last-modified: Wed, 27 Nov 2024 15:15:38 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
priority: u=0,i
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=%2FqmyELQVYxIITrJ9MhAXvxBG0yPAvRoTHaDwRGintSVlhqwJSgPK7iBU9qpA%2F9CrvhfVdXGkFgT7lY9GTUaaTCL9ATHoDMNgh7cN%2FVksE9HN7EvsFnAPWnd3l%2Fhsw4wjxE3nHWg%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
server-timing: cfL4;desc="?proto=QUIC&rtt=30730&min_rtt=27537&rtt_var=10332&sent=13&recv=10&lost=0&retrans=0&sent_bytes=4308&recv_bytes=4654&delivery_rate=547&cwnd=12000&unsent_bytes=0&cid=9592694dfb9350e9&ts=251&x=1" cfExtPri cfHdrFlush;dur=0

GET
H3 200 rec-1.jpg
qwfuu.topads-site.com/fdze4mod1i/assets/ 14 KB
0 1ms
1ms Image
image/jpeg 104.21.19.248
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://qwfuu.topads-site.com/fdze4mod1i/assets/rec-1.jpg
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.21.19.248 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://qwfuu.topads-site.com/fdze4mod1i/?pl=W7-lkuObDEWXzHM4LgqUhA&sm=phn&click_id=83085908d2e17c30e3d82de0289174a2-11246-1212&sub_id=parkdom&nrid=94f6e98d59c5499aa23fc71d588b2cda&tbd=864000&hash=KCMMnbORxxextYm1yUCh9w&exp=1734003151

Response headers

cf-cache-status: HIT
etag: "6747379a-3844"
age: 6993
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=plGRR5%2BuzF2YKXscBgGhEDHX4R9Y5ybT0Ti4YPSljGiPS1WrugoLcPcoi6P4MFh3KZD5C0yp5oJZZs8XoMeScWZVJv749phLm54day6hlyxLc4Eg%2Bm6B7OEXdEWlE5d%2BCaoL73HmVg0%3D"}],"group":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=31752&min_rtt=26165&rtt_var=6809&sent=37&recv=31&lost=0&retrans=0&sent_bytes=20596&recv_bytes=12487&delivery_rate=334226&cwnd=15600&unsent_bytes=0&cid=4c691b60e8b4b59b&ts=526&x=1", cfExtPri, cfHdrFlush;dur=0
date: Thu, 12 Dec 2024 11:27:32 GMT
content-type: image/jpeg
last-modified: Wed, 27 Nov 2024 15:15:38 GMT
vary: Accept-Encoding
priority: u=3,i
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 8f0d5da60bf15e74-EWR
accept-ranges: bytes
content-length: 14404
server: cloudflare

GET
H3 200 rec-2.jpg
qwfuu.topads-site.com/fdze4mod1i/assets/ 11 KB
0 3ms
3ms Image
image/jpeg 104.21.19.248
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://qwfuu.topads-site.com/fdze4mod1i/assets/rec-2.jpg
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.21.19.248 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://qwfuu.topads-site.com/fdze4mod1i/?pl=W7-lkuObDEWXzHM4LgqUhA&sm=phn&click_id=83085908d2e17c30e3d82de0289174a2-11246-1212&sub_id=parkdom&nrid=94f6e98d59c5499aa23fc71d588b2cda&tbd=864000&hash=KCMMnbORxxextYm1yUCh9w&exp=1734003151

Response headers

cf-cache-status: HIT
etag: "6747379a-2a8a"
age: 6993
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=%2F6EN5hjurNMuV27EystXeUgoU3bwFSPNoUpopy1pYcBP3dAtitmciw7sqKWDRSgktxnoLYzCZAxGcLjdTvHTT3BUQOc8OJpUJfzA1suzh8GVQnfFnRVMGh6%2BAT0XkXd2uQs1QK73I5Y%3D"}],"group":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=31752&min_rtt=26165&rtt_var=6809&sent=50&recv=31&lost=0&retrans=0&sent_bytes=35993&recv_bytes=12487&delivery_rate=334226&cwnd=15600&unsent_bytes=0&cid=4c691b60e8b4b59b&ts=531&x=1", cfExtPri, cfHdrFlush;dur=37
date: Thu, 12 Dec 2024 11:27:32 GMT
content-type: image/jpeg
last-modified: Wed, 27 Nov 2024 15:15:38 GMT
vary: Accept-Encoding
priority: u=3,i
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 8f0d5da60bf55e74-EWR
accept-ranges: bytes
content-length: 10890
server: cloudflare

GET
H3 200 rec-3.jpg
qwfuu.topads-site.com/fdze4mod1i/assets/ 15 KB
0 4ms
4ms Image
image/jpeg 104.21.19.248
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://qwfuu.topads-site.com/fdze4mod1i/assets/rec-3.jpg
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.21.19.248 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://qwfuu.topads-site.com/fdze4mod1i/?pl=W7-lkuObDEWXzHM4LgqUhA&sm=phn&click_id=83085908d2e17c30e3d82de0289174a2-11246-1212&sub_id=parkdom&nrid=94f6e98d59c5499aa23fc71d588b2cda&tbd=864000&hash=KCMMnbORxxextYm1yUCh9w&exp=1734003151

Response headers

cf-cache-status: HIT
etag: "6747379a-3b71"
age: 6993
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=epsNDDwfGor1I22MvgQwXdmUZV7cGYdF8VdruiFZ6kUErN%2Fx2%2FpcgT6Q6F7FdGDfLmVhfaF%2FaRKJgG3S3YzCVA8UEGO1tYnG4xW5YqJ3kQHc6dwJEbqAd243DTr0Pxqbc0p815jFLro%3D"}],"group":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=31752&min_rtt=26165&rtt_var=6809&sent=50&recv=31&lost=0&retrans=0&sent_bytes=35993&recv_bytes=12487&delivery_rate=334226&cwnd=15600&unsent_bytes=0&cid=4c691b60e8b4b59b&ts=527&x=1", cfExtPri, cfHdrFlush;dur=42
date: Thu, 12 Dec 2024 11:27:32 GMT
content-type: image/jpeg
last-modified: Wed, 27 Nov 2024 15:15:38 GMT
vary: Accept-Encoding
priority: u=3,i
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 8f0d5da60bf85e74-EWR
accept-ranges: bytes
content-length: 15217
server: cloudflare

GET
H3 200 rec-4.jpg
qwfuu.topads-site.com/fdze4mod1i/assets/ 9 KB
0 5ms
5ms Image
image/jpeg 104.21.19.248
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://qwfuu.topads-site.com/fdze4mod1i/assets/rec-4.jpg
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.21.19.248 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://qwfuu.topads-site.com/fdze4mod1i/?pl=W7-lkuObDEWXzHM4LgqUhA&sm=phn&click_id=83085908d2e17c30e3d82de0289174a2-11246-1212&sub_id=parkdom&nrid=94f6e98d59c5499aa23fc71d588b2cda&tbd=864000&hash=KCMMnbORxxextYm1yUCh9w&exp=1734003151

Response headers

cf-cache-status: HIT
etag: "6747379a-22c4"
age: 6993
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=750wyO5%2F9b43nGmALXGAs%2B4qniIi47idAs4ePASMdYX4DyAPMbv1Bu3XuQINRGhEwmjxEYrC%2BonWc3wu7iZXPJny8YVaa5bbSkSPoRtEBARzgG0QFqnrSNi2G2cKsB4M76YA%2FTAktAM%3D"}],"group":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=31752&min_rtt=26165&rtt_var=6809&sent=50&recv=31&lost=0&retrans=0&sent_bytes=35993&recv_bytes=12487&delivery_rate=334226&cwnd=15600&unsent_bytes=0&cid=4c691b60e8b4b59b&ts=529&x=1", cfExtPri, cfHdrFlush;dur=41
date: Thu, 12 Dec 2024 11:27:32 GMT
content-type: image/jpeg
last-modified: Wed, 27 Nov 2024 15:15:38 GMT
vary: Accept-Encoding
priority: u=3,i
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 8f0d5da60bfb5e74-EWR
accept-ranges: bytes
content-length: 8900
server: cloudflare

GET
H3 200 rec-5.jpg
qwfuu.topads-site.com/fdze4mod1i/assets/ 13 KB
0 5ms
5ms Image
image/jpeg 104.21.19.248
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://qwfuu.topads-site.com/fdze4mod1i/assets/rec-5.jpg
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.21.19.248 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://qwfuu.topads-site.com/fdze4mod1i/?pl=W7-lkuObDEWXzHM4LgqUhA&sm=phn&click_id=83085908d2e17c30e3d82de0289174a2-11246-1212&sub_id=parkdom&nrid=94f6e98d59c5499aa23fc71d588b2cda&tbd=864000&hash=KCMMnbORxxextYm1yUCh9w&exp=1734003151

Response headers

cf-cache-status: HIT
etag: "6747379a-335d"
age: 6993
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=kYqm6Ju9mlKwzhRTQbIsY%2BLLooHVvh%2FRBnF%2BTHQTj462qYdUZgeEkrrntuMn02K45U%2FsKsVTQCSsAYtDE7xGBRTaIw8EBurlRRePse4gZxFgZxKurlpgCAj3ryO63qNLO3K6P6hiIac%3D"}],"group":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=31752&min_rtt=26165&rtt_var=6809&sent=50&recv=31&lost=0&retrans=0&sent_bytes=35993&recv_bytes=12487&delivery_rate=334226&cwnd=15600&unsent_bytes=0&cid=4c691b60e8b4b59b&ts=528&x=1", cfExtPri, cfHdrFlush;dur=42
date: Thu, 12 Dec 2024 11:27:32 GMT
content-type: image/jpeg
last-modified: Wed, 27 Nov 2024 15:15:38 GMT
vary: Accept-Encoding
priority: u=3,i
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 8f0d5da60bfc5e74-EWR
accept-ranges: bytes
content-length: 13149
server: cloudflare

GET
H3 200 rec-6.jpg
qwfuu.topads-site.com/fdze4mod1i/assets/ 16 KB
0 5ms
4ms Image
image/jpeg 104.21.19.248
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://qwfuu.topads-site.com/fdze4mod1i/assets/rec-6.jpg
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.21.19.248 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://qwfuu.topads-site.com/fdze4mod1i/?pl=W7-lkuObDEWXzHM4LgqUhA&sm=phn&click_id=83085908d2e17c30e3d82de0289174a2-11246-1212&sub_id=parkdom&nrid=94f6e98d59c5499aa23fc71d588b2cda&tbd=864000&hash=KCMMnbORxxextYm1yUCh9w&exp=1734003151

Response headers

cf-cache-status: HIT
etag: "6747379a-3e74"
age: 6993
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=tDW7dhWgMbevfyDGMEDsSlYkNldAZsCrt2Nb1usS9r695ImyL%2FmHJ2dGClipxb7t7iK5YQBir9qLnlV8hCbcRD1BgfqXjQsttmEO6DB0E028%2FcIl8FvbCWjFB1gjGd5JPZKK88JSRAs%3D"}],"group":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=31752&min_rtt=26165&rtt_var=6809&sent=50&recv=31&lost=0&retrans=0&sent_bytes=35993&recv_bytes=12487&delivery_rate=334226&cwnd=15600&unsent_bytes=0&cid=4c691b60e8b4b59b&ts=530&x=1", cfExtPri, cfHdrFlush;dur=41
date: Thu, 12 Dec 2024 11:27:32 GMT
content-type: image/jpeg
last-modified: Wed, 27 Nov 2024 15:15:38 GMT
vary: Accept-Encoding
priority: u=3,i
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 8f0d5da60bfe5e74-EWR
accept-ranges: bytes
content-length: 15988
server: cloudflare

GET
H3 200 rec-7.jpg
qwfuu.topads-site.com/fdze4mod1i/assets/ 14 KB
0 5ms
5ms Image
image/jpeg 104.21.19.248
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://qwfuu.topads-site.com/fdze4mod1i/assets/rec-7.jpg
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.21.19.248 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://qwfuu.topads-site.com/fdze4mod1i/?pl=W7-lkuObDEWXzHM4LgqUhA&sm=phn&click_id=83085908d2e17c30e3d82de0289174a2-11246-1212&sub_id=parkdom&nrid=94f6e98d59c5499aa23fc71d588b2cda&tbd=864000&hash=KCMMnbORxxextYm1yUCh9w&exp=1734003151

Response headers

cf-cache-status: HIT
etag: "6747379a-368b"
age: 6993
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=31NwjB2w39l1iIndYSvZJxawkN4iaO1k6TzVymyocu65fHNTKEEYfFJzKUR%2FkmJEC8CF8UAsj4Agl9jybwsxKdNiNA2OdNqVB2l7cBI2SIzbl3C7X50C3d3m3J3GcVl07m1D0x2qGaY%3D"}],"group":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=31752&min_rtt=26165&rtt_var=6809&sent=50&recv=31&lost=0&retrans=0&sent_bytes=35993&recv_bytes=12487&delivery_rate=334226&cwnd=15600&unsent_bytes=0&cid=4c691b60e8b4b59b&ts=530&x=1", cfExtPri, cfHdrFlush;dur=41
date: Thu, 12 Dec 2024 11:27:32 GMT
content-type: image/jpeg
last-modified: Wed, 27 Nov 2024 15:15:38 GMT
vary: Accept-Encoding
priority: u=3,i
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 8f0d5da60bff5e74-EWR
accept-ranges: bytes
content-length: 13963
server: cloudflare

GET
H3 200 rec-8.jpg
qwfuu.topads-site.com/fdze4mod1i/assets/ 13 KB
0 5ms
5ms Image
image/jpeg 104.21.19.248
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://qwfuu.topads-site.com/fdze4mod1i/assets/rec-8.jpg
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.21.19.248 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://qwfuu.topads-site.com/fdze4mod1i/?pl=W7-lkuObDEWXzHM4LgqUhA&sm=phn&click_id=83085908d2e17c30e3d82de0289174a2-11246-1212&sub_id=parkdom&nrid=94f6e98d59c5499aa23fc71d588b2cda&tbd=864000&hash=KCMMnbORxxextYm1yUCh9w&exp=1734003151

Response headers

cf-cache-status: HIT
etag: "6747379a-32c0"
age: 6993
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=86poPaXTn2QezywlWc%2BvcirboWrZ9qOv8wwZM0CFsJK%2F3JyFjOD5EpJhtV1OcqU8ZnTAxSYrpgmxVwZzJ5zsErQHtdWVmT%2Ff6MNYDJdSInLlJf5LQWjoL%2Bbyh9OIeIZymfw%2Fg4Irkjw%3D"}],"group":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=31752&min_rtt=26165&rtt_var=6809&sent=50&recv=31&lost=0&retrans=0&sent_bytes=35993&recv_bytes=12487&delivery_rate=334226&cwnd=15600&unsent_bytes=0&cid=4c691b60e8b4b59b&ts=530&x=1", cfExtPri, cfHdrFlush;dur=66
date: Thu, 12 Dec 2024 11:27:32 GMT
content-type: image/jpeg
last-modified: Wed, 27 Nov 2024 15:15:38 GMT
vary: Accept-Encoding
priority: u=3,i
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 8f0d5da60c005e74-EWR
accept-ranges: bytes
content-length: 12992
server: cloudflare

GET
H3 200 1.jpg
qwfuu.topads-site.com/fdze4mod1i/assets/ 14 KB
0 5ms
5ms Image
image/jpeg 104.21.19.248
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://qwfuu.topads-site.com/fdze4mod1i/assets/1.jpg
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.21.19.248 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://qwfuu.topads-site.com/fdze4mod1i/?pl=W7-lkuObDEWXzHM4LgqUhA&sm=phn&click_id=83085908d2e17c30e3d82de0289174a2-11246-1212&sub_id=parkdom&nrid=94f6e98d59c5499aa23fc71d588b2cda&tbd=864000&hash=KCMMnbORxxextYm1yUCh9w&exp=1734003151

Response headers

cf-cache-status: HIT
etag: "6747379a-3844"
age: 6993
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=ZbG8rLVqYhin%2BweIR6KwEcfW30KLy1kUHDlp0mPOZKDGMMnO7Hr%2FDgCBTF%2F1L4wf8jo47QCXDB6vNOp0QPRsMZvxT0xzkUV%2BUQp0T6wjB6f7SbYcrbHT3GJR%2F4mbTSLdwFWGz4UXbRA%3D"}],"group":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=31752&min_rtt=26165&rtt_var=6809&sent=50&recv=31&lost=0&retrans=0&sent_bytes=35993&recv_bytes=12487&delivery_rate=334226&cwnd=15600&unsent_bytes=0&cid=4c691b60e8b4b59b&ts=531&x=1", cfExtPri, cfHdrFlush;dur=68
date: Thu, 12 Dec 2024 11:27:32 GMT
content-type: image/jpeg
last-modified: Wed, 27 Nov 2024 15:15:38 GMT
vary: Accept-Encoding
priority: u=3,i
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 8f0d5da60c015e74-EWR
accept-ranges: bytes
content-length: 14404
server: cloudflare

GET
H3 200 2.jpg
qwfuu.topads-site.com/fdze4mod1i/assets/ 21 KB
0 6ms
6ms Image
image/jpeg 104.21.19.248
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://qwfuu.topads-site.com/fdze4mod1i/assets/2.jpg
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.21.19.248 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://qwfuu.topads-site.com/fdze4mod1i/?pl=W7-lkuObDEWXzHM4LgqUhA&sm=phn&click_id=83085908d2e17c30e3d82de0289174a2-11246-1212&sub_id=parkdom&nrid=94f6e98d59c5499aa23fc71d588b2cda&tbd=864000&hash=KCMMnbORxxextYm1yUCh9w&exp=1734003151

Response headers

cf-cache-status: HIT
etag: "6747379a-5305"
age: 6993
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=a1GCOcsrlYh7PQ3C6qll2ZwEdG6LOX%2Bky1QTUslW6wW%2FkoumhLRQmF2F%2BlPrOKO5XF8EdE0Rr73ZghtNljcjUwWc7yq%2Fj%2F3%2BUWv7saQHVEWHm6lKBIUackonvlk7DkRt6qvprNQrKJ8%3D"}],"group":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=31752&min_rtt=26165&rtt_var=6809&sent=50&recv=31&lost=0&retrans=0&sent_bytes=35993&recv_bytes=12487&delivery_rate=334226&cwnd=15600&unsent_bytes=0&cid=4c691b60e8b4b59b&ts=534&x=1", cfExtPri, cfHdrFlush;dur=66
date: Thu, 12 Dec 2024 11:27:32 GMT
content-type: image/jpeg
last-modified: Wed, 27 Nov 2024 15:15:38 GMT
vary: Accept-Encoding
priority: u=3,i
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 8f0d5da60c025e74-EWR
accept-ranges: bytes
content-length: 21253
server: cloudflare

GET
H3 200 3.jpg
qwfuu.topads-site.com/fdze4mod1i/assets/ 11 KB
0 7ms
7ms Image
image/jpeg 104.21.19.248
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://qwfuu.topads-site.com/fdze4mod1i/assets/3.jpg
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.21.19.248 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://qwfuu.topads-site.com/fdze4mod1i/?pl=W7-lkuObDEWXzHM4LgqUhA&sm=phn&click_id=83085908d2e17c30e3d82de0289174a2-11246-1212&sub_id=parkdom&nrid=94f6e98d59c5499aa23fc71d588b2cda&tbd=864000&hash=KCMMnbORxxextYm1yUCh9w&exp=1734003151

Response headers

cf-cache-status: HIT
etag: "6747379a-2b56"
age: 6993
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=G7b6GkIxFn4qk4QJ4skTJE5DpQD5itwCBKN8lvEbuLDkgRxJAy3rwRluUv%2BMuKn0NLK5ZvRNxa1aLAMjak4eb%2FChcvt2DEywcBfOtQhfsdj4quzZedm34As8%2FHCKxkMlzsD1sjjo7YM%3D"}],"group":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=31752&min_rtt=26165&rtt_var=6809&sent=50&recv=31&lost=0&retrans=0&sent_bytes=35993&recv_bytes=12487&delivery_rate=334226&cwnd=15600&unsent_bytes=0&cid=4c691b60e8b4b59b&ts=534&x=1", cfExtPri, cfHdrFlush;dur=67
date: Thu, 12 Dec 2024 11:27:32 GMT
content-type: image/jpeg
last-modified: Wed, 27 Nov 2024 15:15:38 GMT
vary: Accept-Encoding
priority: u=3,i
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 8f0d5da60c035e74-EWR
accept-ranges: bytes
content-length: 11094
server: cloudflare

GET
H3 200 4.jpg
qwfuu.topads-site.com/fdze4mod1i/assets/ 13 KB
0 7ms
7ms Image
image/jpeg 104.21.19.248
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://qwfuu.topads-site.com/fdze4mod1i/assets/4.jpg
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.21.19.248 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://qwfuu.topads-site.com/fdze4mod1i/?pl=W7-lkuObDEWXzHM4LgqUhA&sm=phn&click_id=83085908d2e17c30e3d82de0289174a2-11246-1212&sub_id=parkdom&nrid=94f6e98d59c5499aa23fc71d588b2cda&tbd=864000&hash=KCMMnbORxxextYm1yUCh9w&exp=1734003151

Response headers

cf-cache-status: HIT
etag: "6747379a-352b"
age: 6993
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Ue1qXoUrmdEZF%2F%2FQTfUzfsLrNGIc%2BVmUrHidAj2ZrdvjWFgoHAAu7Va0tmJrI9z8XN%2FctznFKEMlZ3JrvW3vEDC10%2FWdAAtXs1KhufvGQFLfhT1GOH3gWDTGBR7tUL%2B6EosbWEI5OWY%3D"}],"group":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=31752&min_rtt=26165&rtt_var=6809&sent=50&recv=31&lost=0&retrans=0&sent_bytes=35993&recv_bytes=12487&delivery_rate=334226&cwnd=15600&unsent_bytes=0&cid=4c691b60e8b4b59b&ts=532&x=1", cfExtPri, cfHdrFlush;dur=70
date: Thu, 12 Dec 2024 11:27:32 GMT
content-type: image/jpeg
last-modified: Wed, 27 Nov 2024 15:15:38 GMT
vary: Accept-Encoding
priority: u=3,i
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 8f0d5da60c045e74-EWR
accept-ranges: bytes
content-length: 13611
server: cloudflare

GET
H3 200 5.jpg
qwfuu.topads-site.com/fdze4mod1i/assets/ 11 KB
0 8ms
8ms Image
image/jpeg 104.21.19.248
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://qwfuu.topads-site.com/fdze4mod1i/assets/5.jpg
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.21.19.248 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://qwfuu.topads-site.com/fdze4mod1i/?pl=W7-lkuObDEWXzHM4LgqUhA&sm=phn&click_id=83085908d2e17c30e3d82de0289174a2-11246-1212&sub_id=parkdom&nrid=94f6e98d59c5499aa23fc71d588b2cda&tbd=864000&hash=KCMMnbORxxextYm1yUCh9w&exp=1734003151

Response headers

cf-cache-status: HIT
etag: "6747379a-2dc1"
age: 6992
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=yM%2FEiVFdzguHWEOCOQbskEm8p0ncwrLXJmyA0SoWYhJ16ZwDRXdl%2BCM4FhMOVVMvxh%2Ba2MwKpkjLv74NjdQBxOfusWZC5mvCYQJuQOzhz%2BtSCEnI4kJLYPHG59XX7I%2BM0hBwpaTkSDg%3D"}],"group":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=31752&min_rtt=26165&rtt_var=6809&sent=50&recv=31&lost=0&retrans=0&sent_bytes=35993&recv_bytes=12487&delivery_rate=334226&cwnd=15600&unsent_bytes=0&cid=4c691b60e8b4b59b&ts=540&x=1", cfExtPri, cfHdrFlush;dur=62
date: Thu, 12 Dec 2024 11:27:32 GMT
content-type: image/jpeg
last-modified: Wed, 27 Nov 2024 15:15:38 GMT
vary: Accept-Encoding
priority: u=3,i
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 8f0d5da60c075e74-EWR
accept-ranges: bytes
content-length: 11713
server: cloudflare

GET
H3 200 main.js Show response
ea.topads-site.com/fdze4mod1i/assets/ 7 KB
4 KB 39ms
38ms Script
application/javascript 172.67.190.135
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ea.topads-site.com/fdze4mod1i/assets/main.js
Requested by: Host: ea.topads-site.com
URL: https://ea.topads-site.com/fdze4mod1i/?pl=W7-lkuObDEWXzHM4LgqUhA&sm=phn&click_id=83085908d2e17c30e3d82de0289174a2-11246-1212&sub_id=parkdom&nrid=94f6e98d59c5499aa23fc71d588b2cda&tbd=864000&hash=KCMMnbORxxextYm1yUCh9w&exp=1734003151
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.190.135 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 1824cd327adc006e13218157aa28338d22249c3b2a7fcfa090072b8dfdf08a87

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://ea.topads-site.com/fdze4mod1i/?pl=W7-lkuObDEWXzHM4LgqUhA&sm=phn&click_id=83085908d2e17c30e3d82de0289174a2-11246-1212&sub_id=parkdom&nrid=94f6e98d59c5499aa23fc71d588b2cda&tbd=864000&hash=KCMMnbORxxextYm1yUCh9w&exp=1734003151

Response headers

content-encoding: zstd
cf-cache-status: HIT
etag: W/"6747379a-1d62"
age: 6531
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=8UKz4UgjTvHnZmO0ZD8QB4mNSM%2BsbvGumPN6q%2FG8f42bWE2%2B%2F%2BaNhCIF%2FNfzB8pZNcTURjnNopiLiNyUj8FlsASw6hDC%2FVLekpDsdFhzVZqM9uTS0JW%2F1jb0xooC7Y%2Ba%2BgoGFtE%3D"}],"group":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=30128&min_rtt=27537&rtt_var=2272&sent=29&recv=18&lost=0&retrans=0&sent_bytes=20503&recv_bytes=6313&delivery_rate=409226&cwnd=12000&unsent_bytes=0&cid=9592694dfb9350e9&ts=300&x=1", cfExtPri, cfHdrFlush;dur=0
date: Thu, 12 Dec 2024 11:27:36 GMT
content-type: application/javascript
last-modified: Wed, 27 Nov 2024 15:15:38 GMT
vary: Accept-Encoding
priority: u=1,i=?0
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 8f0d5dbb4c3dc463-EWR
server: cloudflare

GET
H3 200 style.css
ea.topads-site.com/fdze4mod1i/assets/ 22 KB
4 KB 37ms
36ms Stylesheet
text/css 172.67.190.135
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ea.topads-site.com/fdze4mod1i/assets/style.css
Requested by: Host: ea.topads-site.com
URL: https://ea.topads-site.com/fdze4mod1i/?pl=W7-lkuObDEWXzHM4LgqUhA&sm=phn&click_id=83085908d2e17c30e3d82de0289174a2-11246-1212&sub_id=parkdom&nrid=94f6e98d59c5499aa23fc71d588b2cda&tbd=864000&hash=KCMMnbORxxextYm1yUCh9w&exp=1734003151
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.190.135 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e9de09f269bed108c6c88f6f5f0650db1547a23e6f180b5fd212869cd7b4990c

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://ea.topads-site.com/fdze4mod1i/?pl=W7-lkuObDEWXzHM4LgqUhA&sm=phn&click_id=83085908d2e17c30e3d82de0289174a2-11246-1212&sub_id=parkdom&nrid=94f6e98d59c5499aa23fc71d588b2cda&tbd=864000&hash=KCMMnbORxxextYm1yUCh9w&exp=1734003151

Response headers

content-encoding: gzip
cf-cache-status: HIT
etag: W/"6747379a-58e5"
age: 6531
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=7KhFi1m%2F4JWMY43vETInt24cfI1MCoB8ixBVX6HA5yEl4wZctPLH1b32BK%2BmHE68keiYCGD8aakX0%2BazgdoNX%2Fy%2BGg%2BNnklVcizw%2B4yndT7wfKTzW%2B41wNX9acLmQwqHIYMeFcw%3D"}],"group":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=30128&min_rtt=27537&rtt_var=2272&sent=25&recv=18&lost=0&retrans=0&sent_bytes=16085&recv_bytes=6313&delivery_rate=409226&cwnd=12000&unsent_bytes=0&cid=9592694dfb9350e9&ts=300&x=1", cfExtPri, cfHdrFlush;dur=0
date: Thu, 12 Dec 2024 11:27:36 GMT
content-type: text/css
last-modified: Wed, 27 Nov 2024 15:15:38 GMT
vary: Accept-Encoding
priority: u=0,i=?0
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 8f0d5dbb4c3ec463-EWR
server: cloudflare

GET
H3 200 thumb-big.jpg
ea.topads-site.com/fdze4mod1i/assets/ 81 KB
81 KB 40ms
40ms Image
image/jpeg 172.67.190.135
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ea.topads-site.com/fdze4mod1i/assets/thumb-big.jpg
Requested by: Host: ea.topads-site.com
URL: https://ea.topads-site.com/fdze4mod1i/?pl=W7-lkuObDEWXzHM4LgqUhA&sm=phn&click_id=83085908d2e17c30e3d82de0289174a2-11246-1212&sub_id=parkdom&nrid=94f6e98d59c5499aa23fc71d588b2cda&tbd=864000&hash=KCMMnbORxxextYm1yUCh9w&exp=1734003151
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.190.135 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: deaddba93625d2c7610076927fcd37afadad9324ca3210a2bb12784d313dd788

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://ea.topads-site.com/fdze4mod1i/?pl=W7-lkuObDEWXzHM4LgqUhA&sm=phn&click_id=83085908d2e17c30e3d82de0289174a2-11246-1212&sub_id=parkdom&nrid=94f6e98d59c5499aa23fc71d588b2cda&tbd=864000&hash=KCMMnbORxxextYm1yUCh9w&exp=1734003151

Response headers

cf-cache-status: HIT
etag: "6747379a-142bf"
age: 6531
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=qegXAhVMJBAQzdHAeSuOkDJgU6nKaU2f1nsIqMnCJvj2xoBYyT2eyAh7oLWfN%2BAHpS8zZdhR0XCsuakMzS7tQ4R%2BUFZRoGysfcBex9J8koaGonAhMLw5dH4mYjAImXimtYEYYes%3D"}],"group":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=30128&min_rtt=27537&rtt_var=2272&sent=33&recv=18&lost=0&retrans=0&sent_bytes=24377&recv_bytes=6313&delivery_rate=409226&cwnd=12000&unsent_bytes=0&cid=9592694dfb9350e9&ts=302&x=1", cfExtPri, cfHdrFlush;dur=0
date: Thu, 12 Dec 2024 11:27:36 GMT
content-type: image/jpeg
last-modified: Wed, 27 Nov 2024 15:15:38 GMT
vary: Accept-Encoding
priority: u=2,i
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 8f0d5dbb4c40c463-EWR
accept-ranges: bytes
content-length: 82623
server: cloudflare

GET
DATA 200
OK truncated
/ 2 KB
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: e7547c638fcf80efaf78ad599a3c81598071b8bab934f288d8792968f39f7838

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ 246 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: b43ef171c22c73c4c2644ee0b8094997496c3b7e7886deb93380ac5fa975a8fd

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ 237 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 8fe7a1ca687ce722902004dae991d26544e415043eac429d4cc153611712df16

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ 370 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: bfa510c4b10dcd3c82b78bebe5a955e3b9a04565a46a3d5df27024af2e547668

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ 2 KB
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 5d4408762f9d1774f06dabc68534482080329ec4d0b9a6c342a4435a7930dcd7

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer

Response headers

Content-Type: image/png

GET
H3 200 /
ea.topads-site.com/fdze4mod1i/ 60 KB
60 KB 0ms
0ms Image
text/html 172.67.190.135
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ea.topads-site.com/fdze4mod1i/?pl=W7-lkuObDEWXzHM4LgqUhA&sm=phn&click_id=83085908d2e17c30e3d82de0289174a2-11246-1212&sub_id=parkdom&nrid=94f6e98d59c5499aa23fc71d588b2cda&tbd=864000&hash=KCMMnbORxxextYm1yUCh9w&exp=1734003151
Requested by: Host: ea.topads-site.com
URL: https://ea.topads-site.com/fdze4mod1i/?pl=W7-lkuObDEWXzHM4LgqUhA&sm=phn&click_id=83085908d2e17c30e3d82de0289174a2-11246-1212&sub_id=parkdom&nrid=94f6e98d59c5499aa23fc71d588b2cda&tbd=864000&hash=KCMMnbORxxextYm1yUCh9w&exp=1734003151
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.190.135 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://ea.topads-site.com/fdze4mod1i/?pl=W7-lkuObDEWXzHM4LgqUhA&sm=phn&click_id=83085908d2e17c30e3d82de0289174a2-11246-1212&sub_id=parkdom&nrid=94f6e98d59c5499aa23fc71d588b2cda&tbd=864000&hash=KCMMnbORxxextYm1yUCh9w&exp=1734003151

Response headers

nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding: zstd
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=%2FqmyELQVYxIITrJ9MhAXvxBG0yPAvRoTHaDwRGintSVlhqwJSgPK7iBU9qpA%2F9CrvhfVdXGkFgT7lY9GTUaaTCL9ATHoDMNgh7cN%2FVksE9HN7EvsFnAPWnd3l%2Fhsw4wjxE3nHWg%3D"}],"group":"cf-nel","max_age":604800}
cf-ray: 8f0d5db9bb2cc463-EWR
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=30730&min_rtt=27537&rtt_var=10332&sent=13&recv=10&lost=0&retrans=0&sent_bytes=4308&recv_bytes=4654&delivery_rate=547&cwnd=12000&unsent_bytes=0&cid=9592694dfb9350e9&ts=251&x=1", cfExtPri, cfHdrFlush;dur=0
date: Thu, 12 Dec 2024 11:27:36 GMT
content-type: text/html
last-modified: Wed, 27 Nov 2024 15:15:38 GMT
server: cloudflare
priority: u=0,i

GET
DATA 200
OK truncated
/ 241 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 350f1f402cbef880c0609948ef9c67d90bf7ec4a9ad1e48cbbd81b43becdfafd

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ 608 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 49ed9b1e7e3fe88fb51a8a4c1adc5d3c24cb11f7363bd02e294fb732758edb21

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ 3 KB
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 7482cf4d44518772564144cead954c6bce6aeb83c6339205100bc718145228c6

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer

Response headers

Content-Type: image/png

GET
H3 200 terms.js Show response
ea.topads-site.com/shared-js/assets/ 15 KB
6 KB 39ms
38ms Script
application/javascript 172.67.190.135
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ea.topads-site.com/shared-js/assets/terms.js?v=3
Requested by: Host: ea.topads-site.com
URL: https://ea.topads-site.com/fdze4mod1i/?pl=W7-lkuObDEWXzHM4LgqUhA&sm=phn&click_id=83085908d2e17c30e3d82de0289174a2-11246-1212&sub_id=parkdom&nrid=94f6e98d59c5499aa23fc71d588b2cda&tbd=864000&hash=KCMMnbORxxextYm1yUCh9w&exp=1734003151
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.190.135 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c46c955ff315766d3f9454fae48c7043233a2490689086c8613dbb37bca8fc46

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://ea.topads-site.com/fdze4mod1i/?pl=W7-lkuObDEWXzHM4LgqUhA&sm=phn&click_id=83085908d2e17c30e3d82de0289174a2-11246-1212&sub_id=parkdom&nrid=94f6e98d59c5499aa23fc71d588b2cda&tbd=864000&hash=KCMMnbORxxextYm1yUCh9w&exp=1734003151

Response headers

content-encoding: zstd
cf-cache-status: HIT
etag: W/"67475928-3c54"
age: 12
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=IkoDr4YAoSbjPHgbIuf8Wif%2F5JGXFAM8aqz344a3ox%2FNU2yL02VO5mbb2eARKpko4Jq11ArHQ93l1B789rmtKOUhNNI%2BDruDg9A6k8kNQqiyNP32btVV2jTiZp4daroxF0nsRxU%3D"}],"group":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=39390&min_rtt=27102&rtt_var=3179&sent=116&recv=58&lost=0&retrans=0&sent_bytes=115737&recv_bytes=8892&delivery_rate=1333782&cwnd=57600&unsent_bytes=0&cid=9592694dfb9350e9&ts=401&x=1", cfExtPri, cfHdrFlush;dur=0
date: Thu, 12 Dec 2024 11:27:36 GMT
content-type: application/javascript
last-modified: Wed, 27 Nov 2024 17:38:48 GMT
vary: Accept-Encoding
priority: u=1,i=?0
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 8f0d5dbbeca6c463-EWR
server: cloudflare

GET
H3 200 static-pl.js Show response
ea.topads-site.com/shared-js/assets/ 5 KB
3 KB 39ms
38ms Script
application/javascript 172.67.190.135
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ea.topads-site.com/shared-js/assets/static-pl.js?v=6
Requested by: Host: ea.topads-site.com
URL: https://ea.topads-site.com/fdze4mod1i/?pl=W7-lkuObDEWXzHM4LgqUhA&sm=phn&click_id=83085908d2e17c30e3d82de0289174a2-11246-1212&sub_id=parkdom&nrid=94f6e98d59c5499aa23fc71d588b2cda&tbd=864000&hash=KCMMnbORxxextYm1yUCh9w&exp=1734003151
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.190.135 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f98b22d07cb47175205b82d6d2a60409799180788712f097facbe2cdfffc6a28

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://ea.topads-site.com/fdze4mod1i/?pl=W7-lkuObDEWXzHM4LgqUhA&sm=phn&click_id=83085908d2e17c30e3d82de0289174a2-11246-1212&sub_id=parkdom&nrid=94f6e98d59c5499aa23fc71d588b2cda&tbd=864000&hash=KCMMnbORxxextYm1yUCh9w&exp=1734003151

Response headers

content-encoding: zstd
cf-cache-status: HIT
etag: W/"6747379a-1261"
age: 12
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=RBEBnqkDKZ09eF4wvoVYNpxQ6aPWjsA53rTd0w1pucXinw2BhAWP%2BCRKLxkorAwZTw5gABBD6StBXpjG%2Ft8xZF7ra0PCvgigHSHjCKuyVr92d5wndLCVPJ7UsErF8PHZTkKF8hA%3D"}],"group":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=39390&min_rtt=27102&rtt_var=3179&sent=122&recv=58&lost=0&retrans=0&sent_bytes=121570&recv_bytes=8892&delivery_rate=1333782&cwnd=57600&unsent_bytes=0&cid=9592694dfb9350e9&ts=401&x=1", cfExtPri, cfHdrFlush;dur=0
date: Thu, 12 Dec 2024 11:27:36 GMT
content-type: application/javascript
last-modified: Wed, 27 Nov 2024 15:15:38 GMT
vary: Accept-Encoding
priority: u=2,i=?0
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 8f0d5dbbecaac463-EWR
server: cloudflare

GET ps.js
ea.topads-site.com/ps/ 0
0

GET
H2 200 Primary Request news Show response
www.bing.com/ 607 KB
160 KB 484ms
63ms Document
text/html 204.79.197.237

General

Check archive.org

Show headers Download Go to

Full URL: https://www.bing.com/news
Requested by: Host: ea.topads-site.com
URL: https://ea.topads-site.com/shared-js/assets/static-pl.js?v=6
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 204.79.197.237 -, , ASN (),
Reverse DNS
Software: /
Resource Hash: b5fb3a9ee3ffe8046169392db3afb4c04161a39a7bb45d35effa20f34925f879

Request headers

Referer: https://ea.topads-site.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cache-control: private
content-encoding: br
content-security-policy-report-only: script-src https: 'strict-dynamic' 'report-sample' 'wasm-unsafe-eval' 'nonce-J2CbWPKDs3LutGXVkBcvtR9jNBSMlaMzP/l23tvXYYM='; base-uri 'self';report-to csp-endpoint
content-type: text/html; charset=utf-8
date: Thu, 12 Dec 2024 11:27:36 GMT
p3p: CP="NON UNI COM NAV STA LOC CURa DEVa PSAa PSDa OUR IND"
report-to: {"group":"csp-endpoint","max_age":86400,"endpoints":[{"url":"https://aefd.nelreports.net/api/report?cat=bingcsp"}]}
useragentreductionoptout: A7kgTC5xdZ2WIVGZEfb1hUoNuvjzOZX3VIV/BA6C18kQOOF50Q0D3oWoAm49k3BQImkujKILc7JmPysWk3CSjwUAAACMeyJvcmlnaW4iOiJodHRwczovL3d3dy5iaW5nLmNvbTo0NDMiLCJmZWF0dXJlIjoiU2VuZEZ1bGxVc2VyQWdlbnRBZnRlclJlZHVjdGlvbiIsImV4cGlyeSI6MTY4NDg4NjM5OSwiaXNTdWJkb21haW4iOnRydWUsImlzVGhpcmRQYXJ0eSI6dHJ1ZX0=
vary: Accept-Encoding
x-cache: CONFIG_NOCACHE
x-eventid: 675ac8a9abbe42b3bf53e3c137a1098f
x-msedge-ref: Ref A: E85172CF2A354E69B8421B6DA4543F7D Ref B: PHL30EDGE0406 Ref C: 2024-12-12T11:27:36Z
x-ua-compatible: IE=edge

GET
H3 200 rec-1.jpg
ea.topads-site.com/fdze4mod1i/assets/ 14 KB
15 KB 51ms
50ms Image
image/jpeg 172.67.190.135
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ea.topads-site.com/fdze4mod1i/assets/rec-1.jpg
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.190.135 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://ea.topads-site.com/fdze4mod1i/?pl=W7-lkuObDEWXzHM4LgqUhA&sm=phn&click_id=83085908d2e17c30e3d82de0289174a2-11246-1212&sub_id=parkdom&nrid=94f6e98d59c5499aa23fc71d588b2cda&tbd=864000&hash=KCMMnbORxxextYm1yUCh9w&exp=1734003151

Response headers

cf-cache-status: HIT
etag: "6747379a-3844"
age: 6530
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=D4jRVmrsVS7jMV8hWCiA%2BjhnxB8nYsb1zhv4b6Q9c3pl355%2FIzfOqKyXvh0BeMXH0pSfOrUhaG8x609ha8knYe3HDbmakz6E8FTLhKZNmbM4FD9Wli9T59tWHYXI7C3oDhUtLdY%3D"}],"group":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=37027&min_rtt=27102&rtt_var=4953&sent=156&recv=78&lost=0&retrans=0&sent_bytes=146339&recv_bytes=16296&delivery_rate=114&cwnd=57600&unsent_bytes=0&cid=9592694dfb9350e9&ts=903&x=1", cfExtPri, cfHdrFlush;dur=0
date: Thu, 12 Dec 2024 11:27:36 GMT
content-type: image/jpeg
last-modified: Wed, 27 Nov 2024 15:15:38 GMT
vary: Accept-Encoding
priority: u=3,i
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 8f0d5dbf0eafc463-EWR
accept-ranges: bytes
content-length: 14404
server: cloudflare

GET
H3 200 rec-2.jpg
ea.topads-site.com/fdze4mod1i/assets/ 11 KB
11 KB 49ms
46ms Image
image/jpeg 172.67.190.135
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ea.topads-site.com/fdze4mod1i/assets/rec-2.jpg
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.190.135 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://ea.topads-site.com/fdze4mod1i/?pl=W7-lkuObDEWXzHM4LgqUhA&sm=phn&click_id=83085908d2e17c30e3d82de0289174a2-11246-1212&sub_id=parkdom&nrid=94f6e98d59c5499aa23fc71d588b2cda&tbd=864000&hash=KCMMnbORxxextYm1yUCh9w&exp=1734003151

Response headers

cf-cache-status: HIT
etag: "6747379a-2a8a"
age: 6530
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=WAuC9wgf%2FVe74G5bvd1wSm45oGCooRYigSJSwF%2BPBop%2F4gRwPZjv29E4SIUtYkKKS1seMCy%2FFBRhRyK4qzSwR44Iwp%2B1qZ4bokLAX4%2Fgv5f8kptUlFkAjVYEhaPCdQ0LOdhQJQc%3D"}],"group":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=37027&min_rtt=27102&rtt_var=4953&sent=147&recv=78&lost=0&retrans=0&sent_bytes=136507&recv_bytes=16296&delivery_rate=114&cwnd=57600&unsent_bytes=0&cid=9592694dfb9350e9&ts=902&x=1", cfExtPri, cfHdrFlush;dur=0
date: Thu, 12 Dec 2024 11:27:36 GMT
content-type: image/jpeg
last-modified: Wed, 27 Nov 2024 15:15:38 GMT
vary: Accept-Encoding
priority: u=3,i
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 8f0d5dbf0eb1c463-EWR
accept-ranges: bytes
content-length: 10890
server: cloudflare

GET
H3 200 rec-3.jpg
ea.topads-site.com/fdze4mod1i/assets/ 15 KB
16 KB 87ms
84ms Image
image/jpeg 172.67.190.135
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ea.topads-site.com/fdze4mod1i/assets/rec-3.jpg
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.190.135 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://ea.topads-site.com/fdze4mod1i/?pl=W7-lkuObDEWXzHM4LgqUhA&sm=phn&click_id=83085908d2e17c30e3d82de0289174a2-11246-1212&sub_id=parkdom&nrid=94f6e98d59c5499aa23fc71d588b2cda&tbd=864000&hash=KCMMnbORxxextYm1yUCh9w&exp=1734003151

Response headers

cf-cache-status: HIT
etag: "6747379a-3b71"
age: 6530
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=vmFn5C2yhb0J0vCG%2FxPXFspI8dVqP4bBpDuJbQqPJvcZg%2Fywc2gg9cxbSd%2F9niKd9oWxjpubK5%2FxXpsknCumm3GaWUi%2F%2BRLdUyhvtXwjUBRePlzVwmDrFzhwdMxsn4vucq3XdCo%3D"}],"group":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=37027&min_rtt=27102&rtt_var=4953&sent=187&recv=78&lost=0&retrans=0&sent_bytes=182107&recv_bytes=16296&delivery_rate=114&cwnd=57600&unsent_bytes=0&cid=9592694dfb9350e9&ts=906&x=1", cfExtPri, cfHdrFlush;dur=32
date: Thu, 12 Dec 2024 11:27:36 GMT
content-type: image/jpeg
last-modified: Wed, 27 Nov 2024 15:15:38 GMT
vary: Accept-Encoding
priority: u=3,i
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 8f0d5dbf0eb3c463-EWR
accept-ranges: bytes
content-length: 15217
server: cloudflare

GET
H3 200 rec-4.jpg
ea.topads-site.com/fdze4mod1i/assets/ 9 KB
9 KB 52ms
49ms Image
image/jpeg 172.67.190.135
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ea.topads-site.com/fdze4mod1i/assets/rec-4.jpg
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.190.135 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://ea.topads-site.com/fdze4mod1i/?pl=W7-lkuObDEWXzHM4LgqUhA&sm=phn&click_id=83085908d2e17c30e3d82de0289174a2-11246-1212&sub_id=parkdom&nrid=94f6e98d59c5499aa23fc71d588b2cda&tbd=864000&hash=KCMMnbORxxextYm1yUCh9w&exp=1734003151

Response headers

cf-cache-status: HIT
etag: "6747379a-22c4"
age: 6530
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=oePjg36gaOHdn0%2FZNyjCcHgcFr3kuFyqrSInx%2B%2FoD8%2B2dbfv%2B6jVJ1HtNbgYlU0BUpGsO4KB2HgA4a6IjQWD7RniKtguvs97U2wuuZXr26257RTwAcEO0NWqBGud1XX48G7%2BZ8Y%3D"}],"group":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=37027&min_rtt=27102&rtt_var=4953&sent=175&recv=78&lost=0&retrans=0&sent_bytes=168745&recv_bytes=16296&delivery_rate=114&cwnd=57600&unsent_bytes=0&cid=9592694dfb9350e9&ts=903&x=1", cfExtPri, cfHdrFlush;dur=0
date: Thu, 12 Dec 2024 11:27:36 GMT
content-type: image/jpeg
last-modified: Wed, 27 Nov 2024 15:15:38 GMT
vary: Accept-Encoding
priority: u=3,i
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 8f0d5dbf0eb5c463-EWR
accept-ranges: bytes
content-length: 8900
server: cloudflare

GET
H3 200 rec-5.jpg
ea.topads-site.com/fdze4mod1i/assets/ 13 KB
14 KB 87ms
85ms Image
image/jpeg 172.67.190.135
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ea.topads-site.com/fdze4mod1i/assets/rec-5.jpg
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.190.135 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://ea.topads-site.com/fdze4mod1i/?pl=W7-lkuObDEWXzHM4LgqUhA&sm=phn&click_id=83085908d2e17c30e3d82de0289174a2-11246-1212&sub_id=parkdom&nrid=94f6e98d59c5499aa23fc71d588b2cda&tbd=864000&hash=KCMMnbORxxextYm1yUCh9w&exp=1734003151

Response headers

cf-cache-status: HIT
etag: "6747379a-335d"
age: 6530
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=dPHyxOo6Ky3TwSELmi1eWo%2FvA6AuDG2AFh3pBAma86O1y7Xu6R0xcBwrdTdzu5W4amOd1sw8hbsbPn0BUtIfZRJxYC7GoDAvFOYxDzxibPBd10ohoRx%2FjCb%2BsWvuQv844dor2no%3D"}],"group":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=37027&min_rtt=27102&rtt_var=4953&sent=187&recv=78&lost=0&retrans=0&sent_bytes=182107&recv_bytes=16296&delivery_rate=114&cwnd=57600&unsent_bytes=0&cid=9592694dfb9350e9&ts=904&x=1", cfExtPri, cfHdrFlush;dur=34
date: Thu, 12 Dec 2024 11:27:36 GMT
content-type: image/jpeg
last-modified: Wed, 27 Nov 2024 15:15:38 GMT
vary: Accept-Encoding
priority: u=3,i
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 8f0d5dbf0eb7c463-EWR
accept-ranges: bytes
content-length: 13149
server: cloudflare

GET
H3 200 rec-6.jpg
ea.topads-site.com/fdze4mod1i/assets/ 16 KB
16 KB 45ms
43ms Image
image/jpeg 172.67.190.135
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ea.topads-site.com/fdze4mod1i/assets/rec-6.jpg
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.190.135 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://ea.topads-site.com/fdze4mod1i/?pl=W7-lkuObDEWXzHM4LgqUhA&sm=phn&click_id=83085908d2e17c30e3d82de0289174a2-11246-1212&sub_id=parkdom&nrid=94f6e98d59c5499aa23fc71d588b2cda&tbd=864000&hash=KCMMnbORxxextYm1yUCh9w&exp=1734003151

Response headers

cf-cache-status: HIT
etag: "6747379a-3e74"
age: 6530
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=svrYMnNDVr%2FOQRK5MyCB2hG6Or%2BYkCTm6QFwWRfqDfzzE%2BkAhMl97W%2F5Y249K1vOO7f2a0qpk1mnAhy0buxVaORydjXsEeFOV%2FTr0ieNNV%2FKFJYc3VQnrXgM8eEmwpgReqCnDo0%3D"}],"group":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=37027&min_rtt=27102&rtt_var=4953&sent=137&recv=78&lost=0&retrans=0&sent_bytes=124507&recv_bytes=16296&delivery_rate=114&cwnd=57600&unsent_bytes=0&cid=9592694dfb9350e9&ts=902&x=1", cfExtPri, cfHdrFlush;dur=0
date: Thu, 12 Dec 2024 11:27:36 GMT
content-type: image/jpeg
last-modified: Wed, 27 Nov 2024 15:15:38 GMT
vary: Accept-Encoding
priority: u=3,i
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 8f0d5dbf0eb8c463-EWR
accept-ranges: bytes
content-length: 15988
server: cloudflare

GET
H3 200 rec-7.jpg
ea.topads-site.com/fdze4mod1i/assets/ 14 KB
14 KB 90ms
88ms Image
image/jpeg 172.67.190.135
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ea.topads-site.com/fdze4mod1i/assets/rec-7.jpg
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.190.135 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://ea.topads-site.com/fdze4mod1i/?pl=W7-lkuObDEWXzHM4LgqUhA&sm=phn&click_id=83085908d2e17c30e3d82de0289174a2-11246-1212&sub_id=parkdom&nrid=94f6e98d59c5499aa23fc71d588b2cda&tbd=864000&hash=KCMMnbORxxextYm1yUCh9w&exp=1734003151

Response headers

cf-cache-status: HIT
etag: "6747379a-368b"
age: 6530
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=UC0mYZPC%2Fq3HFOJH%2FIKNvtn5ibuDjWj%2FbXxzoiOsT9r3qxkzKNCRylC1ro3%2BGbQRcNYi24jzB4tZlZpRErxfkmL5PzQ%2FKv4PKuf%2FmJ2ON8wbavkzONBCAh5bxGVp1NxAQwCOGvU%3D"}],"group":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=37027&min_rtt=27102&rtt_var=4953&sent=187&recv=78&lost=0&retrans=0&sent_bytes=182107&recv_bytes=16296&delivery_rate=114&cwnd=57600&unsent_bytes=0&cid=9592694dfb9350e9&ts=904&x=1", cfExtPri, cfHdrFlush;dur=36
date: Thu, 12 Dec 2024 11:27:36 GMT
content-type: image/jpeg
last-modified: Wed, 27 Nov 2024 15:15:38 GMT
vary: Accept-Encoding
priority: u=3,i
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 8f0d5dbf0eb9c463-EWR
accept-ranges: bytes
content-length: 13963
server: cloudflare

GET
H3 200 rec-8.jpg
ea.topads-site.com/fdze4mod1i/assets/ 13 KB
13 KB 52ms
50ms Image
image/jpeg 172.67.190.135
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ea.topads-site.com/fdze4mod1i/assets/rec-8.jpg
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.190.135 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://ea.topads-site.com/fdze4mod1i/?pl=W7-lkuObDEWXzHM4LgqUhA&sm=phn&click_id=83085908d2e17c30e3d82de0289174a2-11246-1212&sub_id=parkdom&nrid=94f6e98d59c5499aa23fc71d588b2cda&tbd=864000&hash=KCMMnbORxxextYm1yUCh9w&exp=1734003151

Response headers

cf-cache-status: HIT
etag: "6747379a-32c0"
age: 6530
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=4oIY%2FZqR9QSuLrk%2B0Hz0UhC3VGAdLcqdbV5C7ZDhl12QN6N0RTfA8u5J8n8ndqOuMaEe3ngCLs6wtdGSS%2BMG2kAOY2gb1f1j5E73bWb2zt03ZyGw0AbfOY7jP6m35KoPtGV60nI%3D"}],"group":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=37027&min_rtt=27102&rtt_var=4953&sent=184&recv=78&lost=0&retrans=0&sent_bytes=178541&recv_bytes=16296&delivery_rate=114&cwnd=57600&unsent_bytes=0&cid=9592694dfb9350e9&ts=904&x=1", cfExtPri, cfHdrFlush;dur=0
date: Thu, 12 Dec 2024 11:27:36 GMT
content-type: image/jpeg
last-modified: Wed, 27 Nov 2024 15:15:38 GMT
vary: Accept-Encoding
priority: u=3,i
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 8f0d5dbf0ebac463-EWR
accept-ranges: bytes
content-length: 12992
server: cloudflare

GET
H3 200 1.jpg
ea.topads-site.com/fdze4mod1i/assets/ 14 KB
15 KB 91ms
89ms Image
image/jpeg 172.67.190.135
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ea.topads-site.com/fdze4mod1i/assets/1.jpg
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.190.135 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://ea.topads-site.com/fdze4mod1i/?pl=W7-lkuObDEWXzHM4LgqUhA&sm=phn&click_id=83085908d2e17c30e3d82de0289174a2-11246-1212&sub_id=parkdom&nrid=94f6e98d59c5499aa23fc71d588b2cda&tbd=864000&hash=KCMMnbORxxextYm1yUCh9w&exp=1734003151

Response headers

cf-cache-status: HIT
etag: "6747379a-3844"
age: 6530
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=wIg8ltpMlQABar1Iz762GT0YsrZmpNXBeq4mUnPnSCHSyIaiE%2Bdzs0DJhuiz4Ka3ussFFVxL8jwLBLUlhgVlayzwxDrXjx3oImQTldI0w1qlX7s%2BJQpPH%2BFicYTOP2eLeQkNdDM%3D"}],"group":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=37027&min_rtt=27102&rtt_var=4953&sent=187&recv=78&lost=0&retrans=0&sent_bytes=182107&recv_bytes=16296&delivery_rate=114&cwnd=57600&unsent_bytes=0&cid=9592694dfb9350e9&ts=905&x=1", cfExtPri, cfHdrFlush;dur=35
date: Thu, 12 Dec 2024 11:27:36 GMT
content-type: image/jpeg
last-modified: Wed, 27 Nov 2024 15:15:38 GMT
vary: Accept-Encoding
priority: u=3,i
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 8f0d5dbf0ebbc463-EWR
accept-ranges: bytes
content-length: 14404
server: cloudflare

GET
H3 200 2.jpg
ea.topads-site.com/fdze4mod1i/assets/ 21 KB
21 KB 93ms
90ms Image
image/jpeg 172.67.190.135
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ea.topads-site.com/fdze4mod1i/assets/2.jpg
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.190.135 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://ea.topads-site.com/fdze4mod1i/?pl=W7-lkuObDEWXzHM4LgqUhA&sm=phn&click_id=83085908d2e17c30e3d82de0289174a2-11246-1212&sub_id=parkdom&nrid=94f6e98d59c5499aa23fc71d588b2cda&tbd=864000&hash=KCMMnbORxxextYm1yUCh9w&exp=1734003151

Response headers

cf-cache-status: HIT
etag: "6747379a-5305"
age: 6530
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=hhkP%2FOlA9VTE0nAikPmv5gGxeJ%2BvKTrUDPvvibruG3lwjJkOdpw3oNJ4j6KtXSw7TKauzuqaAtrjYBblDhl7J1mqAFq9p9Z%2FnNeDEy4BpSJOMffGtYmFtMZBtW%2B6I%2FQF9HT2BPo%3D"}],"group":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=37027&min_rtt=27102&rtt_var=4953&sent=187&recv=78&lost=0&retrans=0&sent_bytes=182107&recv_bytes=16296&delivery_rate=114&cwnd=57600&unsent_bytes=0&cid=9592694dfb9350e9&ts=907&x=1", cfExtPri, cfHdrFlush;dur=35
date: Thu, 12 Dec 2024 11:27:36 GMT
content-type: image/jpeg
last-modified: Wed, 27 Nov 2024 15:15:38 GMT
vary: Accept-Encoding
priority: u=3,i
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 8f0d5dbf1ebcc463-EWR
accept-ranges: bytes
content-length: 21253
server: cloudflare

GET
H3 200 3.jpg
ea.topads-site.com/fdze4mod1i/assets/ 11 KB
11 KB 94ms
91ms Image
image/jpeg 172.67.190.135
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ea.topads-site.com/fdze4mod1i/assets/3.jpg
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.190.135 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://ea.topads-site.com/fdze4mod1i/?pl=W7-lkuObDEWXzHM4LgqUhA&sm=phn&click_id=83085908d2e17c30e3d82de0289174a2-11246-1212&sub_id=parkdom&nrid=94f6e98d59c5499aa23fc71d588b2cda&tbd=864000&hash=KCMMnbORxxextYm1yUCh9w&exp=1734003151

Response headers

cf-cache-status: HIT
etag: "6747379a-2b56"
age: 6530
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=IFASXOmwO2be8ye1gQpg%2FhOmZllmt7kmYT4M7vPwgRNEWsBkUdj41L5F4aqeDq2kfvkaPGZbt59lTY3sPEkp3r1gkR7zdpN7lERg8P7rrfU0%2FFKYvVlf42X4RcwLh3iMrSsLgfs%3D"}],"group":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=37027&min_rtt=27102&rtt_var=4953&sent=184&recv=78&lost=0&retrans=0&sent_bytes=178541&recv_bytes=16296&delivery_rate=114&cwnd=57600&unsent_bytes=0&cid=9592694dfb9350e9&ts=904&x=1", cfExtPri, cfHdrFlush;dur=39
date: Thu, 12 Dec 2024 11:27:36 GMT
content-type: image/jpeg
last-modified: Wed, 27 Nov 2024 15:15:38 GMT
vary: Accept-Encoding
priority: u=3,i
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 8f0d5dbf1ebec463-EWR
accept-ranges: bytes
content-length: 11094
server: cloudflare

GET
H3 200 4.jpg
ea.topads-site.com/fdze4mod1i/assets/ 13 KB
14 KB 94ms
92ms Image
image/jpeg 172.67.190.135
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ea.topads-site.com/fdze4mod1i/assets/4.jpg
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.190.135 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://ea.topads-site.com/fdze4mod1i/?pl=W7-lkuObDEWXzHM4LgqUhA&sm=phn&click_id=83085908d2e17c30e3d82de0289174a2-11246-1212&sub_id=parkdom&nrid=94f6e98d59c5499aa23fc71d588b2cda&tbd=864000&hash=KCMMnbORxxextYm1yUCh9w&exp=1734003151

Response headers

cf-cache-status: HIT
etag: "6747379a-352b"
age: 6530
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=oAWhpwwZgcrqLMxvq8PcwZN70X18OOv8wxeWMhbMAV2FMyxjRWxugKUVmVfpSctVuauupKl%2BXQg%2B45%2F%2FPg%2FORTcM0cHYmF3gIYmoVoJQGZgGNyx91oaOkDhPjGo91sYBWEamIyU%3D"}],"group":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=37027&min_rtt=27102&rtt_var=4953&sent=187&recv=78&lost=0&retrans=0&sent_bytes=182107&recv_bytes=16296&delivery_rate=114&cwnd=57600&unsent_bytes=0&cid=9592694dfb9350e9&ts=907&x=1", cfExtPri, cfHdrFlush;dur=36
date: Thu, 12 Dec 2024 11:27:36 GMT
content-type: image/jpeg
last-modified: Wed, 27 Nov 2024 15:15:38 GMT
vary: Accept-Encoding
priority: u=3,i
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 8f0d5dbf1ebfc463-EWR
accept-ranges: bytes
content-length: 13611
server: cloudflare

GET
H3 200 5.jpg
ea.topads-site.com/fdze4mod1i/assets/ 11 KB
12 KB 96ms
94ms Image
image/jpeg 172.67.190.135
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ea.topads-site.com/fdze4mod1i/assets/5.jpg
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.190.135 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://ea.topads-site.com/fdze4mod1i/?pl=W7-lkuObDEWXzHM4LgqUhA&sm=phn&click_id=83085908d2e17c30e3d82de0289174a2-11246-1212&sub_id=parkdom&nrid=94f6e98d59c5499aa23fc71d588b2cda&tbd=864000&hash=KCMMnbORxxextYm1yUCh9w&exp=1734003151

Response headers

cf-cache-status: HIT
etag: "6747379a-2dc1"
age: 6530
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=cJMlq7d0fOZsA%2BdYaUmxhtZVr1m4HprPeuuVEm9XZoeKv0Y8yxu63EvJYRYdhIjJDK1f8ORL2prcfHWoY4Gi6fodwFDRwrfaU0dKLYy%2Bg%2BqVtdPmVzxAGUxAjzws2J6PIrcIAbk%3D"}],"group":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=37027&min_rtt=27102&rtt_var=4953&sent=187&recv=78&lost=0&retrans=0&sent_bytes=182107&recv_bytes=16296&delivery_rate=114&cwnd=57600&unsent_bytes=0&cid=9592694dfb9350e9&ts=906&x=1", cfExtPri, cfHdrFlush;dur=39
date: Thu, 12 Dec 2024 11:27:36 GMT
content-type: image/jpeg
last-modified: Wed, 27 Nov 2024 15:15:38 GMT
vary: Accept-Encoding
priority: u=3,i
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 8f0d5dbf1ec1c463-EWR
accept-ranges: bytes
content-length: 11713
server: cloudflare

GET
H2 200 8j1pxoa6lVSBuEk6LnFyGM_pxaU.br.css
r.bing.com/rp/ 1 KB
1 KB 655ms
173ms Stylesheet
text/css 23.73.207.8

General

Check archive.org

Show headers Download Go to

Full URL: https://r.bing.com/rp/8j1pxoa6lVSBuEk6LnFyGM_pxaU.br.css
Requested by: Host: www.bing.com
URL: https://www.bing.com/news
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.73.207.8 -, , ASN (),
Reverse DNS
Software: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash: 02735ca0389ca4b14f0eb6b4bd53d279887af449269a349e3bb8e09b1de1f212

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://www.bing.com/

Response headers

content-md5: snZEvTACesY6rlbEa7d1kg==
content-encoding: br
x-ms-version: 2009-09-19
etag: 0x8DCEC879128E6B9
x-ms-lease-status: unlocked
report-to: {"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://aefd.nelreports.net/api/report?cat=bingaotak"}]}
expires: Mon, 16 Dec 2024 13:59:19 GMT
alt-svc: h3=":443"; ma=93600
date: Thu, 12 Dec 2024 11:27:37 GMT
last-modified: Mon, 14 Oct 2024 19:36:57 GMT
content-type: text/css
cache-control: public, no-transform, max-age=354702
timing-allow-origin: *
nel: {"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":1.0}
x-ms-request-id: c6103907-101e-0078-20bc-363afe000000
access-control-allow-origin: *
content-length: 515
akamai-grn: 0.8d9b3e17.1734002857.1259596b
x-ms-blob-type: BlockBlob
server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0

GET
H2 200 -EZ3_E7ynAvG4WDjTxZ9rUpEwcA.br.js Show response
www.bing.com/rp/ 19 KB
8 KB 37ms
37ms Script
text/javascript 204.79.197.237

General

Check archive.org

Show headers Download Go to

Full URL: https://www.bing.com/rp/-EZ3_E7ynAvG4WDjTxZ9rUpEwcA.br.js
Requested by: Host: www.bing.com
URL: https://www.bing.com/news
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 204.79.197.237 -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 525fa9e3b57abee5ed411c5eba2f74dff25d2591bbc142a976de1604e2502d9e

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin: https://www.bing.com
Referer: https://www.bing.com/news

Response headers

content-md5: ubIJCEWm4UOwf1nNsWHafQ==
content-encoding: br
x-ms-version: 2009-09-19
etag: 0x8DD09299CE6ADE7
x-ms-lease-status: unlocked
report-to: {"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://aefd.nelreports.net/api/report?cat=bingaot"}]}
x-cache: TCP_HIT
date: Thu, 12 Dec 2024 11:27:36 GMT
content-type: text/javascript; charset=utf-8
last-modified: Wed, 20 Nov 2024 06:07:28 GMT
cache-control: public, max-age=432000, no-transform, immutable
timing-allow-origin: *
nel: {"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":1.0}
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 36B1B75B866946F3B8D4EF2916F06706 Ref B: PHL30EDGE0406 Ref C: 2024-12-12T11:27:37Z
cross-origin-resource-policy: cross-origin
x-azure-ref-originshield: Ref A: BF97FE649C434F2A980B2D30D866CEE7 Ref B: MNZ221060605031 Ref C: 2024-12-08T22:55:18Z
x-ms-request-id: 10b9cf4e-101e-0078-7bb3-493afe000000
access-control-allow-origin: *
content-length: 7594
x-ms-blob-type: BlockBlob

GET
H2 200 X34ZXhnosR92xwKLdl9fnNZPvm4.br.css
r.bing.com/rp/ 29 KB
7 KB 474ms
174ms Stylesheet
text/css 23.73.207.8

General

Check archive.org

Show headers Download Go to

Full URL: https://r.bing.com/rp/X34ZXhnosR92xwKLdl9fnNZPvm4.br.css
Requested by: Host: www.bing.com
URL: https://www.bing.com/news
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.73.207.8 -, , ASN (),
Reverse DNS
Software: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash: d8f63a2b6f611cb810b052ce1506897d3853de261b55e05fdb2cb1f27e10b691

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://www.bing.com/

Response headers

content-md5: lP9NnSmszh0xlbqJaGiVIA==
content-encoding: br
x-ms-version: 2009-09-19
etag: 0x8DD049132243D17
x-ms-lease-status: unlocked
report-to: {"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://aefd.nelreports.net/api/report?cat=bingaotak"}]}
expires: Fri, 13 Dec 2024 03:09:13 GMT
alt-svc: h3=":443"; ma=93600
date: Thu, 12 Dec 2024 11:27:37 GMT
content-type: text/css
last-modified: Thu, 14 Nov 2024 09:46:21 GMT
cache-control: public, no-transform, max-age=56496
timing-allow-origin: *
nel: {"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":1.0}
x-ms-request-id: 9ddc152d-601e-001a-54bc-367d26000000
access-control-allow-origin: *
content-length: 6881
akamai-grn: 0.8d9b3e17.1734002857.1259596c
x-ms-blob-type: BlockBlob
server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0

GET
H2 200 CZwKVRB4ciQqBqIc5xpa4fPkn8A.js Show response
r.bing.com/rs/6r/f0/jnc,nj/ 85 KB
32 KB 593ms
98ms Script
application/x-javascript 23.73.207.8

General

Check archive.org

Show headers Download Go to

Full URL: https://r.bing.com/rs/6r/f0/jnc,nj/CZwKVRB4ciQqBqIc5xpa4fPkn8A.js?or=w
Requested by: Host: www.bing.com
URL: https://www.bing.com/news
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.73.207.8 -, , ASN (),
Reverse DNS
Software: Kestrel /
Resource Hash: 0a6af207f11b2c723d038ee5744976820f07d77b8852912fe131a168b9053ba4

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin: https://www.bing.com
Referer: https://www.bing.com/

Response headers

x-as-machinename: BNZEEAP00016A30
x-eventid: 670e37d538624117975bc4a6a71c3d07
content-encoding: br
report-to: {"group":"csp-endpoint","max_age":86400,"endpoints":[{"url":"https://aefd.nelreports.net/api/report?cat=bingcsp"}]}, {"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://aefd.nelreports.net/api/report?cat=bingrms"}]}
expires: Fri, 13 Dec 2024 06:27:40 GMT
alt-svc: h3=":443"; ma=93600
x-as-instrumentationoptions: AppServerLoggingMaster=1
x-as-suppresssetcookie: 1
content-type: application/x-javascript; charset=utf-8
last-modified: Mon, 14 Oct 2024 12:41:15 GMT
access-control-allow-headers: *
date: Thu, 12 Dec 2024 11:27:37 GMT
nel: {"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":0.75}
cache-control: public, max-age=68403
timing-allow-origin: *
accept-ch: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, ECT, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
cross-origin-resource-policy: cross-origin
content-security-policy-report-only: script-src https: 'strict-dynamic' 'report-sample' 'wasm-unsafe-eval' 'nonce-Geut3lTqxH4colCFq4K7XPGi/pkrkXeNwSgfZil/EI4='; base-uri 'self';report-to csp-endpoint
useragentreductionoptout: A7kgTC5xdZ2WIVGZEfb1hUoNuvjzOZX3VIV/BA6C18kQOOF50Q0D3oWoAm49k3BQImkujKILc7JmPysWk3CSjwUAAACMeyJvcmlnaW4iOiJodHRwczovL3d3dy5iaW5nLmNvbTo0NDMiLCJmZWF0dXJlIjoiU2VuZEZ1bGxVc2VyQWdlbnRBZnRlclJlZHVjdGlvbiIsImV4cGlyeSI6MTY4NDg4NjM5OSwiaXNTdWJkb21haW4iOnRydWUsImlzVGhpcmRQYXJ0eSI6dHJ1ZX0=
access-control-allow-origin: *
content-length: 31783
akamai-grn: 0.859b3e17.1734002857.12482fdd
server: Kestrel

GET
H2 200 th
www.bing.com/ 5 KB
5 KB 78ms
77ms Image
image/jpeg 204.79.197.237

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.bing.com/th?id=OVFT.l0FoveHYAZq4n1GUV6QJhC&pid=News&w=308&h=178&c=14&rs=2&qlt=30
Requested by: Host: www.bing.com
URL: https://www.bing.com/news
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 204.79.197.237 -, , ASN (),
Reverse DNS
Software: /
Resource Hash: ff833cd09b4244a8bf3ebb9694650b27d9a980dd15d6069f19b6e413232d254a

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://www.bing.com/news

Response headers

cache-control: public, max-age=2592000
timing-allow-origin: *
nel: {"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":1.0}
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: C52C72C013C44784B3C97542A995C224 Ref B: PHL30EDGE0406 Ref C: 2024-12-12T11:27:37Z
report-to: {"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://aefd.nelreports.net/api/report?cat=bingth&ndcParam=QUZE"}]}
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: *
x-cache: TCP_MISS
content-length: 5228
date: Thu, 12 Dec 2024 11:27:36 GMT
content-type: image/jpeg
access-control-allow-headers: *

GET
H2 200 th
www.bing.com/ 8 KB
8 KB 184ms
184ms Image
image/jpeg 204.79.197.237

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.bing.com/th?id=ORMS.fdb1ca4d53d923553b90e8a3ad97d658&pid=Wdp&w=308&h=178&c=14&rs=2&qlt=30
Requested by: Host: www.bing.com
URL: https://www.bing.com/news
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 204.79.197.237 -, , ASN (),
Reverse DNS
Software: /
Resource Hash: bb28cfd9873c40f78c54fb1fecba4d12205f9136757fb8953d73b4be3d2656bf

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://www.bing.com/news

Response headers

cache-control: public, max-age=2592000
timing-allow-origin: *
nel: {"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":1.0}
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 3C2464DE9D244E84904D1B8D6672554D Ref B: PHL30EDGE0406 Ref C: 2024-12-12T11:27:37Z
report-to: {"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://aefd.nelreports.net/api/report?cat=bingth&ndcParam=QUZE"}]}
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: *
x-cache: TCP_MISS
content-length: 8215
date: Thu, 12 Dec 2024 11:27:36 GMT
content-type: image/jpeg
access-control-allow-headers: *

GET
H2 200 th
www.bing.com/ 3 KB
4 KB 66ms
66ms Image
image/jpeg 204.79.197.237

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.bing.com/th?id=OVFT.NYzZbJfyl8kzfG4Ss72WXi&pid=News&w=308&h=178&c=14&rs=2&qlt=30
Requested by: Host: www.bing.com
URL: https://www.bing.com/news
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 204.79.197.237 -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 7470d7c71dbbb187ded55633e04ac0fd5e869063f08a87f779d8c02f591b40a5

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://www.bing.com/news

Response headers

cache-control: public, max-age=2592000
timing-allow-origin: *
nel: {"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":1.0}
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 9F14136B22DD426D89DFBB2E6A64DC28 Ref B: PHL30EDGE0406 Ref C: 2024-12-12T11:27:37Z
report-to: {"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://aefd.nelreports.net/api/report?cat=bingth&ndcParam=QUZE"}]}
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: *
x-cache: TCP_MISS
content-length: 3456
date: Thu, 12 Dec 2024 11:27:36 GMT
content-type: image/jpeg
access-control-allow-headers: *

GET
H2 200 th
www.bing.com/ 8 KB
8 KB 29ms
29ms Image
image/jpeg 204.79.197.237

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.bing.com/th?id=OVFT.97QzHut4-VZGx9PUowINCi&pid=News&w=308&h=178&c=14&rs=2&qlt=30
Requested by: Host: www.bing.com
URL: https://www.bing.com/news
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 204.79.197.237 -, , ASN (),
Reverse DNS
Software: /
Resource Hash: b7a51e49350ca3bb67cc72d2cd3c6facea93a9ab9040399718f7336efe3e2503

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://www.bing.com/news

Response headers

cache-control: public, max-age=2592000
timing-allow-origin: *
nel: {"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":1.0}
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: F91FCABCCC5B4B29B41903882A66CA76 Ref B: PHL30EDGE0406 Ref C: 2024-12-12T11:27:37Z
report-to: {"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://aefd.nelreports.net/api/report?cat=bingth&ndcParam=QUZE"}]}
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: *
x-cache: TCP_HIT
content-length: 8058
date: Thu, 12 Dec 2024 11:27:36 GMT
content-type: image/jpeg
access-control-allow-headers: *

GET
H2 200 th
www.bing.com/ 6 KB
6 KB 60ms
60ms Image
image/jpeg 204.79.197.237

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.bing.com/th?id=OVFT.3O6Fw-0VlUond76ifGauIS&pid=News&w=308&h=178&c=14&rs=2&qlt=30
Requested by: Host: www.bing.com
URL: https://www.bing.com/news
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 204.79.197.237 -, , ASN (),
Reverse DNS
Software: /
Resource Hash: d76ecb81344f3a4db0bc3e6c3dd82052e7d8af51d876ed70e5462a93bda28b68

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://www.bing.com/news

Response headers

cache-control: public, max-age=2592000
timing-allow-origin: *
nel: {"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":1.0}
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 69AA0C47645B4D1E8FE248D0A69DEFD2 Ref B: PHL30EDGE0406 Ref C: 2024-12-12T11:27:37Z
report-to: {"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://aefd.nelreports.net/api/report?cat=bingth&ndcParam=QUZE"}]}
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: *
x-cache: TCP_MISS
content-length: 5746
date: Thu, 12 Dec 2024 11:27:36 GMT
content-type: image/jpeg
access-control-allow-headers: *

GET
H2 200 th
www.bing.com/ 1 KB
2 KB 75ms
69ms Image
image/jpeg 204.79.197.237

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.bing.com/th?id=OVFT.4G11OZ3pFr9PSRFhNSlegi&pid=News&w=66&h=66&c=14&rs=2&qlt=30
Requested by: Host: www.bing.com
URL: https://www.bing.com/news
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 204.79.197.237 -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 00c76fb178880f41a1ff4c7c4bfaa04efac4b87017ff566bf1b02911bb0e3cea

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://www.bing.com/news

Response headers

cache-control: public, max-age=2592000
timing-allow-origin: *
nel: {"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":1.0}
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 77AB3F887A7043B4A38EBDCFB7744135 Ref B: PHL30EDGE0406 Ref C: 2024-12-12T11:27:37Z
report-to: {"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://aefd.nelreports.net/api/report?cat=bingth&ndcParam=QUZE"}]}
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: *
x-cache: TCP_MISS
content-length: 1397
date: Thu, 12 Dec 2024 11:27:37 GMT
content-type: image/jpeg
access-control-allow-headers: *

GET
H2 200 th
www.bing.com/ 2 KB
2 KB 81ms
75ms Image
image/jpeg 204.79.197.237

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.bing.com/th?id=OVFT.97QzHut4-VZGx9PUowINCi&pid=News&w=66&h=66&c=14&rs=2&qlt=30
Requested by: Host: www.bing.com
URL: https://www.bing.com/news
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 204.79.197.237 -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 5d2608184f84dcd22c2cb7fac0df880ab1c4bd93651cb92975ae82f2f2ffad1d

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://www.bing.com/news

Response headers

cache-control: public, max-age=2592000
timing-allow-origin: *
nel: {"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":1.0}
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: A26B5D30E2FB44DDA77F1507F14D4373 Ref B: PHL30EDGE0406 Ref C: 2024-12-12T11:27:37Z
report-to: {"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://aefd.nelreports.net/api/report?cat=bingth&ndcParam=QUZE"}]}
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: *
x-cache: TCP_MISS
content-length: 1560
date: Thu, 12 Dec 2024 11:27:37 GMT
content-type: image/jpeg
access-control-allow-headers: *

GET
H2 200 th
www.bing.com/ 2 KB
2 KB 80ms
75ms Image
image/jpeg 204.79.197.237

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.bing.com/th?id=OVFT.t0dxAS1XIz6Vs9WHPTmC0i&pid=News&w=66&h=66&c=14&rs=2&qlt=30
Requested by: Host: www.bing.com
URL: https://www.bing.com/news
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 204.79.197.237 -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 9ac26c57f1e48c5b356a06e07eb7573bcd342a6a171b7d4ccf48b30cc67c6c07

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://www.bing.com/news

Response headers

cache-control: public, max-age=2592000
timing-allow-origin: *
nel: {"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":1.0}
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 66E814FBD1B944D19BF3E6B1F66B797F Ref B: PHL30EDGE0406 Ref C: 2024-12-12T11:27:37Z
report-to: {"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://aefd.nelreports.net/api/report?cat=bingth&ndcParam=QUZE"}]}
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: *
x-cache: TCP_MISS
content-length: 1567
date: Thu, 12 Dec 2024 11:27:37 GMT
content-type: image/jpeg
access-control-allow-headers: *

GET
H2 200 th
www.bing.com/ 1 KB
2 KB 76ms
71ms Image
image/jpeg 204.79.197.237

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.bing.com/th?id=OVFT.8kGBA6fDF0SkfnQlT-19Wi&pid=News&w=66&h=66&c=14&rs=2&qlt=30
Requested by: Host: www.bing.com
URL: https://www.bing.com/news
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 204.79.197.237 -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 7d34981ae96a17840db7ae4b69eed2827d0bb07b7ce97ca7ac2ef8c4fabf8f5b

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://www.bing.com/news

Response headers

cache-control: public, max-age=2592000
timing-allow-origin: *
nel: {"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":1.0}
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 14CEC00061C344899824C76481B17A63 Ref B: PHL30EDGE0406 Ref C: 2024-12-12T11:27:37Z
report-to: {"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://aefd.nelreports.net/api/report?cat=bingth&ndcParam=QUZE"}]}
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: *
x-cache: TCP_MISS
content-length: 1265
date: Thu, 12 Dec 2024 11:27:37 GMT
content-type: image/jpeg
access-control-allow-headers: *

GET
H2 200 th
www.bing.com/ 1 KB
1 KB 79ms
74ms Image
image/jpeg 204.79.197.237

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.bing.com/th?id=OVFT.fUnZBxjREvNq2nFWLSY86C&pid=News&w=66&h=66&c=14&rs=2&qlt=30
Requested by: Host: www.bing.com
URL: https://www.bing.com/news
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 204.79.197.237 -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 4dfd0b2d52804141be5bbbbc300b9e8d1960adcac6654463d3d65e670389fe23

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://www.bing.com/news

Response headers

cache-control: public, max-age=2592000
timing-allow-origin: *
nel: {"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":1.0}
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 7522078F427E4EA39190296FD70DB9E5 Ref B: PHL30EDGE0406 Ref C: 2024-12-12T11:27:37Z
report-to: {"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://aefd.nelreports.net/api/report?cat=bingth&ndcParam=QUZE"}]}
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: *
x-cache: TCP_MISS
content-length: 1308
date: Thu, 12 Dec 2024 11:27:37 GMT
content-type: image/jpeg
access-control-allow-headers: *

GET
H2 200 th
www.bing.com/ 1 KB
2 KB 38ms
34ms Image
image/jpeg 204.79.197.237

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.bing.com/th?id=ORMS.a27fac69151a91948db08e12e06a0dcc&pid=Wdp&w=66&h=66&c=14&rs=2&qlt=30
Requested by: Host: www.bing.com
URL: https://www.bing.com/news
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 204.79.197.237 -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 136174c78895bf883ae8f1c5c29edfddec790a9a8010e0e81f575a879853234f

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://www.bing.com/news

Response headers

cache-control: public, max-age=2592000
timing-allow-origin: *
nel: {"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":1.0}
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: F7891C5AAE764D1190D404918FA52D20 Ref B: PHL30EDGE0406 Ref C: 2024-12-12T11:27:37Z
report-to: {"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://aefd.nelreports.net/api/report?cat=bingth&ndcParam=QUZE"}]}
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: *
x-cache: TCP_HIT
content-length: 1476
date: Thu, 12 Dec 2024 11:27:37 GMT
content-type: image/jpeg
access-control-allow-headers: *

GET
H2 200 th
www.bing.com/ 3 KB
3 KB 123ms
119ms Image
image/jpeg 204.79.197.237

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.bing.com/th?id=OVFT.fVAI1fsSY6bOaLmwLdOe8C&pid=News&w=300&h=200&c=14&rs=2&qlt=30
Requested by: Host: www.bing.com
URL: https://www.bing.com/news
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 204.79.197.237 -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 256ceba5cf33fff981740dfab07c3f60eb530b2cc9f04d54f223ebcc23bf28ad

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://www.bing.com/news

Response headers

cache-control: public, max-age=2592000
timing-allow-origin: *
nel: {"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":1.0}
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 0712273FB822441B91565D363F636034 Ref B: PHL30EDGE0406 Ref C: 2024-12-12T11:27:37Z
report-to: {"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://aefd.nelreports.net/api/report?cat=bingth&ndcParam=QUZE"}]}
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: *
x-cache: TCP_MISS
content-length: 3039
date: Thu, 12 Dec 2024 11:27:37 GMT
content-type: image/jpeg
access-control-allow-headers: *

GET
H2 200 th
www.bing.com/ 10 KB
10 KB 77ms
73ms Image
image/jpeg 204.79.197.237

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.bing.com/th?id=OVFT.m5RdXoPJzSgCzgfIf_UWGy&pid=News&w=300&h=200&c=14&rs=2&qlt=30
Requested by: Host: www.bing.com
URL: https://www.bing.com/news
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 204.79.197.237 -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 365cf48e36e1667f98d80222ce3321848e72edeba9c5b00bce55ca0b67b3cb1d

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://www.bing.com/news

Response headers

cache-control: public, max-age=2592000
timing-allow-origin: *
nel: {"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":1.0}
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 92D209A2202F4179AC948DA116B42CFA Ref B: PHL30EDGE0406 Ref C: 2024-12-12T11:27:37Z
report-to: {"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://aefd.nelreports.net/api/report?cat=bingth&ndcParam=QUZE"}]}
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: *
x-cache: TCP_MISS
content-length: 10330
date: Thu, 12 Dec 2024 11:27:37 GMT
content-type: image/jpeg
access-control-allow-headers: *

GET
H2 200 th
www.bing.com/ 4 KB
4 KB 76ms
72ms Image
image/jpeg 204.79.197.237

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.bing.com/th?id=OVFT.PNEC3T8KpUlwkCLoGkttGC&pid=News&w=300&h=200&c=14&rs=2&qlt=30
Requested by: Host: www.bing.com
URL: https://www.bing.com/news
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 204.79.197.237 -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 91fbb7d307f495a8d7343723c31b4b0eff5d1502bf995e3ed5da309195ac31fe

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://www.bing.com/news

Response headers

cache-control: public, max-age=2592000
timing-allow-origin: *
nel: {"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":1.0}
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 52EEA8CDE1B446318459CD239BB52A7A Ref B: PHL30EDGE0406 Ref C: 2024-12-12T11:27:37Z
report-to: {"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://aefd.nelreports.net/api/report?cat=bingth&ndcParam=QUZE"}]}
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: *
x-cache: TCP_MISS
content-length: 4138
date: Thu, 12 Dec 2024 11:27:37 GMT
content-type: image/jpeg
access-control-allow-headers: *

GET
H2 200 th
www.bing.com/ 9 KB
9 KB 80ms
76ms Image
image/jpeg 204.79.197.237

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.bing.com/th?id=OVFT.FS57wayVV1dGvkFIhzHCAC&pid=News&w=300&h=200&c=14&rs=2&qlt=30
Requested by: Host: www.bing.com
URL: https://www.bing.com/news
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 204.79.197.237 -, , ASN (),
Reverse DNS
Software: /
Resource Hash: feb49e3d43801ac861845a7baa9a6459795776125b9aeae5edc3417d75f4ed59

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://www.bing.com/news

Response headers

cache-control: public, max-age=2592000
timing-allow-origin: *
nel: {"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":1.0}
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 0E9EACBDE816453E95FCB881F2020A83 Ref B: PHL30EDGE0406 Ref C: 2024-12-12T11:27:37Z
report-to: {"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://aefd.nelreports.net/api/report?cat=bingth&ndcParam=QUZE"}]}
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: *
x-cache: TCP_MISS
content-length: 9231
date: Thu, 12 Dec 2024 11:27:37 GMT
content-type: image/jpeg
access-control-allow-headers: *

GET
H2 200 th
www.bing.com/ 6 KB
6 KB 93ms
90ms Image
image/jpeg 204.79.197.237

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.bing.com/th?id=OVFT.4MEnoTLGMk-po4o9-q_E2S&pid=News&w=300&h=200&c=14&rs=2&qlt=30
Requested by: Host: www.bing.com
URL: https://www.bing.com/news
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 204.79.197.237 -, , ASN (),
Reverse DNS
Software: /
Resource Hash: a1780e44232fadff6973814489b2103c65b1a4a5a844e52ac3e8c7aa6e7642f2

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://www.bing.com/news

Response headers

cache-control: public, max-age=2592000
timing-allow-origin: *
nel: {"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":1.0}
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 841124C440834E0A8C5364D3C988D160 Ref B: PHL30EDGE0406 Ref C: 2024-12-12T11:27:37Z
report-to: {"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://aefd.nelreports.net/api/report?cat=bingth&ndcParam=QUZE"}]}
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: *
x-cache: TCP_MISS
content-length: 6116
date: Thu, 12 Dec 2024 11:27:37 GMT
content-type: image/jpeg
access-control-allow-headers: *

GET
H2 200 X36VNDAC44NgoMtBJ54W0f5aDP8.png
r.bing.com/rp/ 229 B
824 B 93ms
91ms Image
image/png 23.73.207.8

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://r.bing.com/rp/X36VNDAC44NgoMtBJ54W0f5aDP8.png
Requested by: Host: www.bing.com
URL: https://www.bing.com/news
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.73.207.8 -, , ASN (),
Reverse DNS
Software: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash: c66cf10a2e1ee46e56380c7d98d59a42a87e0317a283c63b389643710de56f56

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://www.bing.com/

Response headers

content-md5: 3TQxU4vWqZvFyuSag0k4zA==
x-ms-version: 2009-09-19
x-ms-lease-status: unlocked
etag: 0x8DCD88EAA11BE8D
report-to: {"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://aefd.nelreports.net/api/report?cat=bingaotak"}]}
expires: Sat, 14 Dec 2024 01:10:50 GMT
alt-svc: h3=":443"; ma=93600
date: Thu, 12 Dec 2024 11:27:37 GMT
last-modified: Thu, 19 Sep 2024 09:37:23 GMT
content-type: image/png
cache-control: public, no-transform, max-age=135793
timing-allow-origin: *
nel: {"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":1.0}
x-ms-request-id: e1f08862-901e-004b-14da-1463d3000000
access-control-allow-origin: *
content-length: 229
akamai-grn: 0.8d9b3e17.1734002857.12595c31
x-ms-blob-type: BlockBlob
server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0

GET
H2 200 fR5Lloge8ADOj_fhhjhY_5ZehaU.br.js Show response
r.bing.com/rp/ 942 B
1 KB 414ms
108ms Script
text/javascript 23.73.207.8

General

Check archive.org

Show headers Download Go to

Full URL: https://r.bing.com/rp/fR5Lloge8ADOj_fhhjhY_5ZehaU.br.js
Requested by: Host: www.bing.com
URL: https://www.bing.com/news
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.73.207.8 -, , ASN (),
Reverse DNS
Software: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash: c336ef4f4bdcd30e14778115c208f64423618e2c0ea8dbe9128db5861f88536c

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin: https://www.bing.com
Referer: https://www.bing.com/

Response headers

content-md5: LEeKMPMOEm6Ji3MsKdF8lQ==
content-encoding: br
x-ms-version: 2009-09-19
etag: 0x8DCD88FDB2E6100
x-ms-lease-status: unlocked
report-to: {"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://aefd.nelreports.net/api/report?cat=bingaotak"}]}
expires: Mon, 16 Dec 2024 00:10:53 GMT
alt-svc: h3=":443"; ma=93600
date: Thu, 12 Dec 2024 11:27:37 GMT
last-modified: Thu, 19 Sep 2024 09:45:54 GMT
content-type: text/javascript; charset=utf-8
cache-control: public, no-transform, max-age=304996
timing-allow-origin: *
nel: {"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":1.0}
x-ms-request-id: 0c2463f0-c01e-0017-2615-17922a000000
access-control-allow-origin: *
content-length: 489
akamai-grn: 0.859b3e17.1734002857.12482fde
x-ms-blob-type: BlockBlob
server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0

GET
H2 200 qwce00QJxdHzNxXh5H1mBc8QgBU.br.js Show response
r.bing.com/rp/ 280 B
797 B 360ms
108ms Script
text/javascript 23.73.207.8

General

Check archive.org

Show headers Download Go to

Full URL: https://r.bing.com/rp/qwce00QJxdHzNxXh5H1mBc8QgBU.br.js
Requested by: Host: www.bing.com
URL: https://www.bing.com/news
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.73.207.8 -, , ASN (),
Reverse DNS
Software: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash: 02f6e697a3aab3be32f5fb28488862bf9ed344b4d60ccdf85cd1e244ff285c62

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin: https://www.bing.com
Referer: https://www.bing.com/

Response headers

content-md5: v9w4V2ItZPq2nYGNSEmAzA==
content-encoding: br
x-ms-version: 2009-09-19
etag: 0x8DCD890F8606BAA
x-ms-lease-status: unlocked
report-to: {"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://aefd.nelreports.net/api/report?cat=bingaotak"}]}
expires: Tue, 17 Dec 2024 03:38:36 GMT
alt-svc: h3=":443"; ma=93600
date: Thu, 12 Dec 2024 11:27:37 GMT
last-modified: Thu, 19 Sep 2024 09:53:53 GMT
content-type: text/javascript; charset=utf-8
cache-control: public, no-transform, max-age=403859
timing-allow-origin: *
nel: {"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":1.0}
x-ms-request-id: 391d9891-401e-002f-41bb-17d373000000
access-control-allow-origin: *
content-length: 181
akamai-grn: 0.859b3e17.1734002857.12482fdf
x-ms-blob-type: BlockBlob
server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0

GET
H2 200 0KrsBMKWyD66Rwt3tiMAonQOyGw.br.js
r.bing.com/rp/ 76 B
706 B 402ms
101ms Script
text/javascript 23.73.207.8

General

Check archive.org

Show headers Download Go to

Full URL: https://r.bing.com/rp/0KrsBMKWyD66Rwt3tiMAonQOyGw.br.js
Requested by: Host: www.bing.com
URL: https://www.bing.com/news
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.73.207.8 -, , ASN (),
Reverse DNS
Software: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin: https://www.bing.com
Referer: https://www.bing.com/

Response headers

content-md5: z5nlqd31IzcYeLY5KGuaJg==
x-ms-version: 2009-09-19
x-ms-lease-status: unlocked
etag: 0x8DCEC862D6A0D11
content-encoding: gzip
report-to: {"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://aefd.nelreports.net/api/report?cat=bingaotak"}]}
expires: Sat, 14 Dec 2024 23:06:49 GMT
alt-svc: h3=":443"; ma=93600
date: Thu, 12 Dec 2024 11:27:38 GMT
last-modified: Mon, 14 Oct 2024 19:27:01 GMT
content-type: text/javascript; charset=utf-8
vary: Accept-Encoding
cache-control: public, no-transform, max-age=214751
timing-allow-origin: *
nel: {"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":1.0}
x-ms-request-id: fae2c32a-e01e-0022-208c-1e3c7f000000
access-control-allow-origin: *
content-length: 80
akamai-grn: 0.859b3e17.1734002858.12483429
x-ms-blob-type: BlockBlob
server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0

GET yG-VKtw9KVp4guUc78vx7p1Xo98.br.js
r.bing.com/rp/ 0
0

GET
H2 200 ytiieusXgM2K8bLkEDP-AS1ePds.png
r.bing.com/rp/ 109 B
702 B 93ms
91ms Image
image/png 23.73.207.8

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://r.bing.com/rp/ytiieusXgM2K8bLkEDP-AS1ePds.png
Requested by: Host: www.bing.com
URL: https://www.bing.com/news
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.73.207.8 -, , ASN (),
Reverse DNS
Software: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash: bc2fafdf3346ba2de5004898e2c58e47182fda26518d240fd1b0628e6329ed1d

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://www.bing.com/

Response headers

content-md5: WjmO2nysm67xmONlqywoRQ==
x-ms-version: 2009-09-19
x-ms-lease-status: unlocked
etag: 0x8DCD8920311AB40
report-to: {"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://aefd.nelreports.net/api/report?cat=bingaotak"}]}
expires: Fri, 13 Dec 2024 18:07:41 GMT
alt-svc: h3=":443"; ma=93600
date: Thu, 12 Dec 2024 11:27:37 GMT
last-modified: Thu, 19 Sep 2024 10:01:20 GMT
content-type: image/png
cache-control: public, no-transform, max-age=110404
timing-allow-origin: *
nel: {"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":1.0}
x-ms-request-id: bd6433ac-501e-0019-698a-177e21000000
access-control-allow-origin: *
content-length: 109
akamai-grn: 0.8d9b3e17.1734002857.12595c32
x-ms-blob-type: BlockBlob
server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0

GET
DATA 200
OK truncated
/ 68 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 643ac89572093a4c907c1af802b3d354453c64d545dc3f1be1ce689046064511

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://www.bing.com/

Response headers

Content-Type: image/png

GET
H2 200 kAwiv9gc4HPfHSU3xUQp2Xqm5wA.png
www.bing.com/rp/ 9 KB
9 KB 35ms
34ms Image
image/png 204.79.197.237

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.bing.com/rp/kAwiv9gc4HPfHSU3xUQp2Xqm5wA.png
Requested by: Host: www.bing.com
URL: https://www.bing.com/news
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 204.79.197.237 -, , ASN (),
Reverse DNS
Software: /
Resource Hash: fbf7fe8197902b32ce2c83f05db73255553c716ac7b084ff1878e617963d0f51

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://www.bing.com/news

Response headers

content-md5: GUexVzkiHrDbJxwd2PleRg==
x-ms-version: 2009-09-19
x-ms-lease-status: unlocked
etag: 0x8DCD89041252B92
report-to: {"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://aefd.nelreports.net/api/report?cat=bingaot"}]}
x-cache: TCP_HIT
date: Thu, 12 Dec 2024 11:27:37 GMT
content-type: image/png
last-modified: Thu, 19 Sep 2024 09:48:45 GMT
cache-control: public, max-age=432000, no-transform, immutable
timing-allow-origin: *
nel: {"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":1.0}
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: ECF3CD0BE0E344029CD4002DB203A72D Ref B: PHL30EDGE0406 Ref C: 2024-12-12T11:27:37Z
cross-origin-resource-policy: cross-origin
x-azure-ref-originshield: Ref A: 04D489707A25424AB9FCA30A72F225E6 Ref B: MNZ221060617027 Ref C: 2024-12-09T01:03:22Z
x-ms-request-id: 9bb40602-501e-0030-35be-490863000000
access-control-allow-origin: *
content-length: 9310
x-ms-blob-type: BlockBlob

GET
DATA 200
OK truncated
/ 42 B
0 Image
image/gif

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://www.bing.com/

Response headers

Content-Type: image/gif

GET
DATA 200
OK truncated
/ 870 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 8061622abf89b3bd1e10227cfee1bd5251a162a66f37778d4bf58c92236d6d07

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://www.bing.com/

Response headers

Content-Type: image/svg+xml

POST partners
ads.msn.com/ 0
0

GET
H2 200 qZeFzs7d4zbqMjvSUX0ww-DN1bY.png
www.bing.com/rp/ 763 B
1 KB 59ms
58ms Image
image/png 204.79.197.237

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.bing.com/rp/qZeFzs7d4zbqMjvSUX0ww-DN1bY.png
Requested by: Host: www.bing.com
URL: https://www.bing.com/news
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 204.79.197.237 -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 37207d17e1cd8c2d8b497e1a76bf14bc1f2e980f6455997fcfb79b24fec4d885

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://www.bing.com/news

Response headers

content-md5: n4UJiOYHnssveuz4xme87A==
x-ms-version: 2009-09-19
x-ms-lease-status: unlocked
etag: 0x8DC8A6F48EC3457
report-to: {"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://aefd.nelreports.net/api/report?cat=bingaot"}]}
x-cache: TCP_HIT
date: Thu, 12 Dec 2024 11:27:37 GMT
content-type: image/png
last-modified: Tue, 11 Jun 2024 23:36:14 GMT
cache-control: public, max-age=432000, no-transform, immutable
timing-allow-origin: *
nel: {"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":1.0}
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: F9B7387FFBBA4813B6B6F3218ABF16B9 Ref B: PHL30EDGE0406 Ref C: 2024-12-12T11:27:37Z
cross-origin-resource-policy: cross-origin
x-azure-ref-originshield: Ref A: DC0E6AF63EDA4F6793A8CF62810DF88B Ref B: MNZ221060617019 Ref C: 2024-12-10T21:07:22Z
x-ms-request-id: cad4ac7d-801e-0039-5d77-4712ed000000
access-control-allow-origin: *
content-length: 763
x-ms-blob-type: BlockBlob

GET
H2 200 ZricD7XDh2XWjN68qgUU8lqqArQ.png
www.bing.com/rp/ 609 B
1 KB 66ms
65ms Image
image/png 204.79.197.237

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.bing.com/rp/ZricD7XDh2XWjN68qgUU8lqqArQ.png
Requested by: Host: www.bing.com
URL: https://www.bing.com/news
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 204.79.197.237 -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 6de3c5d37793237d5cb92df07025e0c1a984b4877d5c344319e34431e5d72fb6

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://www.bing.com/news

Response headers

content-md5: okJzF1AdG2nUU7RcJwVfkw==
x-ms-version: 2009-09-19
x-ms-lease-status: unlocked
etag: 0x8DC8A6F2E621990
report-to: {"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://aefd.nelreports.net/api/report?cat=bingaot"}]}
x-cache: TCP_HIT
date: Thu, 12 Dec 2024 11:27:37 GMT
content-type: image/png
last-modified: Tue, 11 Jun 2024 23:35:30 GMT
cache-control: public, max-age=432000, no-transform, immutable
timing-allow-origin: *
nel: {"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":1.0}
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 104D11B66F704EFE93501902719CFEF3 Ref B: PHL30EDGE0406 Ref C: 2024-12-12T11:27:37Z
cross-origin-resource-policy: cross-origin
x-azure-ref-originshield: Ref A: 7F110829525345AE9BEF1672EBE32697 Ref B: MNZ221060606037 Ref C: 2024-12-08T22:09:05Z
x-ms-request-id: bce83205-101e-003c-7a11-49e692000000
access-control-allow-origin: *
content-length: 609
x-ms-blob-type: BlockBlob

GET
H2 200 oTTencFaM9pqcB0XZcRB3MYB8Uc.png
www.bing.com/rp/ 1 KB
2 KB 62ms
62ms Image
image/png 204.79.197.237

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.bing.com/rp/oTTencFaM9pqcB0XZcRB3MYB8Uc.png
Requested by: Host: www.bing.com
URL: https://www.bing.com/news
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 204.79.197.237 -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 1094a7da6a2b557da2c6e95b3fe8b8139ef925025e08c794ee783086c1564fb0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://www.bing.com/news

Response headers

content-md5: ZjlrjFKiSwoYoT/62f3bxw==
x-ms-version: 2009-09-19
x-ms-lease-status: unlocked
etag: 0x8DCD890BC398146
report-to: {"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://aefd.nelreports.net/api/report?cat=bingaot"}]}
x-cache: TCP_HIT
date: Thu, 12 Dec 2024 11:27:37 GMT
content-type: image/png
last-modified: Thu, 19 Sep 2024 09:52:12 GMT
cache-control: public, max-age=432000, no-transform, immutable
timing-allow-origin: *
nel: {"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":1.0}
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 6668457C964E420882C815BD5B27537B Ref B: PHL30EDGE0406 Ref C: 2024-12-12T11:27:37Z
cross-origin-resource-policy: cross-origin
x-azure-ref-originshield: Ref A: 0E8420B9E12745149F3BB17F7D3C20C9 Ref B: MNZ221060617019 Ref C: 2024-12-09T03:26:55Z
x-ms-request-id: 108ed0f2-c01e-003e-76cc-49e468000000
access-control-allow-origin: *
content-length: 1438
x-ms-blob-type: BlockBlob

OPTIONS partners
ads.msn.com/ 0
0

GET yktrlw8
www.clarity.ms/tag/ 0
0

POST evententry
www.bing.com/news/ 0
0

GET l
www.bing.com/fd/ls/ 0
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: ea.topads-site.com
URL: https://ea.topads-site.com/ps/ps.js?&edg=true&sw=&fullscreen=true&pl=true&pp=false&id=W7-lkuObDEWXzHM4LgqUhA&sm=phn&click_id=83085908d2e17c30e3d82de0289174a2-11246-1212&sub_id=parkdom&appspot=&d=https%3A%2F%2Fea.topads-site.com&timeout=864000&tb=true&nrid=94f6e98d59c5499aa23fc71d588b2cda

Domain: r.bing.com
URL: https://r.bing.com/rp/yG-VKtw9KVp4guUc78vx7p1Xo98.br.js

Domain: ads.msn.com
URL: https://ads.msn.com/partners?ocid=BingNewsBrowse&apikey=pWikTTBJ9kfC1SEMp551YadtWpusjFmtbLaRCzNYGA

Domain: ads.msn.com
URL: https://ads.msn.com/partners?ocid=BingNewsBrowse&apikey=pWikTTBJ9kfC1SEMp551YadtWpusjFmtbLaRCzNYGA

Domain: www.clarity.ms
URL: https://www.clarity.ms/tag/yktrlw8

Domain: www.bing.com
URL: https://www.bing.com/news/evententry?IG=94A357E6923044579DF98FA3DBFBED1A&iid=news.5401

Domain: www.bing.com
URL: https://www.bing.com/fd/ls/l?IG=94A357E6923044579DF98FA3DBFBED1A&CID=31E9B3A8AACE61EA0155A6FBAB0C60BA&TYPE=Event.ClientInst&DATA=%5B%7B%22T%22%3A%22CI.Init%22%2C%22TS%22%3A1734002858130%2C%22Name%22%3A%22Base%22%2C%22FID%22%3A%22CI%22%7D%2C%7B%22T%22%3A%22CI.Info%22%2C%22TS%22%3A1734002858130%2C%22Name%22%3A%220%22%2C%22FID%22%3A%22DM%22%7D%5D

Domain: www.bing.com
URL: https://www.bing.com/fd/ls/l?IG=94A357E6923044579DF98FA3DBFBED1A&CID=31E9B3A8AACE61EA0155A6FBAB0C60BA&TYPE=Event.ClientInst&DATA=%5B%7B%22T%22%3A%22CI.Info%22%2C%22TS%22%3A1734002858131%2C%22Name%22%3A%220%22%2C%22FID%22%3A%22DARKMODE%22%7D%5D

Domain: www.bing.com
URL: https://www.bing.com/fd/ls/l?IG=94A357E6923044579DF98FA3DBFBED1A&CID=31E9B3A8AACE61EA0155A6FBAB0C60BA&Type=Event.ClientInst&DATA=[{%22T%22:%22Info%22,%22FID%22:%22CI%22,%22Name%22:%22ClientDimNotSent%22,%22Text%22:%221%22}]

Domain: www.bing.com
URL: https://www.bing.com/fd/ls/l?IG=94A357E6923044579DF98FA3DBFBED1A&CID=31E9B3A8AACE61EA0155A6FBAB0C60BA&TYPE=Event.ClientInst&DATA=%5B%7B%22width%22%3A%221600%22%2C%22T%22%3A%22CI.Info%22%2C%22TS%22%3A1734002858131%2C%22Name%22%3A%22XW%22%2C%22FID%22%3A%22BRW%22%7D%2C%7B%22height%22%3A%221200%22%2C%22T%22%3A%22CI.Info%22%2C%22TS%22%3A1734002858131%2C%22Name%22%3A%22T%22%2C%22FID%22%3A%22BRH%22%7D%2C%7B%22RawDPR%22%3A%221.0%22%2C%22T%22%3A%22CI.Info%22%2C%22TS%22%3A1734002858134%2C%22Name%22%3A%221.0%22%2C%22FID%22%3A%22DPR%22%7D%2C%7B%22T%22%3A%22CI.EventEntry%22%2C%22TS%22%3A1734002858136%2C%22Name%22%3A%22https%3A%2F%2Fwww.msn.com%2Fen-us%2Fnews%2Fcrime%2Funitedhealthcare-ceo-killing-latest-fingerprints-gun-tied-to-scene-of-killing%2Far-AA1vJesk%22%2C%22FID%22%3A%22Fetch%22%7D%2C%7B%22T%22%3A%22CI.EventEntry%22%2C%22TS%22%3A1734002858136%2C%22Name%22%3A%22https%3A%2F%2Fwww.msn.com%2Fen-us%2Fnews%2Fpolitics%2Fgreat-day-for-america-trump-lauds-chris-wray-resigning-as-fbi-director%2Far-AA1vGJop%22%2C%22FID%22%3A%22Fetch%22%7D%2C%7B%22T%22%3A%22CI.EventEntry%22%2C%22TS%22%3A1734002858137%2C%22Name%22%3A%22https%3A%2F%2Fwww.msn.com%2Fen-us%2Fnews%2Fpolitics%2Fbiden-to-commute-sentences-of-around-1500-people%2Far-AA1vJku8%22%2C%22FID%22%3A%22Fetch%22%7D%2C%7B%22T%22%3A%22CI.EventEntry%22%2C%22TS%22%3A1734002858137%2C%22Name%22%3A%22https%3A%2F%2Fwww.msn.com%2Fen-us%2Fnews%2Fworld%2Fafter-assad-flees-to-moscow-a-look-at-how-other-dictators-lived-in-exile%2Far-AA1vIe6O%22%2C%22FID%22%3A%22Fetch%22%7D%2C%7B%22T%22%3A%22CI.EventEntry%22%2C%22TS%22%3A1734002858137%2C%22Name%22%3A%22https%3A%2F%2Fwww.msn.com%2Fen-us%2Fweather%2Ftopstories%2Fdangerously-cold-winter-weather-is-back-in-forecast-snow-for-the-great-lakes%2Far-AA1vJ6BE%22%2C%22FID%22%3A%22Fetch%22%7D%2C%7B%22T%22%3A%22CI.EventEntry%22%2C%22TS%22%3A1734002858137%2C%22Name%22%3A%22https%3A%2F%2Fwww.msn.com%2Fen-us%2Fmusic%2Fnews%2Fselena-gomez-announces-engagement-to-boyfriend-benny-blanco%2Far-AA1vJf7z%22%2C%22FID%22%3A%22Fetch%22%7D%5D

Verdicts & Comments Add Verdict or Comment

0 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

9 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
recruiteasegithub.com/	1970-01-21 01:40:06	Name: mtm_delivered Value: ""
.main.proffering.xyz/	1970-01-21 01:41:29	Name: 15GUILo Value: 1
.main.proffering.xyz/	1970-01-21 01:41:29	Name: pc-cid Value: 83085908d2e17c30e3d82de0289174a2-11246-1212
.main.proffering.xyz/	1970-01-21 01:41:29	Name: pc-campaign Value: 15GUIL
.main.proffering.xyz/	1969-12-31 23:59:59	Name: pc-linf Value:
qwfuu.altaircastor.com/	1970-01-21 01:45:48	Name: W7-lkuObDEWXzHM4LgqUhA Value: 19
qwfuu.altaircastor.com/	1970-01-21 11:16:02	Name: __pl Value: 957ce30c-3e9d-4f99-8b9d-ee6e82530006
qwfuu.altaircastor.com/	1970-01-21 01:40:06	Name: __cap Value: 1
qwfuu.topads-site.com/	1970-01-21 11:16:02	Name: __psu Value: 4b41e291-57d5-4a23-abe8-6bdbadb30d12

1 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
rendering	warning	URL: https://ernus-dop.com/zclkvisitor/123f2b82-b87c-11ef-9c33-0affca48d617/f8472a30-a5e5-11ec-9226-0a76dcc61f13?campaignid=201c7200-9877-11ef-a47d-12832fc4c381 Message: [GroupMarkerNotSet(crbug.com/242999)!:A030B60B3C240000]Automatic fallback to software WebGL has been deprecated. Please use the --enable-unsafe-swiftshader flag to opt in to lower security guarantees for trusted content.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ads.msn.com
ea.topads-site.com
ernus-dop.com
main.proffering.xyz
qwfuu.altaircastor.com
qwfuu.topads-site.com
r.bing.com
recruiteasegithub.com
www.bing.com
www.clarity.ms
www.gstatic.com
ads.msn.com
ea.topads-site.com
r.bing.com
www.bing.com
www.clarity.ms
104.21.19.248
142.251.111.94
147.182.253.216
172.67.186.42
172.67.190.135
204.79.197.237
23.73.207.8
54.82.7.206
96.126.123.244
00c76fb178880f41a1ff4c7c4bfaa04efac4b87017ff566bf1b02911bb0e3cea
02735ca0389ca4b14f0eb6b4bd53d279887af449269a349e3bb8e09b1de1f212
02f6e697a3aab3be32f5fb28488862bf9ed344b4d60ccdf85cd1e244ff285c62
098b2a4c2b05fc238c6eae8654ea2a3bc9d5fac7c59cb420242d405fcc83ed47
0a6af207f11b2c723d038ee5744976820f07d77b8852912fe131a168b9053ba4
1094a7da6a2b557da2c6e95b3fe8b8139ef925025e08c794ee783086c1564fb0
136174c78895bf883ae8f1c5c29edfddec790a9a8010e0e81f575a879853234f
1824cd327adc006e13218157aa28338d22249c3b2a7fcfa090072b8dfdf08a87
21f1d62f222007068c793f0947d98f4ccb7c1595adb68efeb783390fdd8b5522
256ceba5cf33fff981740dfab07c3f60eb530b2cc9f04d54f223ebcc23bf28ad
34a3bc9a7aee67e35d57d4bb0bdccf08c3639da85d2421c58f6c4a92f5eee5e1
350f1f402cbef880c0609948ef9c67d90bf7ec4a9ad1e48cbbd81b43becdfafd
365cf48e36e1667f98d80222ce3321848e72edeba9c5b00bce55ca0b67b3cb1d
37207d17e1cd8c2d8b497e1a76bf14bc1f2e980f6455997fcfb79b24fec4d885
44d3bf237a20f5d36a663aedd4a909a6118e6e35d6fe84971861f5638c070ecd
49ed9b1e7e3fe88fb51a8a4c1adc5d3c24cb11f7363bd02e294fb732758edb21
4dfd0b2d52804141be5bbbbc300b9e8d1960adcac6654463d3d65e670389fe23
4fad6c5d1cd5bdb7eea1b216774e831a6e59a11ddcc8b0881747a4d278d86940
525fa9e3b57abee5ed411c5eba2f74dff25d2591bbc142a976de1604e2502d9e
55fddecdb3ed8e536018523555d995f39f85304bbc00f65ab96472236b57a49a
5d2608184f84dcd22c2cb7fac0df880ab1c4bd93651cb92975ae82f2f2ffad1d
5d4408762f9d1774f06dabc68534482080329ec4d0b9a6c342a4435a7930dcd7
626b570f2ffdf83add77f51246ccb195fec4c15e4289173b8183cd47e7cfd763
643ac89572093a4c907c1af802b3d354453c64d545dc3f1be1ce689046064511
6de3c5d37793237d5cb92df07025e0c1a984b4877d5c344319e34431e5d72fb6
6e1e474a8fc326cd06593e0c1a55d0e73126ada3bf169713b847e82d28646773
7470d7c71dbbb187ded55633e04ac0fd5e869063f08a87f779d8c02f591b40a5
7482cf4d44518772564144cead954c6bce6aeb83c6339205100bc718145228c6
7d34981ae96a17840db7ae4b69eed2827d0bb07b7ce97ca7ac2ef8c4fabf8f5b
8061622abf89b3bd1e10227cfee1bd5251a162a66f37778d4bf58c92236d6d07
8f12b9c5d41f11b0254d36cb7bb4a0ec2f0bd98bf36629fdea15df5ac6fa1fc4
8fe7a1ca687ce722902004dae991d26544e415043eac429d4cc153611712df16
91e49d7515621ec468b306acccd36598c3bc072e4335841d4a30b1755a511c9d
91fbb7d307f495a8d7343723c31b4b0eff5d1502bf995e3ed5da309195ac31fe
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12
9ac26c57f1e48c5b356a06e07eb7573bcd342a6a171b7d4ccf48b30cc67c6c07
9ee7f1aecdeb64f4ce54c5d0b7ea3d92b2e9d06a7f9cb7b793e39262cda05996
a1780e44232fadff6973814489b2103c65b1a4a5a844e52ac3e8c7aa6e7642f2
a202b2051ea9810cd9ba592b3f9418a89e2062f5c185e29e288080b28eb64fe5
a6e0450ca5ec912352d6c99c13658c16879e002a10f8dbfb49ab0e8b5d5a10c9
a77b6918c2799981aa1a09fc5f787ff109883093f2efd28beaf79031f5a8ac02
af0bb8b7a4d64839b86f8ee7fd4c1e9e0cd914e00e73006921ebace3cdc24047
af744c0b109bdc2152dc85939ba17b05c44ac4774fbbc19fb936551ca022371f
b0fe8ace388ec8556bcdd46cd30a03ddaadcf80d124e9052f2a19a27061829f7
b43ef171c22c73c4c2644ee0b8094997496c3b7e7886deb93380ac5fa975a8fd
b5fb3a9ee3ffe8046169392db3afb4c04161a39a7bb45d35effa20f34925f879
b7a51e49350ca3bb67cc72d2cd3c6facea93a9ab9040399718f7336efe3e2503
bb28cfd9873c40f78c54fb1fecba4d12205f9136757fb8953d73b4be3d2656bf
bc2fafdf3346ba2de5004898e2c58e47182fda26518d240fd1b0628e6329ed1d
bfa510c4b10dcd3c82b78bebe5a955e3b9a04565a46a3d5df27024af2e547668
c336ef4f4bdcd30e14778115c208f64423618e2c0ea8dbe9128db5861f88536c
c46c955ff315766d3f9454fae48c7043233a2490689086c8613dbb37bca8fc46
c66cf10a2e1ee46e56380c7d98d59a42a87e0317a283c63b389643710de56f56
cd2332792852c2a4c36d68e5eca29051c31d1644d61646b691615aa6ceeaa49e
d76ecb81344f3a4db0bc3e6c3dd82052e7d8af51d876ed70e5462a93bda28b68
d8f63a2b6f611cb810b052ce1506897d3853de261b55e05fdb2cb1f27e10b691
deaddba93625d2c7610076927fcd37afadad9324ca3210a2bb12784d313dd788
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e7547c638fcf80efaf78ad599a3c81598071b8bab934f288d8792968f39f7838
e9de09f269bed108c6c88f6f5f0650db1547a23e6f180b5fd212869cd7b4990c
edb8c2bdc0f5612a5bf789af233ccaa63dd3751fbfaffb01be48e6e43e78b0bc
f71320d61eb339fdb7b5d20249d4f6aa6e37e22e618dc83e8459da1db3f79483
f98b22d07cb47175205b82d6d2a60409799180788712f097facbe2cdfffc6a28
fbf7fe8197902b32ce2c83f05db73255553c716ac7b084ff1878e617963d0f51
feb49e3d43801ac861845a7baa9a6459795776125b9aeae5edc3417d75f4ed59
ff833cd09b4244a8bf3ebb9694650b27d9a980dd15d6069f19b6e413232d254a

www.bing.com Open in urlscan Pro 204.79.197.237 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page URL History Show full URLs

Detected technologies

Page Statistics

113 Requests

91 %HTTPS

0 %IPv6

9 Domains

11 Subdomains

8 IPs

2 Countries

1130 kBTransfer

2330 kBSize

9 Cookies

0 Outgoing links

Page URL History

Redirected requests

113 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 27 data transactions

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

www.bing.com Open in urlscan Pro
204.79.197.237 Public Scan

Screenshot
Live screenshot

Full Image

113
Requests

91 %
HTTPS

0 %
IPv6

9
Domains

11
Subdomains

8
IPs

2
Countries

1130 kB
Transfer

2330 kB
Size

9
Cookies

113 HTTP transactions
27 data transactions