urlscan.io logo urlscan.io
SecurityTrails logo

www.1guy2slugs.com Open in urlscan Pro
188.114.97.3  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://1guy2slugs.com/
Effective URL: https://www.1guy2slugs.com/
Submission: On December 24 via manual from US — Scanned from NL
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 22 IPs in 5 countries across 21 domains to perform 60 HTTP transactions. The main IP is 188.114.97.3, located in Amsterdam, Netherlands and belongs to CLOUDFLARENET, US. The main domain is www.1guy2slugs.com.
TLS certificate: Issued by WE1 on December 24th 2024. Valid for: 3 months.
This is the only time www.1guy2slugs.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 19 188.114.97.3 13335 (CLOUDFLAR...)
2 104.18.11.207 13335 (CLOUDFLAR...)
2 216.58.212.138 15169 (GOOGLE)
1 54.230.228.32 16509 (AMAZON-02)
1 11 94.242.247.24 7979 (SERVERS-COM)
1 157.245.14.184 14061 (DIGITALOC...)
1 104.17.24.14 13335 (CLOUDFLAR...)
1 142.250.184.200 15169 (GOOGLE)
1 172.67.194.119 13335 (CLOUDFLAR...)
1 104.21.9.70 13335 (CLOUDFLAR...)
3 172.217.18.3 15169 (GOOGLE)
1 188.114.96.3 13335 (CLOUDFLAR...)
1 18.173.187.86 16509 (AMAZON-02)
1 52.29.92.241 16509 (AMAZON-02)
1 216.239.34.36 15169 (GOOGLE)
2 216.58.206.67 15169 (GOOGLE)
1 1 212.117.190.217 7979 (SERVERS-COM)
1 104.21.35.62 13335 (CLOUDFLAR...)
1 104.18.14.39 13335 (CLOUDFLAR...)
1 18.173.154.12 16509 (AMAZON-02)
4 18.66.192.120 16509 (AMAZON-02)
1 1 104.21.24.29 13335 (CLOUDFLAR...)
1 104.26.2.30 13335 (CLOUDFLAR...)
60 22
19    188.114.97.3 (Amsterdam, Netherlands)

ASN13335 (CLOUDFLARENET, US)
1guy2slugs.com
www.1guy2slugs.com
zctyu.ajscdn.com
2    104.18.11.207 (None, )

ASN13335 (CLOUDFLARENET, US)
maxcdn.bootstrapcdn.com
2    216.58.212.138 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s46-in-f10.1e100.net
fonts.googleapis.com
1    54.230.228.32 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-54-230-228-32.muc50.r.cloudfront.net
platform-api.sharethis.com
11    94.242.247.24 (Luxembourg)

ASN7979 (SERVERS-COM, US)
bankingbloatedcaptive.com
shakingtacklingunpeeled.com
1    157.245.14.184 (Clifton, United States)

ASN14061 (DIGITALOCEAN-ASN, US)
PTR: 1261651.cloudwaysapps.com
personaserver.com
1    104.17.24.14 (None, )

ASN13335 (CLOUDFLARENET, US)
cdnjs.cloudflare.com
1    142.250.184.200 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s11-in-f8.1e100.net
www.googletagmanager.com
1    172.67.194.119 (United States)

ASN13335 (CLOUDFLARENET, US)
zctyu.nxt-psh.com
1    104.21.9.70 (None, )

ASN13335 (CLOUDFLARENET, US)
zctyu.ujscdn.com
3    172.217.18.3 (United States)

ASN15169 (GOOGLE, US)
PTR: fra02s19-in-f3.1e100.net
fonts.gstatic.com
1    188.114.96.3 (Amsterdam, Netherlands)

ASN13335 (CLOUDFLARENET, US)
zctyu.ext-jscdn.com
1    18.173.187.86 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-173-187-86.muc50.r.cloudfront.net
buttons-config.sharethis.com
1    52.29.92.241 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-29-92-241.eu-central-1.compute.amazonaws.com
l.sharethis.com
1    216.239.34.36 (United States)

ASN15169 (GOOGLE, US)
region1.google-analytics.com
2    216.58.206.67 (United States)

ASN15169 (GOOGLE, US)
PTR: lhr35s11-in-f3.1e100.net
www.gstatic.com
1    212.117.190.217 (Luxembourg, Luxembourg)

ASN7979 (SERVERS-COM, US)
coosync.com
1    104.21.35.62 (None, )

ASN13335 (CLOUDFLARENET, US)
cdn.bncloudfl.com
1    104.18.14.39 (None, )

ASN13335 (CLOUDFLARENET, US)
playhubconnect.com
1    18.173.154.12 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-173-154-12.muc50.r.cloudfront.net
count-server.sharethis.com
4    18.66.192.120 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-192-120.muc50.r.cloudfront.net
platform-cdn.sharethis.com
1    104.21.24.29 (None, )

ASN13335 (CLOUDFLARENET, US)
img.bnrtrk.com
1    104.26.2.30 (None, )

ASN13335 (CLOUDFLARENET, US)
static.imghst-de.com
Apex Domain
Subdomains		 Transfer
17 1guy2slugs.com
1guy2slugs.com
www.1guy2slugs.com
204 KB
8 sharethis.com
platform-api.sharethis.com — Cisco Umbrella Rank: 5010
buttons-config.sharethis.com — Cisco Umbrella Rank: 5845
l.sharethis.com — Cisco Umbrella Rank: 5470
count-server.sharethis.com — Cisco Umbrella Rank: 12129
platform-cdn.sharethis.com — Cisco Umbrella Rank: 10787
52 KB
6 shakingtacklingunpeeled.com
shakingtacklingunpeeled.com — Cisco Umbrella Rank: 46067
63 KB
5 gstatic.com
fonts.gstatic.com
www.gstatic.com
102 KB
5 bankingbloatedcaptive.com
bankingbloatedcaptive.com — Cisco Umbrella Rank: 50151
63 KB
2 ajscdn.com
zctyu.ajscdn.com
3 KB
2 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 29
2 KB
2 bootstrapcdn.com
maxcdn.bootstrapcdn.com — Cisco Umbrella Rank: 1255
88 KB
1 imghst-de.com
static.imghst-de.com — Cisco Umbrella Rank: 13122
3 KB
1 bnrtrk.com
img.bnrtrk.com
807 B
1 playhubconnect.com
playhubconnect.com — Cisco Umbrella Rank: 33204
930 KB
1 bncloudfl.com
cdn.bncloudfl.com — Cisco Umbrella Rank: 20989
128 KB
1 coosync.com
coosync.com — Cisco Umbrella Rank: 24550
522 B
1 google-analytics.com
region1.google-analytics.com — Cisco Umbrella Rank: 3353
1 ext-jscdn.com
zctyu.ext-jscdn.com
1 KB
1 ujscdn.com
zctyu.ujscdn.com
12 KB
1 nxt-psh.com
zctyu.nxt-psh.com
14 KB
1 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 39
108 KB
1 cloudflare.com
cdnjs.cloudflare.com — Cisco Umbrella Rank: 225
2 KB
1 personaserver.com
personaserver.com
2 KB
0 Failed
function sub() { [native code] }. Failed
60 21
Domain Requested by
16 www.1guy2slugs.com www.1guy2slugs.com
6 shakingtacklingunpeeled.com 1 redirects www.1guy2slugs.com
shakingtacklingunpeeled.com
5 bankingbloatedcaptive.com www.1guy2slugs.com
bankingbloatedcaptive.com
4 platform-cdn.sharethis.com
3 fonts.gstatic.com fonts.googleapis.com
2 zctyu.ajscdn.com zctyu.ujscdn.com
2 www.gstatic.com zctyu.nxt-psh.com
2 fonts.googleapis.com www.1guy2slugs.com
2 maxcdn.bootstrapcdn.com www.1guy2slugs.com
maxcdn.bootstrapcdn.com
1 static.imghst-de.com
1 img.bnrtrk.com 1 redirects
1 count-server.sharethis.com platform-api.sharethis.com
1 playhubconnect.com www.1guy2slugs.com
1 cdn.bncloudfl.com www.1guy2slugs.com
1 coosync.com 1 redirects
1 region1.google-analytics.com www.googletagmanager.com
1 l.sharethis.com platform-api.sharethis.com
1 buttons-config.sharethis.com platform-api.sharethis.com
1 zctyu.ext-jscdn.com zctyu.nxt-psh.com
1 zctyu.ujscdn.com www.1guy2slugs.com
1 zctyu.nxt-psh.com www.1guy2slugs.com
1 www.googletagmanager.com www.1guy2slugs.com
1 cdnjs.cloudflare.com www.1guy2slugs.com
1 personaserver.com www.1guy2slugs.com
personaserver.com
1 platform-api.sharethis.com www.1guy2slugs.com
1 1guy2slugs.com 1 redirects
0 invalid Failed bankingbloatedcaptive.com
shakingtacklingunpeeled.com
60 27
Subject Issuer Validity Valid
1guy2slugs.com
WE1		 2024-12-24 -
2025-03-24		 3 months crt.sh
bootstrapcdn.com
WE1		 2024-11-18 -
2025-02-16		 3 months crt.sh
upload.video.google.com
WR2		 2024-12-02 -
2025-02-24		 3 months crt.sh
sharethis.com
Amazon RSA 2048 M03		 2024-04-19 -
2025-05-17		 a year crt.sh

Buypass Class 2 CA 5		 2024-09-20 -
2025-03-18		 6 months crt.sh
personaserver.com
R10		 2024-12-17 -
2025-03-17		 3 months crt.sh
cdnjs.cloudflare.com
WE1		 2024-11-26 -
2025-02-24		 3 months crt.sh
*.google-analytics.com
WR2		 2024-12-02 -
2025-02-24		 3 months crt.sh
nxt-psh.com
WE1		 2024-12-08 -
2025-03-08		 3 months crt.sh
ujscdn.com
WE1		 2024-12-07 -
2025-03-07		 3 months crt.sh
*.gstatic.com
WR2		 2024-12-02 -
2025-02-24		 3 months crt.sh
ext-jscdn.com
WE1		 2024-12-16 -
2025-03-16		 3 months crt.sh
cdn.bncloudfl.com
WE1		 2024-12-20 -
2025-03-20		 3 months crt.sh
playhubconnect.com
WE1		 2024-11-23 -
2025-02-21		 3 months crt.sh
ajscdn.com
WE1		 2024-11-23 -
2025-02-21		 3 months crt.sh

This page contains 7 frames:

Primary Page: https://www.1guy2slugs.com/
Frame ID: 45162BDD2A65B2C769BEBCAB401B3D1A
Requests: 56 HTTP requests in this frame

Frame: https://bankingbloatedcaptive.com/check.html
Frame ID: EA5589594569633423625236604FF0C5
Requests: 1 HTTP requests in this frame

Frame: https://shakingtacklingunpeeled.com/check.html
Frame ID: 894C8AE997C6268EDA4AE71FA4B8AD7F
Requests: 1 HTTP requests in this frame

Frame: https://shakingtacklingunpeeled.com/sn/ps/2045745?freq=0&im=1&pid=__clb-2045745_1&puid=0&so=1&wcks=1
Frame ID: CAD5C61B300EB5DB591AC85843FD6360
Requests: 1 HTTP requests in this frame

Frame: https://cdn.bncloudfl.com/bn/f62/b4e/976/f62b4e9764dc8773e43ebe6953f765d5c8909ef0.gif
Frame ID: C6AE34B6871C2F5369DFBF8A3EFCBD0F
Requests: 2 HTTP requests in this frame

Frame: https://playhubconnect.com/bn/cdd/1f3/68f/cdd1f368fbb21f7501938076b93a2c1bf45e1c8e.mp4
Frame ID: EFE678AAC907FC51DEC314FD06985D6B
Requests: 3 HTTP requests in this frame

Frame: https://static.imghst-de.com/26e95e80-c46d-4a2c-b65d-88b78bc43d06.png
Frame ID: AC0A7109E9439FC1D6C270C450A713FD
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

1 Guy 2 Slugs | Nobody loves slugs more than this guy!

Page URL History Show full URLs

  1. http://1guy2slugs.com/ HTTP 307
    https://1guy2slugs.com/ HTTP 301
    https://www.1guy2slugs.com/ Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • /firebasejs/([\d.]+)/firebase
Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]*?bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.css
  • bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js
Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]+(?:([\d.]+)/)?(?:css/)?font-awesome(?:\.min)?\.css
  • <link[^>]* href=[^>]*?(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
  • (?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
Overall confidence: 100%
Detected patterns
Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com
Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtag/js
Overall confidence: 100%
Detected patterns
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

60
Requests

90 %
HTTPS

0 %
IPv6

21
Domains

27
Subdomains

22
IPs

5
Countries

1775 kB
Transfer

2781 kB
Size

30
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://1guy2slugs.com/ HTTP 307
    https://1guy2slugs.com/ HTTP 301
    https://www.1guy2slugs.com/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 48
  • https://shakingtacklingunpeeled.com/sn/pr/2045745?zoneid=2045745&jp=_cl11s398bjtspi4f36omed&nojs=0&abvar=0&febuild=1.0.448&t=0&wcks=1&wgl=1&cnvs=1&os=-60&tz=Europe/Amsterdam&ss=1&ls=1&bb=0&cti=0&fn=3&es=14&ge=2&th=TVQ4BX2xe9UGUHgFwa9KB&plu=PDF%20Viewer::Chrome%20PDF%20Viewer::Chromium%20PDF%20Viewer::Microsoft%20Edge%20PDF%20Viewer::WebKit%20built-in%20PDF&lang=nl-NL&pf=Linux%20x86_64&cd=24&vcv=Intel%20Inc.&vcn=Intel%20Iris%20OpenGL%20Engine&ix=0&x=1600&y=1200&md=0&psu=2zVaDCpaHR0cHM6Ly93d3cuMWd1eTJzbHVncy5jb20v&afid=6306159366327296&dl=10&rtt=100&eclog=0&snc=0&ssc=0&vp=0&im=1&cha=&chb=&chm=false&chmd=&chp=&chv=&de=0&cs=5&bp=1&pid=__clb-2045745_1&freq=0&uf=0 HTTP 302
  • https://coosync.com/sn/c?zoneid=2045745&pid=__clb-2045745_1&freq=0&srp=gcUy7D3TaNHM--YbTjOSQfdFdhuUfexsh0bRJMDioHQmsP263xK8Q1cpYPEmE_4I7dbS1MGPlcOTUUcFq8GtV7NLdrgjIYccakYGZiWOowTo_Vmoh0uCk8keNkE5mA==&im=1&wcks=1 HTTP 302
  • https://shakingtacklingunpeeled.com/sn/ps/2045745?freq=0&im=1&pid=__clb-2045745_1&puid=0&so=1&wcks=1
Request Chain 64
  • https://img.bnrtrk.com/trk?s1=QgmRxgdbtwnpndqnSGfpWmMRrEKOqWLskp48lKDmHruXGdS0dKLbuFuTDA1xbtrZAhI1jYvI26Tg%2FmS50AapgASWAejMDsTKeqrcePaFMa0%2FgSthfYlmby91mIGJTFnvhnscntT0gQHISKp%2FtBwwf0LO7e4sRxacXcGvh3nCEiIuoxHCQKQwk6V%2BeL5iLrd8FYZB7NESxqteBsB1OcrCLL7jq%2Fia3A2RjvxR2H1coEbmnbZh9ThsTcdD3p%2BjCq3Ewd7Tdi80KlCCVwqiRL2LyvMv60H1cF0rNWs66%2BcBgyDZOTTNBe7HLhtdZxcrqWQ4CoQtSfgcKGLMUEne15GLmZrzhib6YiA%2F9zedGqiepfCgdUrD2JWgrbfNmus6sA4SANCGE12PI%2B1ealF6JlYtFDNC2N9GqfzYVF68Y%2BLAYY1Jo3vYj%2BvXNdagq5dhsUs3ZW3ZNwCVKzFKBXfls86GV48fapv0ucvc6qLeoI0hk3B1Hl4i5xdvLYYKw%2FF4A%2B8V%2F4HX2Oo%2FI7XOTvix4hMbvDusvJ8fMf3uFyfI0VjIJGA%2BLcdOf%2FES7AF0D7DSw35oDYz2Nkubwz8cT%2BvyxgjWFh1uWXxxvbEyNRou3f%2BFN8QpWIBnS2xmIyAWr%2BqDjnPHAiscBWLG4WHjamjo6pj4TTxxM3E9WGkBVKgS5AsLdwJc5ZcDmsTG942708Ql006gJ3kX2d5bbxBtTG%2B4QSCBxcIrKgXT&type=1&brid=PB08-0HN7THBI1TKHTEE8R&nrid=2595015348ab83bcb17d23735505b7e3 HTTP 302
  • https://static.imghst-de.com/26e95e80-c46d-4a2c-b65d-88b78bc43d06.png

60 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
www.1guy2slugs.com/
Redirect Chain
  • http://1guy2slugs.com/
  • https://1guy2slugs.com/
  • https://www.1guy2slugs.com/
33 KB
9 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.1guy2slugs.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9837fd1dd3b89ca722cfcfb0f9ad9a1f52cf2d142a971465fb0a068350617e8d

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

age
1283
alt-svc
h3=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
8f739e68a93a18ff-FRA
content-encoding
zstd
content-type
text/html
date
Tue, 24 Dec 2024 21:17:33 GMT
last-modified
Fri, 29 Nov 2024 16:39:27 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
priority
u=0,i
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=mUzeaG%2BGkWXms3hVT6BMQKM5wjxV2VDjcfwVwdX6DViPYWZRBK2v94%2F%2BpqFnTt8sQ%2Fbl5I4chOQ5gaaSoDTNf7fukgohJosO36%2B%2B2YHNIQYV%2Bk8mrx%2BE9RAJrUY4MC86wLJTsMA%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
server-timing
cfL4;desc="?proto=QUIC&rtt=35754&min_rtt=33352&rtt_var=7022&sent=15&recv=13&lost=0&retrans=0&sent_bytes=5246&recv_bytes=4970&delivery_rate=488&cwnd=12000&unsent_bytes=0&cid=ca02f33bcf2c1164&ts=630&x=1" cfExtPri cfHdrFlush;dur=0
vary
Accept-Encoding
x-cache
HIT

Redirect headers

age
0
alt-svc
h3=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
8f739e669ff918ff-FRA
content-type
text/html; charset=iso-8859-1
date
Tue, 24 Dec 2024 21:17:32 GMT
location
https://www.1guy2slugs.com/
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
priority
u=0,i
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=sM2WAeAhXY5q%2BfxArCMq18PEuxrTNVzSr%2F%2FyaVnrwGUQL971NXrpAAKSKjCpYMq3K3qIb%2BFbcIvsvJHwGZ8QfrpkvAZXMuRqBn%2BbERkzu81G9qrKBTVksznZVW3%2Bcnd2dw%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
server-timing
cfL4;desc="?proto=QUIC&rtt=33763&min_rtt=33352&rtt_var=5580&sent=12&recv=10&lost=0&retrans=0&sent_bytes=4151&recv_bytes=4487&delivery_rate=474&cwnd=12000&unsent_bytes=0&cid=ca02f33bcf2c1164&ts=311&x=1" cfExtPri cfHdrFlush;dur=0
x-cache
MISS
bootstrap.min.css
www.1guy2slugs.com/css/ 		126 KB
21 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.1guy2slugs.com/css/bootstrap.min.css
Requested by
Host: www.1guy2slugs.com
URL: https://www.1guy2slugs.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0dc3d97540a131d5c0ac6ce076638161ba4f4cb087f0a6a1bd99b7f28055fb3e

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.1guy2slugs.com/

Response headers

content-encoding
gzip
cf-cache-status
HIT
etag
W/"663a7e78-1f68a"
age
6146504
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=vh26uJ0oFhwezBG4Tda%2F5TKWX7uIaB%2BCRdq%2Bt%2B%2FkpjnpxPusFksu8QOZ2DynO2xb4vxhVTAzQnYcdxeDJjibg8fWpEfR9xtnDiCz%2FKVhlROPfR8PI9BZBLzPVKo4yKw8AAX9hrM%3D"}],"group":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=36090&min_rtt=33352&rtt_var=5122&sent=26&recv=22&lost=0&retrans=0&sent_bytes=16317&recv_bytes=6779&delivery_rate=296556&cwnd=12000&unsent_bytes=0&cid=ca02f33bcf2c1164&ts=686&x=1", cfExtPri, cfHdrFlush;dur=0
date
Tue, 24 Dec 2024 21:17:33 GMT
content-type
text/css
last-modified
Tue, 07 May 2024 19:18:16 GMT
vary
Accept-Encoding
priority
u=0,i=?0
cache-control
public, max-age=31536000
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
8f739e6a9a9c18ff-FRA
server
cloudflare
freelancer.css
www.1guy2slugs.com/css/ 		8 KB
3 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.1guy2slugs.com/css/freelancer.css
Requested by
Host: www.1guy2slugs.com
URL: https://www.1guy2slugs.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c44ecd29e64831e87b0e5e0c6ece9da64d647e7578974e1f0555fb771fe2a3de

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.1guy2slugs.com/

Response headers

content-encoding
gzip
cf-cache-status
HIT
etag
W/"663a7e78-215d"
age
6046682
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=VNimyyc5EW7jC0f%2FFA%2Fix9FLY6L8Hi1H8TBE9rJl38wrjJYif2F5Jw5b0EOWAAZR5L2GFp5ckv0OEV6jQ2JLpnXAU%2F4qfp5hMhB4Ts9etn90VXZVNO0EXncfLDA%2BxJD8rzc6DDY%3D"}],"group":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=36090&min_rtt=33352&rtt_var=5122&sent=36&recv=22&lost=0&retrans=0&sent_bytes=27184&recv_bytes=6779&delivery_rate=296556&cwnd=12000&unsent_bytes=0&cid=ca02f33bcf2c1164&ts=688&x=1", cfExtPri, cfHdrFlush;dur=31
date
Tue, 24 Dec 2024 21:17:33 GMT
content-type
text/css
last-modified
Tue, 07 May 2024 19:18:16 GMT
vary
Accept-Encoding
priority
u=0,i=?0
cache-control
public, max-age=31536000
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
8f739e6a9a9e18ff-FRA
server
cloudflare
vid.css
www.1guy2slugs.com/css/ 		231 B
830 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.1guy2slugs.com/css/vid.css
Requested by
Host: www.1guy2slugs.com
URL: https://www.1guy2slugs.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b6b5c046ce4835b4ac07d28739436bcc80b7afd8fb93c7838a8ea7b34d0f02e4

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.1guy2slugs.com/

Response headers

content-encoding
gzip
cf-cache-status
HIT
etag
W/"663a7e79-e7"
age
6046682
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=T3qeMEwBnJJHvbYD9hDgEu6hIa6LuCKyxCKSmPz8cSgPYwc02%2BsW%2B3H2Rrmn7xispz%2Fn3X0QSHreABtvCPq0QBjoAjOTAMhmDpOcJi%2FE0VNvqCJhiQ8Unh5GJYtiZp5n8V2Penk%3D"}],"group":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=36090&min_rtt=33352&rtt_var=5122&sent=36&recv=22&lost=0&retrans=0&sent_bytes=27184&recv_bytes=6779&delivery_rate=296556&cwnd=12000&unsent_bytes=0&cid=ca02f33bcf2c1164&ts=686&x=1", cfExtPri, cfHdrFlush;dur=33
date
Tue, 24 Dec 2024 21:17:33 GMT
content-type
text/css
last-modified
Tue, 07 May 2024 19:18:17 GMT
vary
Accept-Encoding
priority
u=0,i=?0
cache-control
public, max-age=31536000
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
8f739e6a9a9f18ff-FRA
server
cloudflare
font-awesome.min.css
maxcdn.bootstrapcdn.com/font-awesome/4.1.0/css/ 		20 KB
5 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://maxcdn.bootstrapcdn.com/font-awesome/4.1.0/css/font-awesome.min.css
Requested by
Host: www.1guy2slugs.com
URL: https://www.1guy2slugs.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.11.207 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b769324e0921f9f649611113e65f528ebae5e140da8a7e63c5d6ea7bc7a33bc0
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.1guy2slugs.com/

Response headers

cdn-status
200
content-encoding
br
cf-cache-status
HIT
etag
"bbfef9385083d307ad2692c0cf99f611"
age
2318375
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=86400
server-timing
cfExtPri
date
Tue, 24 Dec 2024 21:17:33 GMT
last-modified
Mon, 25 Jan 2021 22:04:53 GMT
content-type
text/css; charset=utf-8
vary
Accept-Encoding
cdn-cache
HIT
cdn-cachedat
09/24/2024 08:54:47
cdn-requestpullcode
200
priority
u=0,i=?0
strict-transport-security
max-age=31536000; includeSubDomains; preload
cache-control
public, max-age=31919000
cdn-requestpullsuccess
True
timing-allow-origin
*
cdn-requesttime
0
cdn-uid
b1941f61-b576-4f40-80de-5677acb38f74
cdn-requestid
fa1e3655f963e1d38f1f5a902ab9ed37
cross-origin-resource-policy
cross-origin
cdn-pullzone
252412
cdn-proxyver
1.04
cf-ray
8f739e6ad969bbb6-FRA
access-control-allow-origin
*
cdn-edgestorageid
718
server
cloudflare
cdn-requestcountrycode
US
css
fonts.googleapis.com/ 		4 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Montserrat:400,700&display=swap
Requested by
Host: www.1guy2slugs.com
URL: https://www.1guy2slugs.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
216.58.212.138 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s46-in-f10.1e100.net
Software
ESF /
Resource Hash
9c143b0d49c00d71de9414d8461e0c25b400fcff8fa9c7386ecc10d64a69b309
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.1guy2slugs.com/

Response headers

content-encoding
gzip
x-content-type-options
nosniff
expires
Tue, 24 Dec 2024 21:17:33 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Tue, 24 Dec 2024 21:17:33 GMT
content-type
text/css; charset=utf-8
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
last-modified
Tue, 24 Dec 2024 20:01:37 GMT
x-frame-options
SAMEORIGIN
strict-transport-security
max-age=31536000
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
cross-origin-opener-policy
same-origin-allow-popups
cross-origin-resource-policy
cross-origin
access-control-allow-origin
*
x-xss-protection
0
server
ESF
css
fonts.googleapis.com/ 		3 KB
584 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Lato:400,700,400italic,700italic&display=swap
Requested by
Host: www.1guy2slugs.com
URL: https://www.1guy2slugs.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
216.58.212.138 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s46-in-f10.1e100.net
Software
ESF /
Resource Hash
638e0a9696a1287622b2881fce4aa2450101d9f7e29cb7811fb4c737a4e7e8e0
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.1guy2slugs.com/

Response headers

content-encoding
gzip
x-content-type-options
nosniff
expires
Tue, 24 Dec 2024 21:17:33 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Tue, 24 Dec 2024 21:17:33 GMT
content-type
text/css; charset=utf-8
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
last-modified
Tue, 24 Dec 2024 21:17:33 GMT
x-frame-options
SAMEORIGIN
strict-transport-security
max-age=31536000
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
cross-origin-opener-policy
same-origin-allow-popups
cross-origin-resource-policy
cross-origin
access-control-allow-origin
*
x-xss-protection
0
server
ESF
sharethis.js
platform-api.sharethis.com/js/ 		206 KB
46 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://platform-api.sharethis.com/js/sharethis.js
Requested by
Host: www.1guy2slugs.com
URL: https://www.1guy2slugs.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
54.230.228.32 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-54-230-228-32.muc50.r.cloudfront.net
Software
/
Resource Hash
98d32b00fca86fc6994df33302e051a6ad03461a43ff5797d5b10ace4cf4772f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Frame-Options SAMEORIGIN

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.1guy2slugs.com/

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
cache-control
max-age=600, public
content-encoding
gzip
etag
W/"336d0-g/6wprihOkYe7HpMswOVDodT6lU"
age
371
via
1.1 39665d11bf385fb9aabc991f857b37dc.cloudfront.net (CloudFront)
x-cache
Hit from cloudfront
x-amz-cf-id
Iek0eZKcFuOKefXrRSmzLEBW3y-ChDxZvyp9l3uFpFCsubaaWfBfvQ==
edge-control
cache-maxage=60m,downstream-ttl=60m
date
Tue, 24 Dec 2024 21:11:22 GMT
content-type
text/javascript; charset=utf-8
vary
Accept-Encoding
x-amz-cf-pop
MUC50-P5
x-frame-options
SAMEORIGIN
code.js
bankingbloatedcaptive.com/lv/esnk/2045743/ 		160 KB
60 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://bankingbloatedcaptive.com/lv/esnk/2045743/code.js
Requested by
Host: www.1guy2slugs.com
URL: https://www.1guy2slugs.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
94.242.247.24 , Luxembourg, ASN7979 (SERVERS-COM, US),
Reverse DNS
Software
nginx /
Resource Hash
6ea22da24d8339bc9b0b43809294be93d862607c573646b067a297497e7fdaab

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.1guy2slugs.com/

Response headers

timing-allow-origin
*
content-encoding
gzip
etag
W/"676ad45e-281ec"
accept-ch
sec-ch-ua-wow64,sec-ch-ua-full-version-list,sec-ch-ua,sec-ch-ua-platform,sec-ch-ua-mobile,sec-ch-ua-full-version,sec-ch-ua-platform-version,sec-ch-ua-arch,sec-ch-ua-bitness,sec-ch-ua-model,sec-ch-width,sec-ch-viewport-width,sec-ch-viewport-height,sec-ch-dpr,sec-ch-device-memory,sec-ch-rtt,sec-ch-prefers-color-scheme,sec-ch-prefers-reduced-motion,sec-ch-prefers-reduced-transparency,sec-ch-prefers-contrast,sec-ch-forced-colors,sec-ch-prefers-reduced-data
x-js-ab2
current
date
Tue, 24 Dec 2024 21:17:33 GMT
content-type
application/javascript; charset=utf-8
last-modified
Tue, 24 Dec 2024 15:33:50 GMT
server
nginx
vary
Accept-Encoding
1guy2slugs.jpg
www.1guy2slugs.com/videos/ 		39 KB
39 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.1guy2slugs.com/videos/1guy2slugs.jpg
Requested by
Host: www.1guy2slugs.com
URL: https://www.1guy2slugs.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0f8055fdfa31d93e282bd0a84caa95e7532e61f6448dd53337307bf89ed8e0af

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.1guy2slugs.com/

Response headers

cf-cache-status
HIT
etag
"663a7e7e-9b4c"
age
6061141
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Skf8Gtxbg9bf2OgrV%2B4dl006%2FXV547SQRg2Fk%2BXZUtjZ7ciMBSTZmKLIGN3RQtgfBIhGpygOsrKHc2oO%2FYwfRDBzud3Zr7WZ%2BuAYHVSf8ZK7eSWaf9wJJATwZwqyFNCB1u7zTM0%3D"}],"group":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=36090&min_rtt=33352&rtt_var=5122&sent=36&recv=22&lost=0&retrans=0&sent_bytes=27184&recv_bytes=6779&delivery_rate=296556&cwnd=12000&unsent_bytes=0&cid=ca02f33bcf2c1164&ts=688&x=1", cfExtPri, cfHdrFlush;dur=31
date
Tue, 24 Dec 2024 21:17:33 GMT
content-type
image/jpeg
last-modified
Tue, 07 May 2024 19:18:22 GMT
vary
Accept-Encoding
priority
u=2,i
cache-control
public, max-age=31536000
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
8f739e6a9aa118ff-FRA
accept-ranges
bytes
content-length
39756
server
cloudflare
asyncjs.php
personaserver.com/ad/www/delivery/ 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://personaserver.com/ad/www/delivery/asyncjs.php
Requested by
Host: www.1guy2slugs.com
URL: https://www.1guy2slugs.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
157.245.14.184 Clifton, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
1261651.cloudwaysapps.com
Software
nginx /
Resource Hash
1b769659a90f6aaa2fb8b37d6019fd5a30762eb755a023c3d1847df2cd014c5a

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.1guy2slugs.com/

Response headers

expire
Tue, 24 Dec 2024 22:17:33 GMT
cache-control
private, max-age=3600
content-encoding
gzip
etag
f116a80283227f59f32d63a80904742d
access-control-allow-origin
*
content-length
1942
p3p
CP="CUR ADM OUR NOR STA NID"
date
Tue, 24 Dec 2024 21:17:33 GMT
content-type
text/javascript;charset=UTF-8
vary
Accept-Encoding
server
nginx
code.js
shakingtacklingunpeeled.com/lv/esnk/2045745/ 		160 KB
60 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://shakingtacklingunpeeled.com/lv/esnk/2045745/code.js
Requested by
Host: www.1guy2slugs.com
URL: https://www.1guy2slugs.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
94.242.247.24 , Luxembourg, ASN7979 (SERVERS-COM, US),
Reverse DNS
Software
nginx /
Resource Hash
ac70158e8b3c49236ad10a9eed64c6f00c96f2421fafd062c300e4aca17c9724

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.1guy2slugs.com/

Response headers

timing-allow-origin
*
content-encoding
gzip
etag
W/"676ad45e-281ec"
accept-ch
sec-ch-ua-wow64,sec-ch-ua-full-version-list,sec-ch-ua,sec-ch-ua-platform,sec-ch-ua-mobile,sec-ch-ua-full-version,sec-ch-ua-platform-version,sec-ch-ua-arch,sec-ch-ua-bitness,sec-ch-ua-model,sec-ch-width,sec-ch-viewport-width,sec-ch-viewport-height,sec-ch-dpr,sec-ch-device-memory,sec-ch-rtt,sec-ch-prefers-color-scheme,sec-ch-prefers-reduced-motion,sec-ch-prefers-reduced-transparency,sec-ch-prefers-contrast,sec-ch-forced-colors,sec-ch-prefers-reduced-data
x-js-ab2
current
date
Tue, 24 Dec 2024 21:17:33 GMT
content-type
application/javascript; charset=utf-8
last-modified
Tue, 24 Dec 2024 15:33:50 GMT
server
nginx
vary
Accept-Encoding
email-decode.min.js
www.1guy2slugs.com/cdn-cgi/scripts/5c5dd728/cloudflare-static/ 		1 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.1guy2slugs.com/cdn-cgi/scripts/5c5dd728/cloudflare-static/email-decode.min.js
Requested by
Host: www.1guy2slugs.com
URL: https://www.1guy2slugs.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2595496fe48df6fcf9b1bc57c29a744c121eb4dd11566466bc13d2e52e6bbcc8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.1guy2slugs.com/

Response headers

x-frame-options
DENY
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cache-control
max-age=172800, public
content-encoding
gzip
etag
W/"675fc4cd-4d7"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=SBdfeyWMz37yYUR70dVARM13NQX1u0hzignvzzmEWK%2FY7pZuw19YcmeVc6Xr%2B30PHAiFtrwyWEBEngdwra1yylmfaQDWzlcFIGTILkaDZBbO5VQP6jWFB9GIKIXkQqgsJCEViI4%3D"}],"group":"cf-nel","max_age":604800}
x-content-type-options
nosniff
cf-ray
8f739e6a9aa318ff-FRA
expires
Thu, 26 Dec 2024 21:17:33 GMT
date
Tue, 24 Dec 2024 21:17:33 GMT
content-type
application/javascript
last-modified
Mon, 16 Dec 2024 06:12:29 GMT
server
cloudflare
vary
Accept-Encoding
jquery.js
www.1guy2slugs.com/js/ 		94 KB
33 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.1guy2slugs.com/js/jquery.js
Requested by
Host: www.1guy2slugs.com
URL: https://www.1guy2slugs.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
87981e8062814ca279922ee55276ad14bbdc29649f98e34b2d83c3afb5052a51

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.1guy2slugs.com/

Response headers

content-encoding
gzip
cf-cache-status
HIT
etag
W/"663a7e7d-1762c"
age
6146504
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=79gggVofwOIJxWuSnb8EE9xB2%2F0rHaTbRCE77jqU7vcAce%2FLlEvc1f6ON8vuf8ZVVxlPYQ%2FzTLgdoOEZtxsQo7M3pxCwe18CcVqqmhtDT4TFPjL2RpLl7FEeSsz6S5EduwCv1Sc%3D"}],"group":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=36090&min_rtt=33352&rtt_var=5122&sent=39&recv=29&lost=0&retrans=0&sent_bytes=27253&recv_bytes=8877&delivery_rate=296556&cwnd=12000&unsent_bytes=0&cid=ca02f33bcf2c1164&ts=698&x=1", cfExtPri, cfHdrFlush;dur=21
date
Tue, 24 Dec 2024 21:17:33 GMT
content-type
application/javascript
last-modified
Tue, 07 May 2024 19:18:21 GMT
vary
Accept-Encoding
priority
u=2,i=?0
cache-control
public, max-age=31536000
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
8f739e6aaab418ff-FRA
server
cloudflare
bootstrap.min.js
www.1guy2slugs.com/js/ 		36 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.1guy2slugs.com/js/bootstrap.min.js
Requested by
Host: www.1guy2slugs.com
URL: https://www.1guy2slugs.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5a4a5359110a773bd154da94c48ffd6a6233a29dfd5a9314555f5ae6c3e47459

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.1guy2slugs.com/

Response headers

content-encoding
gzip
cf-cache-status
HIT
etag
W/"663a7e7c-900a"
age
4287377
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=3qVtq8MswUcbHxYDtcfEqmcFZwlF109tRp1AwHTRHgt5%2FLUAk9lAk4vw6epuoGVKW8kPzFK7bAACHU0vPyU4XOPe7UESa05jofpxH9lV4KjAJa4cG2wPNoEnkjckHWMQwLNExmw%3D"}],"group":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=36090&min_rtt=33352&rtt_var=5122&sent=39&recv=29&lost=0&retrans=0&sent_bytes=27253&recv_bytes=8877&delivery_rate=296556&cwnd=12000&unsent_bytes=0&cid=ca02f33bcf2c1164&ts=705&x=1", cfExtPri, cfHdrFlush;dur=14
date
Tue, 24 Dec 2024 21:17:33 GMT
content-type
application/javascript
last-modified
Tue, 07 May 2024 19:18:20 GMT
vary
Accept-Encoding
priority
u=2,i=?0
cache-control
public, max-age=31536000
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
8f739e6abab818ff-FRA
server
cloudflare
jquery.easing.min.js
cdnjs.cloudflare.com/ajax/libs/jquery-easing/1.3/ 		5 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/jquery-easing/1.3/jquery.easing.min.js
Requested by
Host: www.1guy2slugs.com
URL: https://www.1guy2slugs.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.17.24.14 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ac3f3a757bfbfc9d92bc8f5e6e6362e5d4ae41dbf3cebacdda9b8f71afc82e5b
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.1guy2slugs.com/

Response headers

cf-cdnjs-via
cfworker/kv
content-encoding
br
cf-cache-status
HIT
etag
"5eb03ec1-15b3"
age
1022417
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=y%2Bm1TLrdkge%2BLmNa67dM7bOj4hDI5VYkOZ4jDIkGl30RtsInH%2BKuuFC1ZR9Ay9xfeBhMr1LG2f9GIoERk9RYLcSZpZt%2F0FBdwyeBRPCeAG2VthzrlaqmvMAvOR8eWMmko1eQ1wOe"}],"group":"cf-nel","max_age":604800}
x-content-type-options
nosniff
expires
Sun, 14 Dec 2025 21:17:33 GMT
alt-svc
h3=":443"; ma=86400
server-timing
cfExtPri
date
Tue, 24 Dec 2024 21:17:33 GMT
content-type
application/javascript; charset=utf-8
last-modified
Mon, 04 May 2020 16:11:45 GMT
vary
Accept-Encoding
priority
u=2,i=?0
strict-transport-security
max-age=15780000
cache-control
public, max-age=30672000
timing-allow-origin
*
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
cross-origin-resource-policy
cross-origin
cf-ray
8f739e6aee913a64-FRA
accept-ranges
bytes
access-control-allow-origin
*
content-length
1507
server
cloudflare
classie.js
www.1guy2slugs.com/js/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.1guy2slugs.com/js/classie.js
Requested by
Host: www.1guy2slugs.com
URL: https://www.1guy2slugs.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c4ea9310d72e37fe799d48ae3fc43dcb53e3db7c4ae13763d4c5b893f6ceb64b

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.1guy2slugs.com/

Response headers

content-encoding
gzip
cf-cache-status
HIT
etag
W/"663a7e7c-77b"
age
6146504
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=6P4Ih%2Bddayyiu1SDXKujY6k1ml%2BLBGQxQmWA63SvylBNYOn9rgedrPKXmGhFuosetsE6VGdceREmCi9pn7oxN4qJeNH3yfCr5R95O3zJw3sgYfUy9cSy%2BEKP%2BGFN%2FyNpNfYT3gk%3D"}],"group":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=36090&min_rtt=33352&rtt_var=5122&sent=39&recv=29&lost=0&retrans=0&sent_bytes=27253&recv_bytes=8877&delivery_rate=296556&cwnd=12000&unsent_bytes=0&cid=ca02f33bcf2c1164&ts=702&x=1", cfExtPri, cfHdrFlush;dur=17
date
Tue, 24 Dec 2024 21:17:33 GMT
content-type
application/javascript
last-modified
Tue, 07 May 2024 19:18:20 GMT
vary
Accept-Encoding
priority
u=2,i=?0
cache-control
public, max-age=31536000
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
8f739e6ababb18ff-FRA
server
cloudflare
cbpAnimatedHeader.js
www.1guy2slugs.com/js/ 		920 B
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.1guy2slugs.com/js/cbpAnimatedHeader.js
Requested by
Host: www.1guy2slugs.com
URL: https://www.1guy2slugs.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
60fc7824397bca2515a17ade7c97a4f5122c1b2b6dfa218e133749e3c00a8321

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.1guy2slugs.com/

Response headers

content-encoding
gzip
cf-cache-status
HIT
etag
W/"663a7e7c-398"
age
6046681
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=ldF3xi36alLNtqRRm0wNrWSOq8DFwaaYfF0rWctGiqBTBL8UZo4MjqpKChXl7SMsw6caOpaUSOttxW9tv8ztTCyQNuhItG2Mbt6SyZkJcRq5LxrB2WsZ89rjn1VHqFTPfcsn6VQ%3D"}],"group":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=36090&min_rtt=33352&rtt_var=5122&sent=39&recv=29&lost=0&retrans=0&sent_bytes=27253&recv_bytes=8877&delivery_rate=296556&cwnd=12000&unsent_bytes=0&cid=ca02f33bcf2c1164&ts=702&x=1", cfExtPri, cfHdrFlush;dur=17
date
Tue, 24 Dec 2024 21:17:33 GMT
content-type
application/javascript
last-modified
Tue, 07 May 2024 19:18:20 GMT
vary
Accept-Encoding
priority
u=2,i=?0
cache-control
public, max-age=31536000
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
8f739e6ababd18ff-FRA
server
cloudflare
jqBootstrapValidation.js
www.1guy2slugs.com/js/ 		36 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.1guy2slugs.com/js/jqBootstrapValidation.js
Requested by
Host: www.1guy2slugs.com
URL: https://www.1guy2slugs.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6c5c917781b8de3fb0adeb2164d9835c7af890745ae9691f242496ae80d8b434

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.1guy2slugs.com/

Response headers

content-encoding
gzip
cf-cache-status
HIT
etag
W/"663a7e7c-90e4"
age
6061142
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=eyslhZwSrfe75OJyNC9hOySv%2F7gQyQ40IZyWhkzK6vHUA53WQrmPVqgmeKzCuJaDHuWzS6QSLBzZsqpgK9dZXe8vnWoer5%2BPHFbTx%2BX7fIcLgYpENQP0IidmGaAWo1nYx2r8udo%3D"}],"group":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=36090&min_rtt=33352&rtt_var=5122&sent=39&recv=29&lost=0&retrans=0&sent_bytes=27253&recv_bytes=8877&delivery_rate=296556&cwnd=12000&unsent_bytes=0&cid=ca02f33bcf2c1164&ts=701&x=1", cfExtPri, cfHdrFlush;dur=18
date
Tue, 24 Dec 2024 21:17:33 GMT
content-type
application/javascript
last-modified
Tue, 07 May 2024 19:18:20 GMT
vary
Accept-Encoding
priority
u=2,i=?0
cache-control
public, max-age=31536000
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
8f739e6ababe18ff-FRA
server
cloudflare
freelancer.js
www.1guy2slugs.com/js/ 		2 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.1guy2slugs.com/js/freelancer.js
Requested by
Host: www.1guy2slugs.com
URL: https://www.1guy2slugs.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9a61274f554a947bca8d16b24cfe44192691951358dc714224247cc9727101f7

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.1guy2slugs.com/

Response headers

content-encoding
gzip
cf-cache-status
HIT
etag
W/"663a7e7c-951"
age
6061142
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=V9cMNFC%2B0ox4H5DjB%2F761XVL49z8CSCwE6E3CJfRpkrWWiln1KKKaPXjRZN53RXH5q1%2BmgRlVWZ8EzhjfBzVpiyE6m6SDDafRLCyzYR7A2VV7Qi0JgwrB%2FU7VpgfXcoGU%2B5XoT0%3D"}],"group":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=36090&min_rtt=33352&rtt_var=5122&sent=39&recv=29&lost=0&retrans=0&sent_bytes=27253&recv_bytes=8877&delivery_rate=296556&cwnd=12000&unsent_bytes=0&cid=ca02f33bcf2c1164&ts=702&x=1", cfExtPri, cfHdrFlush;dur=17
date
Tue, 24 Dec 2024 21:17:33 GMT
content-type
application/javascript
last-modified
Tue, 07 May 2024 19:18:20 GMT
vary
Accept-Encoding
priority
u=2,i=?0
cache-control
public, max-age=31536000
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
8f739e6ababf18ff-FRA
server
cloudflare
script.js
www.1guy2slugs.com/js/ 		1 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.1guy2slugs.com/js/script.js
Requested by
Host: www.1guy2slugs.com
URL: https://www.1guy2slugs.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
939dde291d2b2c099ebadda6e2ee49c6fe3df9fe5e84ca69b9e7c3529bf97443

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.1guy2slugs.com/

Response headers

content-encoding
gzip
cf-cache-status
HIT
etag
W/"663a7e7d-410"
age
6146504
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=xu9jRGpDXMn8q6FEHnqckf65ULaZE1VjpD8FTkIpLAJYRDhmmoWwYcDnz%2FaCjISboeszrcCtV9%2Fx0XE76D85HIbMBmYtDLka2LYkzCydyxvNADoNq7yEQLXR242A0q0lbejPSso%3D"}],"group":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=36090&min_rtt=33352&rtt_var=5122&sent=39&recv=29&lost=0&retrans=0&sent_bytes=27253&recv_bytes=8877&delivery_rate=296556&cwnd=12000&unsent_bytes=0&cid=ca02f33bcf2c1164&ts=704&x=1", cfExtPri, cfHdrFlush;dur=15
date
Tue, 24 Dec 2024 21:17:33 GMT
content-type
application/javascript
last-modified
Tue, 07 May 2024 19:18:21 GMT
vary
Accept-Encoding
priority
u=2,i=?0
cache-control
public, max-age=31536000
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
8f739e6abac018ff-FRA
server
cloudflare
js
www.googletagmanager.com/gtag/ 		323 KB
108 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-YXKKZ3ZRF1
Requested by
Host: www.1guy2slugs.com
URL: https://www.1guy2slugs.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.184.200 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s11-in-f8.1e100.net
Software
Google Tag Manager /
Resource Hash
8f592f1eb4bb0410cc4ec3b044f9d1121da2c9ef7ed0b284bdb22f212961c1cb
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.1guy2slugs.com/

Response headers

content-encoding
br
report-to
{"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcycc:838:0"}],}
expires
Tue, 24 Dec 2024 21:17:33 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Tue, 24 Dec 2024 21:17:33 GMT
content-type
application/javascript; charset=UTF-8
vary
Accept-Encoding
access-control-allow-headers
Cache-Control
strict-transport-security
max-age=31536000; includeSubDomains
cache-control
private, max-age=900
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
content-security-policy-report-only
script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcycc:838:0
access-control-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to=coop_reporting
content-length
109872
x-xss-protection
0
server
Google Tag Manager
ps.js
zctyu.nxt-psh.com/ps/ 		34 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://zctyu.nxt-psh.com/ps/ps.js?id=Bbj8aUic5kq_18ybnBc4XQ
Requested by
Host: www.1guy2slugs.com
URL: https://www.1guy2slugs.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.194.119 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5e7788851443d65c759000e9ae6a20b751ae40ff865c5ebe8af99cb521363b2e

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.1guy2slugs.com/

Response headers

cache-control
max-age=0, no-cache, no-store, must-revalidate
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding
gzip
cf-cache-status
BYPASS
accept-ch
Sec-CH-UA, Sec-CH-UA-Platform, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=3Zrmm7SU6ggRQB8NZ5lEG6ssEJopmfy8sktjF5VXQK%2BesQGJWoAeXAbcnahJK2JGllpn7wPwFsUJIdrJGZd2rffxSGRVreUDavdXbaBpELfGnc5twULYv2ZKtevaSWLnylMgQQ%3D%3D"}],"group":"cf-nel","max_age":604800}
cf-ray
8f739e6aff7e1d9e-FRA
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=33267&min_rtt=33146&rtt_var=12516&sent=10&recv=7&lost=0&retrans=0&sent_bytes=4183&recv_bytes=4279&delivery_rate=94069&cwnd=12000&unsent_bytes=0&cid=ea7152ec1787c958&ts=68&x=1", cfExtPri, cfHdrFlush;dur=0
date
Tue, 24 Dec 2024 21:17:33 GMT
content-type
application/javascript
vary
Accept-Encoding
server
cloudflare
priority
u=2,i=?0
ipp.js
zctyu.ujscdn.com/ 		38 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://zctyu.ujscdn.com/ipp.js?id=5TAcFNeuAEKJa2JqeuLiYw&sub_id=
Requested by
Host: www.1guy2slugs.com
URL: https://www.1guy2slugs.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.21.9.70 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
94ccb6122d7e80c0460910bda8af5f5acefe86ea1c9616a4e6124728e8f7f5d7

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.1guy2slugs.com/

Response headers

cache-control
max-age=0, no-cache, no-store, must-revalidate
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding
gzip
cf-cache-status
BYPASS
accept-ch
Sec-CH-UA, Sec-CH-UA-Platform, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Vl9OhudpK76XSDqLJLZ7qjNvt9RGzfchXP5Bgn58yGCu3iHxGcU5nFSHy7zn3tt8CP3JuZBdCJUeMZ4lfvkGQTSQwGsmdiZJVAiG%2Bbrc7m0hYMCr2FYVFehmDQ5h3yXrllRl"}],"group":"cf-nel","max_age":604800}
cf-ray
8f739e6b0d1f366e-FRA
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=32954&min_rtt=32945&rtt_var=12372&sent=10&recv=7&lost=0&retrans=0&sent_bytes=4191&recv_bytes=4284&delivery_rate=96117&cwnd=12000&unsent_bytes=0&cid=f11ee1a3a63b99a6&ts=67&x=1", cfExtPri, cfHdrFlush;dur=0
date
Tue, 24 Dec 2024 21:17:33 GMT
content-type
application/javascript
vary
Accept-Encoding
server
cloudflare
priority
u=2,i=?0
JTUSjIg1_i6t8kCHKm459Wlhyw.woff2
fonts.gstatic.com/s/montserrat/v29/ 		37 KB
37 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/montserrat/v29/JTUSjIg1_i6t8kCHKm459Wlhyw.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Montserrat:400,700&display=swap
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.18.3 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra02s19-in-f3.1e100.net
Software
sffe /
Resource Hash
fdc9964050bfa24c27a3c76c6791b3674292a5f352cbc83d7a4dc49595bc3fb1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin
https://www.1guy2slugs.com
Referer
https://fonts.googleapis.com/

Response headers

age
23760
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
x-content-type-options
nosniff
expires
Wed, 24 Dec 2025 14:41:33 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Tue, 24 Dec 2024 14:41:33 GMT
last-modified
Wed, 06 Nov 2024 17:30:37 GMT
content-type
font/woff2
cache-control
public, max-age=31536000
timing-allow-origin
*
cross-origin-opener-policy
same-origin; report-to="apps-themes"
cross-origin-resource-policy
cross-origin
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
accept-ranges
bytes
access-control-allow-origin
*
content-length
37828
x-xss-protection
0
server
sffe
S6uyw4BMUTPHjx4wXg.woff2
fonts.gstatic.com/s/lato/v24/ 		23 KB
23 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/lato/v24/S6uyw4BMUTPHjx4wXg.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Lato:400,700,400italic,700italic&display=swap
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.18.3 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra02s19-in-f3.1e100.net
Software
sffe /
Resource Hash
918b7dc3e2e2d015c16ce08b57bcb64d2253bafc1707658f361e72865498e537
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin
https://www.1guy2slugs.com
Referer
https://fonts.googleapis.com/

Response headers

age
43438
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
x-content-type-options
nosniff
expires
Wed, 24 Dec 2025 09:13:35 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Tue, 24 Dec 2024 09:13:35 GMT
last-modified
Tue, 02 May 2023 15:17:22 GMT
content-type
font/woff2
cache-control
public, max-age=31536000
timing-allow-origin
*
cross-origin-opener-policy
same-origin; report-to="apps-themes"
cross-origin-resource-policy
cross-origin
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
accept-ranges
bytes
access-control-allow-origin
*
content-length
23580
x-xss-protection
0
server
sffe
1guy2slugs.mp4
www.1guy2slugs.com/videos/ 		65 KB
0 		Media
General
Check archive.org
Download Go to
Full URL
https://www.1guy2slugs.com/videos/1guy2slugs.mp4
Requested by
Host: www.1guy2slugs.com
URL: https://www.1guy2slugs.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

Referer
https://www.1guy2slugs.com/
Accept-Encoding
identity;q=1, *;q=0
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Range
bytes=0-

Response headers

cf-cache-status
HIT
etag
"663a7e82-b49818"
age
6146503
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=%2BvLXb6hK7hij5OC83onQ3oAZAbU0OBN1l7hmaZeDzHTOcCsBjGlPDHDK9i%2F0QwpVQBfgqeZ6n43HSNuT7Y6S0Lfw2FxVCmHWPGM0zNXxtk1h2x8tlcGUQiX6llTo0BjHtBWTK4M%3D"}],"group":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=37755&min_rtt=33197&rtt_var=5035&sent=146&recv=73&lost=0&retrans=0&sent_bytes=141854&recv_bytes=11067&delivery_rate=1302207&cwnd=68400&unsent_bytes=0&cid=ca02f33bcf2c1164&ts=881&x=1", cfExtPri, cfHdrFlush;dur=0
date
Tue, 24 Dec 2024 21:17:33 GMT
content-type
video/mp4
last-modified
Tue, 07 May 2024 19:18:26 GMT
vary
Accept-Encoding
priority
u=3,i
cache-control
public, max-age=31536000
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Content-Range
bytes 0-11835415/11835416
cf-ray
8f739e6bdb8818ff-FRA
Content-Length
11835416
server
cloudflare
truncated
/ 		547 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
eb14baeac955bb11e33cd7fd3fd2f698cf20db1b450325f45ea843b6cdc82366

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer

Response headers

Content-Type
image/svg+xml
truncated
/ 		552 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
62f3f809487194fcc55a3ebd88811a604ae496027bb425d4ebd15d9ae1921945

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer

Response headers

Content-Type
image/svg+xml
truncated
/ 		380 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
717f6bb5f6cc69c444f54376a72dee0ca7968b2a12e7c9475247ec85c0e75a53

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer

Response headers

Content-Type
image/svg+xml
fontawesome-webfont.woff
maxcdn.bootstrapcdn.com/font-awesome/4.1.0/fonts/ 		82 KB
82 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://maxcdn.bootstrapcdn.com/font-awesome/4.1.0/fonts/fontawesome-webfont.woff?v=4.1.0
Requested by
Host: maxcdn.bootstrapcdn.com
URL: https://maxcdn.bootstrapcdn.com/font-awesome/4.1.0/css/font-awesome.min.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.11.207 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
66db52b456efe7e29cec11fa09421d03cb09e37ed1b567307ec0444fd605ce31
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin
https://www.1guy2slugs.com
Referer
https://maxcdn.bootstrapcdn.com/font-awesome/4.1.0/css/font-awesome.min.css

Response headers

cdn-status
200
cf-cache-status
HIT
etag
"fdf491ce5ff5b2da02708cd0e9864719"
age
10404228
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=86400
server-timing
cfExtPri
date
Tue, 24 Dec 2024 21:17:33 GMT
content-type
font/woff
last-modified
Mon, 25 Jan 2021 22:04:53 GMT
cdn-cachedat
10/31/2023 19:27:07
cdn-cache
HIT
cdn-requestpullcode
200
priority
u=0,i=?0
vary
Accept-Encoding
strict-transport-security
max-age=31536000; includeSubDomains; preload
cache-control
public, max-age=31919000
cdn-requestpullsuccess
True
timing-allow-origin
*
cdn-uid
b1941f61-b576-4f40-80de-5677acb38f74
cdn-requestid
13f6cf80dc4364e53a7b127c4422f414
cross-origin-resource-policy
cross-origin
cdn-pullzone
252412
cdn-proxyver
1.04
cf-ray
8f739e6bef063a64-FRA
accept-ranges
bytes
access-control-allow-origin
*
content-length
83760
cdn-edgestorageid
940
server
cloudflare
cdn-requestcountrycode
US
S6u9w4BMUTPHh6UVSwiPGQ.woff2
fonts.gstatic.com/s/lato/v24/ 		23 KB
23 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/lato/v24/S6u9w4BMUTPHh6UVSwiPGQ.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Lato:400,700,400italic,700italic&display=swap
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.18.3 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra02s19-in-f3.1e100.net
Software
sffe /
Resource Hash
c447dd7677b419db7b21dbdfc6277c7816a913ffda76fd2e52702df538de0e49
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin
https://www.1guy2slugs.com
Referer
https://fonts.googleapis.com/

Response headers

age
456885
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
x-content-type-options
nosniff
expires
Fri, 19 Dec 2025 14:22:48 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Thu, 19 Dec 2024 14:22:48 GMT
last-modified
Tue, 02 May 2023 15:07:25 GMT
content-type
font/woff2
cache-control
public, max-age=31536000
timing-allow-origin
*
cross-origin-opener-policy
same-origin; report-to="apps-themes"
cross-origin-resource-policy
cross-origin
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
accept-ranges
bytes
access-control-allow-origin
*
content-length
23040
x-xss-protection
0
server
sffe
config.js
zctyu.ext-jscdn.com/ps/ 		364 B
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://zctyu.ext-jscdn.com/ps/config.js?id=Bbj8aUic5kq_18ybnBc4XQ
Requested by
Host: zctyu.nxt-psh.com
URL: https://zctyu.nxt-psh.com/ps/ps.js?id=Bbj8aUic5kq_18ybnBc4XQ
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
af0bb8b7a4d64839b86f8ee7fd4c1e9e0cd914e00e73006921ebace3cdc24047

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.1guy2slugs.com/

Response headers

cache-control
max-age=0, no-cache, no-store, must-revalidate
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding
gzip
cf-cache-status
BYPASS
accept-ch
Sec-CH-UA, Sec-CH-UA-Platform, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=9%2BWaxaC19ncLV4NDOgs1eRrkSFeKsoARo317RhmzyCFB3XOt8NDkN1GsSbbCWf8TjHFih2tXsDecrh9uK5DFBpj54lcFJnn0wbCWIeWHDzLKxMvgGL%2Fmip%2Fi3ZkMXQ1tEhEWpEHh"}],"group":"cf-nel","max_age":604800}
cf-ray
8f739e6c5b82d412-FRA
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=36669&min_rtt=36640&rtt_var=13798&sent=11&recv=7&lost=0&retrans=0&sent_bytes=4205&recv_bytes=4261&delivery_rate=88130&cwnd=12000&unsent_bytes=0&cid=c09d2d4c912beeda&ts=64&x=1", cfExtPri, cfHdrFlush;dur=0
date
Tue, 24 Dec 2024 21:17:33 GMT
content-type
application/javascript
vary
Accept-Encoding
server
cloudflare
priority
u=3,i=?0
truncated
/ 		177 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
d692a67352a3dfa80010c86a62761cfff05c0b1086618106a8576cc45a6a8115

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer

Response headers

Content-Type
image/svg+xml
truncated
/ 		351 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
145287b36883dd3061ca7aa9229a8fa9ace2cccd50e0382b4b6201f3916b57c5

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer

Response headers

Content-Type
image/svg+xml
truncated
/ 		242 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
1f4513a435d6a3047d20a50c1e7d4263de42146c74be227f774b5e82e6357e75

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer

Response headers

Content-Type
image/svg+xml
654866fe2398960013d90125.js
buttons-config.sharethis.com/js/ 		794 B
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://buttons-config.sharethis.com/js/654866fe2398960013d90125.js
Requested by
Host: platform-api.sharethis.com
URL: https://platform-api.sharethis.com/js/sharethis.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.173.187.86 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-173-187-86.muc50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
aeba9a76702847da92d2712f1f3443f841b62f7cef71dc34ca57d5c4b30e2f27
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.1guy2slugs.com/

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
vary
accept-encoding
cache-control
public, max-age=60
etag
"ad51c49696af3765b73127b35142075b"
via
1.1 7949f2957c23173b6f2b16db26ab42f6.cloudfront.net (CloudFront)
accept-ranges
bytes
x-cache
RefreshHit from cloudfront
content-length
794
x-amz-cf-id
KCFSgjLc6HCa15lyFPXCOPLbwYGC0mJXhKDZdzNiDJtlQoO5HDbjtA==
date
Tue, 24 Dec 2024 21:17:34 GMT
content-type
text/javascript
last-modified
Fri, 22 Dec 2023 05:25:55 GMT
server
AmazonS3
x-amz-cf-pop
MUC50-P4
x-amz-server-side-encryption
AES256
/
invalid/ 		0
0
/
invalid/ 		0
0
pview
l.sharethis.com/ 		0
405 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://l.sharethis.com/pview?event=pview&hostname=www.1guy2slugs.com&location=%2F&product=sop&url=https%3A%2F%2Fwww.1guy2slugs.com%2F&source=sharethis.js&fcmp=false&fcmpv2=false&has_segmentio=false&title=1%20Guy%202%20Slugs%20%7C%20Nobody%20loves%20slugs%20more%20than%20this%20guy!&cms=unknown&publisher=654866fe2398960013d90125&sop=true&version=st_sop.js&lang=en&description=Why%20does%20this%20guy%20love%20slugs%20so%20much%3F%20Watch%201%20Guy%202%20Slugs%20to%20find%20out!&ua=&ua_mobile=false&ua_full_version_list=&uuid=d143fc67-b0ad-44ea-850d-bed77559e026
Requested by
Host: platform-api.sharethis.com
URL: https://platform-api.sharethis.com/js/sharethis.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.29.92.241 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-29-92-241.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains;

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.1guy2slugs.com/

Response headers

Strict-Transport-Security
max-age=63072000; includeSubDomains;
Access-Control-Max-Age
1728000
Access-Control-Expose-Headers
stid
Cache-Control
no-cache, no-store, must-revalidate
Connection
keep-alive
Access-Control-Allow-Credentials
true
Access-Control-Allow-Origin
https://www.1guy2slugs.com
Date
Tue, 24 Dec 2024 21:17:33 GMT
Access-Control-Allow-Headers
*
1guy2slugs.mp4
www.1guy2slugs.com/videos/ 		70 KB
71 KB 		Media
General
Check archive.org
Download Go to
Full URL
https://www.1guy2slugs.com/videos/1guy2slugs.mp4
Requested by
Host: www.1guy2slugs.com
URL: https://www.1guy2slugs.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
378d3cea57efa39c632402666131c4b3847da8681d89a777e7593ce501a1af76

Request headers

Referer
https://www.1guy2slugs.com/
Accept-Encoding
identity;q=1, *;q=0
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Range
bytes=11763712-

Response headers

cf-cache-status
HIT
etag
"663a7e82-b49818"
age
6146503
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=kqKQX4NCqv91HvOXwtbZaInX5WmfLFRynr%2FHo0pxRdN05FunvunynLNJnrZ0S2fOSF%2FZdE6VmZQZC3JWFwjCaHY0Us0SbDQjHzbshl%2FGcDjll0L2xX9d0JYLBvW4%2Fl%2FlsBZ2Cts%3D"}],"group":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=38044&min_rtt=33197&rtt_var=2474&sent=552&recv=115&lost=0&retrans=0&sent_bytes=625165&recv_bytes=13672&delivery_rate=5573693&cwnd=261600&unsent_bytes=0&cid=ca02f33bcf2c1164&ts=1016&x=1", cfExtPri, cfHdrFlush;dur=0
date
Tue, 24 Dec 2024 21:17:33 GMT
content-type
video/mp4
last-modified
Tue, 07 May 2024 19:18:26 GMT
vary
Accept-Encoding
priority
u=3,i
cache-control
public, max-age=31536000
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Content-Range
bytes 11763712-11835415/11835416
cf-ray
8f739e6cac3618ff-FRA
Content-Length
71704
server
cloudflare
/
invalid/ 		0
0
/
invalid/ 		0
0
check.html
bankingbloatedcaptive.com/ Frame EA55 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://bankingbloatedcaptive.com/check.html
Requested by
Host: bankingbloatedcaptive.com
URL: https://bankingbloatedcaptive.com/lv/esnk/2045743/code.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
94.242.247.24 , Luxembourg, ASN7979 (SERVERS-COM, US),
Reverse DNS
Software
nginx /
Resource Hash

Request headers

Referer
https://www.1guy2slugs.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

accept-ch
sec-ch-ua-wow64,sec-ch-ua-full-version-list,sec-ch-ua,sec-ch-ua-platform,sec-ch-ua-mobile,sec-ch-ua-full-version,sec-ch-ua-platform-version,sec-ch-ua-arch,sec-ch-ua-bitness,sec-ch-ua-model,sec-ch-width,sec-ch-viewport-width,sec-ch-viewport-height,sec-ch-dpr,sec-ch-device-memory,sec-ch-rtt,sec-ch-prefers-color-scheme,sec-ch-prefers-reduced-motion,sec-ch-prefers-reduced-transparency,sec-ch-prefers-contrast,sec-ch-forced-colors,sec-ch-prefers-reduced-data
content-encoding
gzip
content-type
text/html; charset=utf-8
date
Tue, 24 Dec 2024 21:17:33 GMT
etag
W/"67618a07-39e"
last-modified
Tue, 17 Dec 2024 14:26:15 GMT
server
nginx
timing-allow-origin
*
vary
Accept-Encoding
x-js-ab
current
check.html
shakingtacklingunpeeled.com/ Frame 894C 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://shakingtacklingunpeeled.com/check.html
Requested by
Host: shakingtacklingunpeeled.com
URL: https://shakingtacklingunpeeled.com/lv/esnk/2045745/code.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
94.242.247.24 , Luxembourg, ASN7979 (SERVERS-COM, US),
Reverse DNS
Software
nginx /
Resource Hash

Request headers

Referer
https://www.1guy2slugs.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

accept-ch
sec-ch-ua-wow64,sec-ch-ua-full-version-list,sec-ch-ua,sec-ch-ua-platform,sec-ch-ua-mobile,sec-ch-ua-full-version,sec-ch-ua-platform-version,sec-ch-ua-arch,sec-ch-ua-bitness,sec-ch-ua-model,sec-ch-width,sec-ch-viewport-width,sec-ch-viewport-height,sec-ch-dpr,sec-ch-device-memory,sec-ch-rtt,sec-ch-prefers-color-scheme,sec-ch-prefers-reduced-motion,sec-ch-prefers-reduced-transparency,sec-ch-prefers-contrast,sec-ch-forced-colors,sec-ch-prefers-reduced-data
content-encoding
gzip
content-type
text/html; charset=utf-8
date
Tue, 24 Dec 2024 21:17:33 GMT
etag
W/"67618a07-39e"
last-modified
Tue, 17 Dec 2024 14:26:15 GMT
server
nginx
timing-allow-origin
*
vary
Accept-Encoding
x-js-ab
current
collect
region1.google-analytics.com/g/ 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://region1.google-analytics.com/g/collect?v=2&tid=G-YXKKZ3ZRF1&gtm=45je4cc1v9170303551za200&_p=1735075053428&gcd=13l3l3l2l1l1&npa=1&dma_cps=syphamo&dma=1&tag_exp=101925629~102067555~102067808~102081485~102198178&cid=2123854600.1735075054&ul=nl-nl&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&are=1&frm=0&pscdl=noapi&_s=1&sid=1735075053&sct=1&seg=0&dl=https%3A%2F%2Fwww.1guy2slugs.com%2F&dt=1%20Guy%202%20Slugs%20%7C%20Nobody%20loves%20slugs%20more%20than%20this%20guy!&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1&tfd=1003
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-YXKKZ3ZRF1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
216.239.34.36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.1guy2slugs.com/

Response headers

cache-control
no-cache, no-store, must-revalidate
pragma
no-cache
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
content-security-policy-report-only
script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsggc:86:0
report-to
{"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsggc:86:0"}],}
expires
Fri, 01 Jan 1990 00:00:00 GMT
access-control-allow-origin
https://www.1guy2slugs.com
cross-origin-opener-policy-report-only
same-origin; report-to=coop_reporting
content-length
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Tue, 24 Dec 2024 21:17:33 GMT
content-type
text/plain
server
Golfe2
firebase-app-compat.js
www.gstatic.com/firebasejs/10.3.1/ 		28 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/firebasejs/10.3.1/firebase-app-compat.js
Requested by
Host: zctyu.nxt-psh.com
URL: https://zctyu.nxt-psh.com/ps/ps.js?id=Bbj8aUic5kq_18ybnBc4XQ
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
216.58.206.67 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lhr35s11-in-f3.1e100.net
Software
sffe /
Resource Hash
a202b2051ea9810cd9ba592b3f9418a89e2062f5c185e29e288080b28eb64fe5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.1guy2slugs.com/

Response headers

content-encoding
gzip
age
537543
report-to
{"group":"firebase-js","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/firebase-js"}]}
x-content-type-options
nosniff
expires
Thu, 18 Dec 2025 15:58:30 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Wed, 18 Dec 2024 15:58:30 GMT
last-modified
Thu, 31 Aug 2023 15:20:38 GMT
content-type
text/javascript; charset=UTF-8
vary
Accept-Encoding
cache-control
public, max-age=31536000
cross-origin-opener-policy
same-origin-allow-popups; report-to="firebase-js"
cross-origin-resource-policy
cross-origin
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/firebase-js
accept-ranges
bytes
access-control-allow-origin
*
content-length
9308
x-xss-protection
0
server
sffe
2045745
shakingtacklingunpeeled.com/get/ 		6 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://shakingtacklingunpeeled.com/get/2045745?zoneid=2045745&jp=_cl11s398bjtspi4f36omed&nojs=0&abvar=0&febuild=1.0.448&t=0&wcks=1&wgl=1&cnvs=1&os=-60&tz=Europe/Amsterdam&ss=1&ls=1&bb=0&cti=0&fn=3&es=14&ge=2&th=TVQ4BX2xe9UGUHgFwa9KB&plu=PDF%20Viewer::Chrome%20PDF%20Viewer::Chromium%20PDF%20Viewer::Microsoft%20Edge%20PDF%20Viewer::WebKit%20built-in%20PDF&lang=nl-NL&pf=Linux%20x86_64&cd=24&vcv=Intel%20Inc.&vcn=Intel%20Iris%20OpenGL%20Engine&ix=0&x=1600&y=1200&md=0&psu=2zVaDCpaHR0cHM6Ly93d3cuMWd1eTJzbHVncy5jb20v&afid=6306159366327296&dl=10&rtt=100&eclog=0&snc=0&ssc=0&vp=0&im=1&cha=&chb=&chm=false&chmd=&chp=&chv=&de=0&cs=5&bp=1&pid=__clb-2045745_1&freq=0&uf=0
Requested by
Host: shakingtacklingunpeeled.com
URL: https://shakingtacklingunpeeled.com/lv/esnk/2045745/code.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
94.242.247.24 , Luxembourg, ASN7979 (SERVERS-COM, US),
Reverse DNS
Software
nginx /
Resource Hash
28fd1f80f34f593e427985c5f522742836b034a5c0b8aaafb037acdf79f50265

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.1guy2slugs.com/

Response headers

timing-allow-origin
*
x-route-id
config
content-encoding
gzip
accept-ch
sec-ch-ua-wow64,sec-ch-ua-full-version-list,sec-ch-ua,sec-ch-ua-platform,sec-ch-ua-mobile,sec-ch-ua-full-version,sec-ch-ua-platform-version,sec-ch-ua-arch,sec-ch-ua-bitness,sec-ch-ua-model,sec-ch-width,sec-ch-viewport-width,sec-ch-viewport-height,sec-ch-dpr,sec-ch-device-memory,sec-ch-rtt,sec-ch-prefers-color-scheme,sec-ch-prefers-reduced-motion,sec-ch-prefers-reduced-transparency,sec-ch-prefers-contrast,sec-ch-forced-colors,sec-ch-prefers-reduced-data
date
Tue, 24 Dec 2024 21:17:33 GMT
content-type
text/javascript; charset=utf-8
vary
Accept-Encoding
server
nginx
2045743
bankingbloatedcaptive.com/get/ 		5 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://bankingbloatedcaptive.com/get/2045743?zoneid=2045743&jp=_clwoslijg5qmcusd0zcl1e&nojs=0&abvar=0&febuild=1.0.448&t=0&wcks=1&wgl=1&cnvs=1&os=-60&tz=Europe/Amsterdam&ss=1&ls=1&bb=0&cti=0&fn=3&es=14&ge=2&th=TVQ4BX2xe9UGUHgFwa9KB&plu=PDF%20Viewer::Chrome%20PDF%20Viewer::Chromium%20PDF%20Viewer::Microsoft%20Edge%20PDF%20Viewer::WebKit%20built-in%20PDF&lang=nl-NL&pf=Linux%20x86_64&cd=24&vcv=Intel%20Inc.&vcn=Intel%20Iris%20OpenGL%20Engine&ix=0&x=1600&y=1200&md=0&psu=OX5GHXhaHR0cHM6Ly93d3cuMWd1eTJzbHVncy5jb20v&afid=113709878710784&dl=10&rtt=100&eclog=0&snc=0&ssc=0&vp=0&im=1&cha=&chb=&chm=false&chmd=&chp=&chv=&de=0&cs=5&bp=1&pid=__clb-2045743_1&freq=0&uf=0
Requested by
Host: bankingbloatedcaptive.com
URL: https://bankingbloatedcaptive.com/lv/esnk/2045743/code.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
94.242.247.24 , Luxembourg, ASN7979 (SERVERS-COM, US),
Reverse DNS
Software
nginx /
Resource Hash
eef083f7b7f88a2efb53c1a75ed1f9991649525791aedaafff1b4fe290b0421f

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.1guy2slugs.com/

Response headers

timing-allow-origin
*
x-route-id
config
content-encoding
gzip
accept-ch
sec-ch-ua-wow64,sec-ch-ua-full-version-list,sec-ch-ua,sec-ch-ua-platform,sec-ch-ua-mobile,sec-ch-ua-full-version,sec-ch-ua-platform-version,sec-ch-ua-arch,sec-ch-ua-bitness,sec-ch-ua-model,sec-ch-width,sec-ch-viewport-width,sec-ch-viewport-height,sec-ch-dpr,sec-ch-device-memory,sec-ch-rtt,sec-ch-prefers-color-scheme,sec-ch-prefers-reduced-motion,sec-ch-prefers-reduced-transparency,sec-ch-prefers-contrast,sec-ch-forced-colors,sec-ch-prefers-reduced-data
date
Tue, 24 Dec 2024 21:17:33 GMT
content-type
text/javascript; charset=utf-8
vary
Accept-Encoding
server
nginx
2045745
shakingtacklingunpeeled.com/sn/ps/ Frame CAD5
Redirect Chain
  • https://shakingtacklingunpeeled.com/sn/pr/2045745?zoneid=2045745&jp=_cl11s398bjtspi4f36omed&nojs=0&abvar=0&febuild=1.0.448&t=0&wcks=1&wgl=1&cnvs=1&os=-60&tz=Europe/Amsterdam&ss=1&ls=1&bb=0&cti=0&fn...
  • https://coosync.com/sn/c?zoneid=2045745&pid=__clb-2045745_1&freq=0&srp=gcUy7D3TaNHM--YbTjOSQfdFdhuUfexsh0bRJMDioHQmsP263xK8Q1cpYPEmE_4I7dbS1MGPlcOTUUcFq8GtV7NLdrgjIYccakYGZiWOowTo_Vmoh0uCk8keNkE5mA...
  • https://shakingtacklingunpeeled.com/sn/ps/2045745?freq=0&im=1&pid=__clb-2045745_1&puid=0&so=1&wcks=1
0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://shakingtacklingunpeeled.com/sn/ps/2045745?freq=0&im=1&pid=__clb-2045745_1&puid=0&so=1&wcks=1
Requested by
Host: shakingtacklingunpeeled.com
URL: https://shakingtacklingunpeeled.com/lv/esnk/2045745/code.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
94.242.247.24 , Luxembourg, ASN7979 (SERVERS-COM, US),
Reverse DNS
Software
nginx /
Resource Hash

Request headers

Referer
https://www.1guy2slugs.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

accept-ch
sec-ch-ua-wow64,sec-ch-ua-full-version-list,sec-ch-ua,sec-ch-ua-platform,sec-ch-ua-mobile,sec-ch-ua-full-version,sec-ch-ua-platform-version,sec-ch-ua-arch,sec-ch-ua-bitness,sec-ch-ua-model,sec-ch-width,sec-ch-viewport-width,sec-ch-viewport-height,sec-ch-dpr,sec-ch-device-memory,sec-ch-rtt,sec-ch-prefers-color-scheme,sec-ch-prefers-reduced-motion,sec-ch-prefers-reduced-transparency,sec-ch-prefers-contrast,sec-ch-forced-colors,sec-ch-prefers-reduced-data
content-encoding
gzip
content-type
text/html; charset=utf-8
date
Tue, 24 Dec 2024 21:17:33 GMT
server
nginx
timing-allow-origin
*
vary
Accept-Encoding
x-route-id
cookie.user_id.pre_sync.final

Redirect headers

accept-ch
sec-ch-ua-wow64,sec-ch-ua-full-version-list,sec-ch-ua,sec-ch-ua-platform,sec-ch-ua-mobile,sec-ch-ua-full-version,sec-ch-ua-platform-version,sec-ch-ua-arch,sec-ch-ua-bitness,sec-ch-ua-model,sec-ch-width,sec-ch-viewport-width,sec-ch-viewport-height,sec-ch-dpr,sec-ch-device-memory,sec-ch-rtt,sec-ch-prefers-color-scheme,sec-ch-prefers-reduced-motion,sec-ch-prefers-reduced-transparency,sec-ch-prefers-contrast,sec-ch-forced-colors,sec-ch-prefers-reduced-data
content-length
143
content-type
text/html; charset=utf-8
date
Tue, 24 Dec 2024 21:17:33 GMT
location
https://shakingtacklingunpeeled.com/sn/ps/2045745?freq=0&im=1&pid=__clb-2045745_1&puid=0&so=1&wcks=1
server
nginx
timing-allow-origin
*
x-route-id
cookie.user_id.sync
f62b4e9764dc8773e43ebe6953f765d5c8909ef0.gif
cdn.bncloudfl.com/bn/f62/b4e/976/ Frame C6AE 		127 KB
128 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.bncloudfl.com/bn/f62/b4e/976/f62b4e9764dc8773e43ebe6953f765d5c8909ef0.gif
Requested by
Host: www.1guy2slugs.com
URL: https://www.1guy2slugs.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.21.35.62 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a544b7c58fc06025c7b2b01efe063d4696c156e151b69adbd474fd3ac494f65c

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer

Response headers

access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cf-bgj
imgq:100,h2pri
etag
74a541d2091f43b307851f0d4775f2bf
age
95338
cf-cache-status
HIT
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
expires
Wed, 25 Dec 2024 18:48:35 GMT
x-proxy-cache
HIT
cf-polished
origFmt=gif, origSize=247759
x-trans-id
tx2e3e557d233f4821aa4e2-0066cf31b5
alt-svc
h3=":443"; ma=86400
date
Tue, 24 Dec 2024 21:17:33 GMT
content-type
image/webp
x-openstack-request-id
tx2e3e557d233f4821aa4e2-0066cf31b5
vary
Accept
x-cdn-host-id
ds7288,ds5859
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
content-disposition
inline; filename="f62b4e9764dc8773e43ebe6953f765d5c8909ef0.webp"
priority
u=3,i
cache-control
max-age=432000
last-modified
Fri, 24 Nov 2023 15:27:26 GMT
x-timestamp
1700839645.52635
cf-ray
8f739e6e0c9d3661-FRA
accept-ranges
bytes
access-control-allow-origin
*
content-length
130096
server-timing
cfExtPri
server
cloudflare
firebase-messaging-compat.js
www.gstatic.com/firebasejs/10.3.1/ 		37 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/firebasejs/10.3.1/firebase-messaging-compat.js
Requested by
Host: zctyu.nxt-psh.com
URL: https://zctyu.nxt-psh.com/ps/ps.js?id=Bbj8aUic5kq_18ybnBc4XQ
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
216.58.206.67 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lhr35s11-in-f3.1e100.net
Software
sffe /
Resource Hash
21f1d62f222007068c793f0947d98f4ccb7c1595adb68efeb783390fdd8b5522
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.1guy2slugs.com/

Response headers

content-encoding
gzip
age
44064
report-to
{"group":"firebase-js","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/firebase-js"}]}
x-content-type-options
nosniff
expires
Wed, 24 Dec 2025 09:03:09 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Tue, 24 Dec 2024 09:03:09 GMT
last-modified
Thu, 31 Aug 2023 15:20:50 GMT
content-type
text/javascript; charset=UTF-8
vary
Accept-Encoding
cache-control
public, max-age=31536000
cross-origin-opener-policy
same-origin-allow-popups; report-to="firebase-js"
cross-origin-resource-policy
cross-origin
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/firebase-js
accept-ranges
bytes
access-control-allow-origin
*
content-length
9934
x-xss-protection
0
server
sffe
cdd1f368fbb21f7501938076b93a2c1bf45e1c8e.mp4
playhubconnect.com/bn/cdd/1f3/68f/ Frame EFE6 		930 KB
930 KB 		Media
General
Check archive.org
Download Go to
Full URL
https://playhubconnect.com/bn/cdd/1f3/68f/cdd1f368fbb21f7501938076b93a2c1bf45e1c8e.mp4
Requested by
Host: www.1guy2slugs.com
URL: https://www.1guy2slugs.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.14.39 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
17f445f679e332a761edb3d189f958cb42fef3ea6bc772724cb5ea8f24239df4

Request headers

Referer
Accept-Encoding
identity;q=1, *;q=0
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Range
bytes=0-

Response headers

cf-cache-status
HIT
etag
"e6df24372b5208d50c53f1c6b0037279"
age
540292
expires
Fri, 27 Dec 2024 21:17:33 GMT
alt-svc
h3=":443"; ma=86400
server-timing
cfExtPri
date
Tue, 24 Dec 2024 21:17:33 GMT
content-type
video/mp4
last-modified
Wed, 11 Dec 2024 15:12:04 GMT
vary
Accept-Encoding
priority
u=3,i
x-amz-id-2
gSS5H6Szlezi2RsJfV0YjokQlD9G9rpIzPIKHjS5g3EXmcsGbw5tT6JquLJcJ4AVn/K6Lxxh1P0=
cache-control
public, max-age=259200
Content-Range
bytes 0-951861/951862
x-amz-request-id
H0NVEE8THXDK3R8M
cf-ray
8f739e6e29d43667-FRA
access-control-allow-origin
*
Content-Length
951862
server
cloudflare
x-amz-server-side-encryption
AES256
chicken.gif
shakingtacklingunpeeled.com/ Frame C6AE 		43 B
717 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://shakingtacklingunpeeled.com/chicken.gif?z=2045745&pid=__clb-2045745_1&pb=1631e9b157bc22d90fa7a2990e63fd691735082253&pbc=cOClESfwUYMNQWtn&pbu=hL3krHZQ2swNQWtn&psp=GevKL4H31wz2ch2vHUUN8Rc6gOQNqcgFRBfRnZWvCpSxi---C5Q7XmaHrNlKrNQAGXPAjCaZl7BvtO7U13lGFj64Gcvr-V_RuCwGH27mq3FpqeFe4UW-Sntfg8dmVRZVQSBKxLVqYd0AyJRdA_BJpe3wVyPsyNICjMHP0fYU9jzqZtGqGR3elXgLw8mTXNs-hsmAyOnl3AFHydHTyhedsTMUgX8rv9l60JAX6BgoGUmFrpnLMU32Eh6cw4Jf6tsQep0m2jUJaCUjDDUqRVUQ-1gRyOkrA1M_ED9HnwiwsulaFLoqbaDkjkYoo5HFsZglcd7dhntBcuinxpT_Ra8ZAURhe2pZRzNijUgzy78s_wLY4DByIJbdw2VVhRMj-HQfZLpuFt5O07vi6PjL5tq_EwVdlO__Kr2zVrXSsn6UUuPvfGKbwOKg2XPRcQhs7yBvTcwL4Wn3SXQZbNHxRD915D38NFpDLcHREUJNYQrGCRzilYse1dudb3yRyvmVsWGRZFFEFwzuE_NQYiE0-2ICtlG8GwrO7yYu1kKbAVUsyQwI-557N8i62BUCDOBvNx0ay0cWFptgyrpcCL8EjUwR-xkupHFFR0FGRpLKG2phLsktHR4Y5UudxYZcAHGHEtfANYpKaGh41G7ToSNFcNMtqLl6Q8GHpfXPJPpYXd8tL-1QNaunVWKr4JH1q7SzP5h8UFb1oTIqrX6B78jR7hP-NfFhcu4fO2Ulh7g0l29-FdnzY37RbP4fialxpe2Jk_0jMOOJ8ryUxxRI8izB87PO8Rpfydib-OnWXj72pj9Ez_Ltw1mRo8GDYIpi2ibrne6kqFoKf_aKp5dMqQ5GKoDFi3CB5tiw28zoIlkwjgaZFnl9EmviQSKQCzHpI7rWx-LwX6TLuN1TOmsdeOFSgadsRvWwUWiOH8NUsE0nmei5pDFZ-vwE601lWUje8FSdzB0=&freq=0&nojs=0&abvar=0&febuild=1.0.448&t=0&wcks=1&wgl=1&cnvs=1&os=-60&tz=Europe/Amsterdam&ss=1&ls=1&bb=0&cti=0&fn=3&es=14&ge=2&th=TVQ4BX2xe9UGUHgFwa9KB&plu=PDF%20Viewer::Chrome%20PDF%20Viewer::Chromium%20PDF%20Viewer::Microsoft%20Edge%20PDF%20Viewer::WebKit%20built-in%20PDF&lang=nl-NL&pf=Linux%20x86_64&cd=24&vcv=Intel%20Inc.&vcn=Intel%20Iris%20OpenGL%20Engine&ix=0&x=1600&y=1200&md=0&psu=2zVaDCpaHR0cHM6Ly93d3cuMWd1eTJzbHVncy5jb20v&afid=6306159366327296&dl=10&rtt=100&eclog=0&snc=0&ssc=0&tp=288230376151711740&vp=0&im=1&cha=&chb=&chm=false&chmd=&chp=&chv=&nojs=0&abvar=0&febuild=1.0.448&t=0&wcks=1&wgl=1&cnvs=1&os=-60&tz=Europe/Amsterdam&ss=1&ls=1&bb=0&cti=0&fn=3&es=14&ge=2&th=TVQ4BX2xe9UGUHgFwa9KB&plu=PDF%20Viewer::Chrome%20PDF%20Viewer::Chromium%20PDF%20Viewer::Microsoft%20Edge%20PDF%20Viewer::WebKit%20built-in%20PDF&lang=nl-NL&pf=Linux%20x86_64&cd=24&vcv=Intel%20Inc.&vcn=Intel%20Iris%20OpenGL%20Engine&ix=0&x=1600&y=1200&md=0&psu=2zVaDCpaHR0cHM6Ly93d3cuMWd1eTJzbHVncy5jb20v&afid=6306159366327296&dl=10&rtt=100&eclog=0&snc=0&ssc=0&vp=0&im=1&cha=&chb=&chm=false&chmd=&chp=&chv=&de=0&cs=5&pload=247&bp=1
Requested by
Host: www.1guy2slugs.com
URL: https://www.1guy2slugs.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
94.242.247.24 , Luxembourg, ASN7979 (SERVERS-COM, US),
Reverse DNS
Software
nginx /
Resource Hash
44251f61629e2bfeead421241a917f43ad047af351659f01cd8fd937f0417f84

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer

Response headers

x-route-id
stats.impression
content-length
43
date
Tue, 24 Dec 2024 21:17:33 GMT
accept-ch
sec-ch-ua-wow64,sec-ch-ua-full-version-list,sec-ch-ua,sec-ch-ua-platform,sec-ch-ua-mobile,sec-ch-ua-full-version,sec-ch-ua-platform-version,sec-ch-ua-arch,sec-ch-ua-bitness,sec-ch-ua-model,sec-ch-width,sec-ch-viewport-width,sec-ch-viewport-height,sec-ch-dpr,sec-ch-device-memory,sec-ch-rtt,sec-ch-prefers-color-scheme,sec-ch-prefers-reduced-motion,sec-ch-prefers-reduced-transparency,sec-ch-prefers-contrast,sec-ch-forced-colors,sec-ch-prefers-reduced-data
content-type
image/gif
timing-allow-origin
*
server
nginx
chicken.gif
bankingbloatedcaptive.com/ Frame EFE6 		43 B
716 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://bankingbloatedcaptive.com/chicken.gif?z=2045743&pid=__clb-2045743_1&pb=1631e9b157bc22d90fa7a2990e63fd691735082253&pbc=cOClESfwUYMNQWtn&pbu=hL3krHZQ2swNQWtn&psp=ssFj9nA2TzWAs-NFHxddSnhXWB3J_p87ez6we2mAlHhZ-OO4a5rHAAM2mxRbjctGO0ycZnLVTtG3WSRXObzL4BhfCENqM_l9bQElw_mTcs_l3Hmz903XH1tVeeHmMXsW6bS5kI4lHKZ_TTa5JHOJdYNuaf3-kFnnMFiP5uKnmIfNz9ussfgh8ZA6--SmAqXKjWziIe68moPE_NocOkKIpZq-jCycwYYsZY1epN8xBeEQglOZz-_fIk3MHraAvat56XAcrNyN9wsrjUOuxUtl6-fA8BVTa3w5UrSCwctbyBCYWDXrjOs7IhGvmUvi7jqrYpcofe3sjhynz1PckgzTP88r_va3wS1V4yPsPDiv1KH05BSsl2F1RDWpm8MDihDVlNfKLr-3893CumUXY8028k9F8aKlndZn7W3n00FyhMFzWDXkcPS-Q5PIPzQI33VP-lEGCKwyRkbaKeJABd0n_MhRECyJ8-a2jXMD7qPf86fOZkOuDlzBj1EOxb5RvB7PSasoWGpNrxe0bPm2Q0oeXc_hhG95hDKmiB6QCZuNwBVPHOpPleyzENFfVcq4deQoDWK21E5GSx2CYTyi83W90jRpHM7zRt0m1JUhiwGOfrbXHTqCKxRJdC8tWCNBL2SxJbMLXsvmnOdCZFalLEA1I5wccK5UahqvHAd1hGr8-XInXs31ULyFSe-7CFB9R_kqUVg9gxO4Dx8oUNylfCSZSWTeI8fVyr7z5RdHf6URS9y06P4ZkvZWoxDhScwWtOxvFMY_ip0=&freq=0&nojs=0&abvar=0&febuild=1.0.448&t=0&wcks=1&wgl=1&cnvs=1&os=-60&tz=Europe/Amsterdam&ss=1&ls=1&bb=0&cti=0&fn=3&es=14&ge=2&th=TVQ4BX2xe9UGUHgFwa9KB&plu=PDF%20Viewer::Chrome%20PDF%20Viewer::Chromium%20PDF%20Viewer::Microsoft%20Edge%20PDF%20Viewer::WebKit%20built-in%20PDF&lang=nl-NL&pf=Linux%20x86_64&cd=24&vcv=Intel%20Inc.&vcn=Intel%20Iris%20OpenGL%20Engine&ix=0&x=1600&y=1200&md=0&psu=OX5GHXhaHR0cHM6Ly93d3cuMWd1eTJzbHVncy5jb20v&afid=113709878710784&dl=10&rtt=100&eclog=0&snc=0&ssc=0&tp=288230376151711740&vp=0&im=1&cha=&chb=&chm=false&chmd=&chp=&chv=&nojs=0&abvar=0&febuild=1.0.448&t=0&wcks=1&wgl=1&cnvs=1&os=-60&tz=Europe/Amsterdam&ss=1&ls=1&bb=0&cti=0&fn=3&es=14&ge=2&th=TVQ4BX2xe9UGUHgFwa9KB&plu=PDF%20Viewer::Chrome%20PDF%20Viewer::Chromium%20PDF%20Viewer::Microsoft%20Edge%20PDF%20Viewer::WebKit%20built-in%20PDF&lang=nl-NL&pf=Linux%20x86_64&cd=24&vcv=Intel%20Inc.&vcn=Intel%20Iris%20OpenGL%20Engine&ix=0&x=1600&y=1200&md=0&psu=OX5GHXhaHR0cHM6Ly93d3cuMWd1eTJzbHVncy5jb20v&afid=113709878710784&dl=10&rtt=100&eclog=0&snc=0&ssc=0&vp=0&im=1&cha=&chb=&chm=false&chmd=&chp=&chv=&de=0&cs=5&pload=219&bp=1
Requested by
Host: www.1guy2slugs.com
URL: https://www.1guy2slugs.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
94.242.247.24 , Luxembourg, ASN7979 (SERVERS-COM, US),
Reverse DNS
Software
nginx /
Resource Hash
44251f61629e2bfeead421241a917f43ad047af351659f01cd8fd937f0417f84

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer

Response headers

x-route-id
stats.impression
content-length
43
date
Tue, 24 Dec 2024 21:17:33 GMT
accept-ch
sec-ch-ua-wow64,sec-ch-ua-full-version-list,sec-ch-ua,sec-ch-ua-platform,sec-ch-ua-mobile,sec-ch-ua-full-version,sec-ch-ua-platform-version,sec-ch-ua-arch,sec-ch-ua-bitness,sec-ch-ua-model,sec-ch-width,sec-ch-viewport-width,sec-ch-viewport-height,sec-ch-dpr,sec-ch-device-memory,sec-ch-rtt,sec-ch-prefers-color-scheme,sec-ch-prefers-reduced-motion,sec-ch-prefers-reduced-transparency,sec-ch-prefers-contrast,sec-ch-forced-colors,sec-ch-prefers-reduced-data
content-type
image/gif
timing-allow-origin
*
server
nginx
asyncspc.php
personaserver.com/ad/www/delivery/ 		0
0
get_counts
count-server.sharethis.com/v2.0/ 		507 B
871 B 		Script
General
Check archive.org
Download Go to
Full URL
https://count-server.sharethis.com/v2.0/get_counts?cb=window.__sharethis__.cb&url=https%3A%2F%2Fwww.1guy2slugs.com%2F
Requested by
Host: platform-api.sharethis.com
URL: https://platform-api.sharethis.com/js/sharethis.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.173.154.12 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-173-154-12.muc50.r.cloudfront.net
Software
/
Resource Hash
080a21107085301d48ccd336c3fe34385690916b8b10cd211731abb42bef859d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.1guy2slugs.com/

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
cache-control
public, max-age=86400
etag
751509d2c1c148399d89cc1cfa8fb589
age
28009
via
1.1 19392de11dadb918bd6f24e199ea180e.cloudfront.net (CloudFront)
apigw-requestid
DTGc-j9JIAMESkw=
x-cache
Hit from cloudfront
content-length
507
x-amz-cf-id
QVtZ4Qi_nPVf8JjBY247ENP_-qio8imR7d6Z729iALps-aWVhtlDiQ==
date
Tue, 24 Dec 2024 13:30:45 GMT
content-type
text/javascript
x-amz-cf-pop
MUC50-P3
facebook.svg
platform-cdn.sharethis.com/img/ 		301 B
742 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://platform-cdn.sharethis.com/img/facebook.svg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.192.120 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-192-120.muc50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
768d97ec0916217ae82c70aeda3a61b9b0dab344edc4a3240a4f7cd94af00307
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.1guy2slugs.com/

Response headers

etag
"c6e9be45643e197ce1db1d7e24a99adc"
age
1445137
x-cache
Hit from cloudfront
x-amz-cf-id
JUb5AEeJQ8fyit52IfCTZalS8KpKcsluZi47J4xj6aVY6teUI_N21g==
date
Sun, 08 Dec 2024 03:51:58 GMT
content-type
image/svg+xml
vary
accept-encoding
last-modified
Thu, 10 Oct 2019 01:20:12 GMT
strict-transport-security
max-age=31536000; includeSubDomains
cache-control
public, max-age=2592000
via
1.1 ba2af690a81a9d904af393a857344bf4.cloudfront.net (CloudFront)
accept-ranges
bytes
content-length
301
x-amz-cf-pop
MUC50-P1
server
AmazonS3
x-amz-server-side-encryption
AES256
twitter.svg
platform-cdn.sharethis.com/img/ 		368 B
779 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://platform-cdn.sharethis.com/img/twitter.svg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.192.120 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-192-120.muc50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
76ffdc5337cd5a509f15d70767b85a793aead82975d0d86912e1607e963c9aed
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.1guy2slugs.com/

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
vary
accept-encoding
etag
"2deb3d5121d475d195577a70b0a91a0c"
age
231
via
1.1 ba2af690a81a9d904af393a857344bf4.cloudfront.net (CloudFront)
accept-ranges
bytes
x-cache
Hit from cloudfront
content-length
368
x-amz-cf-id
9uD9MV0lxlJow7dlJ7D2QLic4sQNLv6LY_8QpFQM70_NBkl2kjjXQA==
date
Tue, 24 Dec 2024 21:13:45 GMT
content-type
image/svg+xml
last-modified
Fri, 15 Sep 2023 16:58:49 GMT
server
AmazonS3
x-amz-cf-pop
MUC50-P1
x-amz-server-side-encryption
AES256
email.svg
platform-cdn.sharethis.com/img/ 		343 B
786 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://platform-cdn.sharethis.com/img/email.svg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.192.120 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-192-120.muc50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
5f5012132c752db2433e17712d91ef8689f1bc95167b2720e23224c2ae62e009
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.1guy2slugs.com/

Response headers

etag
"5977437466e857c7ddcadda6f6d88c2a"
age
2549497
x-cache
Hit from cloudfront
x-amz-cf-id
CDmc4ZonmE4lv7EmqtOgNw4il6mBjZQafijN-jl4hzsUJlo0btzS8A==
date
Tue, 17 Dec 2024 03:41:46 GMT
content-type
image/svg+xml
vary
accept-encoding
last-modified
Thu, 10 Oct 2019 01:20:12 GMT
strict-transport-security
max-age=31536000; includeSubDomains
cache-control
public, max-age=2592000
via
1.1 ba2af690a81a9d904af393a857344bf4.cloudfront.net (CloudFront)
accept-ranges
bytes
content-length
343
x-amz-cf-pop
MUC50-P1
server
AmazonS3
x-amz-server-side-encryption
AES256
sharethis.svg
platform-cdn.sharethis.com/img/ 		514 B
940 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://platform-cdn.sharethis.com/img/sharethis.svg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.192.120 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-192-120.muc50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
9a83c65bdd0ff9488af9d25720686457ea7295c9c44f9f1d285a0c9ec89bab99
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.1guy2slugs.com/

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
cache-control
public, max-age=2592000
etag
"deecdaa377907db5cc1722fc831670a1"
age
2344564
via
1.1 ba2af690a81a9d904af393a857344bf4.cloudfront.net (CloudFront)
accept-ranges
bytes
x-cache
Hit from cloudfront
content-length
514
x-amz-cf-id
zYOfQzHpc6_dw64YqyZzQnvuCE_D04mK8uEWfXyrYvoryZPF54NRlQ==
date
Wed, 27 Nov 2024 18:01:31 GMT
content-type
image/svg+xml
last-modified
Thu, 10 Oct 2019 01:20:13 GMT
server
AmazonS3
x-amz-cf-pop
MUC50-P1
x-amz-server-side-encryption
AES256
favicon-32x32.png
www.1guy2slugs.com/ 		1 KB
2 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://www.1guy2slugs.com/favicon-32x32.png
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3cb5496f55b026bfcf4fa21308b923d48d10437996deb45e94f9740c6331b335

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.1guy2slugs.com/

Response headers

cf-cache-status
HIT
etag
"663a7e76-4c4"
age
6046679
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=5TH8i0W7y0MAIuvkm4iNpJa9RzdFX9RoX8i9qntWNfEzqf83xAKK5yFnYptRUbgVKTRlP7pjTWZDvmIrnS1o8Vfs8ISo2o5X2CfqkAXwSRb0D9B4YD0ZvCkWN4kld%2FTAKtdxCZM%3D"}],"group":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=35415&min_rtt=33197&rtt_var=1278&sent=618&recv=130&lost=0&retrans=0&sent_bytes=700992&recv_bytes=15372&delivery_rate=33341&cwnd=261600&unsent_bytes=0&cid=ca02f33bcf2c1164&ts=1478&x=1", cfExtPri, cfHdrFlush;dur=0
date
Tue, 24 Dec 2024 21:17:34 GMT
content-type
image/png
last-modified
Tue, 07 May 2024 19:18:14 GMT
vary
Accept-Encoding
priority
u=1,i
cache-control
public, max-age=31536000
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
8f739e6f8e1e18ff-FRA
accept-ranges
bytes
content-length
1220
server
cloudflare
whob.gif
bankingbloatedcaptive.com/ Frame EFE6 		43 B
883 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://bankingbloatedcaptive.com/whob.gif?z=2045743&pid=__clb-2045743_1&pb=1631e9b157bc22d90fa7a2990e63fd691735082253&pbc=cOClESfwUYMNQWtn&pbu=hL3krHZQ2swNQWtn&psp=ssFj9nA2TzWAs-NFHxddSnhXWB3J_p87ez6we2mAlHhZ-OO4a5rHAAM2mxRbjctGO0ycZnLVTtG3WSRXObzL4BhfCENqM_l9bQElw_mTcs_l3Hmz903XH1tVeeHmMXsW6bS5kI4lHKZ_TTa5JHOJdYNuaf3-kFnnMFiP5uKnmIfNz9ussfgh8ZA6--SmAqXKjWziIe68moPE_NocOkKIpZq-jCycwYYsZY1epN8xBeEQglOZz-_fIk3MHraAvat56XAcrNyN9wsrjUOuxUtl6-fA8BVTa3w5UrSCwctbyBCYWDXrjOs7IhGvmUvi7jqrYpcofe3sjhynz1PckgzTP88r_va3wS1V4yPsPDiv1KH05BSsl2F1RDWpm8MDihDVlNfKLr-3893CumUXY8028k9F8aKlndZn7W3n00FyhMFzWDXkcPS-Q5PIPzQI33VP-lEGCKwyRkbaKeJABd0n_MhRECyJ8-a2jXMD7qPf86fOZkOuDlzBj1EOxb5RvB7PSasoWGpNrxe0bPm2Q0oeXc_hhG95hDKmiB6QCZuNwBVPHOpPleyzENFfVcq4deQoDWK21E5GSx2CYTyi83W90jRpHM7zRt0m1JUhiwGOfrbXHTqCKxRJdC8tWCNBL2SxJbMLXsvmnOdCZFalLEA1I5wccK5UahqvHAd1hGr8-XInXs31ULyFSe-7CFB9R_kqUVg9gxO4Dx8oUNylfCSZSWTeI8fVyr7z5RdHf6URS9y06P4ZkvZWoxDhScwWtOxvFMY_ip0=&freq=0&nojs=0&abvar=0&febuild=1.0.448&t=0&wcks=1&wgl=1&cnvs=1&os=-60&tz=Europe/Amsterdam&ss=1&ls=1&bb=0&cti=0&fn=3&es=14&ge=2&th=TVQ4BX2xe9UGUHgFwa9KB&plu=PDF%20Viewer::Chrome%20PDF%20Viewer::Chromium%20PDF%20Viewer::Microsoft%20Edge%20PDF%20Viewer::WebKit%20built-in%20PDF&lang=nl-NL&pf=Linux%20x86_64&cd=24&vcv=Intel%20Inc.&vcn=Intel%20Iris%20OpenGL%20Engine&ix=0&x=1600&y=1200&md=0&psu=OX5GHXhaHR0cHM6Ly93d3cuMWd1eTJzbHVncy5jb20v&afid=113709878710784&dl=10&rtt=100&eclog=0&snc=0&ssc=1&tp=288230376151711740&vp=0&im=1&cha=&chb=&chm=false&chmd=&chp=&chv=&nojs=0&abvar=0&febuild=1.0.448&t=0&wcks=1&wgl=1&cnvs=1&os=-60&tz=Europe/Amsterdam&ss=1&ls=1&bb=0&cti=0&fn=3&es=14&ge=2&th=TVQ4BX2xe9UGUHgFwa9KB&plu=PDF%20Viewer::Chrome%20PDF%20Viewer::Chromium%20PDF%20Viewer::Microsoft%20Edge%20PDF%20Viewer::WebKit%20built-in%20PDF&lang=nl-NL&pf=Linux%20x86_64&cd=24&vcv=Intel%20Inc.&vcn=Intel%20Iris%20OpenGL%20Engine&ix=0&x=1600&y=1200&md=0&psu=OX5GHXhaHR0cHM6Ly93d3cuMWd1eTJzbHVncy5jb20v&afid=113709878710784&dl=10&rtt=100&eclog=0&snc=0&ssc=0&vp=0&im=1&cha=&chb=&chm=false&chmd=&chp=&chv=&de=0&cs=5&pload=219&bp=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
94.242.247.24 , Luxembourg, ASN7979 (SERVERS-COM, US),
Reverse DNS
Software
nginx /
Resource Hash
44251f61629e2bfeead421241a917f43ad047af351659f01cd8fd937f0417f84

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer

Response headers

x-route-id
stats.banner.view
content-length
43
date
Tue, 24 Dec 2024 21:17:34 GMT
accept-ch
sec-ch-ua-wow64,sec-ch-ua-full-version-list,sec-ch-ua,sec-ch-ua-platform,sec-ch-ua-mobile,sec-ch-ua-full-version,sec-ch-ua-platform-version,sec-ch-ua-arch,sec-ch-ua-bitness,sec-ch-ua-model,sec-ch-width,sec-ch-viewport-width,sec-ch-viewport-height,sec-ch-dpr,sec-ch-device-memory,sec-ch-rtt,sec-ch-prefers-color-scheme,sec-ch-prefers-reduced-motion,sec-ch-prefers-reduced-transparency,sec-ch-prefers-contrast,sec-ch-forced-colors,sec-ch-prefers-reduced-data
content-type
image/gif
timing-allow-origin
*
server
nginx
ippfeed2
zctyu.ajscdn.com/ 		2 KB
3 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://zctyu.ajscdn.com/ippfeed2?id=5TAcFNeuAEKJa2JqeuLiYw&p=https%3A//www.1guy2slugs.com/&nrid=7b3c23146361c4c886185b480a56b6e7
Requested by
Host: zctyu.ujscdn.com
URL: https://zctyu.ujscdn.com/ipp.js?id=5TAcFNeuAEKJa2JqeuLiYw&sub_id=
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
bd1f0fd1205e9deba25688059c881026efb2c72bba5d20a5c45e65ca0811ceea

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
inppu
800307ae-7054-438d-82cd-b9714027ab5b
Referer
https://www.1guy2slugs.com/

Response headers

content-encoding
gzip
cf-cache-status
DYNAMIC
inppu
800307ae-7054-438d-82cd-b9714027ab5b
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=VN2s1HhUfzLJ6VCt4wd74PaFVoKpsEUY6gO28qZAuuylHxmQizYjb3DJRLTWfKktrqM2dAlU43kq3e2jB1r2e%2FWaJ2u4hcBfIeu%2BUK1wr1y0z881WGg9VvIn9e2k3nxbe4BJ"}],"group":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=34160&min_rtt=33710&rtt_var=5667&sent=10&recv=9&lost=0&retrans=0&sent_bytes=2260&recv_bytes=4301&delivery_rate=470&cwnd=12000&unsent_bytes=0&cid=65b28bab18a1a114&ts=167&x=1", cfExtPri, cfHdrFlush;dur=0
date
Tue, 24 Dec 2024 21:17:36 GMT
content-type
application/json; charset=utf-8
vary
Origin, accept-encoding
priority
u=1,i
cache-control
max-age=0, no-cache, no-store, must-revalidate
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
accept-ch
Sec-CH-UA, Sec-CH-UA-Platform, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version
access-control-allow-credentials
true
referrer-policy
no-referrer
cf-ray
8f739e80093e1e4d-FRA
access-control-allow-origin
https://www.1guy2slugs.com
server
cloudflare
ippfeed2
zctyu.ajscdn.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://zctyu.ajscdn.com/ippfeed2?id=5TAcFNeuAEKJa2JqeuLiYw&p=https%3A//www.1guy2slugs.com/&nrid=7b3c23146361c4c886185b480a56b6e7
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
inppu
Access-Control-Request-Method
GET
Origin
https://www.1guy2slugs.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
inppu
access-control-allow-methods
GET
access-control-allow-origin
https://www.1guy2slugs.com
access-control-max-age
86400
alt-svc
h3=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
8f739e7f5df1362b-FRA
date
Tue, 24 Dec 2024 21:17:36 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
priority
u=1,i
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=DV33KIiPu%2FACWAkqVC%2Bba1F2YfD1mSTTMKibgtjsr2syJaq87cbffygutj5Ka0FUXcFge3uQ5aRiCqIKjwt3l2Kqkl5XTs%2FQaU2bL5CW%2Fmq0Syb8Txg0xGbJJ5ns8MoRngn%2B"}],"group":"cf-nel","max_age":604800}
server
cloudflare
server-timing
cfL4;desc="?proto=QUIC&rtt=69042&min_rtt=69037&rtt_var=25900&sent=11&recv=7&lost=0&retrans=0&sent_bytes=4208&recv_bytes=4369&delivery_rate=48724&cwnd=12000&unsent_bytes=0&cid=7ab0b844025a3224&ts=98&x=1" cfExtPri cfHdrFlush;dur=0
x-nginx
filtered
26e95e80-c46d-4a2c-b65d-88b78bc43d06.png
static.imghst-de.com/ Frame AC0A
Redirect Chain
  • https://img.bnrtrk.com/trk?s1=QgmRxgdbtwnpndqnSGfpWmMRrEKOqWLskp48lKDmHruXGdS0dKLbuFuTDA1xbtrZAhI1jYvI26Tg%2FmS50AapgASWAejMDsTKeqrcePaFMa0%2FgSthfYlmby91mIGJTFnvhnscntT0gQHISKp%2FtBwwf0LO7e4sRxacX...
  • https://static.imghst-de.com/26e95e80-c46d-4a2c-b65d-88b78bc43d06.png
2 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.imghst-de.com/26e95e80-c46d-4a2c-b65d-88b78bc43d06.png
Protocol
H2
Server
104.26.2.30 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c8374348b29d396191a375e72b05d8e5ce6526d19f03988f56b5d39719a661d8

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer

Response headers

cf-cache-status
HIT
etag
"66ccfb2b-7c2"
age
4832
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Ofi5T9JCWNthHxJNrhofGlPVtuFHtjtujQG37VUhOk8NEKVoYYjGp9bVXRoPatMEn0QEZ%2BzT1SKZ44apwZ2Kq7o64avth8q0TGOiD%2FFpgIS5VTdwDv7GNv4Bvohqbg38IoxJES9q"}],"group":"cf-nel","max_age":604800}
server-timing
cfL4;desc="?proto=TCP&rtt=6942&min_rtt=6893&rtt_var=1134&sent=5&recv=9&lost=0&retrans=0&sent_bytes=3989&recv_bytes=2270&delivery_rate=627383&cwnd=253&unsent_bytes=0&cid=3fe95a177670e1f5&ts=112&x=0"
date
Tue, 24 Dec 2024 21:17:37 GMT
content-type
image/png
last-modified
Mon, 26 Aug 2024 22:01:15 GMT
vary
Accept-Encoding
cache-control
max-age=691200
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
8f739e82de11198f-FRA
accept-ranges
bytes
access-control-allow-origin
*
content-length
1986
server
cloudflare

Redirect headers

cache-control
max-age=0, no-cache, no-store, must-revalidate
location
https://static.imghst-de.com/26e95e80-c46d-4a2c-b65d-88b78bc43d06.png
cf-cache-status
DYNAMIC
accept-ch
Sec-CH-UA, Sec-CH-UA-Platform, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=DuCmi4G4vae8CGZrveq57m03dC8si68QdUqJNRkKZ27N%2F1HGZbrz00bPk8%2FtHVP4L5YMZ2UtIkc29mStkv8jF%2FTKH6nQzCRHG6rAi24KK%2BQkend6rRfhcRxyTWjfPdQuxw%3D%3D"}],"group":"cf-nel","max_age":604800}
referrer-policy
no-referrer
cf-ray
8f739e818f04bbda-FRA
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=42712&min_rtt=42672&rtt_var=16030&sent=11&recv=7&lost=0&retrans=0&sent_bytes=4202&recv_bytes=4962&delivery_rate=75164&cwnd=12000&unsent_bytes=0&cid=8dea132838903875&ts=73&x=1", cfExtPri, cfHdrFlush;dur=0
content-length
0
date
Tue, 24 Dec 2024 21:17:36 GMT
server
cloudflare
priority
u=1,i

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
invalid
URL
chrome-extension://invalid/
Domain
invalid
URL
chrome-extension://invalid/
Domain
invalid
URL
chrome-extension://invalid/
Domain
invalid
URL
chrome-extension://invalid/
Domain
personaserver.com
URL
https://personaserver.com/ad/www/delivery/asyncspc.php?zones=2%7C3%7C4%7C1&prefix=revive-0-&loc=https%3A%2F%2Fwww.1guy2slugs.com%2F

Verdicts & Comments Add Verdict or Comment

51 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 2045743__cngfg__d object| 2045743__cngfg__r function| 2045743__cngfg__eu function| hikam object| 2045745__cngfg__d object| 2045745__cngfg__r function| 2045745__cngfg__eu function| fqhiqj function| $ function| jQuery object| 2045743__cngfg object| 2045745__cngfg object| jQuery111101353513657301264 object| classie function| detectmob function| lock function| no_flash function| getURLParameter function| gtag object| dataLayer function| a0_0x3cf5 function| __showPush function| a400 boolean| zfgcodeloadedbanner number| onclHspc object| oncontextstore object| RmVlZEZyZXFDYXBTdG9yYWdl string| UGVyc2lzdFN0b3JhZ2U object| st object| __stdos__ boolean| tpcCookiesEnabledStatus function| __sharethis__docReady object| __sharethis__ object| ua_fields object| google_tag_manager object| google_tag_data function| onYouTubeIframeAPIReady object| gaGlobal object| config number| cs__param function| _cl11s398bjtspi4f36omed function| _clwoslijg5qmcusd0zcl1e object| oncltpc number| puidSyncFrame boolean| zfgloadedbanner object| reviveAsync object| firebase object| elements

30 Cookies

Domain/Path Name / Value
zctyu.nxt-psh.com/ Name: __psu
Value: b08ecea8-344f-4701-bbb2-99d50afec0a8
zctyu.ujscdn.com/ Name: __inppu
Value: 800307ae-7054-438d-82cd-b9714027ab5b
www.1guy2slugs.com/ Name: __inppu
Value: 800307ae-7054-438d-82cd-b9714027ab5b
www.1guy2slugs.com/ Name: UGVyc2lzdFN0b3JhZ2U
Value: %7B%7D
.1guy2slugs.com/ Name: _ga_YXKKZ3ZRF1
Value: GS1.1.1735075053.1.0.1735075053.0.0.0
.1guy2slugs.com/ Name: _ga
Value: GA1.1.2123854600.1735075054
zctyu.ext-jscdn.com/ Name: __psu
Value: 48c56f74-3d8e-4d96-aff2-95a3dd9afc91
shakingtacklingunpeeled.com/ Name: cart
Value: 1
shakingtacklingunpeeled.com/ Name: cart_p
Value: 2
bankingbloatedcaptive.com/ Name: cart
Value: 1
bankingbloatedcaptive.com/ Name: cart_p
Value: 2
shakingtacklingunpeeled.com/ Name: CHCK
Value: 1
shakingtacklingunpeeled.com/ Name: UID
Value: 241224161734ccf39cd0b14028add24ba2fe
bankingbloatedcaptive.com/ Name: CHCK
Value: 1
bankingbloatedcaptive.com/ Name: UID
Value: 2412241617309eedfbe22344478db3c0dc5e
www.1guy2slugs.com/ Name: bnState_2045745
Value: {"impressions":1,"delayStarted":0}
www.1guy2slugs.com/ Name: bnState_2045743
Value: {"impressions":1,"delayStarted":0}
shakingtacklingunpeeled.com/ Name: BCAI
Value: ACmoZwAAAAAAAAAB
shakingtacklingunpeeled.com/ Name: BMI
Value: ADkDbgAAAAAAAAAB
shakingtacklingunpeeled.com/ Name: BCRI
Value: ONx1SAAAAAAAAAAB
bankingbloatedcaptive.com/ Name: BCAI
Value: ADE7dwAAAAAAAAAB
bankingbloatedcaptive.com/ Name: BMI
Value: AEMtfgAAAAAAAAAB
bankingbloatedcaptive.com/ Name: BCRI
Value: hKgdZwAAAAAAAAAB
bankingbloatedcaptive.com/ Name: BCAV
Value: ADE7dwAAAAAAAAAB
bankingbloatedcaptive.com/ Name: BMV
Value: AEMtfgAAAAAAAAAB
bankingbloatedcaptive.com/ Name: BCRV
Value: hKgdZwAAAAAAAAAB
bankingbloatedcaptive.com/ Name: CRICAP
Value: hKgdZwAAAAAAAAAB
bankingbloatedcaptive.com/ Name: CRIBLOCK
Value: hKgdZwAAAABnayDQ
zctyu.ajscdn.com/ Name: __inppu
Value: 800307ae-7054-438d-82cd-b9714027ab5b
www.1guy2slugs.com/ Name: inpp_8JM4_QUG2
Value: 1

12 Console Messages

Source Level URL
Text
rendering warning URL: https://www.1guy2slugs.com/
Message:
[GroupMarkerNotSet(crbug.com/242999)!:A0603601943E0000]Automatic fallback to software WebGL has been deprecated. Please use the --enable-unsafe-swiftshader flag to opt in to lower security guarantees for trusted content.
rendering warning URL: https://www.1guy2slugs.com/
Message:
[GroupMarkerNotSet(crbug.com/242999)!:A070E001943E0000]Automatic fallback to software WebGL has been deprecated. Please use the --enable-unsafe-swiftshader flag to opt in to lower security guarantees for trusted content.
rendering warning URL: https://www.1guy2slugs.com/
Message:
[GroupMarkerNotSet(crbug.com/242999)!:A080920D943E0000]Automatic fallback to software WebGL has been deprecated. Please use the --enable-unsafe-swiftshader flag to opt in to lower security guarantees for trusted content.
rendering warning URL: https://www.1guy2slugs.com/
Message:
[GroupMarkerNotSet(crbug.com/242999)!:A040E001943E0000]Automatic fallback to software WebGL has been deprecated. Please use the --enable-unsafe-swiftshader flag to opt in to lower security guarantees for trusted content.
network error URL: chrome-extension://invalid/
Message:
Failed to load resource: net::ERR_BLOCKED_BY_CLIENT
network error URL: chrome-extension://invalid/
Message:
Failed to load resource: net::ERR_BLOCKED_BY_CLIENT
network error URL: chrome-extension://invalid/
Message:
Failed to load resource: net::ERR_BLOCKED_BY_CLIENT
network error URL: chrome-extension://invalid/
Message:
Failed to load resource: net::ERR_BLOCKED_BY_CLIENT
security warning URL: https://shakingtacklingunpeeled.com/lv/esnk/2045745/code.js(Line 17)
Message:
An iframe which has both allow-scripts and allow-same-origin for its sandbox attribute can escape its sandboxing.
security warning URL: https://bankingbloatedcaptive.com/lv/esnk/2045743/code.js(Line 17)
Message:
An iframe which has both allow-scripts and allow-same-origin for its sandbox attribute can escape its sandboxing.
javascript error URL: https://www.1guy2slugs.com/
Message:
Access to XMLHttpRequest at 'https://personaserver.com/ad/www/delivery/asyncspc.php?zones=2%7C3%7C4%7C1&prefix=revive-0-&loc=https%3A%2F%2Fwww.1guy2slugs.com%2F' from origin 'https://www.1guy2slugs.com' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network error URL: https://personaserver.com/ad/www/delivery/asyncspc.php?zones=2%7C3%7C4%7C1&prefix=revive-0-&loc=https%3A%2F%2Fwww.1guy2slugs.com%2F
Message:
Failed to load resource: net::ERR_FAILED

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

1guy2slugs.com
bankingbloatedcaptive.com
buttons-config.sharethis.com
cdn.bncloudfl.com
cdnjs.cloudflare.com
coosync.com
count-server.sharethis.com
fonts.googleapis.com
fonts.gstatic.com
img.bnrtrk.com
invalid
l.sharethis.com
maxcdn.bootstrapcdn.com
personaserver.com
platform-api.sharethis.com
platform-cdn.sharethis.com
playhubconnect.com
region1.google-analytics.com
shakingtacklingunpeeled.com
static.imghst-de.com
www.1guy2slugs.com
www.googletagmanager.com
www.gstatic.com
zctyu.ajscdn.com
zctyu.ext-jscdn.com
zctyu.nxt-psh.com
zctyu.ujscdn.com
invalid
personaserver.com
104.17.24.14
104.18.11.207
104.18.14.39
104.21.24.29
104.21.35.62
104.21.9.70
104.26.2.30
142.250.184.200
157.245.14.184
172.217.18.3
172.67.194.119
18.173.154.12
18.173.187.86
18.66.192.120
188.114.96.3
188.114.97.3
212.117.190.217
216.239.34.36
216.58.206.67
216.58.212.138
52.29.92.241
54.230.228.32
94.242.247.24
080a21107085301d48ccd336c3fe34385690916b8b10cd211731abb42bef859d
0dc3d97540a131d5c0ac6ce076638161ba4f4cb087f0a6a1bd99b7f28055fb3e
0f8055fdfa31d93e282bd0a84caa95e7532e61f6448dd53337307bf89ed8e0af
145287b36883dd3061ca7aa9229a8fa9ace2cccd50e0382b4b6201f3916b57c5
17f445f679e332a761edb3d189f958cb42fef3ea6bc772724cb5ea8f24239df4
1b769659a90f6aaa2fb8b37d6019fd5a30762eb755a023c3d1847df2cd014c5a
1f4513a435d6a3047d20a50c1e7d4263de42146c74be227f774b5e82e6357e75
21f1d62f222007068c793f0947d98f4ccb7c1595adb68efeb783390fdd8b5522
2595496fe48df6fcf9b1bc57c29a744c121eb4dd11566466bc13d2e52e6bbcc8
28fd1f80f34f593e427985c5f522742836b034a5c0b8aaafb037acdf79f50265
378d3cea57efa39c632402666131c4b3847da8681d89a777e7593ce501a1af76
3cb5496f55b026bfcf4fa21308b923d48d10437996deb45e94f9740c6331b335
44251f61629e2bfeead421241a917f43ad047af351659f01cd8fd937f0417f84
5a4a5359110a773bd154da94c48ffd6a6233a29dfd5a9314555f5ae6c3e47459
5e7788851443d65c759000e9ae6a20b751ae40ff865c5ebe8af99cb521363b2e
5f5012132c752db2433e17712d91ef8689f1bc95167b2720e23224c2ae62e009
60fc7824397bca2515a17ade7c97a4f5122c1b2b6dfa218e133749e3c00a8321
62f3f809487194fcc55a3ebd88811a604ae496027bb425d4ebd15d9ae1921945
638e0a9696a1287622b2881fce4aa2450101d9f7e29cb7811fb4c737a4e7e8e0
66db52b456efe7e29cec11fa09421d03cb09e37ed1b567307ec0444fd605ce31
6c5c917781b8de3fb0adeb2164d9835c7af890745ae9691f242496ae80d8b434
6ea22da24d8339bc9b0b43809294be93d862607c573646b067a297497e7fdaab
717f6bb5f6cc69c444f54376a72dee0ca7968b2a12e7c9475247ec85c0e75a53
768d97ec0916217ae82c70aeda3a61b9b0dab344edc4a3240a4f7cd94af00307
76ffdc5337cd5a509f15d70767b85a793aead82975d0d86912e1607e963c9aed
87981e8062814ca279922ee55276ad14bbdc29649f98e34b2d83c3afb5052a51
8f592f1eb4bb0410cc4ec3b044f9d1121da2c9ef7ed0b284bdb22f212961c1cb
918b7dc3e2e2d015c16ce08b57bcb64d2253bafc1707658f361e72865498e537
939dde291d2b2c099ebadda6e2ee49c6fe3df9fe5e84ca69b9e7c3529bf97443
94ccb6122d7e80c0460910bda8af5f5acefe86ea1c9616a4e6124728e8f7f5d7
9837fd1dd3b89ca722cfcfb0f9ad9a1f52cf2d142a971465fb0a068350617e8d
98d32b00fca86fc6994df33302e051a6ad03461a43ff5797d5b10ace4cf4772f
9a61274f554a947bca8d16b24cfe44192691951358dc714224247cc9727101f7
9a83c65bdd0ff9488af9d25720686457ea7295c9c44f9f1d285a0c9ec89bab99
9c143b0d49c00d71de9414d8461e0c25b400fcff8fa9c7386ecc10d64a69b309
a202b2051ea9810cd9ba592b3f9418a89e2062f5c185e29e288080b28eb64fe5
a544b7c58fc06025c7b2b01efe063d4696c156e151b69adbd474fd3ac494f65c
ac3f3a757bfbfc9d92bc8f5e6e6362e5d4ae41dbf3cebacdda9b8f71afc82e5b
ac70158e8b3c49236ad10a9eed64c6f00c96f2421fafd062c300e4aca17c9724
aeba9a76702847da92d2712f1f3443f841b62f7cef71dc34ca57d5c4b30e2f27
af0bb8b7a4d64839b86f8ee7fd4c1e9e0cd914e00e73006921ebace3cdc24047
b6b5c046ce4835b4ac07d28739436bcc80b7afd8fb93c7838a8ea7b34d0f02e4
b769324e0921f9f649611113e65f528ebae5e140da8a7e63c5d6ea7bc7a33bc0
bd1f0fd1205e9deba25688059c881026efb2c72bba5d20a5c45e65ca0811ceea
c447dd7677b419db7b21dbdfc6277c7816a913ffda76fd2e52702df538de0e49
c44ecd29e64831e87b0e5e0c6ece9da64d647e7578974e1f0555fb771fe2a3de
c4ea9310d72e37fe799d48ae3fc43dcb53e3db7c4ae13763d4c5b893f6ceb64b
c8374348b29d396191a375e72b05d8e5ce6526d19f03988f56b5d39719a661d8
d692a67352a3dfa80010c86a62761cfff05c0b1086618106a8576cc45a6a8115
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
eb14baeac955bb11e33cd7fd3fd2f698cf20db1b450325f45ea843b6cdc82366
eef083f7b7f88a2efb53c1a75ed1f9991649525791aedaafff1b4fe290b0421f
fdc9964050bfa24c27a3c76c6791b3674292a5f352cbc83d7a4dc49595bc3fb1