www.bing.com Open in urlscan Pro
23.44.201.20 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://www.service.sexyclicks.com/
Effective URL:
https://www.bing.com/news
Submission: On December 12 via automatic, source certstream-suspicious (December 12th 2024, 4:21:52 am UTC) — Scanned from US

Summary HTTP 111 Redirects Behaviour Indicators

Summary

This website contacted 8 IPs in 1 countries across 9 domains to perform 111 HTTP transactions. The main IP is 23.44.201.20, located in and belongs to . The main domain is www.bing.com.
TLS certificate: Issued by Microsoft Azure ECC TLS Issuing CA 04 on June 24th 2024. Valid for: a year.

This is the only time www.bing.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
4	75.2.18.233 75.2.18.233	16509 (AMAZON-02) (AMAZON-02)
1	13.33.251.117 13.33.251.117	16509 (AMAZON-02) (AMAZON-02)
1 2	3.231.99.165 3.231.99.165	14618 (AMAZON-AES) (AMAZON-AES)
1 1	147.182.253.216 147.182.253.216	14061 (DIGITALOC...) (DIGITALOCEAN-ASN)
1 1	172.67.186.42 172.67.186.42	13335 (CLOUDFLAR...) (CLOUDFLARENET)
67	172.67.190.135 172.67.190.135	13335 (CLOUDFLAR...) (CLOUDFLARENET)
4	142.250.65.227 142.250.65.227	15169 (GOOGLE) (GOOGLE)
23	23.44.201.20 23.44.201.20	() ()
5	23.44.201.31 23.44.201.31	() ()
111	8

4 75.2.18.233 (United States)

ASN16509 (AMAZON-02, US)
PTR: ac1a2ad24832d38a2.awsglobalaccelerator.com

www.service.sexyclicks.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.33.251.117 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-33-251-117.jfk50.r.cloudfront.net

d38psrni17bvxu.cloudfront.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 3.231.99.165 (Ashburn, United States) 1 redirects

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-231-99-165.compute-1.amazonaws.com

longi-cba.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 147.182.253.216 (Santa Clara, United States) 1 redirects

ASN14061 (DIGITALOCEAN-ASN, US)

main.proffering.xyz	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 172.67.186.42 (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

qwfuu.altaircastor.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

67 172.67.190.135 (United States)

ASN13335 (CLOUDFLARENET, US)

qwfuu.topads-site.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
pa.topads-site.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 142.250.65.227 (Plainview, United States)

ASN15169 (GOOGLE, US)
PTR: lga25s73-in-f3.1e100.net

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

23 23.44.201.20 (None, )

ASN- ()

www.bing.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
r.bing.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 23.44.201.31 (None, )

ASN- ()

r.bing.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
67	topads-site.com qwfuu.topads-site.com pa.topads-site.com	807 KB
28	bing.com www.bing.com r.bing.com	302 KB
4	gstatic.com www.gstatic.com	19 KB
4	sexyclicks.com www.service.sexyclicks.com	2 KB
2	longi-cba.com 1 redirects longi-cba.com	4 KB
1	altaircastor.com 1 redirects qwfuu.altaircastor.com	1 KB
1	proffering.xyz 1 redirects main.proffering.xyz	713 B
1	cloudfront.net d38psrni17bvxu.cloudfront.net	1 KB
0	msn.com Failed ads.msn.com Failed
111	9

	Domain	Requested by
47	qwfuu.topads-site.com	longi-cba.com qwfuu.topads-site.com
20	pa.topads-site.com	qwfuu.topads-site.com pa.topads-site.com
19	www.bing.com	pa.topads-site.com www.bing.com
9	r.bing.com	www.bing.com
4	www.gstatic.com	qwfuu.topads-site.com
4	www.service.sexyclicks.com	d38psrni17bvxu.cloudfront.net www.service.sexyclicks.com
2	longi-cba.com	1 redirects www.service.sexyclicks.com
1	qwfuu.altaircastor.com	1 redirects
1	main.proffering.xyz	1 redirects
1	d38psrni17bvxu.cloudfront.net	www.service.sexyclicks.com
0	ads.msn.com Failed	www.bing.com
111	11

This site contains no links.

Subject Issuer	Validity	Valid
www.service.sexyclicks.com R10	`2024-12-12` - `2025-03-12`	3 months	crt.sh
*.cloudfront.net Amazon RSA 2048 M01	`2024-07-30` - `2025-07-03`	a year	crt.sh
longi-cba.com Amazon RSA 2048 M03	`2024-11-26` - `2025-12-25`	a year	crt.sh
topads-site.com WE1	`2024-12-06` - `2025-03-06`	3 months	crt.sh
*.gstatic.com WR2	`2024-11-04` - `2025-01-27`	3 months	crt.sh
r.bing.com Microsoft Azure ECC TLS Issuing CA 04	`2024-06-24` - `2025-06-19`	a year	crt.sh

This page contains 1 frames:

Primary Page: https://www.bing.com/news
Frame ID: 89DEC54535F25B90571D916788C80991
Requests: 137 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page URL History Show full URLs

https://www.service.sexyclicks.com/ Page URL
https://longi-cba.com/zclkvisitor/97e41664-b840-11ef-89e3-0afff75116cd/1304ac30-8585-11eb-af9e-0a5... Page URL
https://longi-cba.com/zclkredirect?visitid=97e41664-b840-11ef-89e3-0afff75116cd&type=js&browserWid... HTTP 302
https://main.proffering.xyz/15GUIL?zoneid=vitellary-fish&campaignid=2471437&target=yankee-gun-v0550m5949... HTTP 302
https://qwfuu.altaircastor.com/?pl=W7-lkuObDEWXzHM4LgqUhA&tbd=864000&sub_id=parkdom&click_id=f1a0de4ffda52f... HTTP 302
https://qwfuu.topads-site.com/fdze4mod1i/?pl=W7-lkuObDEWXzHM4LgqUhA&sm=phn&click_id=f1a0de4ffda52f16145430... Page URL
https://qwfuu.topads-site.com/fdze4mod1i/?pl=W7-lkuObDEWXzHM4LgqUhA&sm=phn&click_id=f1a0de4ffda52f16145430... Page URL
https://pa.topads-site.com/fdze4mod1i/?pl=W7-lkuObDEWXzHM4LgqUhA&sm=phn&click_id=f1a0de4ffda52f16145430... Page URL
https://www.bing.com/news Page URL

Detected technologies

Firebase (Databases) Expand

Overall confidence: 100%
Detected patterns

/firebasejs/([\d.]+)/firebase

Page Statistics

111
Requests

95 %
HTTPS

0 %
IPv6

9
Domains

11
Subdomains

8
IPs

1
Countries

1136 kB
Transfer

2281 kB
Size

8
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://www.service.sexyclicks.com/ Page URL
https://longi-cba.com/zclkvisitor/97e41664-b840-11ef-89e3-0afff75116cd/1304ac30-8585-11eb-af9e-0a51339b19df?campaignid=201c7200-9877-11ef-a47d-12832fc4c381 Page URL
https://longi-cba.com/zclkredirect?visitid=97e41664-b840-11ef-89e3-0afff75116cd&type=js&browserWidth=1600&browserHeight=1200&iframeDetected=false&webdriverDetected=false&gpu=Intel%20Inc.%3B%20Intel%20Iris%20OpenGL%20Engine&timezone=UTC-10%3A00&timezoneName=Pacific%2FHonolulu HTTP 302
https://main.proffering.xyz/15GUIL?zoneid=vitellary-fish&campaignid=2471437&target=yankee-gun-v0550m5949&cost=0.001300&external_id=ADULT HTTP 302
https://qwfuu.altaircastor.com/?pl=W7-lkuObDEWXzHM4LgqUhA&tbd=864000&sub_id=parkdom&click_id=f1a0de4ffda52f161454304881f9075e-11246-1212 HTTP 302
https://qwfuu.topads-site.com/fdze4mod1i/?pl=W7-lkuObDEWXzHM4LgqUhA&sm=phn&click_id=f1a0de4ffda52f161454304881f9075e-11246-1212&sub_id=parkdom&nrid=f4094887f2e24fecb802d82475f3e65b&tbd=864000&hash=fGAbryy1UlDlSqCPwvx_cw&exp=1733977606 Page URL
https://qwfuu.topads-site.com/fdze4mod1i/?pl=W7-lkuObDEWXzHM4LgqUhA&sm=phn&click_id=f1a0de4ffda52f161454304881f9075e-11246-1212&sub_id=parkdom&nrid=f4094887f2e24fecb802d82475f3e65b&tbd=864000&hash=fGAbryy1UlDlSqCPwvx_cw&exp=1733977606 Page URL
https://pa.topads-site.com/fdze4mod1i/?pl=W7-lkuObDEWXzHM4LgqUhA&sm=phn&click_id=f1a0de4ffda52f161454304881f9075e-11246-1212&sub_id=parkdom&nrid=f4094887f2e24fecb802d82475f3e65b&tbd=864000&hash=fGAbryy1UlDlSqCPwvx_cw&exp=1733977606 Page URL
https://www.bing.com/news Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 6

https://longi-cba.com/zclkredirect?visitid=97e41664-b840-11ef-89e3-0afff75116cd&type=js&browserWidth=1600&browserHeight=1200&iframeDetected=false&webdriverDetected=false&gpu=Intel%20Inc.%3B%20Intel%20Iris%20OpenGL%20Engine&timezone=UTC-10%3A00&timezoneName=Pacific%2FHonolulu HTTP 302
https://main.proffering.xyz/15GUIL?zoneid=vitellary-fish&campaignid=2471437&target=yankee-gun-v0550m5949&cost=0.001300&external_id=ADULT HTTP 302
https://qwfuu.altaircastor.com/?pl=W7-lkuObDEWXzHM4LgqUhA&tbd=864000&sub_id=parkdom&click_id=f1a0de4ffda52f161454304881f9075e-11246-1212 HTTP 302
https://qwfuu.topads-site.com/fdze4mod1i/?pl=W7-lkuObDEWXzHM4LgqUhA&sm=phn&click_id=f1a0de4ffda52f161454304881f9075e-11246-1212&sub_id=parkdom&nrid=f4094887f2e24fecb802d82475f3e65b&tbd=864000&hash=fGAbryy1UlDlSqCPwvx_cw&exp=1733977606

111 HTTP transactions
27 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 / Show response
www.service.sexyclicks.com/ 2 KB
2 KB 626ms
362ms Document
text/html 75.2.18.233
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://www.service.sexyclicks.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 75.2.18.233 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ac1a2ad24832d38a2.awsglobalaccelerator.com
Software: Caddy nginx /
Resource Hash: 2136eb8d16f6998845c22535c39ecac94988841782a6fae6175e81f4e8af3cee

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

accept-ch: viewport-width dpr device-memory rtt downlink ect ua ua-full-version ua-platform ua-platform-version ua-arch ua-model ua-mobile
accept-ch-lifetime: 30
alt-svc: h3=":50545"; ma=2592000
content-encoding: gzip
content-type: text/html; charset=UTF-8
date: Thu, 12 Dec 2024 04:21:43 GMT
server: Caddy nginx
vary: Accept-Encoding
x-adblock-key: MFwwDQYJKoZIhvcNAQEBBQADSwAwSAJBALquDFETXRn0Hr05fUP7EJT77xYnPmRbpMy4vk8KYiHnkNpednjOANJcaXDXcKQJN0nXKZJL7TciJD8AoHXK158CAwEAAQ==_MpvHQU5wxJrJZhsYUouau2ti9mFxIA4rlu6OyRV0gUk0HzwgpO/0h8rYlT8STq9GedF8BCHfrrzdtobwELDPmw==
x-domain: sexyclicks.com
x-pcrew-blocked-reason
x-pcrew-ip-organization: Verizon Internet Services
x-redirect: zeropark_zeroclick
x-subdomain: www.service

GET
H2 200 js3.js Show response
d38psrni17bvxu.cloudfront.net/scripts/ 1 KB
1 KB 413ms
32ms Script
application/javascript 13.33.251.117
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d38psrni17bvxu.cloudfront.net/scripts/js3.js
Requested by: Host: www.service.sexyclicks.com
URL: https://www.service.sexyclicks.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.33.251.117 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-33-251-117.jfk50.r.cloudfront.net
Software: nginx /
Resource Hash: 036c94653e84e6078c087abeb3ac8804491d27b27938839ae3df42b31e2238d9

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://www.service.sexyclicks.com/

Response headers

etag: "65fc1e7b-448"
age: 36640
via: 1.1 a5aff17032e65d74ef5c955d5493c06e.cloudfront.net (CloudFront)
accept-ranges: bytes
x-cache: Hit from cloudfront
content-length: 1096
x-amz-cf-id: FKGBQr5pIMZC78ZJblNPKxAxNK0QoGZ1YfdB0HkqmM7YNVNI1bocrA==
date: Wed, 11 Dec 2024 18:11:04 GMT
content-type: application/javascript
last-modified: Thu, 21 Mar 2024 11:48:11 GMT
server: nginx
x-amz-cf-pop: JFK50-P10

GET
H2 200 track.php Show response
www.service.sexyclicks.com/ 0
115 B 162ms
162ms XHR
text/html 75.2.18.233
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://www.service.sexyclicks.com/track.php?domain=sexyclicks.com&toggle=browserjs&uid=MTczMzk3NzMwMy43MDg4OjVkMDhlODViNmNmMGRiNGFjYzVhOTQwMzQ4MjRlZmMxMDFlYjgxMmZjYjYwMWYwMGQzZDk5ZGEyMmNhMjI2MGY6Njc1YTY0ZDdhZDBjNw%3D%3D
Requested by: Host: d38psrni17bvxu.cloudfront.net
URL: https://d38psrni17bvxu.cloudfront.net/scripts/js3.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 75.2.18.233 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ac1a2ad24832d38a2.awsglobalaccelerator.com
Software: Caddy, nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

viewport-width: 1600
ect: 4g
Referer: https://www.service.sexyclicks.com/
device-memory: 8
dpr: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
rtt: 100
downlink: 10

Response headers

content-encoding: gzip
accept-ch: viewport-width, dpr, device-memory, rtt, downlink, ect, ua, ua-full-version, ua-platform, ua-platform-version, ua-arch, ua-model, ua-mobile
accept-ch-lifetime: 30
x-custom-track: browserjs
access-control-allow-origin: *
alt-svc: h3=":50545"; ma=2592000
date: Thu, 12 Dec 2024 04:21:44 GMT
content-type: text/html; charset=UTF-8
vary: Accept-Encoding
server: Caddy, nginx

GET
H2 201 ls.php
www.service.sexyclicks.com/ 16 B
339 B 156ms
156ms XHR
text/javascript 75.2.18.233
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://www.service.sexyclicks.com/ls.php?t=675a64d7&token=e4fb459b8cb2bb5595d4f1e789aba41f6d0b057f
Requested by: Host: www.service.sexyclicks.com
URL: https://www.service.sexyclicks.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 75.2.18.233 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ac1a2ad24832d38a2.awsglobalaccelerator.com
Software: Caddy, nginx /
Resource Hash

Request headers

viewport-width: 1600
ect: 4g
Referer: https://www.service.sexyclicks.com/
device-memory: 8
dpr: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
rtt: 100
downlink: 10

Response headers

access-control-max-age: 86400
accept-ch: viewport-width, dpr, device-memory, rtt, downlink, ect, ua, ua-full-version, ua-platform, ua-platform-version, ua-arch, ua-model, ua-mobile
access-control-allow-methods: POST, OPTIONS
x-adblock-key: MFwwDQYJKoZIhvcNAQEBBQADSwAwSAJBALquDFETXRn0Hr05fUP7EJT77xYnPmRbpMy4vk8KYiHnkNpednjOANJcaXDXcKQJN0nXKZJL7TciJD8AoHXK158CAwEAAQ==_Z5nscRxNMGTPwU5mz210rjpxBunNGQhV8b0ijIw8I/+MQr2WFhMhwE7VtvjQULotMur5863rnMG5BoAqgCCung==
accept-ch-lifetime: 30
access-control-allow-origin
alt-svc: h3=":50545"; ma=2592000
date: Thu, 12 Dec 2024 04:21:44 GMT
charset: utf-8
content-type: text/javascript;charset=UTF-8
server: Caddy, nginx

GET
H2 200 track.php
www.service.sexyclicks.com/ 0
91 B 196ms
196ms XHR
text/html 75.2.18.233
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://www.service.sexyclicks.com/track.php?click=4531ee5ee79c6f01edb6d28cc2dba0036227c382&domain=sexyclicks.com&uid=MTczMzk3NzMwMy43MDg4OjVkMDhlODViNmNmMGRiNGFjYzVhOTQwMzQ4MjRlZmMxMDFlYjgxMmZjYjYwMWYwMGQzZDk5ZGEyMmNhMjI2MGY6Njc1YTY0ZDdhZDBjNw%3D%3D&ts=fENsZWFuUGVwcGVybWludEJsYWNrfHw1Y2U4NHxidWNrZXQwMTEsYnVja2V0MDg4LGJ1Y2tldDA4OSxidWNrZXQwNzd8fHx8fHw2NzVhNjRkN2FkMDU2fHx8MTczMzk3NzMwMy44OTY3fGFiNjZlZjNjODk4NDZmNTBlMTQyZDkwMzYyNGUwMGMyOTNlZDZiMjJ8fHx8fDF8fDB8MHx8fHwxfHx8fHwwfDB8fHx8fHx8fHx8MHwwfHwwfHx8MHwwfFcxMD18fDF8VzEwPXxlNGZiNDU5YjhjYjJiYjU1OTVkNGYxZTc4OWFiYTQxZjZkMGIwNTdmfDB8fDB8MHx8fHw%3D&kw=&search=&pcat=&bucket=&clientID=&adtest=off
Requested by: Host: d38psrni17bvxu.cloudfront.net
URL: https://d38psrni17bvxu.cloudfront.net/scripts/js3.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 75.2.18.233 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ac1a2ad24832d38a2.awsglobalaccelerator.com
Software: Caddy, nginx /
Resource Hash

Request headers

viewport-width: 1600
ect: 4g
Referer: https://www.service.sexyclicks.com/
device-memory: 8
dpr: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
rtt: 100
downlink: 10

Response headers

x-view-match: true
content-encoding: gzip
accept-ch: viewport-width, dpr, device-memory, rtt, downlink, ect, ua, ua-full-version, ua-platform, ua-platform-version, ua-arch, ua-model, ua-mobile
accept-ch-lifetime: 30
x-custom-track: none
access-control-allow-origin: *
alt-svc: h3=":50545"; ma=2592000
date: Thu, 12 Dec 2024 04:21:44 GMT
content-type: text/html; charset=UTF-8
vary: Accept-Encoding
server: Caddy, nginx

GET
H2 200 1304ac30-8585-11eb-af9e-0a51339b19df Show response
longi-cba.com/zclkvisitor/97e41664-b840-11ef-89e3-0afff75116cd/ 3 KB
3 KB 290ms
49ms Document
text/html 3.231.99.165
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://longi-cba.com/zclkvisitor/97e41664-b840-11ef-89e3-0afff75116cd/1304ac30-8585-11eb-af9e-0a51339b19df?campaignid=201c7200-9877-11ef-a47d-12832fc4c381

Requested by

Host: www.service.sexyclicks.com
URL: https://www.service.sexyclicks.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

3.231.99.165 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-3-231-99-165.compute-1.amazonaws.com

Software

Resource Hash

30e5565eaab1c6a67ec00664541e8c7fbaab307ceb3022a3e00d1ed0a376d46f

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; script-src 'self' 'unsafe-inline'

Request headers

Referer: https://www.service.sexyclicks.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

access-control-allow-headers: X-Requested-With,Content-Type
access-control-allow-methods: GET,POST,OPTIONS
access-control-allow-origin: *
cache-control: no-store, no-cache, pre-check=0, post-check=0
content-length: 3088
content-security-policy: default-src 'self'; script-src 'self' 'unsafe-inline'
content-type: text/html;charset=UTF-8
date: Thu, 12 Dec 2024 04:21:45 GMT

GET
H3

200

/ Show response
qwfuu.topads-site.com/fdze4mod1i/
Redirect Chain

https://longi-cba.com/zclkredirect?visitid=97e41664-b840-11ef-89e3-0afff75116cd&type=js&browserWidth=1600&browserHeight=1200&iframeDetected=false&webdriverDetected=false&gpu=Intel%20Inc.%3B%20Intel...
https://main.proffering.xyz/15GUIL?zoneid=vitellary-fish&campaignid=2471437&target=yankee-gun-v0550m5949&cost=0.001300&external_id=ADULT
https://qwfuu.altaircastor.com/?pl=W7-lkuObDEWXzHM4LgqUhA&tbd=864000&sub_id=parkdom&click_id=f1a0de4ffda52f161454304881f9075e-11246-1212
https://qwfuu.topads-site.com/fdze4mod1i/?pl=W7-lkuObDEWXzHM4LgqUhA&sm=phn&click_id=f1a0de4ffda52f161454304881f9075e-11246-1212&sub_id=parkdom&nrid=f4094887f2e24fecb802d82475f3e65b&tbd=864000&hash=...

60 KB
17 KB

346ms
256ms

Document
text/html

172.67.190.135
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://qwfuu.topads-site.com/fdze4mod1i/?pl=W7-lkuObDEWXzHM4LgqUhA&sm=phn&click_id=f1a0de4ffda52f161454304881f9075e-11246-1212&sub_id=parkdom&nrid=f4094887f2e24fecb802d82475f3e65b&tbd=864000&hash=fGAbryy1UlDlSqCPwvx_cw&exp=1733977606
Requested by: Host: longi-cba.com
URL: https://longi-cba.com/zclkvisitor/97e41664-b840-11ef-89e3-0afff75116cd/1304ac30-8585-11eb-af9e-0a51339b19df?campaignid=201c7200-9877-11ef-a47d-12832fc4c381
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.190.135 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: cd2332792852c2a4c36d68e5eca29051c31d1644d61646b691615aa6ceeaa49e

Request headers

Referer: https://longi-cba.com/zclkvisitor/97e41664-b840-11ef-89e3-0afff75116cd/1304ac30-8585-11eb-af9e-0a51339b19df?campaignid=201c7200-9877-11ef-a47d-12832fc4c381
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

alt-svc: h3=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 8f0aedf56b22c461-EWR
content-encoding: zstd
content-type: text/html
date: Thu, 12 Dec 2024 04:21:46 GMT
last-modified: Wed, 27 Nov 2024 15:15:38 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
priority: u=0,i
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Omy8fXoIgDrtS0s%2FUkihAFiQxcUde1z4z2YuKEFk5%2BryHgPECc7xtZ%2FEj7EHyrqqLoU2jfyryMUc3VSqpTvuC2mf7rZbNoaDVgAqMITy6Vu25XRkFVl5dQhn%2FKJ60vGPjAfnwDKou7g%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
server-timing: cfL4;desc="?proto=QUIC&rtt=22022&min_rtt=21600&rtt_var=4141&sent=13&recv=10&lost=0&retrans=0&sent_bytes=4307&recv_bytes=4654&delivery_rate=572&cwnd=12000&unsent_bytes=0&cid=d930a9eeca47e4ab&ts=267&x=1" cfExtPri cfHdrFlush;dur=0

Redirect headers

accept-ch: Sec-CH-UA, Sec-CH-UA-Platform, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version
alt-svc: h3=":443"; ma=86400
cache-control: max-age=0, no-cache, no-store, must-revalidate
cf-cache-status: DYNAMIC
cf-ray: 8f0aedf37fe95e80-EWR
content-length: 0
date: Thu, 12 Dec 2024 04:21:46 GMT
location: https://qwfuu.topads-site.com/fdze4mod1i/?pl=W7-lkuObDEWXzHM4LgqUhA&sm=phn&click_id=f1a0de4ffda52f161454304881f9075e-11246-1212&sub_id=parkdom&nrid=f4094887f2e24fecb802d82475f3e65b&tbd=864000&hash=fGAbryy1UlDlSqCPwvx_cw&exp=1733977606
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
priority: u=0,i
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=N%2F3tiajjnya8TTZVRMm6CaR6R7cwzRi%2BsEgGDSdm1yq7hJpi1Ake622Aauyrp0NMqDtlylVRV7UecUnp0A6wuideTwTdvoFmLqE8ZJ%2FGMtxCi3pCVyZaCJ5ZWib5PzAaQKmm31FnAbCp"}],"group":"cf-nel","max_age":604800}
server: cloudflare
server-timing: cfL4;desc="?proto=QUIC&rtt=27476&min_rtt=24253&rtt_var=10120&sent=14&recv=11&lost=0&retrans=0&sent_bytes=4308&recv_bytes=4626&delivery_rate=578&cwnd=12000&unsent_bytes=0&cid=d1fa241d0508a583&ts=332&x=1" cfExtPri cfHdrFlush;dur=0

GET
H3 200 main.js Show response
qwfuu.topads-site.com/fdze4mod1i/assets/ 7 KB
4 KB 38ms
37ms Script
application/javascript 172.67.190.135
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://qwfuu.topads-site.com/fdze4mod1i/assets/main.js
Requested by: Host: qwfuu.topads-site.com
URL: https://qwfuu.topads-site.com/fdze4mod1i/?pl=W7-lkuObDEWXzHM4LgqUhA&sm=phn&click_id=f1a0de4ffda52f161454304881f9075e-11246-1212&sub_id=parkdom&nrid=f4094887f2e24fecb802d82475f3e65b&tbd=864000&hash=fGAbryy1UlDlSqCPwvx_cw&exp=1733977606
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.190.135 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 1824cd327adc006e13218157aa28338d22249c3b2a7fcfa090072b8dfdf08a87

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://qwfuu.topads-site.com/fdze4mod1i/?pl=W7-lkuObDEWXzHM4LgqUhA&sm=phn&click_id=f1a0de4ffda52f161454304881f9075e-11246-1212&sub_id=parkdom&nrid=f4094887f2e24fecb802d82475f3e65b&tbd=864000&hash=fGAbryy1UlDlSqCPwvx_cw&exp=1733977606

Response headers

content-encoding: zstd
cf-cache-status: HIT
etag: W/"6747379a-1d62"
age: 3138
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=2kLd0IRG9E0G7tE56sOzS3b4%2BXtfmQarct2yRfJE4D8Su56%2FYNmva6JBX8hi8z4VF3IxaELKxoX%2FTNKSJrRg7we7mHS8tm6nCNIhjGZo8MvbIt5w7XlRCXeBKUevofCYizMaOaL4ejg%3D"}],"group":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=23796&min_rtt=21600&rtt_var=2444&sent=35&recv=21&lost=0&retrans=0&sent_bytes=26454&recv_bytes=6455&delivery_rate=498021&cwnd=14400&unsent_bytes=0&cid=d930a9eeca47e4ab&ts=405&x=1", cfExtPri, cfHdrFlush;dur=0
date: Thu, 12 Dec 2024 04:21:46 GMT
content-type: application/javascript
last-modified: Wed, 27 Nov 2024 15:15:38 GMT
vary: Accept-Encoding
priority: u=1,i=?0
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 8f0aedf79d8cc461-EWR
server: cloudflare

GET
H3 200 style.css
qwfuu.topads-site.com/fdze4mod1i/assets/ 22 KB
4 KB 37ms
36ms Stylesheet
text/css 172.67.190.135
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://qwfuu.topads-site.com/fdze4mod1i/assets/style.css
Requested by: Host: qwfuu.topads-site.com
URL: https://qwfuu.topads-site.com/fdze4mod1i/?pl=W7-lkuObDEWXzHM4LgqUhA&sm=phn&click_id=f1a0de4ffda52f161454304881f9075e-11246-1212&sub_id=parkdom&nrid=f4094887f2e24fecb802d82475f3e65b&tbd=864000&hash=fGAbryy1UlDlSqCPwvx_cw&exp=1733977606
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.190.135 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e9de09f269bed108c6c88f6f5f0650db1547a23e6f180b5fd212869cd7b4990c

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://qwfuu.topads-site.com/fdze4mod1i/?pl=W7-lkuObDEWXzHM4LgqUhA&sm=phn&click_id=f1a0de4ffda52f161454304881f9075e-11246-1212&sub_id=parkdom&nrid=f4094887f2e24fecb802d82475f3e65b&tbd=864000&hash=fGAbryy1UlDlSqCPwvx_cw&exp=1733977606

Response headers

content-encoding: gzip
cf-cache-status: HIT
etag: W/"6747379a-58e5"
age: 3138
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=OZV1%2FjSUqCt6UgU%2FXIdXB7MZ1N1rh%2Ff%2FFvBEvKiDaUp2ivGzkZ3gqYOZy95ajwgKXUGjwqq2tmVNDP8kqprugRo7lJCq5fY7FfGpQnC1X4Q9vX%2FPdew31dkJpn7quyAi2aZbdydjuyE%3D"}],"group":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=23796&min_rtt=21600&rtt_var=2444&sent=31&recv=21&lost=0&retrans=0&sent_bytes=22035&recv_bytes=6455&delivery_rate=498021&cwnd=14400&unsent_bytes=0&cid=d930a9eeca47e4ab&ts=402&x=1", cfExtPri, cfHdrFlush;dur=0
date: Thu, 12 Dec 2024 04:21:46 GMT
content-type: text/css
last-modified: Wed, 27 Nov 2024 15:15:38 GMT
vary: Accept-Encoding
priority: u=0,i=?0
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 8f0aedf79d8fc461-EWR
server: cloudflare

GET
H3 200 thumb-big.jpg
qwfuu.topads-site.com/fdze4mod1i/assets/ 81 KB
81 KB 39ms
39ms Image
image/jpeg 172.67.190.135
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://qwfuu.topads-site.com/fdze4mod1i/assets/thumb-big.jpg
Requested by: Host: qwfuu.topads-site.com
URL: https://qwfuu.topads-site.com/fdze4mod1i/?pl=W7-lkuObDEWXzHM4LgqUhA&sm=phn&click_id=f1a0de4ffda52f161454304881f9075e-11246-1212&sub_id=parkdom&nrid=f4094887f2e24fecb802d82475f3e65b&tbd=864000&hash=fGAbryy1UlDlSqCPwvx_cw&exp=1733977606
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.190.135 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: deaddba93625d2c7610076927fcd37afadad9324ca3210a2bb12784d313dd788

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://qwfuu.topads-site.com/fdze4mod1i/?pl=W7-lkuObDEWXzHM4LgqUhA&sm=phn&click_id=f1a0de4ffda52f161454304881f9075e-11246-1212&sub_id=parkdom&nrid=f4094887f2e24fecb802d82475f3e65b&tbd=864000&hash=fGAbryy1UlDlSqCPwvx_cw&exp=1733977606

Response headers

cf-cache-status: HIT
etag: "6747379a-142bf"
age: 3138
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=240nIiGdHaChi0Bx2Az72cab4dFpg%2BP8aY%2BaMCMvZqQzpulSpUk5tsfQCSDA0ZDKtHg6tpVdO3N3UH4Y7THspb3PMRMVDzPYsaOxgyWr1e7IMzh04XXWcJpb9Vox%2FVqy9naswKM0yBA%3D"}],"group":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=23796&min_rtt=21600&rtt_var=2444&sent=39&recv=21&lost=0&retrans=0&sent_bytes=30320&recv_bytes=6455&delivery_rate=498021&cwnd=14400&unsent_bytes=0&cid=d930a9eeca47e4ab&ts=407&x=1", cfExtPri, cfHdrFlush;dur=0
date: Thu, 12 Dec 2024 04:21:46 GMT
content-type: image/jpeg
last-modified: Wed, 27 Nov 2024 15:15:38 GMT
vary: Accept-Encoding
priority: u=2,i
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 8f0aedf79d90c461-EWR
accept-ranges: bytes
content-length: 82623
server: cloudflare

GET
H3 200 terms.js Show response
qwfuu.topads-site.com/shared-js/assets/ 15 KB
6 KB 38ms
38ms Script
application/javascript 172.67.190.135
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://qwfuu.topads-site.com/shared-js/assets/terms.js?v=3
Requested by: Host: qwfuu.topads-site.com
URL: https://qwfuu.topads-site.com/fdze4mod1i/?pl=W7-lkuObDEWXzHM4LgqUhA&sm=phn&click_id=f1a0de4ffda52f161454304881f9075e-11246-1212&sub_id=parkdom&nrid=f4094887f2e24fecb802d82475f3e65b&tbd=864000&hash=fGAbryy1UlDlSqCPwvx_cw&exp=1733977606
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.190.135 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c46c955ff315766d3f9454fae48c7043233a2490689086c8613dbb37bca8fc46

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://qwfuu.topads-site.com/fdze4mod1i/?pl=W7-lkuObDEWXzHM4LgqUhA&sm=phn&click_id=f1a0de4ffda52f161454304881f9075e-11246-1212&sub_id=parkdom&nrid=f4094887f2e24fecb802d82475f3e65b&tbd=864000&hash=fGAbryy1UlDlSqCPwvx_cw&exp=1733977606

Response headers

content-encoding: zstd
cf-cache-status: HIT
etag: W/"67475928-3c54"
age: 3142
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=lJL8%2FxcjphQarGePYjyIEi9mgsTu3rYHS0dOzg0vnDwoHPB2%2F%2BkQPWXwYZUnmsHLHD6YlnNGPvESkjH9S5CuPAeTfJsnSzxPLyfNE7tXVYP6r4vToZzTkiIOSXeNi%2FoPUho7wgMfDss%3D"}],"group":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=23797&min_rtt=21600&rtt_var=1834&sent=45&recv=22&lost=0&retrans=0&sent_bytes=36435&recv_bytes=6924&delivery_rate=409777&cwnd=14400&unsent_bytes=0&cid=d930a9eeca47e4ab&ts=426&x=1", cfExtPri, cfHdrFlush;dur=2
date: Thu, 12 Dec 2024 04:21:46 GMT
content-type: application/javascript
last-modified: Wed, 27 Nov 2024 17:38:48 GMT
vary: Accept-Encoding
priority: u=2,i=?0
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 8f0aedf7bde5c461-EWR
server: cloudflare

GET
H3 200 static-pl.js Show response
qwfuu.topads-site.com/shared-js/assets/ 5 KB
3 KB 55ms
55ms Script
application/javascript 172.67.190.135
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://qwfuu.topads-site.com/shared-js/assets/static-pl.js?v=6
Requested by: Host: qwfuu.topads-site.com
URL: https://qwfuu.topads-site.com/fdze4mod1i/?pl=W7-lkuObDEWXzHM4LgqUhA&sm=phn&click_id=f1a0de4ffda52f161454304881f9075e-11246-1212&sub_id=parkdom&nrid=f4094887f2e24fecb802d82475f3e65b&tbd=864000&hash=fGAbryy1UlDlSqCPwvx_cw&exp=1733977606
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.190.135 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f98b22d07cb47175205b82d6d2a60409799180788712f097facbe2cdfffc6a28

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://qwfuu.topads-site.com/fdze4mod1i/?pl=W7-lkuObDEWXzHM4LgqUhA&sm=phn&click_id=f1a0de4ffda52f161454304881f9075e-11246-1212&sub_id=parkdom&nrid=f4094887f2e24fecb802d82475f3e65b&tbd=864000&hash=fGAbryy1UlDlSqCPwvx_cw&exp=1733977606

Response headers

content-encoding: zstd
cf-cache-status: HIT
etag: W/"6747379a-1261"
age: 3114
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=lxVa2DMoqmg5ZQJkj4Fdv44XUea8R8M4LELB5VYtJUnwMfWUiHUC7qZqH4GDVTRvy8uMP7VHDacuVhkVEi9dTbyG4TDdk17tGMtpEsmNhIlyMr4KSS2IKRLGdSgceBfeXpIuzdkaJtI%3D"}],"group":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=26688&min_rtt=21600&rtt_var=2396&sent=70&recv=29&lost=0&retrans=0&sent_bytes=64447&recv_bytes=7654&delivery_rate=387802&cwnd=28800&unsent_bytes=0&cid=d930a9eeca47e4ab&ts=444&x=1", cfExtPri, cfHdrFlush;dur=8
date: Thu, 12 Dec 2024 04:21:46 GMT
content-type: application/javascript
last-modified: Wed, 27 Nov 2024 15:15:38 GMT
vary: Accept-Encoding
priority: u=2,i=?0
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 8f0aedf7ee0fc461-EWR
server: cloudflare

GET
DATA 200
OK truncated
/ 2 KB
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: e7547c638fcf80efaf78ad599a3c81598071b8bab934f288d8792968f39f7838

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ 246 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: b43ef171c22c73c4c2644ee0b8094997496c3b7e7886deb93380ac5fa975a8fd

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ 237 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 8fe7a1ca687ce722902004dae991d26544e415043eac429d4cc153611712df16

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ 370 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: bfa510c4b10dcd3c82b78bebe5a955e3b9a04565a46a3d5df27024af2e547668

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ 2 KB
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 5d4408762f9d1774f06dabc68534482080329ec4d0b9a6c342a4435a7930dcd7

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer

Response headers

Content-Type: image/png

GET
H3 200 /
qwfuu.topads-site.com/fdze4mod1i/ 60 KB
60 KB 0ms
0ms Image
text/html 172.67.190.135
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://qwfuu.topads-site.com/fdze4mod1i/?pl=W7-lkuObDEWXzHM4LgqUhA&sm=phn&click_id=f1a0de4ffda52f161454304881f9075e-11246-1212&sub_id=parkdom&nrid=f4094887f2e24fecb802d82475f3e65b&tbd=864000&hash=fGAbryy1UlDlSqCPwvx_cw&exp=1733977606
Requested by: Host: qwfuu.topads-site.com
URL: https://qwfuu.topads-site.com/fdze4mod1i/?pl=W7-lkuObDEWXzHM4LgqUhA&sm=phn&click_id=f1a0de4ffda52f161454304881f9075e-11246-1212&sub_id=parkdom&nrid=f4094887f2e24fecb802d82475f3e65b&tbd=864000&hash=fGAbryy1UlDlSqCPwvx_cw&exp=1733977606
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.190.135 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://qwfuu.topads-site.com/fdze4mod1i/?pl=W7-lkuObDEWXzHM4LgqUhA&sm=phn&click_id=f1a0de4ffda52f161454304881f9075e-11246-1212&sub_id=parkdom&nrid=f4094887f2e24fecb802d82475f3e65b&tbd=864000&hash=fGAbryy1UlDlSqCPwvx_cw&exp=1733977606

Response headers

nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding: zstd
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Omy8fXoIgDrtS0s%2FUkihAFiQxcUde1z4z2YuKEFk5%2BryHgPECc7xtZ%2FEj7EHyrqqLoU2jfyryMUc3VSqpTvuC2mf7rZbNoaDVgAqMITy6Vu25XRkFVl5dQhn%2FKJ60vGPjAfnwDKou7g%3D"}],"group":"cf-nel","max_age":604800}
cf-ray: 8f0aedf56b22c461-EWR
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=22022&min_rtt=21600&rtt_var=4141&sent=13&recv=10&lost=0&retrans=0&sent_bytes=4307&recv_bytes=4654&delivery_rate=572&cwnd=12000&unsent_bytes=0&cid=d930a9eeca47e4ab&ts=267&x=1", cfExtPri, cfHdrFlush;dur=0
date: Thu, 12 Dec 2024 04:21:46 GMT
content-type: text/html
last-modified: Wed, 27 Nov 2024 15:15:38 GMT
server: cloudflare
priority: u=0,i

GET
DATA 200
OK truncated
/ 241 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 350f1f402cbef880c0609948ef9c67d90bf7ec4a9ad1e48cbbd81b43becdfafd

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ 608 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 49ed9b1e7e3fe88fb51a8a4c1adc5d3c24cb11f7363bd02e294fb732758edb21

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ 3 KB
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 7482cf4d44518772564144cead954c6bce6aeb83c6339205100bc718145228c6

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer

Response headers

Content-Type: image/png

GET
H3 200 ps.js Show response
qwfuu.topads-site.com/ps/ 36 KB
15 KB 401ms
401ms Script
application/javascript 172.67.190.135
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://qwfuu.topads-site.com/ps/ps.js?&edg=true&sw=&fullscreen=true&pl=true&pp=false&id=W7-lkuObDEWXzHM4LgqUhA&sm=phn&click_id=f1a0de4ffda52f161454304881f9075e-11246-1212&sub_id=parkdom&appspot=&d=https%3A%2F%2Fqwfuu.topads-site.com&timeout=864000&tb=true&nrid=f4094887f2e24fecb802d82475f3e65b
Requested by: Host: qwfuu.topads-site.com
URL: https://qwfuu.topads-site.com/shared-js/assets/static-pl.js?v=6
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.190.135 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 9499f211ffcce50cc6924ed4b36e6d53a7bcbfce19172b5b5918d9f616adc7b7

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://qwfuu.topads-site.com/fdze4mod1i/?pl=W7-lkuObDEWXzHM4LgqUhA&sm=phn&click_id=f1a0de4ffda52f161454304881f9075e-11246-1212&sub_id=parkdom&nrid=f4094887f2e24fecb802d82475f3e65b&tbd=864000&hash=fGAbryy1UlDlSqCPwvx_cw&exp=1733977606

Response headers

cache-control: max-age=0, no-cache, no-store, must-revalidate
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding: zstd
cf-cache-status: BYPASS
accept-ch: Sec-CH-UA, Sec-CH-UA-Platform, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=A25F7zseTqMvPjDOBgTtfOeNw44yWwd4WNYVydaTp4w9H3tDqjONnyBTysU0JdQqUIGbFtFdZsG8iazK%2F%2F%2BI%2BGYo94%2Fnsah%2Fm41q6Y7NbBGsAChYwCXca8UnK9%2BkAPXnwxZ65x%2B%2F0Dg%3D"}],"group":"cf-nel","max_age":604800}
cf-ray: 8f0aedf84e80c461-EWR
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=38034&min_rtt=21600&rtt_var=7399&sent=125&recv=63&lost=0&retrans=0&sent_bytes=124154&recv_bytes=9712&delivery_rate=1542133&cwnd=60000&unsent_bytes=0&cid=d930a9eeca47e4ab&ts=875&x=1", cfExtPri, cfHdrFlush;dur=0
date: Thu, 12 Dec 2024 04:21:47 GMT
content-type: application/javascript
vary: Accept-Encoding
server: cloudflare
priority: u=3,i=?0

GET
H3 200 config.js Show response
qwfuu.topads-site.com/ps/ 364 B
993 B 159ms
158ms Script
application/javascript 172.67.190.135
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://qwfuu.topads-site.com/ps/config.js?id=W7-lkuObDEWXzHM4LgqUhA
Requested by: Host: qwfuu.topads-site.com
URL: https://qwfuu.topads-site.com/ps/ps.js?&edg=true&sw=&fullscreen=true&pl=true&pp=false&id=W7-lkuObDEWXzHM4LgqUhA&sm=phn&click_id=f1a0de4ffda52f161454304881f9075e-11246-1212&sub_id=parkdom&appspot=&d=https%3A%2F%2Fqwfuu.topads-site.com&timeout=864000&tb=true&nrid=f4094887f2e24fecb802d82475f3e65b
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.190.135 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: af0bb8b7a4d64839b86f8ee7fd4c1e9e0cd914e00e73006921ebace3cdc24047

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://qwfuu.topads-site.com/fdze4mod1i/?pl=W7-lkuObDEWXzHM4LgqUhA&sm=phn&click_id=f1a0de4ffda52f161454304881f9075e-11246-1212&sub_id=parkdom&nrid=f4094887f2e24fecb802d82475f3e65b&tbd=864000&hash=fGAbryy1UlDlSqCPwvx_cw&exp=1733977606

Response headers

cache-control: max-age=0, no-cache, no-store, must-revalidate
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding: zstd
cf-cache-status: BYPASS
accept-ch: Sec-CH-UA, Sec-CH-UA-Platform, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=GtWQST1AacFMD4Vu%2Bnqi8bYqeAFxUUH%2BTRHSwh9fZdxmi%2F6Dd%2BczTeq%2F3g2aVaglJCS5Rq8mkVU%2BHqgzukMK59xC7hkhqPsi2pV6T4nZQ%2FeLKMC9K0RD%2FlKRPqvf%2BdBvaCI14Kdqmr0%3D"}],"group":"cf-nel","max_age":604800}
cf-ray: 8f0aedfad9d5c461-EWR
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=40046&min_rtt=21600&rtt_var=6538&sent=281&recv=86&lost=0&retrans=0&sent_bytes=294218&recv_bytes=17619&delivery_rate=721444&cwnd=83100&unsent_bytes=0&cid=d930a9eeca47e4ab&ts=1031&x=1", cfExtPri, cfHdrFlush;dur=1
date: Thu, 12 Dec 2024 04:21:47 GMT
content-type: application/javascript
vary: Accept-Encoding
server: cloudflare
priority: u=3,i=?0

GET
H3 200 rec-1.jpg
qwfuu.topads-site.com/fdze4mod1i/assets/ 14 KB
15 KB 50ms
49ms Image
image/jpeg 172.67.190.135
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://qwfuu.topads-site.com/fdze4mod1i/assets/rec-1.jpg
Requested by: Host: qwfuu.topads-site.com
URL: https://qwfuu.topads-site.com/fdze4mod1i/?pl=W7-lkuObDEWXzHM4LgqUhA&sm=phn&click_id=f1a0de4ffda52f161454304881f9075e-11246-1212&sub_id=parkdom&nrid=f4094887f2e24fecb802d82475f3e65b&tbd=864000&hash=fGAbryy1UlDlSqCPwvx_cw&exp=1733977606
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.190.135 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 098b2a4c2b05fc238c6eae8654ea2a3bc9d5fac7c59cb420242d405fcc83ed47

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://qwfuu.topads-site.com/fdze4mod1i/?pl=W7-lkuObDEWXzHM4LgqUhA&sm=phn&click_id=f1a0de4ffda52f161454304881f9075e-11246-1212&sub_id=parkdom&nrid=f4094887f2e24fecb802d82475f3e65b&tbd=864000&hash=fGAbryy1UlDlSqCPwvx_cw&exp=1733977606

Response headers

cf-cache-status: HIT
etag: "6747379a-3844"
age: 3086
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=N31QE5fDNifgMnzX0fOJkPLfd1AX9u%2FMLWCK5b22Wxfq7pM918fLU2BV5WnJV1BYaALDyzIu%2FrNDaOPiToxVAlkqMUFgXFhKKAJ4e4wYSTfrfuqK4ddMg66ACdUYDHfoY3NjivcAg9I%3D"}],"group":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=35220&min_rtt=21600&rtt_var=9015&sent=141&recv=79&lost=0&retrans=0&sent_bytes=140227&recv_bytes=17309&delivery_rate=624970&cwnd=60000&unsent_bytes=0&cid=d930a9eeca47e4ab&ts=956&x=1", cfExtPri, cfHdrFlush;dur=0
date: Thu, 12 Dec 2024 04:21:47 GMT
content-type: image/jpeg
last-modified: Wed, 27 Nov 2024 15:15:38 GMT
vary: Accept-Encoding
priority: u=3,i
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 8f0aedfb0a27c461-EWR
accept-ranges: bytes
content-length: 14404
server: cloudflare

GET
H3 200 rec-2.jpg
qwfuu.topads-site.com/fdze4mod1i/assets/ 11 KB
11 KB 51ms
48ms Image
image/jpeg 172.67.190.135
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://qwfuu.topads-site.com/fdze4mod1i/assets/rec-2.jpg
Requested by: Host: qwfuu.topads-site.com
URL: https://qwfuu.topads-site.com/fdze4mod1i/?pl=W7-lkuObDEWXzHM4LgqUhA&sm=phn&click_id=f1a0de4ffda52f161454304881f9075e-11246-1212&sub_id=parkdom&nrid=f4094887f2e24fecb802d82475f3e65b&tbd=864000&hash=fGAbryy1UlDlSqCPwvx_cw&exp=1733977606
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.190.135 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b0fe8ace388ec8556bcdd46cd30a03ddaadcf80d124e9052f2a19a27061829f7

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://qwfuu.topads-site.com/fdze4mod1i/?pl=W7-lkuObDEWXzHM4LgqUhA&sm=phn&click_id=f1a0de4ffda52f161454304881f9075e-11246-1212&sub_id=parkdom&nrid=f4094887f2e24fecb802d82475f3e65b&tbd=864000&hash=fGAbryy1UlDlSqCPwvx_cw&exp=1733977606

Response headers

cf-cache-status: HIT
etag: "6747379a-2a8a"
age: 3086
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=eZqb3uSi5hMfszcvcDd3wat3pa7f5k4xJHT9DtzSEsHQWXmqyEwnGzLOilB0%2FzZfsrh5BP%2Bam7zofq40o3sXyfx%2FQ%2BY6xfx7LNqadttneMemOJtTYrpixvLJ1eBbiGSqrtpbia0In1s%3D"}],"group":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=35220&min_rtt=21600&rtt_var=9015&sent=141&recv=79&lost=0&retrans=0&sent_bytes=140227&recv_bytes=17309&delivery_rate=624970&cwnd=60000&unsent_bytes=0&cid=d930a9eeca47e4ab&ts=956&x=1", cfExtPri, cfHdrFlush;dur=0
date: Thu, 12 Dec 2024 04:21:47 GMT
content-type: image/jpeg
last-modified: Wed, 27 Nov 2024 15:15:38 GMT
vary: Accept-Encoding
priority: u=3,i
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 8f0aedfb0a2fc461-EWR
accept-ranges: bytes
content-length: 10890
server: cloudflare

GET
H3 200 rec-3.jpg
qwfuu.topads-site.com/fdze4mod1i/assets/ 15 KB
16 KB 51ms
48ms Image
image/jpeg 172.67.190.135
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://qwfuu.topads-site.com/fdze4mod1i/assets/rec-3.jpg
Requested by: Host: qwfuu.topads-site.com
URL: https://qwfuu.topads-site.com/fdze4mod1i/?pl=W7-lkuObDEWXzHM4LgqUhA&sm=phn&click_id=f1a0de4ffda52f161454304881f9075e-11246-1212&sub_id=parkdom&nrid=f4094887f2e24fecb802d82475f3e65b&tbd=864000&hash=fGAbryy1UlDlSqCPwvx_cw&exp=1733977606
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.190.135 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 9ee7f1aecdeb64f4ce54c5d0b7ea3d92b2e9d06a7f9cb7b793e39262cda05996

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://qwfuu.topads-site.com/fdze4mod1i/?pl=W7-lkuObDEWXzHM4LgqUhA&sm=phn&click_id=f1a0de4ffda52f161454304881f9075e-11246-1212&sub_id=parkdom&nrid=f4094887f2e24fecb802d82475f3e65b&tbd=864000&hash=fGAbryy1UlDlSqCPwvx_cw&exp=1733977606

Response headers

cf-cache-status: HIT
etag: "6747379a-3b71"
age: 3086
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=nKIUxQTnpo5ekMru7tfjBeaRaWrETFxMSFvmDUxr7gekvGOKPp4Q%2FU7SeExvopZ2g2%2Fmv3EPg4Ie%2BfzE%2F%2BoWV8c6dIiN3gI7O5OHGKTvWGV0XphWmbasV8lf%2FlS79jUjnUmXq5FknF8%3D"}],"group":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=35220&min_rtt=21600&rtt_var=9015&sent=141&recv=79&lost=0&retrans=0&sent_bytes=140227&recv_bytes=17309&delivery_rate=624970&cwnd=60000&unsent_bytes=0&cid=d930a9eeca47e4ab&ts=956&x=1", cfExtPri, cfHdrFlush;dur=0
date: Thu, 12 Dec 2024 04:21:47 GMT
content-type: image/jpeg
last-modified: Wed, 27 Nov 2024 15:15:38 GMT
vary: Accept-Encoding
priority: u=3,i
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 8f0aedfb0a34c461-EWR
accept-ranges: bytes
content-length: 15217
server: cloudflare

GET
H3 200 rec-4.jpg
qwfuu.topads-site.com/fdze4mod1i/assets/ 9 KB
9 KB 89ms
86ms Image
image/jpeg 172.67.190.135
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://qwfuu.topads-site.com/fdze4mod1i/assets/rec-4.jpg
Requested by: Host: qwfuu.topads-site.com
URL: https://qwfuu.topads-site.com/fdze4mod1i/?pl=W7-lkuObDEWXzHM4LgqUhA&sm=phn&click_id=f1a0de4ffda52f161454304881f9075e-11246-1212&sub_id=parkdom&nrid=f4094887f2e24fecb802d82475f3e65b&tbd=864000&hash=fGAbryy1UlDlSqCPwvx_cw&exp=1733977606
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.190.135 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f71320d61eb339fdb7b5d20249d4f6aa6e37e22e618dc83e8459da1db3f79483

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://qwfuu.topads-site.com/fdze4mod1i/?pl=W7-lkuObDEWXzHM4LgqUhA&sm=phn&click_id=f1a0de4ffda52f161454304881f9075e-11246-1212&sub_id=parkdom&nrid=f4094887f2e24fecb802d82475f3e65b&tbd=864000&hash=fGAbryy1UlDlSqCPwvx_cw&exp=1733977606

Response headers

cf-cache-status: HIT
etag: "6747379a-22c4"
age: 3086
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=TkLGZ3FBp%2FPtCXawUXmjzXZZO%2FSvViAVAxasJTXEHiUzngbAB6%2Bnd7Uy6bxVGVKRU5mrXAkUNZMl3xgQckjVmIHeioFQnXkGQT99qK0J5zttDNl%2FvCwlfwleiOFS59f6ry4Cbu%2Fp5GE%3D"}],"group":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=35220&min_rtt=21600&rtt_var=9015&sent=193&recv=79&lost=0&retrans=0&sent_bytes=200227&recv_bytes=17309&delivery_rate=624970&cwnd=60000&unsent_bytes=0&cid=d930a9eeca47e4ab&ts=958&x=1", cfExtPri, cfHdrFlush;dur=34
date: Thu, 12 Dec 2024 04:21:47 GMT
content-type: image/jpeg
last-modified: Wed, 27 Nov 2024 15:15:38 GMT
vary: Accept-Encoding
priority: u=3,i
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 8f0aedfb0a37c461-EWR
accept-ranges: bytes
content-length: 8900
server: cloudflare

GET
H3 200 rec-5.jpg
qwfuu.topads-site.com/fdze4mod1i/assets/ 13 KB
14 KB 60ms
58ms Image
image/jpeg 172.67.190.135
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://qwfuu.topads-site.com/fdze4mod1i/assets/rec-5.jpg
Requested by: Host: qwfuu.topads-site.com
URL: https://qwfuu.topads-site.com/fdze4mod1i/?pl=W7-lkuObDEWXzHM4LgqUhA&sm=phn&click_id=f1a0de4ffda52f161454304881f9075e-11246-1212&sub_id=parkdom&nrid=f4094887f2e24fecb802d82475f3e65b&tbd=864000&hash=fGAbryy1UlDlSqCPwvx_cw&exp=1733977606
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.190.135 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a77b6918c2799981aa1a09fc5f787ff109883093f2efd28beaf79031f5a8ac02

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://qwfuu.topads-site.com/fdze4mod1i/?pl=W7-lkuObDEWXzHM4LgqUhA&sm=phn&click_id=f1a0de4ffda52f161454304881f9075e-11246-1212&sub_id=parkdom&nrid=f4094887f2e24fecb802d82475f3e65b&tbd=864000&hash=fGAbryy1UlDlSqCPwvx_cw&exp=1733977606

Response headers

cf-cache-status: HIT
etag: "6747379a-335d"
age: 3086
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=3n%2B0nKtBa8QwdijmGSiy%2BIOh1cyr%2FLMoUuMVgQAM1cf13p3bK6R7DhPvdqwHTkvKfEvwckVLnWjvD3fJan6K5hOb8R323hWny0rfMU0OPgNDP%2Bq7BtJb0poldk8Fr%2FDelT1ChHiBFPo%3D"}],"group":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=35220&min_rtt=21600&rtt_var=9015&sent=178&recv=79&lost=0&retrans=0&sent_bytes=183674&recv_bytes=17309&delivery_rate=624970&cwnd=60000&unsent_bytes=0&cid=d930a9eeca47e4ab&ts=957&x=1", cfExtPri, cfHdrFlush;dur=0
date: Thu, 12 Dec 2024 04:21:47 GMT
content-type: image/jpeg
last-modified: Wed, 27 Nov 2024 15:15:38 GMT
vary: Accept-Encoding
priority: u=3,i
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 8f0aedfb0a38c461-EWR
accept-ranges: bytes
content-length: 13149
server: cloudflare

GET
H3 200 rec-6.jpg
qwfuu.topads-site.com/fdze4mod1i/assets/ 16 KB
16 KB 89ms
86ms Image
image/jpeg 172.67.190.135
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://qwfuu.topads-site.com/fdze4mod1i/assets/rec-6.jpg
Requested by: Host: qwfuu.topads-site.com
URL: https://qwfuu.topads-site.com/fdze4mod1i/?pl=W7-lkuObDEWXzHM4LgqUhA&sm=phn&click_id=f1a0de4ffda52f161454304881f9075e-11246-1212&sub_id=parkdom&nrid=f4094887f2e24fecb802d82475f3e65b&tbd=864000&hash=fGAbryy1UlDlSqCPwvx_cw&exp=1733977606
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.190.135 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6e1e474a8fc326cd06593e0c1a55d0e73126ada3bf169713b847e82d28646773

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://qwfuu.topads-site.com/fdze4mod1i/?pl=W7-lkuObDEWXzHM4LgqUhA&sm=phn&click_id=f1a0de4ffda52f161454304881f9075e-11246-1212&sub_id=parkdom&nrid=f4094887f2e24fecb802d82475f3e65b&tbd=864000&hash=fGAbryy1UlDlSqCPwvx_cw&exp=1733977606

Response headers

cf-cache-status: HIT
etag: "6747379a-3e74"
age: 3086
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=aoo0dPy5ctrtfNijM4vKbBnCOBYoSCjga%2B%2F4XYjHgadyCouKjR12Bq%2B1xpDVoshtoTxnZEx1HIswNzjqlA7oJRGP%2FGgYxO4cJEvH4SBox6EViknegCwJNEs6ZEnvUezzw6DHsp0dA50%3D"}],"group":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=35220&min_rtt=21600&rtt_var=9015&sent=193&recv=79&lost=0&retrans=0&sent_bytes=200227&recv_bytes=17309&delivery_rate=624970&cwnd=60000&unsent_bytes=0&cid=d930a9eeca47e4ab&ts=964&x=1", cfExtPri, cfHdrFlush;dur=28
date: Thu, 12 Dec 2024 04:21:47 GMT
content-type: image/jpeg
last-modified: Wed, 27 Nov 2024 15:15:38 GMT
vary: Accept-Encoding
priority: u=3,i
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 8f0aedfb0a3ec461-EWR
accept-ranges: bytes
content-length: 15988
server: cloudflare

GET
H3 200 rec-7.jpg
qwfuu.topads-site.com/fdze4mod1i/assets/ 14 KB
14 KB 63ms
60ms Image
image/jpeg 172.67.190.135
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://qwfuu.topads-site.com/fdze4mod1i/assets/rec-7.jpg
Requested by: Host: qwfuu.topads-site.com
URL: https://qwfuu.topads-site.com/fdze4mod1i/?pl=W7-lkuObDEWXzHM4LgqUhA&sm=phn&click_id=f1a0de4ffda52f161454304881f9075e-11246-1212&sub_id=parkdom&nrid=f4094887f2e24fecb802d82475f3e65b&tbd=864000&hash=fGAbryy1UlDlSqCPwvx_cw&exp=1733977606
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.190.135 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: edb8c2bdc0f5612a5bf789af233ccaa63dd3751fbfaffb01be48e6e43e78b0bc

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://qwfuu.topads-site.com/fdze4mod1i/?pl=W7-lkuObDEWXzHM4LgqUhA&sm=phn&click_id=f1a0de4ffda52f161454304881f9075e-11246-1212&sub_id=parkdom&nrid=f4094887f2e24fecb802d82475f3e65b&tbd=864000&hash=fGAbryy1UlDlSqCPwvx_cw&exp=1733977606

Response headers

cf-cache-status: HIT
etag: "6747379a-368b"
age: 3085
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=zU6ZtHKnC44GGpvXfCgXEw8OIEBjFZvotZvRhL6X9xD65UaJJojlBa%2FBvvotK%2FvmXuPSdhxDBTyLU%2BFm6XHb3UBN8UuiDQP0gwrGII7aS5AOq7zxY%2BhewKwxtjuWmPrSK38%2FffpbvZI%3D"}],"group":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=35220&min_rtt=21600&rtt_var=9015&sent=190&recv=79&lost=0&retrans=0&sent_bytes=197795&recv_bytes=17309&delivery_rate=624970&cwnd=60000&unsent_bytes=0&cid=d930a9eeca47e4ab&ts=958&x=1", cfExtPri, cfHdrFlush;dur=0
date: Thu, 12 Dec 2024 04:21:47 GMT
content-type: image/jpeg
last-modified: Wed, 27 Nov 2024 15:15:38 GMT
vary: Accept-Encoding
priority: u=3,i
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 8f0aedfb0a43c461-EWR
accept-ranges: bytes
content-length: 13963
server: cloudflare

GET
H3 200 rec-8.jpg
qwfuu.topads-site.com/fdze4mod1i/assets/ 13 KB
13 KB 92ms
89ms Image
image/jpeg 172.67.190.135
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://qwfuu.topads-site.com/fdze4mod1i/assets/rec-8.jpg
Requested by: Host: qwfuu.topads-site.com
URL: https://qwfuu.topads-site.com/fdze4mod1i/?pl=W7-lkuObDEWXzHM4LgqUhA&sm=phn&click_id=f1a0de4ffda52f161454304881f9075e-11246-1212&sub_id=parkdom&nrid=f4094887f2e24fecb802d82475f3e65b&tbd=864000&hash=fGAbryy1UlDlSqCPwvx_cw&exp=1733977606
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.190.135 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4fad6c5d1cd5bdb7eea1b216774e831a6e59a11ddcc8b0881747a4d278d86940

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://qwfuu.topads-site.com/fdze4mod1i/?pl=W7-lkuObDEWXzHM4LgqUhA&sm=phn&click_id=f1a0de4ffda52f161454304881f9075e-11246-1212&sub_id=parkdom&nrid=f4094887f2e24fecb802d82475f3e65b&tbd=864000&hash=fGAbryy1UlDlSqCPwvx_cw&exp=1733977606

Response headers

cf-cache-status: HIT
etag: "6747379a-32c0"
age: 3085
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=tpCltUdRsYHKwEHgaCFcke0eRUFZ4oh8IZRmeOdzaUQmHu1pPVmjhF6P5nHYsNWZ0zM%2B7vYrVHxZvAWcsRR4MutO65uVBQwl26umIaBP2wruSWgOTqrY1ecb2UUTgn38gy6z7vZ4ZG8%3D"}],"group":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=35220&min_rtt=21600&rtt_var=9015&sent=193&recv=79&lost=0&retrans=0&sent_bytes=200227&recv_bytes=17309&delivery_rate=624970&cwnd=60000&unsent_bytes=0&cid=d930a9eeca47e4ab&ts=964&x=1", cfExtPri, cfHdrFlush;dur=32
date: Thu, 12 Dec 2024 04:21:47 GMT
content-type: image/jpeg
last-modified: Wed, 27 Nov 2024 15:15:38 GMT
vary: Accept-Encoding
priority: u=3,i
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 8f0aedfb0a45c461-EWR
accept-ranges: bytes
content-length: 12992
server: cloudflare

GET
H3 200 1.jpg
qwfuu.topads-site.com/fdze4mod1i/assets/ 14 KB
15 KB 92ms
90ms Image
image/jpeg 172.67.190.135
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://qwfuu.topads-site.com/fdze4mod1i/assets/1.jpg
Requested by: Host: qwfuu.topads-site.com
URL: https://qwfuu.topads-site.com/fdze4mod1i/?pl=W7-lkuObDEWXzHM4LgqUhA&sm=phn&click_id=f1a0de4ffda52f161454304881f9075e-11246-1212&sub_id=parkdom&nrid=f4094887f2e24fecb802d82475f3e65b&tbd=864000&hash=fGAbryy1UlDlSqCPwvx_cw&exp=1733977606
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.190.135 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 098b2a4c2b05fc238c6eae8654ea2a3bc9d5fac7c59cb420242d405fcc83ed47

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://qwfuu.topads-site.com/fdze4mod1i/?pl=W7-lkuObDEWXzHM4LgqUhA&sm=phn&click_id=f1a0de4ffda52f161454304881f9075e-11246-1212&sub_id=parkdom&nrid=f4094887f2e24fecb802d82475f3e65b&tbd=864000&hash=fGAbryy1UlDlSqCPwvx_cw&exp=1733977606

Response headers

cf-cache-status: HIT
etag: "6747379a-3844"
age: 3085
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Ksaajeu4sUn9yt9BOuM8oqcphpBmOMz%2FuObh7r%2FalgcOZs5gveiCbXFpbyoQbHDYEL6tAp3XSy5xpH0oDF99%2FES%2BZsdvCErkPIC6jeldGkiI%2F1VPDbpiZpNPjy2kub%2BPp98awfZMbqw%3D"}],"group":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=35220&min_rtt=21600&rtt_var=9015&sent=193&recv=79&lost=0&retrans=0&sent_bytes=200227&recv_bytes=17309&delivery_rate=624970&cwnd=60000&unsent_bytes=0&cid=d930a9eeca47e4ab&ts=964&x=1", cfExtPri, cfHdrFlush;dur=32
date: Thu, 12 Dec 2024 04:21:47 GMT
content-type: image/jpeg
last-modified: Wed, 27 Nov 2024 15:15:38 GMT
vary: Accept-Encoding
priority: u=3,i
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 8f0aedfb0a48c461-EWR
accept-ranges: bytes
content-length: 14404
server: cloudflare

GET
H3 200 2.jpg
qwfuu.topads-site.com/fdze4mod1i/assets/ 21 KB
21 KB 95ms
92ms Image
image/jpeg 172.67.190.135
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://qwfuu.topads-site.com/fdze4mod1i/assets/2.jpg
Requested by: Host: qwfuu.topads-site.com
URL: https://qwfuu.topads-site.com/fdze4mod1i/?pl=W7-lkuObDEWXzHM4LgqUhA&sm=phn&click_id=f1a0de4ffda52f161454304881f9075e-11246-1212&sub_id=parkdom&nrid=f4094887f2e24fecb802d82475f3e65b&tbd=864000&hash=fGAbryy1UlDlSqCPwvx_cw&exp=1733977606
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.190.135 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 626b570f2ffdf83add77f51246ccb195fec4c15e4289173b8183cd47e7cfd763

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://qwfuu.topads-site.com/fdze4mod1i/?pl=W7-lkuObDEWXzHM4LgqUhA&sm=phn&click_id=f1a0de4ffda52f161454304881f9075e-11246-1212&sub_id=parkdom&nrid=f4094887f2e24fecb802d82475f3e65b&tbd=864000&hash=fGAbryy1UlDlSqCPwvx_cw&exp=1733977606

Response headers

cf-cache-status: HIT
etag: "6747379a-5305"
age: 3085
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=0zZieB5YY7aCdgAujv%2FRGLlUqt%2Ba4eQxP9I2hRL9a9jhRseu7gaRM%2FlajG1BhpKV990gNzBDrsnYk%2ByaHQJnGvmeMnq48tO3Z%2FuUxTMw5xDGZxnKSlOIsAmyTlDFsWQkN2p193tq34o%3D"}],"group":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=35220&min_rtt=21600&rtt_var=9015&sent=193&recv=79&lost=0&retrans=0&sent_bytes=200227&recv_bytes=17309&delivery_rate=624970&cwnd=60000&unsent_bytes=0&cid=d930a9eeca47e4ab&ts=965&x=1", cfExtPri, cfHdrFlush;dur=33
date: Thu, 12 Dec 2024 04:21:47 GMT
content-type: image/jpeg
last-modified: Wed, 27 Nov 2024 15:15:38 GMT
vary: Accept-Encoding
priority: u=3,i
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 8f0aedfb0a4ac461-EWR
accept-ranges: bytes
content-length: 21253
server: cloudflare

GET
H3 200 3.jpg
qwfuu.topads-site.com/fdze4mod1i/assets/ 11 KB
12 KB 98ms
95ms Image
image/jpeg 172.67.190.135
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://qwfuu.topads-site.com/fdze4mod1i/assets/3.jpg
Requested by: Host: qwfuu.topads-site.com
URL: https://qwfuu.topads-site.com/fdze4mod1i/?pl=W7-lkuObDEWXzHM4LgqUhA&sm=phn&click_id=f1a0de4ffda52f161454304881f9075e-11246-1212&sub_id=parkdom&nrid=f4094887f2e24fecb802d82475f3e65b&tbd=864000&hash=fGAbryy1UlDlSqCPwvx_cw&exp=1733977606
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.190.135 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 55fddecdb3ed8e536018523555d995f39f85304bbc00f65ab96472236b57a49a

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://qwfuu.topads-site.com/fdze4mod1i/?pl=W7-lkuObDEWXzHM4LgqUhA&sm=phn&click_id=f1a0de4ffda52f161454304881f9075e-11246-1212&sub_id=parkdom&nrid=f4094887f2e24fecb802d82475f3e65b&tbd=864000&hash=fGAbryy1UlDlSqCPwvx_cw&exp=1733977606

Response headers

cf-cache-status: HIT
etag: "6747379a-2b56"
age: 3085
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=x8Hl07QNI2JYSzW4yCT1hf5mV9WaSHF4zshFCKmx%2BheTQ833Dp7kQSQFzB2amZhy%2Fo6ZIsM2N8u2xp0qBfKwPlvs4knGRhzr%2F%2FaoG8lgszC1x3MTKWaKkKAN1VnQ4DnVuPtOfMVijI0%3D"}],"group":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=35220&min_rtt=21600&rtt_var=9015&sent=193&recv=79&lost=0&retrans=0&sent_bytes=200227&recv_bytes=17309&delivery_rate=624970&cwnd=60000&unsent_bytes=0&cid=d930a9eeca47e4ab&ts=964&x=1", cfExtPri, cfHdrFlush;dur=36
date: Thu, 12 Dec 2024 04:21:47 GMT
content-type: image/jpeg
last-modified: Wed, 27 Nov 2024 15:15:38 GMT
vary: Accept-Encoding
priority: u=3,i
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 8f0aedfb0a4cc461-EWR
accept-ranges: bytes
content-length: 11094
server: cloudflare

GET
H3 200 4.jpg
qwfuu.topads-site.com/fdze4mod1i/assets/ 13 KB
14 KB 98ms
96ms Image
image/jpeg 172.67.190.135
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://qwfuu.topads-site.com/fdze4mod1i/assets/4.jpg
Requested by: Host: qwfuu.topads-site.com
URL: https://qwfuu.topads-site.com/fdze4mod1i/?pl=W7-lkuObDEWXzHM4LgqUhA&sm=phn&click_id=f1a0de4ffda52f161454304881f9075e-11246-1212&sub_id=parkdom&nrid=f4094887f2e24fecb802d82475f3e65b&tbd=864000&hash=fGAbryy1UlDlSqCPwvx_cw&exp=1733977606
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.190.135 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 44d3bf237a20f5d36a663aedd4a909a6118e6e35d6fe84971861f5638c070ecd

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://qwfuu.topads-site.com/fdze4mod1i/?pl=W7-lkuObDEWXzHM4LgqUhA&sm=phn&click_id=f1a0de4ffda52f161454304881f9075e-11246-1212&sub_id=parkdom&nrid=f4094887f2e24fecb802d82475f3e65b&tbd=864000&hash=fGAbryy1UlDlSqCPwvx_cw&exp=1733977606

Response headers

cf-cache-status: HIT
etag: "6747379a-352b"
age: 3085
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=MHxTSwvlvk6wpI8IjTKOBKKpnAtOmYlYAmJOlZaIICxjM8%2B6gNnGL%2FtHOBu81I01wrEci8VvmOf3nKNMtD32DfUPROoJqA1qEu%2F1gbzWtHr3N8G8MaM1UK5XKfmhZQg%2Bol8sJ4wlH5I%3D"}],"group":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=35220&min_rtt=21600&rtt_var=9015&sent=193&recv=79&lost=0&retrans=0&sent_bytes=200227&recv_bytes=17309&delivery_rate=624970&cwnd=60000&unsent_bytes=0&cid=d930a9eeca47e4ab&ts=966&x=1", cfExtPri, cfHdrFlush;dur=34
date: Thu, 12 Dec 2024 04:21:47 GMT
content-type: image/jpeg
last-modified: Wed, 27 Nov 2024 15:15:38 GMT
vary: Accept-Encoding
priority: u=3,i
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 8f0aedfb0a51c461-EWR
accept-ranges: bytes
content-length: 13611
server: cloudflare

GET
H3 200 5.jpg
qwfuu.topads-site.com/fdze4mod1i/assets/ 11 KB
12 KB 100ms
98ms Image
image/jpeg 172.67.190.135
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://qwfuu.topads-site.com/fdze4mod1i/assets/5.jpg
Requested by: Host: qwfuu.topads-site.com
URL: https://qwfuu.topads-site.com/fdze4mod1i/?pl=W7-lkuObDEWXzHM4LgqUhA&sm=phn&click_id=f1a0de4ffda52f161454304881f9075e-11246-1212&sub_id=parkdom&nrid=f4094887f2e24fecb802d82475f3e65b&tbd=864000&hash=fGAbryy1UlDlSqCPwvx_cw&exp=1733977606
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.190.135 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 34a3bc9a7aee67e35d57d4bb0bdccf08c3639da85d2421c58f6c4a92f5eee5e1

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://qwfuu.topads-site.com/fdze4mod1i/?pl=W7-lkuObDEWXzHM4LgqUhA&sm=phn&click_id=f1a0de4ffda52f161454304881f9075e-11246-1212&sub_id=parkdom&nrid=f4094887f2e24fecb802d82475f3e65b&tbd=864000&hash=fGAbryy1UlDlSqCPwvx_cw&exp=1733977606

Response headers

cf-cache-status: HIT
etag: "6747379a-2dc1"
age: 3085
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=UUH1nUEmrf83MeChPSdbvSBXo3VOQkfTLDXfY64YuZ4%2Bk9WXYq%2BOy3nGTk9epwmLZ0t%2FLc0Rf1O9j78x9c7fHZi9ETyfVUwXmBJk2UW0Xv3dSJ%2BbNxYmALuMOPJvfjjvE7M%2FoTVX0iM%3D"}],"group":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=35220&min_rtt=21600&rtt_var=9015&sent=193&recv=79&lost=0&retrans=0&sent_bytes=200227&recv_bytes=17309&delivery_rate=624970&cwnd=60000&unsent_bytes=0&cid=d930a9eeca47e4ab&ts=974&x=1", cfExtPri, cfHdrFlush;dur=29
date: Thu, 12 Dec 2024 04:21:47 GMT
content-type: image/jpeg
last-modified: Wed, 27 Nov 2024 15:15:38 GMT
vary: Accept-Encoding
priority: u=3,i
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 8f0aedfb0a54c461-EWR
accept-ranges: bytes
content-length: 11713
server: cloudflare

GET
H2 200 firebase-app-compat.js Show response
www.gstatic.com/firebasejs/10.3.1/ 28 KB
10 KB 427ms
22ms Script
text/javascript 142.250.65.227
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/firebasejs/10.3.1/firebase-app-compat.js

Requested by

Host: qwfuu.topads-site.com
URL: https://qwfuu.topads-site.com/ps/ps.js?&edg=true&sw=&fullscreen=true&pl=true&pp=false&id=W7-lkuObDEWXzHM4LgqUhA&sm=phn&click_id=f1a0de4ffda52f161454304881f9075e-11246-1212&sub_id=parkdom&appspot=&d=https%3A%2F%2Fqwfuu.topads-site.com&timeout=864000&tb=true&nrid=f4094887f2e24fecb802d82475f3e65b

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.65.227 Plainview, United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga25s73-in-f3.1e100.net

Software

sffe /

Resource Hash

a202b2051ea9810cd9ba592b3f9418a89e2062f5c185e29e288080b28eb64fe5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://qwfuu.topads-site.com/

Response headers

content-encoding: gzip
age: 487817
report-to: {"group":"firebase-js","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/firebase-js"}]}
x-content-type-options: nosniff
expires: Sat, 06 Dec 2025 12:51:30 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Fri, 06 Dec 2024 12:51:30 GMT
last-modified: Thu, 31 Aug 2023 15:20:38 GMT
content-type: text/javascript; charset=UTF-8
vary: Accept-Encoding
cache-control: public, max-age=31536000
cross-origin-opener-policy: same-origin-allow-popups; report-to="firebase-js"
cross-origin-resource-policy: cross-origin
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/firebase-js
accept-ranges: bytes
access-control-allow-origin: *
content-length: 9308
x-xss-protection: 0
server: sffe

GET
H2 200 firebase-messaging-compat.js Show response
www.gstatic.com/firebasejs/10.3.1/ 37 KB
10 KB 29ms
28ms Script
text/javascript 142.250.65.227
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/firebasejs/10.3.1/firebase-messaging-compat.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.65.227 Plainview, United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga25s73-in-f3.1e100.net

Software

sffe /

Resource Hash

21f1d62f222007068c793f0947d98f4ccb7c1595adb68efeb783390fdd8b5522

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://qwfuu.topads-site.com/

Response headers

content-encoding: gzip
age: 553968
report-to: {"group":"firebase-js","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/firebase-js"}]}
x-content-type-options: nosniff
expires: Fri, 05 Dec 2025 18:28:59 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Thu, 05 Dec 2024 18:28:59 GMT
last-modified: Thu, 31 Aug 2023 15:20:50 GMT
content-type: text/javascript; charset=UTF-8
vary: Accept-Encoding
cache-control: public, max-age=31536000
cross-origin-opener-policy: same-origin-allow-popups; report-to="firebase-js"
cross-origin-resource-policy: cross-origin
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/firebase-js
accept-ranges: bytes
access-control-allow-origin: *
content-length: 9934
x-xss-protection: 0
server: sffe

GET
H3 204 favicon.ico
qwfuu.topads-site.com/ 0
640 B 34ms
33ms Other
text/plain 172.67.190.135
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://qwfuu.topads-site.com/favicon.ico
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.190.135 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://qwfuu.topads-site.com/fdze4mod1i/?pl=W7-lkuObDEWXzHM4LgqUhA&sm=phn&click_id=f1a0de4ffda52f161454304881f9075e-11246-1212&sub_id=parkdom&nrid=f4094887f2e24fecb802d82475f3e65b&tbd=864000&hash=fGAbryy1UlDlSqCPwvx_cw&exp=1733977606

Response headers

cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-cache-status: HIT
age: 3107
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=QdPFK%2FxC7BPabJA1lU4bJ1Ilrd890NecNjtSR01SXFezy%2BUV%2FfduEZ%2BkF5P3gy1M4QoB33Q7X7ZqfKAWF15W%2BYfTzrqbhQ9PFl0UMhjUm%2BShUQCnmmAKxuwLqKaQfm9YKtYi5jsVzPQ%3D"}],"group":"cf-nel","max_age":604800}
cf-ray: 8f0aedfecedbc461-EWR
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=38804&min_rtt=21600&rtt_var=3699&sent=318&recv=100&lost=0&retrans=0&sent_bytes=332050&recv_bytes=19244&delivery_rate=2264879&cwnd=91200&unsent_bytes=0&cid=d930a9eeca47e4ab&ts=1549&x=1", cfExtPri, cfHdrFlush;dur=0
date: Thu, 12 Dec 2024 04:21:47 GMT
vary: Accept-Encoding
server: cloudflare
priority: u=1,i

GET
H3 204 favicon.ico
qwfuu.topads-site.com/ 0
0 0ms
0ms Other
text/plain 172.67.190.135
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://qwfuu.topads-site.com/favicon.ico
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.190.135 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://qwfuu.topads-site.com/fdze4mod1i/?pl=W7-lkuObDEWXzHM4LgqUhA&sm=phn&click_id=f1a0de4ffda52f161454304881f9075e-11246-1212&sub_id=parkdom&nrid=f4094887f2e24fecb802d82475f3e65b&tbd=864000&hash=fGAbryy1UlDlSqCPwvx_cw&exp=1733977606

Response headers

cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-cache-status: HIT
age: 3107
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=QdPFK%2FxC7BPabJA1lU4bJ1Ilrd890NecNjtSR01SXFezy%2BUV%2FfduEZ%2BkF5P3gy1M4QoB33Q7X7ZqfKAWF15W%2BYfTzrqbhQ9PFl0UMhjUm%2BShUQCnmmAKxuwLqKaQfm9YKtYi5jsVzPQ%3D"}],"group":"cf-nel","max_age":604800}
cf-ray: 8f0aedfecedbc461-EWR
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=38804&min_rtt=21600&rtt_var=3699&sent=318&recv=100&lost=0&retrans=0&sent_bytes=332050&recv_bytes=19244&delivery_rate=2264879&cwnd=91200&unsent_bytes=0&cid=d930a9eeca47e4ab&ts=1549&x=1", cfExtPri, cfHdrFlush;dur=0
date: Thu, 12 Dec 2024 04:21:47 GMT
vary: Accept-Encoding
server: cloudflare
priority: u=1,i

GET
H3 200 / Show response
qwfuu.topads-site.com/fdze4mod1i/ 60 KB
647 B 144ms
144ms Document
text/html 172.67.190.135
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://qwfuu.topads-site.com/fdze4mod1i/?pl=W7-lkuObDEWXzHM4LgqUhA&sm=phn&click_id=f1a0de4ffda52f161454304881f9075e-11246-1212&sub_id=parkdom&nrid=f4094887f2e24fecb802d82475f3e65b&tbd=864000&hash=fGAbryy1UlDlSqCPwvx_cw&exp=1733977606
Requested by: Host: qwfuu.topads-site.com
URL: https://qwfuu.topads-site.com/ps/ps.js?&edg=true&sw=&fullscreen=true&pl=true&pp=false&id=W7-lkuObDEWXzHM4LgqUhA&sm=phn&click_id=f1a0de4ffda52f161454304881f9075e-11246-1212&sub_id=parkdom&appspot=&d=https%3A%2F%2Fqwfuu.topads-site.com&timeout=864000&tb=true&nrid=f4094887f2e24fecb802d82475f3e65b
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.190.135 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: cd2332792852c2a4c36d68e5eca29051c31d1644d61646b691615aa6ceeaa49e

Request headers

Referer: https://qwfuu.topads-site.com/fdze4mod1i/?pl=W7-lkuObDEWXzHM4LgqUhA&sm=phn&click_id=f1a0de4ffda52f161454304881f9075e-11246-1212&sub_id=parkdom&nrid=f4094887f2e24fecb802d82475f3e65b&tbd=864000&hash=fGAbryy1UlDlSqCPwvx_cw&exp=1733977606
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

alt-svc: h3=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 8f0aee09cc72c461-EWR
content-encoding: zstd
content-type: text/html
date: Thu, 12 Dec 2024 04:21:49 GMT
last-modified: Wed, 27 Nov 2024 15:15:38 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
priority: u=0,i
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=1Oh6GI%2FKG%2FnqAXoYIbznlB3OKr9vwYkUFjaIysgIOZx%2BRmGWBbL5zhbF7w3JC54vCRaviSgE8Fv2%2B5zUklBbQIIFbFRChdFXUtVgNxtXjUxfQBAYOJda6CHXa%2FrnzgEtptwZLMbwRX0%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
server-timing: cfL4;desc="?proto=QUIC&rtt=36863&min_rtt=21600&rtt_var=6654&sent=322&recv=102&lost=0&retrans=0&sent_bytes=334468&recv_bytes=20058&delivery_rate=69304&cwnd=91200&unsent_bytes=0&cid=d930a9eeca47e4ab&ts=3406&x=1" cfExtPri cfHdrFlush;dur=0

GET
H3 200 main.js Show response
qwfuu.topads-site.com/fdze4mod1i/assets/ 7 KB
0 1ms
1ms Script
application/javascript 172.67.190.135
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://qwfuu.topads-site.com/fdze4mod1i/assets/main.js
Requested by: Host: qwfuu.topads-site.com
URL: https://qwfuu.topads-site.com/fdze4mod1i/?pl=W7-lkuObDEWXzHM4LgqUhA&sm=phn&click_id=f1a0de4ffda52f161454304881f9075e-11246-1212&sub_id=parkdom&nrid=f4094887f2e24fecb802d82475f3e65b&tbd=864000&hash=fGAbryy1UlDlSqCPwvx_cw&exp=1733977606
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.190.135 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 1824cd327adc006e13218157aa28338d22249c3b2a7fcfa090072b8dfdf08a87

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://qwfuu.topads-site.com/fdze4mod1i/?pl=W7-lkuObDEWXzHM4LgqUhA&sm=phn&click_id=f1a0de4ffda52f161454304881f9075e-11246-1212&sub_id=parkdom&nrid=f4094887f2e24fecb802d82475f3e65b&tbd=864000&hash=fGAbryy1UlDlSqCPwvx_cw&exp=1733977606

Response headers

content-encoding: zstd
cf-cache-status: HIT
etag: W/"6747379a-1d62"
age: 3138
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=2kLd0IRG9E0G7tE56sOzS3b4%2BXtfmQarct2yRfJE4D8Su56%2FYNmva6JBX8hi8z4VF3IxaELKxoX%2FTNKSJrRg7we7mHS8tm6nCNIhjGZo8MvbIt5w7XlRCXeBKUevofCYizMaOaL4ejg%3D"}],"group":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=23796&min_rtt=21600&rtt_var=2444&sent=35&recv=21&lost=0&retrans=0&sent_bytes=26454&recv_bytes=6455&delivery_rate=498021&cwnd=14400&unsent_bytes=0&cid=d930a9eeca47e4ab&ts=405&x=1", cfExtPri, cfHdrFlush;dur=0
date: Thu, 12 Dec 2024 04:21:46 GMT
content-type: application/javascript
last-modified: Wed, 27 Nov 2024 15:15:38 GMT
vary: Accept-Encoding
priority: u=1,i=?0
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 8f0aedf79d8cc461-EWR
server: cloudflare

GET
H3 200 style.css
qwfuu.topads-site.com/fdze4mod1i/assets/ 22 KB
0 1ms
1ms Stylesheet
text/css 172.67.190.135
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://qwfuu.topads-site.com/fdze4mod1i/assets/style.css
Requested by: Host: qwfuu.topads-site.com
URL: https://qwfuu.topads-site.com/fdze4mod1i/?pl=W7-lkuObDEWXzHM4LgqUhA&sm=phn&click_id=f1a0de4ffda52f161454304881f9075e-11246-1212&sub_id=parkdom&nrid=f4094887f2e24fecb802d82475f3e65b&tbd=864000&hash=fGAbryy1UlDlSqCPwvx_cw&exp=1733977606
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.190.135 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e9de09f269bed108c6c88f6f5f0650db1547a23e6f180b5fd212869cd7b4990c

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://qwfuu.topads-site.com/fdze4mod1i/?pl=W7-lkuObDEWXzHM4LgqUhA&sm=phn&click_id=f1a0de4ffda52f161454304881f9075e-11246-1212&sub_id=parkdom&nrid=f4094887f2e24fecb802d82475f3e65b&tbd=864000&hash=fGAbryy1UlDlSqCPwvx_cw&exp=1733977606

Response headers

content-encoding: gzip
cf-cache-status: HIT
etag: W/"6747379a-58e5"
age: 3138
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=OZV1%2FjSUqCt6UgU%2FXIdXB7MZ1N1rh%2Ff%2FFvBEvKiDaUp2ivGzkZ3gqYOZy95ajwgKXUGjwqq2tmVNDP8kqprugRo7lJCq5fY7FfGpQnC1X4Q9vX%2FPdew31dkJpn7quyAi2aZbdydjuyE%3D"}],"group":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=23796&min_rtt=21600&rtt_var=2444&sent=31&recv=21&lost=0&retrans=0&sent_bytes=22035&recv_bytes=6455&delivery_rate=498021&cwnd=14400&unsent_bytes=0&cid=d930a9eeca47e4ab&ts=402&x=1", cfExtPri, cfHdrFlush;dur=0
date: Thu, 12 Dec 2024 04:21:46 GMT
content-type: text/css
last-modified: Wed, 27 Nov 2024 15:15:38 GMT
vary: Accept-Encoding
priority: u=0,i=?0
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 8f0aedf79d8fc461-EWR
server: cloudflare

GET
H3 200 thumb-big.jpg
qwfuu.topads-site.com/fdze4mod1i/assets/ 81 KB
0 2ms
2ms Image
image/jpeg 172.67.190.135
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://qwfuu.topads-site.com/fdze4mod1i/assets/thumb-big.jpg
Requested by: Host: qwfuu.topads-site.com
URL: https://qwfuu.topads-site.com/fdze4mod1i/?pl=W7-lkuObDEWXzHM4LgqUhA&sm=phn&click_id=f1a0de4ffda52f161454304881f9075e-11246-1212&sub_id=parkdom&nrid=f4094887f2e24fecb802d82475f3e65b&tbd=864000&hash=fGAbryy1UlDlSqCPwvx_cw&exp=1733977606
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.190.135 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: deaddba93625d2c7610076927fcd37afadad9324ca3210a2bb12784d313dd788

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://qwfuu.topads-site.com/fdze4mod1i/?pl=W7-lkuObDEWXzHM4LgqUhA&sm=phn&click_id=f1a0de4ffda52f161454304881f9075e-11246-1212&sub_id=parkdom&nrid=f4094887f2e24fecb802d82475f3e65b&tbd=864000&hash=fGAbryy1UlDlSqCPwvx_cw&exp=1733977606

Response headers

cf-cache-status: HIT
etag: "6747379a-142bf"
age: 3138
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=240nIiGdHaChi0Bx2Az72cab4dFpg%2BP8aY%2BaMCMvZqQzpulSpUk5tsfQCSDA0ZDKtHg6tpVdO3N3UH4Y7THspb3PMRMVDzPYsaOxgyWr1e7IMzh04XXWcJpb9Vox%2FVqy9naswKM0yBA%3D"}],"group":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=23796&min_rtt=21600&rtt_var=2444&sent=39&recv=21&lost=0&retrans=0&sent_bytes=30320&recv_bytes=6455&delivery_rate=498021&cwnd=14400&unsent_bytes=0&cid=d930a9eeca47e4ab&ts=407&x=1", cfExtPri, cfHdrFlush;dur=0
date: Thu, 12 Dec 2024 04:21:46 GMT
content-type: image/jpeg
last-modified: Wed, 27 Nov 2024 15:15:38 GMT
vary: Accept-Encoding
priority: u=2,i
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 8f0aedf79d90c461-EWR
accept-ranges: bytes
content-length: 82623
server: cloudflare

GET
H3 200 terms.js Show response
qwfuu.topads-site.com/shared-js/assets/ 15 KB
0 2ms
2ms Script
application/javascript 172.67.190.135
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://qwfuu.topads-site.com/shared-js/assets/terms.js?v=3
Requested by: Host: qwfuu.topads-site.com
URL: https://qwfuu.topads-site.com/fdze4mod1i/?pl=W7-lkuObDEWXzHM4LgqUhA&sm=phn&click_id=f1a0de4ffda52f161454304881f9075e-11246-1212&sub_id=parkdom&nrid=f4094887f2e24fecb802d82475f3e65b&tbd=864000&hash=fGAbryy1UlDlSqCPwvx_cw&exp=1733977606
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.190.135 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c46c955ff315766d3f9454fae48c7043233a2490689086c8613dbb37bca8fc46

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://qwfuu.topads-site.com/fdze4mod1i/?pl=W7-lkuObDEWXzHM4LgqUhA&sm=phn&click_id=f1a0de4ffda52f161454304881f9075e-11246-1212&sub_id=parkdom&nrid=f4094887f2e24fecb802d82475f3e65b&tbd=864000&hash=fGAbryy1UlDlSqCPwvx_cw&exp=1733977606

Response headers

content-encoding: zstd
cf-cache-status: HIT
etag: W/"67475928-3c54"
age: 3142
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=lJL8%2FxcjphQarGePYjyIEi9mgsTu3rYHS0dOzg0vnDwoHPB2%2F%2BkQPWXwYZUnmsHLHD6YlnNGPvESkjH9S5CuPAeTfJsnSzxPLyfNE7tXVYP6r4vToZzTkiIOSXeNi%2FoPUho7wgMfDss%3D"}],"group":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=23797&min_rtt=21600&rtt_var=1834&sent=45&recv=22&lost=0&retrans=0&sent_bytes=36435&recv_bytes=6924&delivery_rate=409777&cwnd=14400&unsent_bytes=0&cid=d930a9eeca47e4ab&ts=426&x=1", cfExtPri, cfHdrFlush;dur=2
date: Thu, 12 Dec 2024 04:21:46 GMT
content-type: application/javascript
last-modified: Wed, 27 Nov 2024 17:38:48 GMT
vary: Accept-Encoding
priority: u=2,i=?0
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 8f0aedf7bde5c461-EWR
server: cloudflare

GET
H3 200 static-pl.js Show response
qwfuu.topads-site.com/shared-js/assets/ 5 KB
0 0ms
0ms Script
application/javascript 172.67.190.135
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://qwfuu.topads-site.com/shared-js/assets/static-pl.js?v=6
Requested by: Host: qwfuu.topads-site.com
URL: https://qwfuu.topads-site.com/fdze4mod1i/?pl=W7-lkuObDEWXzHM4LgqUhA&sm=phn&click_id=f1a0de4ffda52f161454304881f9075e-11246-1212&sub_id=parkdom&nrid=f4094887f2e24fecb802d82475f3e65b&tbd=864000&hash=fGAbryy1UlDlSqCPwvx_cw&exp=1733977606
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.190.135 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f98b22d07cb47175205b82d6d2a60409799180788712f097facbe2cdfffc6a28

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://qwfuu.topads-site.com/fdze4mod1i/?pl=W7-lkuObDEWXzHM4LgqUhA&sm=phn&click_id=f1a0de4ffda52f161454304881f9075e-11246-1212&sub_id=parkdom&nrid=f4094887f2e24fecb802d82475f3e65b&tbd=864000&hash=fGAbryy1UlDlSqCPwvx_cw&exp=1733977606

Response headers

content-encoding: zstd
cf-cache-status: HIT
etag: W/"6747379a-1261"
age: 3114
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=lxVa2DMoqmg5ZQJkj4Fdv44XUea8R8M4LELB5VYtJUnwMfWUiHUC7qZqH4GDVTRvy8uMP7VHDacuVhkVEi9dTbyG4TDdk17tGMtpEsmNhIlyMr4KSS2IKRLGdSgceBfeXpIuzdkaJtI%3D"}],"group":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=26688&min_rtt=21600&rtt_var=2396&sent=70&recv=29&lost=0&retrans=0&sent_bytes=64447&recv_bytes=7654&delivery_rate=387802&cwnd=28800&unsent_bytes=0&cid=d930a9eeca47e4ab&ts=444&x=1", cfExtPri, cfHdrFlush;dur=8
date: Thu, 12 Dec 2024 04:21:46 GMT
content-type: application/javascript
last-modified: Wed, 27 Nov 2024 15:15:38 GMT
vary: Accept-Encoding
priority: u=2,i=?0
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 8f0aedf7ee0fc461-EWR
server: cloudflare

GET
DATA 200
OK truncated
/ 2 KB
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: e7547c638fcf80efaf78ad599a3c81598071b8bab934f288d8792968f39f7838

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ 246 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: b43ef171c22c73c4c2644ee0b8094997496c3b7e7886deb93380ac5fa975a8fd

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ 237 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 8fe7a1ca687ce722902004dae991d26544e415043eac429d4cc153611712df16

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ 370 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: bfa510c4b10dcd3c82b78bebe5a955e3b9a04565a46a3d5df27024af2e547668

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ 2 KB
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 5d4408762f9d1774f06dabc68534482080329ec4d0b9a6c342a4435a7930dcd7

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer

Response headers

Content-Type: image/png

GET
H3 200 /
qwfuu.topads-site.com/fdze4mod1i/ 60 KB
60 KB 0ms
0ms Image
text/html 172.67.190.135
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://qwfuu.topads-site.com/fdze4mod1i/?pl=W7-lkuObDEWXzHM4LgqUhA&sm=phn&click_id=f1a0de4ffda52f161454304881f9075e-11246-1212&sub_id=parkdom&nrid=f4094887f2e24fecb802d82475f3e65b&tbd=864000&hash=fGAbryy1UlDlSqCPwvx_cw&exp=1733977606
Requested by: Host: qwfuu.topads-site.com
URL: https://qwfuu.topads-site.com/fdze4mod1i/?pl=W7-lkuObDEWXzHM4LgqUhA&sm=phn&click_id=f1a0de4ffda52f161454304881f9075e-11246-1212&sub_id=parkdom&nrid=f4094887f2e24fecb802d82475f3e65b&tbd=864000&hash=fGAbryy1UlDlSqCPwvx_cw&exp=1733977606
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.190.135 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://qwfuu.topads-site.com/fdze4mod1i/?pl=W7-lkuObDEWXzHM4LgqUhA&sm=phn&click_id=f1a0de4ffda52f161454304881f9075e-11246-1212&sub_id=parkdom&nrid=f4094887f2e24fecb802d82475f3e65b&tbd=864000&hash=fGAbryy1UlDlSqCPwvx_cw&exp=1733977606

Response headers

nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding: zstd
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=1Oh6GI%2FKG%2FnqAXoYIbznlB3OKr9vwYkUFjaIysgIOZx%2BRmGWBbL5zhbF7w3JC54vCRaviSgE8Fv2%2B5zUklBbQIIFbFRChdFXUtVgNxtXjUxfQBAYOJda6CHXa%2FrnzgEtptwZLMbwRX0%3D"}],"group":"cf-nel","max_age":604800}
cf-ray: 8f0aee09cc72c461-EWR
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=36863&min_rtt=21600&rtt_var=6654&sent=322&recv=102&lost=0&retrans=0&sent_bytes=334468&recv_bytes=20058&delivery_rate=69304&cwnd=91200&unsent_bytes=0&cid=d930a9eeca47e4ab&ts=3406&x=1", cfExtPri, cfHdrFlush;dur=0
date: Thu, 12 Dec 2024 04:21:49 GMT
last-modified: Wed, 27 Nov 2024 15:15:38 GMT
content-type: text/html
server: cloudflare
priority: u=0,i

GET
DATA 200
OK truncated
/ 241 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 350f1f402cbef880c0609948ef9c67d90bf7ec4a9ad1e48cbbd81b43becdfafd

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ 608 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 49ed9b1e7e3fe88fb51a8a4c1adc5d3c24cb11f7363bd02e294fb732758edb21

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ 3 KB
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 7482cf4d44518772564144cead954c6bce6aeb83c6339205100bc718145228c6

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer

Response headers

Content-Type: image/png

GET
H3 200 ps.js Show response
qwfuu.topads-site.com/ps/ 36 KB
15 KB 255ms
254ms Script
application/javascript 172.67.190.135
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://qwfuu.topads-site.com/ps/ps.js?&edg=true&sw=&fullscreen=true&pl=true&pp=false&id=W7-lkuObDEWXzHM4LgqUhA&sm=phn&click_id=f1a0de4ffda52f161454304881f9075e-11246-1212&sub_id=parkdom&appspot=&d=https%3A%2F%2Fqwfuu.topads-site.com&timeout=864000&tb=true&nrid=f4094887f2e24fecb802d82475f3e65b
Requested by: Host: qwfuu.topads-site.com
URL: https://qwfuu.topads-site.com/shared-js/assets/static-pl.js?v=6
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.190.135 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c9f4e1af6dae5a9aa102b26ff4a5fe946b07557758028371710ef8e811459d58

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://qwfuu.topads-site.com/fdze4mod1i/?pl=W7-lkuObDEWXzHM4LgqUhA&sm=phn&click_id=f1a0de4ffda52f161454304881f9075e-11246-1212&sub_id=parkdom&nrid=f4094887f2e24fecb802d82475f3e65b&tbd=864000&hash=fGAbryy1UlDlSqCPwvx_cw&exp=1733977606

Response headers

cache-control: max-age=0, no-cache, no-store, must-revalidate
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding: zstd
cf-cache-status: BYPASS
accept-ch: Sec-CH-UA, Sec-CH-UA-Platform, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=tjLO9Lay37MvLa6YI0uipOC7MOZvuEJ1JzX5y3jGLPeYA6MtTzXl53Qz%2BVvAfDVvVS1KCNoLfVFmy2M3HUidXKkyyUgwiO6oJYiPP6swWYTO5FsCXomlasXZmACAYl%2FyrQlimJ%2BJV%2FA%3D"}],"group":"cf-nel","max_age":604800}
cf-ray: 8f0aee0aee2ac461-EWR
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=35652&min_rtt=21600&rtt_var=7413&sent=324&recv=104&lost=0&retrans=0&sent_bytes=335164&recv_bytes=20749&delivery_rate=4884&cwnd=91200&unsent_bytes=0&cid=d930a9eeca47e4ab&ts=3706&x=1", cfExtPri, cfHdrFlush;dur=0
date: Thu, 12 Dec 2024 04:21:50 GMT
content-type: application/javascript
vary: Accept-Encoding
server: cloudflare
priority: u=3,i=?0

GET
H3 200 config.js Show response
qwfuu.topads-site.com/ps/ 364 B
983 B 146ms
146ms Script
application/javascript 172.67.190.135
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://qwfuu.topads-site.com/ps/config.js?id=W7-lkuObDEWXzHM4LgqUhA
Requested by: Host: qwfuu.topads-site.com
URL: https://qwfuu.topads-site.com/ps/ps.js?&edg=true&sw=&fullscreen=true&pl=true&pp=false&id=W7-lkuObDEWXzHM4LgqUhA&sm=phn&click_id=f1a0de4ffda52f161454304881f9075e-11246-1212&sub_id=parkdom&appspot=&d=https%3A%2F%2Fqwfuu.topads-site.com&timeout=864000&tb=true&nrid=f4094887f2e24fecb802d82475f3e65b
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.190.135 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: af0bb8b7a4d64839b86f8ee7fd4c1e9e0cd914e00e73006921ebace3cdc24047

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://qwfuu.topads-site.com/fdze4mod1i/?pl=W7-lkuObDEWXzHM4LgqUhA&sm=phn&click_id=f1a0de4ffda52f161454304881f9075e-11246-1212&sub_id=parkdom&nrid=f4094887f2e24fecb802d82475f3e65b&tbd=864000&hash=fGAbryy1UlDlSqCPwvx_cw&exp=1733977606

Response headers

cache-control: max-age=0, no-cache, no-store, must-revalidate
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding: zstd
cf-cache-status: BYPASS
accept-ch: Sec-CH-UA, Sec-CH-UA-Platform, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=fOkwI1oKyn0n5Z9HUjcz9ganA0PlPpiY6Ul586UY7oTOWqlYE27XfpAc8lEQjhHWdAa7u6VYYzEWKanff%2FSDQci7DK%2Bea0J5Hz4%2FQmCca77NfZNzCasemNUzH62ii98folqsJ%2FDJy6o%3D"}],"group":"cf-nel","max_age":604800}
cf-ray: 8f0aee0c88efc461-EWR
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=33333&min_rtt=21600&rtt_var=8140&sent=339&recv=107&lost=0&retrans=0&sent_bytes=351136&recv_bytes=21319&delivery_rate=62823&cwnd=91200&unsent_bytes=0&cid=d930a9eeca47e4ab&ts=3861&x=1", cfExtPri, cfHdrFlush;dur=0
date: Thu, 12 Dec 2024 04:21:50 GMT
content-type: application/javascript
vary: Accept-Encoding
server: cloudflare
priority: u=3,i=?0

GET
H2 200 firebase-app-compat.js Show response
www.gstatic.com/firebasejs/10.3.1/ 28 KB
0 0ms
0ms Script
text/javascript 142.250.65.227
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/firebasejs/10.3.1/firebase-app-compat.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.65.227 Plainview, United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga25s73-in-f3.1e100.net

Software

sffe /

Resource Hash

a202b2051ea9810cd9ba592b3f9418a89e2062f5c185e29e288080b28eb64fe5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://qwfuu.topads-site.com/

Response headers

content-encoding: gzip
age: 487817
report-to: {"group":"firebase-js","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/firebase-js"}]}
x-content-type-options: nosniff
expires: Sat, 06 Dec 2025 12:51:30 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Fri, 06 Dec 2024 12:51:30 GMT
last-modified: Thu, 31 Aug 2023 15:20:38 GMT
content-type: text/javascript; charset=UTF-8
vary: Accept-Encoding
cache-control: public, max-age=31536000
cross-origin-opener-policy: same-origin-allow-popups; report-to="firebase-js"
cross-origin-resource-policy: cross-origin
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/firebase-js
accept-ranges: bytes
access-control-allow-origin: *
content-length: 9308
x-xss-protection: 0
server: sffe

GET
H2 200 firebase-messaging-compat.js Show response
www.gstatic.com/firebasejs/10.3.1/ 37 KB
0 0ms
0ms Script
text/javascript 142.250.65.227
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/firebasejs/10.3.1/firebase-messaging-compat.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.65.227 Plainview, United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga25s73-in-f3.1e100.net

Software

sffe /

Resource Hash

21f1d62f222007068c793f0947d98f4ccb7c1595adb68efeb783390fdd8b5522

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://qwfuu.topads-site.com/

Response headers

content-encoding: gzip
age: 553968
report-to: {"group":"firebase-js","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/firebase-js"}]}
x-content-type-options: nosniff
expires: Fri, 05 Dec 2025 18:28:59 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Thu, 05 Dec 2024 18:28:59 GMT
last-modified: Thu, 31 Aug 2023 15:20:50 GMT
content-type: text/javascript; charset=UTF-8
vary: Accept-Encoding
cache-control: public, max-age=31536000
cross-origin-opener-policy: same-origin-allow-popups; report-to="firebase-js"
cross-origin-resource-policy: cross-origin
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/firebase-js
accept-ranges: bytes
access-control-allow-origin: *
content-length: 9934
x-xss-protection: 0
server: sffe

GET
H3 204 favicon.ico
qwfuu.topads-site.com/ 0
0 0ms
0ms Other
text/plain 172.67.190.135
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://qwfuu.topads-site.com/favicon.ico
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.190.135 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://qwfuu.topads-site.com/fdze4mod1i/?pl=W7-lkuObDEWXzHM4LgqUhA&sm=phn&click_id=f1a0de4ffda52f161454304881f9075e-11246-1212&sub_id=parkdom&nrid=f4094887f2e24fecb802d82475f3e65b&tbd=864000&hash=fGAbryy1UlDlSqCPwvx_cw&exp=1733977606

Response headers

cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-cache-status: HIT
age: 3107
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=QdPFK%2FxC7BPabJA1lU4bJ1Ilrd890NecNjtSR01SXFezy%2BUV%2FfduEZ%2BkF5P3gy1M4QoB33Q7X7ZqfKAWF15W%2BYfTzrqbhQ9PFl0UMhjUm%2BShUQCnmmAKxuwLqKaQfm9YKtYi5jsVzPQ%3D"}],"group":"cf-nel","max_age":604800}
cf-ray: 8f0aedfecedbc461-EWR
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=38804&min_rtt=21600&rtt_var=3699&sent=318&recv=100&lost=0&retrans=0&sent_bytes=332050&recv_bytes=19244&delivery_rate=2264879&cwnd=91200&unsent_bytes=0&cid=d930a9eeca47e4ab&ts=1549&x=1", cfExtPri, cfHdrFlush;dur=0
date: Thu, 12 Dec 2024 04:21:47 GMT
vary: Accept-Encoding
server: cloudflare
priority: u=1,i

GET
H3 200 / Show response
pa.topads-site.com/fdze4mod1i/ 60 KB
17 KB 252ms
239ms Document
text/html 172.67.190.135
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://pa.topads-site.com/fdze4mod1i/?pl=W7-lkuObDEWXzHM4LgqUhA&sm=phn&click_id=f1a0de4ffda52f161454304881f9075e-11246-1212&sub_id=parkdom&nrid=f4094887f2e24fecb802d82475f3e65b&tbd=864000&hash=fGAbryy1UlDlSqCPwvx_cw&exp=1733977606
Requested by: Host: qwfuu.topads-site.com
URL: https://qwfuu.topads-site.com/ps/ps.js?&edg=true&sw=&fullscreen=true&pl=true&pp=false&id=W7-lkuObDEWXzHM4LgqUhA&sm=phn&click_id=f1a0de4ffda52f161454304881f9075e-11246-1212&sub_id=parkdom&appspot=&d=https%3A%2F%2Fqwfuu.topads-site.com&timeout=864000&tb=true&nrid=f4094887f2e24fecb802d82475f3e65b
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.190.135 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: cd2332792852c2a4c36d68e5eca29051c31d1644d61646b691615aa6ceeaa49e

Request headers

Referer: https://qwfuu.topads-site.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

alt-svc: h3=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 8f0aee0dbabbc461-EWR
content-encoding: zstd
content-type: text/html
date: Thu, 12 Dec 2024 04:21:50 GMT
last-modified: Wed, 27 Nov 2024 15:15:38 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
priority: u=0,i
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=%2BVXw1VDF1QSubZTt%2FAWLyDM70gtP99GndQxfDX8q%2BcsYE7WYfUzS36jT9Vw2VIngJQLujZFbRld%2BCwLfIXZSXRbNzRvGWD6oyerSn8appUOozBkE4W0kPklG1VYa1BOMH%2B9K3Q4%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
server-timing: cfL4;desc="?proto=QUIC&rtt=31992&min_rtt=21600&rtt_var=8788&sent=341&recv=109&lost=0&retrans=0&sent_bytes=352168&recv_bytes=21918&delivery_rate=6683&cwnd=91200&unsent_bytes=0&cid=d930a9eeca47e4ab&ts=4139&x=1" cfExtPri cfHdrFlush;dur=0

GET
H3 200 rec-1.jpg
qwfuu.topads-site.com/fdze4mod1i/assets/ 14 KB
0 1ms
1ms Image
image/jpeg 172.67.190.135
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://qwfuu.topads-site.com/fdze4mod1i/assets/rec-1.jpg
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.190.135 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://qwfuu.topads-site.com/fdze4mod1i/?pl=W7-lkuObDEWXzHM4LgqUhA&sm=phn&click_id=f1a0de4ffda52f161454304881f9075e-11246-1212&sub_id=parkdom&nrid=f4094887f2e24fecb802d82475f3e65b&tbd=864000&hash=fGAbryy1UlDlSqCPwvx_cw&exp=1733977606

Response headers

cf-cache-status: HIT
etag: "6747379a-3844"
age: 3086
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=N31QE5fDNifgMnzX0fOJkPLfd1AX9u%2FMLWCK5b22Wxfq7pM918fLU2BV5WnJV1BYaALDyzIu%2FrNDaOPiToxVAlkqMUFgXFhKKAJ4e4wYSTfrfuqK4ddMg66ACdUYDHfoY3NjivcAg9I%3D"}],"group":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=35220&min_rtt=21600&rtt_var=9015&sent=141&recv=79&lost=0&retrans=0&sent_bytes=140227&recv_bytes=17309&delivery_rate=624970&cwnd=60000&unsent_bytes=0&cid=d930a9eeca47e4ab&ts=956&x=1", cfExtPri, cfHdrFlush;dur=0
date: Thu, 12 Dec 2024 04:21:47 GMT
content-type: image/jpeg
last-modified: Wed, 27 Nov 2024 15:15:38 GMT
vary: Accept-Encoding
priority: u=3,i
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 8f0aedfb0a27c461-EWR
accept-ranges: bytes
content-length: 14404
server: cloudflare

GET
H3 200 rec-2.jpg
qwfuu.topads-site.com/fdze4mod1i/assets/ 11 KB
0 3ms
3ms Image
image/jpeg 172.67.190.135
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://qwfuu.topads-site.com/fdze4mod1i/assets/rec-2.jpg
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.190.135 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://qwfuu.topads-site.com/fdze4mod1i/?pl=W7-lkuObDEWXzHM4LgqUhA&sm=phn&click_id=f1a0de4ffda52f161454304881f9075e-11246-1212&sub_id=parkdom&nrid=f4094887f2e24fecb802d82475f3e65b&tbd=864000&hash=fGAbryy1UlDlSqCPwvx_cw&exp=1733977606

Response headers

cf-cache-status: HIT
etag: "6747379a-2a8a"
age: 3086
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=eZqb3uSi5hMfszcvcDd3wat3pa7f5k4xJHT9DtzSEsHQWXmqyEwnGzLOilB0%2FzZfsrh5BP%2Bam7zofq40o3sXyfx%2FQ%2BY6xfx7LNqadttneMemOJtTYrpixvLJ1eBbiGSqrtpbia0In1s%3D"}],"group":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=35220&min_rtt=21600&rtt_var=9015&sent=141&recv=79&lost=0&retrans=0&sent_bytes=140227&recv_bytes=17309&delivery_rate=624970&cwnd=60000&unsent_bytes=0&cid=d930a9eeca47e4ab&ts=956&x=1", cfExtPri, cfHdrFlush;dur=0
date: Thu, 12 Dec 2024 04:21:47 GMT
content-type: image/jpeg
last-modified: Wed, 27 Nov 2024 15:15:38 GMT
vary: Accept-Encoding
priority: u=3,i
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 8f0aedfb0a2fc461-EWR
accept-ranges: bytes
content-length: 10890
server: cloudflare

GET
H3 200 rec-3.jpg
qwfuu.topads-site.com/fdze4mod1i/assets/ 15 KB
0 3ms
3ms Image
image/jpeg 172.67.190.135
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://qwfuu.topads-site.com/fdze4mod1i/assets/rec-3.jpg
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.190.135 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://qwfuu.topads-site.com/fdze4mod1i/?pl=W7-lkuObDEWXzHM4LgqUhA&sm=phn&click_id=f1a0de4ffda52f161454304881f9075e-11246-1212&sub_id=parkdom&nrid=f4094887f2e24fecb802d82475f3e65b&tbd=864000&hash=fGAbryy1UlDlSqCPwvx_cw&exp=1733977606

Response headers

cf-cache-status: HIT
etag: "6747379a-3b71"
age: 3086
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=nKIUxQTnpo5ekMru7tfjBeaRaWrETFxMSFvmDUxr7gekvGOKPp4Q%2FU7SeExvopZ2g2%2Fmv3EPg4Ie%2BfzE%2F%2BoWV8c6dIiN3gI7O5OHGKTvWGV0XphWmbasV8lf%2FlS79jUjnUmXq5FknF8%3D"}],"group":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=35220&min_rtt=21600&rtt_var=9015&sent=141&recv=79&lost=0&retrans=0&sent_bytes=140227&recv_bytes=17309&delivery_rate=624970&cwnd=60000&unsent_bytes=0&cid=d930a9eeca47e4ab&ts=956&x=1", cfExtPri, cfHdrFlush;dur=0
date: Thu, 12 Dec 2024 04:21:47 GMT
content-type: image/jpeg
last-modified: Wed, 27 Nov 2024 15:15:38 GMT
vary: Accept-Encoding
priority: u=3,i
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 8f0aedfb0a34c461-EWR
accept-ranges: bytes
content-length: 15217
server: cloudflare

GET
H3 200 rec-4.jpg
qwfuu.topads-site.com/fdze4mod1i/assets/ 9 KB
0 3ms
3ms Image
image/jpeg 172.67.190.135
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://qwfuu.topads-site.com/fdze4mod1i/assets/rec-4.jpg
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.190.135 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://qwfuu.topads-site.com/fdze4mod1i/?pl=W7-lkuObDEWXzHM4LgqUhA&sm=phn&click_id=f1a0de4ffda52f161454304881f9075e-11246-1212&sub_id=parkdom&nrid=f4094887f2e24fecb802d82475f3e65b&tbd=864000&hash=fGAbryy1UlDlSqCPwvx_cw&exp=1733977606

Response headers

cf-cache-status: HIT
etag: "6747379a-22c4"
age: 3086
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=TkLGZ3FBp%2FPtCXawUXmjzXZZO%2FSvViAVAxasJTXEHiUzngbAB6%2Bnd7Uy6bxVGVKRU5mrXAkUNZMl3xgQckjVmIHeioFQnXkGQT99qK0J5zttDNl%2FvCwlfwleiOFS59f6ry4Cbu%2Fp5GE%3D"}],"group":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=35220&min_rtt=21600&rtt_var=9015&sent=193&recv=79&lost=0&retrans=0&sent_bytes=200227&recv_bytes=17309&delivery_rate=624970&cwnd=60000&unsent_bytes=0&cid=d930a9eeca47e4ab&ts=958&x=1", cfExtPri, cfHdrFlush;dur=34
date: Thu, 12 Dec 2024 04:21:47 GMT
content-type: image/jpeg
last-modified: Wed, 27 Nov 2024 15:15:38 GMT
vary: Accept-Encoding
priority: u=3,i
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 8f0aedfb0a37c461-EWR
accept-ranges: bytes
content-length: 8900
server: cloudflare

GET
H3 200 rec-5.jpg
qwfuu.topads-site.com/fdze4mod1i/assets/ 13 KB
0 3ms
3ms Image
image/jpeg 172.67.190.135
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://qwfuu.topads-site.com/fdze4mod1i/assets/rec-5.jpg
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.190.135 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://qwfuu.topads-site.com/fdze4mod1i/?pl=W7-lkuObDEWXzHM4LgqUhA&sm=phn&click_id=f1a0de4ffda52f161454304881f9075e-11246-1212&sub_id=parkdom&nrid=f4094887f2e24fecb802d82475f3e65b&tbd=864000&hash=fGAbryy1UlDlSqCPwvx_cw&exp=1733977606

Response headers

cf-cache-status: HIT
etag: "6747379a-335d"
age: 3086
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=3n%2B0nKtBa8QwdijmGSiy%2BIOh1cyr%2FLMoUuMVgQAM1cf13p3bK6R7DhPvdqwHTkvKfEvwckVLnWjvD3fJan6K5hOb8R323hWny0rfMU0OPgNDP%2Bq7BtJb0poldk8Fr%2FDelT1ChHiBFPo%3D"}],"group":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=35220&min_rtt=21600&rtt_var=9015&sent=178&recv=79&lost=0&retrans=0&sent_bytes=183674&recv_bytes=17309&delivery_rate=624970&cwnd=60000&unsent_bytes=0&cid=d930a9eeca47e4ab&ts=957&x=1", cfExtPri, cfHdrFlush;dur=0
date: Thu, 12 Dec 2024 04:21:47 GMT
content-type: image/jpeg
last-modified: Wed, 27 Nov 2024 15:15:38 GMT
vary: Accept-Encoding
priority: u=3,i
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 8f0aedfb0a38c461-EWR
accept-ranges: bytes
content-length: 13149
server: cloudflare

GET
H3 200 rec-6.jpg
qwfuu.topads-site.com/fdze4mod1i/assets/ 16 KB
0 3ms
3ms Image
image/jpeg 172.67.190.135
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://qwfuu.topads-site.com/fdze4mod1i/assets/rec-6.jpg
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.190.135 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://qwfuu.topads-site.com/fdze4mod1i/?pl=W7-lkuObDEWXzHM4LgqUhA&sm=phn&click_id=f1a0de4ffda52f161454304881f9075e-11246-1212&sub_id=parkdom&nrid=f4094887f2e24fecb802d82475f3e65b&tbd=864000&hash=fGAbryy1UlDlSqCPwvx_cw&exp=1733977606

Response headers

cf-cache-status: HIT
etag: "6747379a-3e74"
age: 3086
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=aoo0dPy5ctrtfNijM4vKbBnCOBYoSCjga%2B%2F4XYjHgadyCouKjR12Bq%2B1xpDVoshtoTxnZEx1HIswNzjqlA7oJRGP%2FGgYxO4cJEvH4SBox6EViknegCwJNEs6ZEnvUezzw6DHsp0dA50%3D"}],"group":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=35220&min_rtt=21600&rtt_var=9015&sent=193&recv=79&lost=0&retrans=0&sent_bytes=200227&recv_bytes=17309&delivery_rate=624970&cwnd=60000&unsent_bytes=0&cid=d930a9eeca47e4ab&ts=964&x=1", cfExtPri, cfHdrFlush;dur=28
date: Thu, 12 Dec 2024 04:21:47 GMT
content-type: image/jpeg
last-modified: Wed, 27 Nov 2024 15:15:38 GMT
vary: Accept-Encoding
priority: u=3,i
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 8f0aedfb0a3ec461-EWR
accept-ranges: bytes
content-length: 15988
server: cloudflare

GET
H3 200 rec-7.jpg
qwfuu.topads-site.com/fdze4mod1i/assets/ 14 KB
0 3ms
3ms Image
image/jpeg 172.67.190.135
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://qwfuu.topads-site.com/fdze4mod1i/assets/rec-7.jpg
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.190.135 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://qwfuu.topads-site.com/fdze4mod1i/?pl=W7-lkuObDEWXzHM4LgqUhA&sm=phn&click_id=f1a0de4ffda52f161454304881f9075e-11246-1212&sub_id=parkdom&nrid=f4094887f2e24fecb802d82475f3e65b&tbd=864000&hash=fGAbryy1UlDlSqCPwvx_cw&exp=1733977606

Response headers

cf-cache-status: HIT
etag: "6747379a-368b"
age: 3085
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=zU6ZtHKnC44GGpvXfCgXEw8OIEBjFZvotZvRhL6X9xD65UaJJojlBa%2FBvvotK%2FvmXuPSdhxDBTyLU%2BFm6XHb3UBN8UuiDQP0gwrGII7aS5AOq7zxY%2BhewKwxtjuWmPrSK38%2FffpbvZI%3D"}],"group":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=35220&min_rtt=21600&rtt_var=9015&sent=190&recv=79&lost=0&retrans=0&sent_bytes=197795&recv_bytes=17309&delivery_rate=624970&cwnd=60000&unsent_bytes=0&cid=d930a9eeca47e4ab&ts=958&x=1", cfExtPri, cfHdrFlush;dur=0
date: Thu, 12 Dec 2024 04:21:47 GMT
content-type: image/jpeg
last-modified: Wed, 27 Nov 2024 15:15:38 GMT
vary: Accept-Encoding
priority: u=3,i
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 8f0aedfb0a43c461-EWR
accept-ranges: bytes
content-length: 13963
server: cloudflare

GET
H3 200 rec-8.jpg
qwfuu.topads-site.com/fdze4mod1i/assets/ 13 KB
0 4ms
4ms Image
image/jpeg 172.67.190.135
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://qwfuu.topads-site.com/fdze4mod1i/assets/rec-8.jpg
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.190.135 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://qwfuu.topads-site.com/fdze4mod1i/?pl=W7-lkuObDEWXzHM4LgqUhA&sm=phn&click_id=f1a0de4ffda52f161454304881f9075e-11246-1212&sub_id=parkdom&nrid=f4094887f2e24fecb802d82475f3e65b&tbd=864000&hash=fGAbryy1UlDlSqCPwvx_cw&exp=1733977606

Response headers

cf-cache-status: HIT
etag: "6747379a-32c0"
age: 3085
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=tpCltUdRsYHKwEHgaCFcke0eRUFZ4oh8IZRmeOdzaUQmHu1pPVmjhF6P5nHYsNWZ0zM%2B7vYrVHxZvAWcsRR4MutO65uVBQwl26umIaBP2wruSWgOTqrY1ecb2UUTgn38gy6z7vZ4ZG8%3D"}],"group":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=35220&min_rtt=21600&rtt_var=9015&sent=193&recv=79&lost=0&retrans=0&sent_bytes=200227&recv_bytes=17309&delivery_rate=624970&cwnd=60000&unsent_bytes=0&cid=d930a9eeca47e4ab&ts=964&x=1", cfExtPri, cfHdrFlush;dur=32
date: Thu, 12 Dec 2024 04:21:47 GMT
content-type: image/jpeg
last-modified: Wed, 27 Nov 2024 15:15:38 GMT
vary: Accept-Encoding
priority: u=3,i
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 8f0aedfb0a45c461-EWR
accept-ranges: bytes
content-length: 12992
server: cloudflare

GET
H3 200 1.jpg
qwfuu.topads-site.com/fdze4mod1i/assets/ 14 KB
0 4ms
4ms Image
image/jpeg 172.67.190.135
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://qwfuu.topads-site.com/fdze4mod1i/assets/1.jpg
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.190.135 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://qwfuu.topads-site.com/fdze4mod1i/?pl=W7-lkuObDEWXzHM4LgqUhA&sm=phn&click_id=f1a0de4ffda52f161454304881f9075e-11246-1212&sub_id=parkdom&nrid=f4094887f2e24fecb802d82475f3e65b&tbd=864000&hash=fGAbryy1UlDlSqCPwvx_cw&exp=1733977606

Response headers

cf-cache-status: HIT
etag: "6747379a-3844"
age: 3085
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Ksaajeu4sUn9yt9BOuM8oqcphpBmOMz%2FuObh7r%2FalgcOZs5gveiCbXFpbyoQbHDYEL6tAp3XSy5xpH0oDF99%2FES%2BZsdvCErkPIC6jeldGkiI%2F1VPDbpiZpNPjy2kub%2BPp98awfZMbqw%3D"}],"group":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=35220&min_rtt=21600&rtt_var=9015&sent=193&recv=79&lost=0&retrans=0&sent_bytes=200227&recv_bytes=17309&delivery_rate=624970&cwnd=60000&unsent_bytes=0&cid=d930a9eeca47e4ab&ts=964&x=1", cfExtPri, cfHdrFlush;dur=32
date: Thu, 12 Dec 2024 04:21:47 GMT
content-type: image/jpeg
last-modified: Wed, 27 Nov 2024 15:15:38 GMT
vary: Accept-Encoding
priority: u=3,i
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 8f0aedfb0a48c461-EWR
accept-ranges: bytes
content-length: 14404
server: cloudflare

GET
H3 200 2.jpg
qwfuu.topads-site.com/fdze4mod1i/assets/ 21 KB
0 4ms
4ms Image
image/jpeg 172.67.190.135
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://qwfuu.topads-site.com/fdze4mod1i/assets/2.jpg
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.190.135 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://qwfuu.topads-site.com/fdze4mod1i/?pl=W7-lkuObDEWXzHM4LgqUhA&sm=phn&click_id=f1a0de4ffda52f161454304881f9075e-11246-1212&sub_id=parkdom&nrid=f4094887f2e24fecb802d82475f3e65b&tbd=864000&hash=fGAbryy1UlDlSqCPwvx_cw&exp=1733977606

Response headers

cf-cache-status: HIT
etag: "6747379a-5305"
age: 3085
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=0zZieB5YY7aCdgAujv%2FRGLlUqt%2Ba4eQxP9I2hRL9a9jhRseu7gaRM%2FlajG1BhpKV990gNzBDrsnYk%2ByaHQJnGvmeMnq48tO3Z%2FuUxTMw5xDGZxnKSlOIsAmyTlDFsWQkN2p193tq34o%3D"}],"group":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=35220&min_rtt=21600&rtt_var=9015&sent=193&recv=79&lost=0&retrans=0&sent_bytes=200227&recv_bytes=17309&delivery_rate=624970&cwnd=60000&unsent_bytes=0&cid=d930a9eeca47e4ab&ts=965&x=1", cfExtPri, cfHdrFlush;dur=33
date: Thu, 12 Dec 2024 04:21:47 GMT
content-type: image/jpeg
last-modified: Wed, 27 Nov 2024 15:15:38 GMT
vary: Accept-Encoding
priority: u=3,i
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 8f0aedfb0a4ac461-EWR
accept-ranges: bytes
content-length: 21253
server: cloudflare

GET
H3 200 3.jpg
qwfuu.topads-site.com/fdze4mod1i/assets/ 11 KB
0 4ms
4ms Image
image/jpeg 172.67.190.135
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://qwfuu.topads-site.com/fdze4mod1i/assets/3.jpg
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.190.135 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://qwfuu.topads-site.com/fdze4mod1i/?pl=W7-lkuObDEWXzHM4LgqUhA&sm=phn&click_id=f1a0de4ffda52f161454304881f9075e-11246-1212&sub_id=parkdom&nrid=f4094887f2e24fecb802d82475f3e65b&tbd=864000&hash=fGAbryy1UlDlSqCPwvx_cw&exp=1733977606

Response headers

cf-cache-status: HIT
etag: "6747379a-2b56"
age: 3085
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=x8Hl07QNI2JYSzW4yCT1hf5mV9WaSHF4zshFCKmx%2BheTQ833Dp7kQSQFzB2amZhy%2Fo6ZIsM2N8u2xp0qBfKwPlvs4knGRhzr%2F%2FaoG8lgszC1x3MTKWaKkKAN1VnQ4DnVuPtOfMVijI0%3D"}],"group":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=35220&min_rtt=21600&rtt_var=9015&sent=193&recv=79&lost=0&retrans=0&sent_bytes=200227&recv_bytes=17309&delivery_rate=624970&cwnd=60000&unsent_bytes=0&cid=d930a9eeca47e4ab&ts=964&x=1", cfExtPri, cfHdrFlush;dur=36
date: Thu, 12 Dec 2024 04:21:47 GMT
content-type: image/jpeg
last-modified: Wed, 27 Nov 2024 15:15:38 GMT
vary: Accept-Encoding
priority: u=3,i
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 8f0aedfb0a4cc461-EWR
accept-ranges: bytes
content-length: 11094
server: cloudflare

GET
H3 200 4.jpg
qwfuu.topads-site.com/fdze4mod1i/assets/ 13 KB
0 5ms
5ms Image
image/jpeg 172.67.190.135
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://qwfuu.topads-site.com/fdze4mod1i/assets/4.jpg
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.190.135 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://qwfuu.topads-site.com/fdze4mod1i/?pl=W7-lkuObDEWXzHM4LgqUhA&sm=phn&click_id=f1a0de4ffda52f161454304881f9075e-11246-1212&sub_id=parkdom&nrid=f4094887f2e24fecb802d82475f3e65b&tbd=864000&hash=fGAbryy1UlDlSqCPwvx_cw&exp=1733977606

Response headers

cf-cache-status: HIT
etag: "6747379a-352b"
age: 3085
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=MHxTSwvlvk6wpI8IjTKOBKKpnAtOmYlYAmJOlZaIICxjM8%2B6gNnGL%2FtHOBu81I01wrEci8VvmOf3nKNMtD32DfUPROoJqA1qEu%2F1gbzWtHr3N8G8MaM1UK5XKfmhZQg%2Bol8sJ4wlH5I%3D"}],"group":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=35220&min_rtt=21600&rtt_var=9015&sent=193&recv=79&lost=0&retrans=0&sent_bytes=200227&recv_bytes=17309&delivery_rate=624970&cwnd=60000&unsent_bytes=0&cid=d930a9eeca47e4ab&ts=966&x=1", cfExtPri, cfHdrFlush;dur=34
date: Thu, 12 Dec 2024 04:21:47 GMT
content-type: image/jpeg
last-modified: Wed, 27 Nov 2024 15:15:38 GMT
vary: Accept-Encoding
priority: u=3,i
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 8f0aedfb0a51c461-EWR
accept-ranges: bytes
content-length: 13611
server: cloudflare

GET
H3 200 5.jpg
qwfuu.topads-site.com/fdze4mod1i/assets/ 11 KB
0 5ms
5ms Image
image/jpeg 172.67.190.135
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://qwfuu.topads-site.com/fdze4mod1i/assets/5.jpg
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.190.135 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://qwfuu.topads-site.com/fdze4mod1i/?pl=W7-lkuObDEWXzHM4LgqUhA&sm=phn&click_id=f1a0de4ffda52f161454304881f9075e-11246-1212&sub_id=parkdom&nrid=f4094887f2e24fecb802d82475f3e65b&tbd=864000&hash=fGAbryy1UlDlSqCPwvx_cw&exp=1733977606

Response headers

cf-cache-status: HIT
etag: "6747379a-2dc1"
age: 3085
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=UUH1nUEmrf83MeChPSdbvSBXo3VOQkfTLDXfY64YuZ4%2Bk9WXYq%2BOy3nGTk9epwmLZ0t%2FLc0Rf1O9j78x9c7fHZi9ETyfVUwXmBJk2UW0Xv3dSJ%2BbNxYmALuMOPJvfjjvE7M%2FoTVX0iM%3D"}],"group":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=35220&min_rtt=21600&rtt_var=9015&sent=193&recv=79&lost=0&retrans=0&sent_bytes=200227&recv_bytes=17309&delivery_rate=624970&cwnd=60000&unsent_bytes=0&cid=d930a9eeca47e4ab&ts=974&x=1", cfExtPri, cfHdrFlush;dur=29
date: Thu, 12 Dec 2024 04:21:47 GMT
content-type: image/jpeg
last-modified: Wed, 27 Nov 2024 15:15:38 GMT
vary: Accept-Encoding
priority: u=3,i
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 8f0aedfb0a54c461-EWR
accept-ranges: bytes
content-length: 11713
server: cloudflare

GET
H3 200 main.js Show response
pa.topads-site.com/fdze4mod1i/assets/ 7 KB
4 KB 34ms
34ms Script
application/javascript 172.67.190.135
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://pa.topads-site.com/fdze4mod1i/assets/main.js
Requested by: Host: pa.topads-site.com
URL: https://pa.topads-site.com/fdze4mod1i/?pl=W7-lkuObDEWXzHM4LgqUhA&sm=phn&click_id=f1a0de4ffda52f161454304881f9075e-11246-1212&sub_id=parkdom&nrid=f4094887f2e24fecb802d82475f3e65b&tbd=864000&hash=fGAbryy1UlDlSqCPwvx_cw&exp=1733977606
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.190.135 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 1824cd327adc006e13218157aa28338d22249c3b2a7fcfa090072b8dfdf08a87

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://pa.topads-site.com/fdze4mod1i/?pl=W7-lkuObDEWXzHM4LgqUhA&sm=phn&click_id=f1a0de4ffda52f161454304881f9075e-11246-1212&sub_id=parkdom&nrid=f4094887f2e24fecb802d82475f3e65b&tbd=864000&hash=fGAbryy1UlDlSqCPwvx_cw&exp=1733977606

Response headers

content-encoding: zstd
cf-cache-status: HIT
etag: W/"6747379a-1d62"
age: 7107
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=MEOaqHC8dbUS8tTAb1AX5c3bkNqGqf2ndrRnnOeWkYUWRSsO70myZ20pGb5TtO3m4Z9otW%2BVxPAFWf9W5mpdHeLamqYc36%2FUdwX6R8Zw2NbbGjlvbDApFF9CFYHUCrOS%2Bk9Qehw%3D"}],"group":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=29279&min_rtt=21600&rtt_var=7711&sent=358&recv=115&lost=0&retrans=0&sent_bytes=369857&recv_bytes=23922&delivery_rate=536904&cwnd=91200&unsent_bytes=0&cid=d930a9eeca47e4ab&ts=4279&x=1", cfExtPri, cfHdrFlush;dur=0
date: Thu, 12 Dec 2024 04:21:50 GMT
content-type: application/javascript
last-modified: Wed, 27 Nov 2024 15:15:38 GMT
vary: Accept-Encoding
priority: u=1,i=?0
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 8f0aee0fdd94c461-EWR
server: cloudflare

GET
H3 200 style.css
pa.topads-site.com/fdze4mod1i/assets/ 22 KB
4 KB 35ms
34ms Stylesheet
text/css 172.67.190.135
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://pa.topads-site.com/fdze4mod1i/assets/style.css
Requested by: Host: pa.topads-site.com
URL: https://pa.topads-site.com/fdze4mod1i/?pl=W7-lkuObDEWXzHM4LgqUhA&sm=phn&click_id=f1a0de4ffda52f161454304881f9075e-11246-1212&sub_id=parkdom&nrid=f4094887f2e24fecb802d82475f3e65b&tbd=864000&hash=fGAbryy1UlDlSqCPwvx_cw&exp=1733977606
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.190.135 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e9de09f269bed108c6c88f6f5f0650db1547a23e6f180b5fd212869cd7b4990c

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://pa.topads-site.com/fdze4mod1i/?pl=W7-lkuObDEWXzHM4LgqUhA&sm=phn&click_id=f1a0de4ffda52f161454304881f9075e-11246-1212&sub_id=parkdom&nrid=f4094887f2e24fecb802d82475f3e65b&tbd=864000&hash=fGAbryy1UlDlSqCPwvx_cw&exp=1733977606

Response headers

content-encoding: gzip
cf-cache-status: HIT
etag: W/"6747379a-58e5"
age: 7107
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=AX4DfkzkVt0OWKErlxRSOSjSl%2Fkz5RAbGrcIn55fD6Mn%2BUQB7mkGskX%2Fla8Bcq20CHIMs8G7Xt49eqbcpA44%2Fcf8HUqzVEcQYSJrIR0IzUfvuEFyNlCaBv34BitKG6rKuPaDixc%3D"}],"group":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=29279&min_rtt=21600&rtt_var=7711&sent=362&recv=115&lost=0&retrans=0&sent_bytes=373729&recv_bytes=23922&delivery_rate=536904&cwnd=91200&unsent_bytes=0&cid=d930a9eeca47e4ab&ts=4279&x=1", cfExtPri, cfHdrFlush;dur=0
date: Thu, 12 Dec 2024 04:21:50 GMT
content-type: text/css
last-modified: Wed, 27 Nov 2024 15:15:38 GMT
vary: Accept-Encoding
priority: u=0,i=?0
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 8f0aee0fdd95c461-EWR
server: cloudflare

GET
H3 200 thumb-big.jpg
pa.topads-site.com/fdze4mod1i/assets/ 81 KB
81 KB 50ms
49ms Image
image/jpeg 172.67.190.135
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pa.topads-site.com/fdze4mod1i/assets/thumb-big.jpg
Requested by: Host: pa.topads-site.com
URL: https://pa.topads-site.com/fdze4mod1i/?pl=W7-lkuObDEWXzHM4LgqUhA&sm=phn&click_id=f1a0de4ffda52f161454304881f9075e-11246-1212&sub_id=parkdom&nrid=f4094887f2e24fecb802d82475f3e65b&tbd=864000&hash=fGAbryy1UlDlSqCPwvx_cw&exp=1733977606
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.190.135 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: deaddba93625d2c7610076927fcd37afadad9324ca3210a2bb12784d313dd788

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://pa.topads-site.com/fdze4mod1i/?pl=W7-lkuObDEWXzHM4LgqUhA&sm=phn&click_id=f1a0de4ffda52f161454304881f9075e-11246-1212&sub_id=parkdom&nrid=f4094887f2e24fecb802d82475f3e65b&tbd=864000&hash=fGAbryy1UlDlSqCPwvx_cw&exp=1733977606

Response headers

cf-cache-status: HIT
etag: "6747379a-142bf"
age: 7107
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=614N2cLaIVQlwD9OixxZD%2B3mSX2qt6jjfVeX5NIlCVNdZEJ4fxoibGEhHtfWhbcxNGXTXbAwa8wZIvqOPXU7i09m4PILiNCosbnk%2FkLoGy0jxDI0DBLDrC0A8wUxz2c%2FlJv44UY%3D"}],"group":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=29279&min_rtt=21600&rtt_var=7711&sent=366&recv=115&lost=0&retrans=0&sent_bytes=378149&recv_bytes=23922&delivery_rate=536904&cwnd=91200&unsent_bytes=0&cid=d930a9eeca47e4ab&ts=4285&x=1", cfExtPri, cfHdrFlush;dur=0
date: Thu, 12 Dec 2024 04:21:50 GMT
content-type: image/jpeg
last-modified: Wed, 27 Nov 2024 15:15:38 GMT
vary: Accept-Encoding
priority: u=2,i
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 8f0aee0fdd98c461-EWR
accept-ranges: bytes
content-length: 82623
server: cloudflare

GET
H3 200 terms.js Show response
pa.topads-site.com/shared-js/assets/ 15 KB
6 KB 68ms
68ms Script
application/javascript 172.67.190.135
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://pa.topads-site.com/shared-js/assets/terms.js?v=3
Requested by: Host: pa.topads-site.com
URL: https://pa.topads-site.com/fdze4mod1i/?pl=W7-lkuObDEWXzHM4LgqUhA&sm=phn&click_id=f1a0de4ffda52f161454304881f9075e-11246-1212&sub_id=parkdom&nrid=f4094887f2e24fecb802d82475f3e65b&tbd=864000&hash=fGAbryy1UlDlSqCPwvx_cw&exp=1733977606
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.190.135 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c46c955ff315766d3f9454fae48c7043233a2490689086c8613dbb37bca8fc46

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://pa.topads-site.com/fdze4mod1i/?pl=W7-lkuObDEWXzHM4LgqUhA&sm=phn&click_id=f1a0de4ffda52f161454304881f9075e-11246-1212&sub_id=parkdom&nrid=f4094887f2e24fecb802d82475f3e65b&tbd=864000&hash=fGAbryy1UlDlSqCPwvx_cw&exp=1733977606

Response headers

content-encoding: zstd
cf-cache-status: HIT
etag: W/"67475928-3c54"
age: 3407
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Cg6Pt%2BuxWKF9O0mpCYmD69I7oKTYAB2JJvnvyejuYmS3OZxA5LgimsmBNHRsUinm5XBG0A14Z5o%2FFuSLbbIdZOxiYlz1OkBOMySDCjCaeevHvtbVPi%2BVKDvr2ARU1EZvYUDChfA%3D"}],"group":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=29279&min_rtt=21600&rtt_var=7711&sent=436&recv=115&lost=0&retrans=0&sent_bytes=461057&recv_bytes=23922&delivery_rate=536904&cwnd=91200&unsent_bytes=0&cid=d930a9eeca47e4ab&ts=4286&x=1", cfExtPri, cfHdrFlush;dur=27
date: Thu, 12 Dec 2024 04:21:50 GMT
content-type: application/javascript
last-modified: Wed, 27 Nov 2024 17:38:48 GMT
vary: Accept-Encoding
priority: u=2,i=?0
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 8f0aee0fdd9ac461-EWR
server: cloudflare

GET
H3 200 static-pl.js Show response
pa.topads-site.com/shared-js/assets/ 5 KB
3 KB 55ms
54ms Script
application/javascript 172.67.190.135
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://pa.topads-site.com/shared-js/assets/static-pl.js?v=6
Requested by: Host: pa.topads-site.com
URL: https://pa.topads-site.com/fdze4mod1i/?pl=W7-lkuObDEWXzHM4LgqUhA&sm=phn&click_id=f1a0de4ffda52f161454304881f9075e-11246-1212&sub_id=parkdom&nrid=f4094887f2e24fecb802d82475f3e65b&tbd=864000&hash=fGAbryy1UlDlSqCPwvx_cw&exp=1733977606
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.190.135 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f98b22d07cb47175205b82d6d2a60409799180788712f097facbe2cdfffc6a28

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://pa.topads-site.com/fdze4mod1i/?pl=W7-lkuObDEWXzHM4LgqUhA&sm=phn&click_id=f1a0de4ffda52f161454304881f9075e-11246-1212&sub_id=parkdom&nrid=f4094887f2e24fecb802d82475f3e65b&tbd=864000&hash=fGAbryy1UlDlSqCPwvx_cw&exp=1733977606

Response headers

content-encoding: zstd
cf-cache-status: HIT
etag: W/"6747379a-1261"
age: 3407
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=D00Nn6Us53BBPP%2Bre6KktRH8ynEWQaftmOW47Q5F%2FKJol9jke2GprOu2GovJyi%2FtClbIHLRCW6bnngwR9d3ZIch7zCa1Gfrv6lJ0TmEdl6zoOanlshR67uPbpyHBHlWyOLU8vQI%3D"}],"group":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=35376&min_rtt=21600&rtt_var=7352&sent=443&recv=123&lost=0&retrans=0&sent_bytes=469209&recv_bytes=24702&delivery_rate=2373547&cwnd=99600&unsent_bytes=0&cid=d930a9eeca47e4ab&ts=4337&x=1", cfExtPri, cfHdrFlush;dur=0
date: Thu, 12 Dec 2024 04:21:50 GMT
content-type: application/javascript
last-modified: Wed, 27 Nov 2024 15:15:38 GMT
vary: Accept-Encoding
priority: u=2,i=?0
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 8f0aee101dd5c461-EWR
server: cloudflare

GET
DATA 200
OK truncated
/ 2 KB
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: e7547c638fcf80efaf78ad599a3c81598071b8bab934f288d8792968f39f7838

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ 246 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: b43ef171c22c73c4c2644ee0b8094997496c3b7e7886deb93380ac5fa975a8fd

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ 237 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 8fe7a1ca687ce722902004dae991d26544e415043eac429d4cc153611712df16

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ 370 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: bfa510c4b10dcd3c82b78bebe5a955e3b9a04565a46a3d5df27024af2e547668

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ 2 KB
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 5d4408762f9d1774f06dabc68534482080329ec4d0b9a6c342a4435a7930dcd7

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ 241 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 350f1f402cbef880c0609948ef9c67d90bf7ec4a9ad1e48cbbd81b43becdfafd

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ 608 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 49ed9b1e7e3fe88fb51a8a4c1adc5d3c24cb11f7363bd02e294fb732758edb21

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ 3 KB
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 7482cf4d44518772564144cead954c6bce6aeb83c6339205100bc718145228c6

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer

Response headers

Content-Type: image/png

GET
H3 200 /
pa.topads-site.com/fdze4mod1i/ 60 KB
60 KB 0ms
0ms Image
text/html 172.67.190.135
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pa.topads-site.com/fdze4mod1i/?pl=W7-lkuObDEWXzHM4LgqUhA&sm=phn&click_id=f1a0de4ffda52f161454304881f9075e-11246-1212&sub_id=parkdom&nrid=f4094887f2e24fecb802d82475f3e65b&tbd=864000&hash=fGAbryy1UlDlSqCPwvx_cw&exp=1733977606
Requested by: Host: pa.topads-site.com
URL: https://pa.topads-site.com/fdze4mod1i/?pl=W7-lkuObDEWXzHM4LgqUhA&sm=phn&click_id=f1a0de4ffda52f161454304881f9075e-11246-1212&sub_id=parkdom&nrid=f4094887f2e24fecb802d82475f3e65b&tbd=864000&hash=fGAbryy1UlDlSqCPwvx_cw&exp=1733977606
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.190.135 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://pa.topads-site.com/fdze4mod1i/?pl=W7-lkuObDEWXzHM4LgqUhA&sm=phn&click_id=f1a0de4ffda52f161454304881f9075e-11246-1212&sub_id=parkdom&nrid=f4094887f2e24fecb802d82475f3e65b&tbd=864000&hash=fGAbryy1UlDlSqCPwvx_cw&exp=1733977606

Response headers

nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding: zstd
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=%2BVXw1VDF1QSubZTt%2FAWLyDM70gtP99GndQxfDX8q%2BcsYE7WYfUzS36jT9Vw2VIngJQLujZFbRld%2BCwLfIXZSXRbNzRvGWD6oyerSn8appUOozBkE4W0kPklG1VYa1BOMH%2B9K3Q4%3D"}],"group":"cf-nel","max_age":604800}
cf-ray: 8f0aee0dbabbc461-EWR
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=31992&min_rtt=21600&rtt_var=8788&sent=341&recv=109&lost=0&retrans=0&sent_bytes=352168&recv_bytes=21918&delivery_rate=6683&cwnd=91200&unsent_bytes=0&cid=d930a9eeca47e4ab&ts=4139&x=1", cfExtPri, cfHdrFlush;dur=0
date: Thu, 12 Dec 2024 04:21:50 GMT
content-type: text/html
last-modified: Wed, 27 Nov 2024 15:15:38 GMT
server: cloudflare
priority: u=0,i

GET ps.js
pa.topads-site.com/ps/ 0
0

GET
H2 200 Primary Request news Show response
www.bing.com/ 551 KB
156 KB 524ms
123ms Document
text/html 23.44.201.20

General

Check archive.org

Show headers Download Go to

Full URL: https://www.bing.com/news
Requested by: Host: pa.topads-site.com
URL: https://pa.topads-site.com/shared-js/assets/static-pl.js?v=6
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.44.201.20 -, , ASN (),
Reverse DNS
Software: /
Resource Hash: e82488e5acfb2776dcb5f0b6f2029f3709b0c9fa9534dab1b3aa653a5af35e6d

Request headers

Referer: https://pa.topads-site.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

alt-svc: h3=":443"; ma=93600
cache-control: private
content-encoding: br
content-security-policy-report-only: script-src https: 'strict-dynamic' 'report-sample' 'wasm-unsafe-eval' 'nonce-K9v7CpHMpmWqX6zvkz6tE7E0DLE+bgW67WEqPq3yy8c='; base-uri 'self';report-to csp-endpoint
content-type: text/html; charset=utf-8
date: Thu, 12 Dec 2024 04:21:51 GMT
p3p: CP="NON UNI COM NAV STA LOC CURa DEVa PSAa PSDa OUR IND"
report-to: {"group":"csp-endpoint","max_age":86400,"endpoints":[{"url":"https://aefd.nelreports.net/api/report?cat=bingcsp"}]}
useragentreductionoptout: A7kgTC5xdZ2WIVGZEfb1hUoNuvjzOZX3VIV/BA6C18kQOOF50Q0D3oWoAm49k3BQImkujKILc7JmPysWk3CSjwUAAACMeyJvcmlnaW4iOiJodHRwczovL3d3dy5iaW5nLmNvbTo0NDMiLCJmZWF0dXJlIjoiU2VuZEZ1bGxVc2VyQWdlbnRBZnRlclJlZHVjdGlvbiIsImV4cGlyeSI6MTY4NDg4NjM5OSwiaXNTdWJkb21haW4iOnRydWUsImlzVGhpcmRQYXJ0eSI6dHJ1ZX0=
vary: Accept-Encoding
x-cdn-traceid: 0.aaca2c17.1733977311.9f3e5b6
x-eventid: 675a64dfbfd74906a73b4ed28be2fc47
x-ua-compatible: IE=edge

GET
H3 200 rec-1.jpg
pa.topads-site.com/fdze4mod1i/assets/ 14 KB
15 KB 41ms
39ms Image
image/jpeg 172.67.190.135
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pa.topads-site.com/fdze4mod1i/assets/rec-1.jpg
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.190.135 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://pa.topads-site.com/fdze4mod1i/?pl=W7-lkuObDEWXzHM4LgqUhA&sm=phn&click_id=f1a0de4ffda52f161454304881f9075e-11246-1212&sub_id=parkdom&nrid=f4094887f2e24fecb802d82475f3e65b&tbd=864000&hash=fGAbryy1UlDlSqCPwvx_cw&exp=1733977606

Response headers

cf-cache-status: HIT
etag: "6747379a-3844"
age: 7108
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=uJe4fQYyDnAXTwiCetoLuCcgLiDWJjXBgHABNjkicvYxvjniqQ88qAcVmfqzArzg38KuqTPNAL5o3bNarH2iHr6uFvTZnRDskd4eISX%2FycbUUllNIF4aXGL5KxDGwj5kbhBE2NE%3D"}],"group":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=31510&min_rtt=21600&rtt_var=8987&sent=454&recv=140&lost=0&retrans=0&sent_bytes=472060&recv_bytes=32012&delivery_rate=111&cwnd=99600&unsent_bytes=0&cid=d930a9eeca47e4ab&ts=4820&x=1", cfExtPri, cfHdrFlush;dur=0
date: Thu, 12 Dec 2024 04:21:51 GMT
content-type: image/jpeg
last-modified: Wed, 27 Nov 2024 15:15:38 GMT
vary: Accept-Encoding
priority: u=3,i
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 8f0aee13397cc461-EWR
accept-ranges: bytes
content-length: 14404
server: cloudflare

GET
H3 200 rec-2.jpg
pa.topads-site.com/fdze4mod1i/assets/ 11 KB
11 KB 47ms
45ms Image
image/jpeg 172.67.190.135
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pa.topads-site.com/fdze4mod1i/assets/rec-2.jpg
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.190.135 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://pa.topads-site.com/fdze4mod1i/?pl=W7-lkuObDEWXzHM4LgqUhA&sm=phn&click_id=f1a0de4ffda52f161454304881f9075e-11246-1212&sub_id=parkdom&nrid=f4094887f2e24fecb802d82475f3e65b&tbd=864000&hash=fGAbryy1UlDlSqCPwvx_cw&exp=1733977606

Response headers

cf-cache-status: HIT
etag: "6747379a-2a8a"
age: 7108
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=G4Xg9amoKeMEmqP67sdxOymLSohv%2FtRfwd9LBZp2rHtPKTkDB93xrARlimQfW5GYoXxjffoTngvaB%2BrTU7qeS60tSX5mJrHQJUL%2F25Z00X74VE6KmWYx8fX0hY7yY%2BrkLwwGtZE%3D"}],"group":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=31510&min_rtt=21600&rtt_var=8987&sent=481&recv=140&lost=0&retrans=0&sent_bytes=503710&recv_bytes=32012&delivery_rate=111&cwnd=99600&unsent_bytes=0&cid=d930a9eeca47e4ab&ts=4822&x=1", cfExtPri, cfHdrFlush;dur=0
date: Thu, 12 Dec 2024 04:21:51 GMT
content-type: image/jpeg
last-modified: Wed, 27 Nov 2024 15:15:38 GMT
vary: Accept-Encoding
priority: u=3,i
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 8f0aee13397fc461-EWR
accept-ranges: bytes
content-length: 10890
server: cloudflare

GET
H3 200 rec-3.jpg
pa.topads-site.com/fdze4mod1i/assets/ 15 KB
16 KB 46ms
43ms Image
image/jpeg 172.67.190.135
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pa.topads-site.com/fdze4mod1i/assets/rec-3.jpg
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.190.135 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://pa.topads-site.com/fdze4mod1i/?pl=W7-lkuObDEWXzHM4LgqUhA&sm=phn&click_id=f1a0de4ffda52f161454304881f9075e-11246-1212&sub_id=parkdom&nrid=f4094887f2e24fecb802d82475f3e65b&tbd=864000&hash=fGAbryy1UlDlSqCPwvx_cw&exp=1733977606

Response headers

cf-cache-status: HIT
etag: "6747379a-3b71"
age: 7108
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=JSLyjZQhtr1tvmSCHk4eaRmjRTWI3p2BMUpl5BKTYs307QnYOs83I52QwcA%2FBikZEpXhXstigKmaqMDdt7wy0uOKweMgp4a9qoi85EsSUNxPyBJzIj%2BlA%2BDBM9dPprcMmN%2FZaho%3D"}],"group":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=31510&min_rtt=21600&rtt_var=8987&sent=467&recv=140&lost=0&retrans=0&sent_bytes=487465&recv_bytes=32012&delivery_rate=111&cwnd=99600&unsent_bytes=0&cid=d930a9eeca47e4ab&ts=4821&x=1", cfExtPri, cfHdrFlush;dur=0
date: Thu, 12 Dec 2024 04:21:51 GMT
content-type: image/jpeg
last-modified: Wed, 27 Nov 2024 15:15:38 GMT
vary: Accept-Encoding
priority: u=3,i
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 8f0aee133981c461-EWR
accept-ranges: bytes
content-length: 15217
server: cloudflare

GET
H3 200 rec-4.jpg
pa.topads-site.com/fdze4mod1i/assets/ 9 KB
9 KB 48ms
46ms Image
image/jpeg 172.67.190.135
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pa.topads-site.com/fdze4mod1i/assets/rec-4.jpg
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.190.135 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://pa.topads-site.com/fdze4mod1i/?pl=W7-lkuObDEWXzHM4LgqUhA&sm=phn&click_id=f1a0de4ffda52f161454304881f9075e-11246-1212&sub_id=parkdom&nrid=f4094887f2e24fecb802d82475f3e65b&tbd=864000&hash=fGAbryy1UlDlSqCPwvx_cw&exp=1733977606

Response headers

cf-cache-status: HIT
etag: "6747379a-22c4"
age: 7108
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=toGbWCbo3mGJpEtMdMOjF0uuUlHMOJZ1h8Kw7cGf5Uz2T4JqXF1kjRmsip%2BdmSv6ISPlyajYxXXIyN9QQPsO7ZVsDq%2Fz7r8ZnF3DUPj6csZUwS7E2E%2FpPrZ7%2FhRIXtK6JJGGHWY%3D"}],"group":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=31510&min_rtt=21600&rtt_var=8987&sent=491&recv=140&lost=0&retrans=0&sent_bytes=515530&recv_bytes=32012&delivery_rate=111&cwnd=99600&unsent_bytes=0&cid=d930a9eeca47e4ab&ts=4823&x=1", cfExtPri, cfHdrFlush;dur=0
date: Thu, 12 Dec 2024 04:21:51 GMT
content-type: image/jpeg
last-modified: Wed, 27 Nov 2024 15:15:38 GMT
vary: Accept-Encoding
priority: u=3,i
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 8f0aee133982c461-EWR
accept-ranges: bytes
content-length: 8900
server: cloudflare

GET
H3 200 rec-5.jpg
pa.topads-site.com/fdze4mod1i/assets/ 13 KB
14 KB 51ms
49ms Image
image/jpeg 172.67.190.135
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pa.topads-site.com/fdze4mod1i/assets/rec-5.jpg
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.190.135 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://pa.topads-site.com/fdze4mod1i/?pl=W7-lkuObDEWXzHM4LgqUhA&sm=phn&click_id=f1a0de4ffda52f161454304881f9075e-11246-1212&sub_id=parkdom&nrid=f4094887f2e24fecb802d82475f3e65b&tbd=864000&hash=fGAbryy1UlDlSqCPwvx_cw&exp=1733977606

Response headers

cf-cache-status: HIT
etag: "6747379a-335d"
age: 7108
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=L%2Fx3N0vdLPk%2BaaoM%2BnUJBQqwrXBnu9cpeSE29ora%2BI4Sjfwwc19xxQQdxCkvrGj4bJ71aCqA4Y2cmSpAI0Vdix9ddiIBUy0uehTL27%2F1tVPW8JUkugKAN92ckD92fnHwp%2BBuZKU%3D"}],"group":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=31510&min_rtt=21600&rtt_var=8987&sent=510&recv=140&lost=0&retrans=0&sent_bytes=537335&recv_bytes=32012&delivery_rate=111&cwnd=99600&unsent_bytes=0&cid=d930a9eeca47e4ab&ts=4824&x=1", cfExtPri, cfHdrFlush;dur=0
date: Thu, 12 Dec 2024 04:21:51 GMT
content-type: image/jpeg
last-modified: Wed, 27 Nov 2024 15:15:38 GMT
vary: Accept-Encoding
priority: u=3,i
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 8f0aee133984c461-EWR
accept-ranges: bytes
content-length: 13149
server: cloudflare

GET
H3 200 rec-6.jpg
pa.topads-site.com/fdze4mod1i/assets/ 16 KB
16 KB 49ms
47ms Image
image/jpeg 172.67.190.135
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pa.topads-site.com/fdze4mod1i/assets/rec-6.jpg
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.190.135 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://pa.topads-site.com/fdze4mod1i/?pl=W7-lkuObDEWXzHM4LgqUhA&sm=phn&click_id=f1a0de4ffda52f161454304881f9075e-11246-1212&sub_id=parkdom&nrid=f4094887f2e24fecb802d82475f3e65b&tbd=864000&hash=fGAbryy1UlDlSqCPwvx_cw&exp=1733977606

Response headers

cf-cache-status: HIT
etag: "6747379a-3e74"
age: 7108
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=6FwQWA%2FtLyND0GVTghL9UbUvV12%2F8kpsXwA1ZMFGJdXN5DwOEzNrQG0r82gzYfkRKozjlaeeVL6gddTcCgp%2BBpwTQNkRLFEJWRv8d10ThiK1J0lWrD6M%2FZXPKUKsBF%2Ba%2FTMMpyc%3D"}],"group":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=31510&min_rtt=21600&rtt_var=8987&sent=500&recv=140&lost=0&retrans=0&sent_bytes=525335&recv_bytes=32012&delivery_rate=111&cwnd=99600&unsent_bytes=0&cid=d930a9eeca47e4ab&ts=4823&x=1", cfExtPri, cfHdrFlush;dur=0
date: Thu, 12 Dec 2024 04:21:51 GMT
content-type: image/jpeg
last-modified: Wed, 27 Nov 2024 15:15:38 GMT
vary: Accept-Encoding
priority: u=3,i
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 8f0aee134985c461-EWR
accept-ranges: bytes
content-length: 15988
server: cloudflare

GET
H3 200 rec-7.jpg
pa.topads-site.com/fdze4mod1i/assets/ 14 KB
14 KB 52ms
50ms Image
image/jpeg 172.67.190.135
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pa.topads-site.com/fdze4mod1i/assets/rec-7.jpg
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.190.135 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://pa.topads-site.com/fdze4mod1i/?pl=W7-lkuObDEWXzHM4LgqUhA&sm=phn&click_id=f1a0de4ffda52f161454304881f9075e-11246-1212&sub_id=parkdom&nrid=f4094887f2e24fecb802d82475f3e65b&tbd=864000&hash=fGAbryy1UlDlSqCPwvx_cw&exp=1733977606

Response headers

cf-cache-status: HIT
etag: "6747379a-368b"
age: 7108
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=t%2BXKHrdDV%2BWwyJVhCWr0CZ6z068pV4hKVNLtwh%2FtmxrA16QVl1vJHCvhkFg9zqRaNernM3DPjx%2B25ujEB4%2ByvTNtGgakapkHhyh9VylJMYx79sO4dRQn454O%2B2cMiVjSZWeKyHU%3D"}],"group":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=31510&min_rtt=21600&rtt_var=8987&sent=527&recv=140&lost=0&retrans=0&sent_bytes=556513&recv_bytes=32012&delivery_rate=111&cwnd=99600&unsent_bytes=0&cid=d930a9eeca47e4ab&ts=4824&x=1", cfExtPri, cfHdrFlush;dur=0
date: Thu, 12 Dec 2024 04:21:51 GMT
content-type: image/jpeg
last-modified: Wed, 27 Nov 2024 15:15:38 GMT
vary: Accept-Encoding
priority: u=3,i
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 8f0aee134986c461-EWR
accept-ranges: bytes
content-length: 13963
server: cloudflare

GET
H3 200 rec-8.jpg
pa.topads-site.com/fdze4mod1i/assets/ 13 KB
13 KB 74ms
72ms Image
image/jpeg 172.67.190.135
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pa.topads-site.com/fdze4mod1i/assets/rec-8.jpg
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.190.135 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://pa.topads-site.com/fdze4mod1i/?pl=W7-lkuObDEWXzHM4LgqUhA&sm=phn&click_id=f1a0de4ffda52f161454304881f9075e-11246-1212&sub_id=parkdom&nrid=f4094887f2e24fecb802d82475f3e65b&tbd=864000&hash=fGAbryy1UlDlSqCPwvx_cw&exp=1733977606

Response headers

cf-cache-status: HIT
etag: "6747379a-32c0"
age: 7108
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=gUx%2FcpzGiyx%2BYkZ61zpRhLahVeyX4GOJj4936jeoZgABh3AWJTOkyEyn%2BwMIWjYPNtXJ6GW8EohwBl8fzq0Bixt%2BCzzG%2FS5jRa7mT5Sm4HbArOiY5wL75ynIT8qblI05OzvP%2FbA%3D"}],"group":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=31510&min_rtt=21600&rtt_var=8987&sent=540&recv=140&lost=0&retrans=0&sent_bytes=571485&recv_bytes=32012&delivery_rate=111&cwnd=99600&unsent_bytes=0&cid=d930a9eeca47e4ab&ts=4825&x=1", cfExtPri, cfHdrFlush;dur=0
date: Thu, 12 Dec 2024 04:21:51 GMT
content-type: image/jpeg
last-modified: Wed, 27 Nov 2024 15:15:38 GMT
vary: Accept-Encoding
priority: u=3,i
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 8f0aee134987c461-EWR
accept-ranges: bytes
content-length: 12992
server: cloudflare

GET
H3 200 1.jpg
pa.topads-site.com/fdze4mod1i/assets/ 14 KB
15 KB 76ms
74ms Image
image/jpeg 172.67.190.135
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pa.topads-site.com/fdze4mod1i/assets/1.jpg
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.190.135 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://pa.topads-site.com/fdze4mod1i/?pl=W7-lkuObDEWXzHM4LgqUhA&sm=phn&click_id=f1a0de4ffda52f161454304881f9075e-11246-1212&sub_id=parkdom&nrid=f4094887f2e24fecb802d82475f3e65b&tbd=864000&hash=fGAbryy1UlDlSqCPwvx_cw&exp=1733977606

Response headers

cf-cache-status: HIT
etag: "6747379a-3844"
age: 7108
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=46fc%2FiI4a2XLfmNDwqPCOWm%2FpGEdVkiGwFdm46dnPKOg0Wi37T3ugtnBhO74sPh2IapBhwjLWpFSLMjTGvbNH79wLf5%2BpFRtDuWb6mowtQSgRGtEpoIYsXevQxrTQsjrR3%2BVyPA%3D"}],"group":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=31510&min_rtt=21600&rtt_var=8987&sent=541&recv=140&lost=0&retrans=0&sent_bytes=571633&recv_bytes=32012&delivery_rate=111&cwnd=99600&unsent_bytes=0&cid=d930a9eeca47e4ab&ts=4825&x=1", cfExtPri, cfHdrFlush;dur=30
date: Thu, 12 Dec 2024 04:21:51 GMT
content-type: image/jpeg
last-modified: Wed, 27 Nov 2024 15:15:38 GMT
vary: Accept-Encoding
priority: u=3,i
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 8f0aee134989c461-EWR
accept-ranges: bytes
content-length: 14404
server: cloudflare

GET
H3 200 2.jpg
pa.topads-site.com/fdze4mod1i/assets/ 21 KB
21 KB 76ms
74ms Image
image/jpeg 172.67.190.135
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pa.topads-site.com/fdze4mod1i/assets/2.jpg
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.190.135 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://pa.topads-site.com/fdze4mod1i/?pl=W7-lkuObDEWXzHM4LgqUhA&sm=phn&click_id=f1a0de4ffda52f161454304881f9075e-11246-1212&sub_id=parkdom&nrid=f4094887f2e24fecb802d82475f3e65b&tbd=864000&hash=fGAbryy1UlDlSqCPwvx_cw&exp=1733977606

Response headers

cf-cache-status: HIT
etag: "6747379a-5305"
age: 7108
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=xu4vKDP9iRGCuF3QMILjXBJg0htcCHlycBItb29ZUg93UNnn2g6aEaX66%2BQ1gV%2B4cZq30k%2BOvIqn8c%2Fkq%2Bh20SP5PcHv4b2dOmYIYk2XQKp5Q%2BbDlIkNChqPcfbTV6xiS5lSVN0%3D"}],"group":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=31510&min_rtt=21600&rtt_var=8987&sent=541&recv=140&lost=0&retrans=0&sent_bytes=571633&recv_bytes=32012&delivery_rate=111&cwnd=99600&unsent_bytes=0&cid=d930a9eeca47e4ab&ts=4828&x=1", cfExtPri, cfHdrFlush;dur=28
date: Thu, 12 Dec 2024 04:21:51 GMT
content-type: image/jpeg
last-modified: Wed, 27 Nov 2024 15:15:38 GMT
vary: Accept-Encoding
priority: u=3,i
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 8f0aee13498ac461-EWR
accept-ranges: bytes
content-length: 21253
server: cloudflare

GET
H3 200 3.jpg
pa.topads-site.com/fdze4mod1i/assets/ 11 KB
11 KB 77ms
75ms Image
image/jpeg 172.67.190.135
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pa.topads-site.com/fdze4mod1i/assets/3.jpg
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.190.135 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://pa.topads-site.com/fdze4mod1i/?pl=W7-lkuObDEWXzHM4LgqUhA&sm=phn&click_id=f1a0de4ffda52f161454304881f9075e-11246-1212&sub_id=parkdom&nrid=f4094887f2e24fecb802d82475f3e65b&tbd=864000&hash=fGAbryy1UlDlSqCPwvx_cw&exp=1733977606

Response headers

cf-cache-status: HIT
etag: "6747379a-2b56"
age: 7108
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=hj87tZ0FBYU8NVL9U6oH9DmAGTxOI0vkjx9%2FqO2GLx7UhsNcmSWjzVUt8WG1LQnjII2WGeEyJ8v6Xf6BmzNBCl4yvudTeSn0sqCgdg9uUSsp1xi9o4ItB%2FRdiP7s20EEOmAhFxM%3D"}],"group":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=31510&min_rtt=21600&rtt_var=8987&sent=541&recv=140&lost=0&retrans=0&sent_bytes=571633&recv_bytes=32012&delivery_rate=111&cwnd=99600&unsent_bytes=0&cid=d930a9eeca47e4ab&ts=4826&x=1", cfExtPri, cfHdrFlush;dur=30
date: Thu, 12 Dec 2024 04:21:51 GMT
content-type: image/jpeg
last-modified: Wed, 27 Nov 2024 15:15:38 GMT
vary: Accept-Encoding
priority: u=3,i
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 8f0aee13498cc461-EWR
accept-ranges: bytes
content-length: 11094
server: cloudflare

GET
H3 200 4.jpg
pa.topads-site.com/fdze4mod1i/assets/ 13 KB
14 KB 78ms
76ms Image
image/jpeg 172.67.190.135
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pa.topads-site.com/fdze4mod1i/assets/4.jpg
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.190.135 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://pa.topads-site.com/fdze4mod1i/?pl=W7-lkuObDEWXzHM4LgqUhA&sm=phn&click_id=f1a0de4ffda52f161454304881f9075e-11246-1212&sub_id=parkdom&nrid=f4094887f2e24fecb802d82475f3e65b&tbd=864000&hash=fGAbryy1UlDlSqCPwvx_cw&exp=1733977606

Response headers

cf-cache-status: HIT
etag: "6747379a-352b"
age: 7108
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=0773VFglZXGaHSWLXfsF%2BJ2V0vKmjNO%2Fbav9DV6EKsTfSUqYWJMt7sWc9gJpWUItYSx7AN64B1yxvuciA96Beme7oBOYiuVe6jIyVI%2FBSBuJWOAut39OVr5CipyDIjwp%2B14JoFM%3D"}],"group":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=31510&min_rtt=21600&rtt_var=8987&sent=541&recv=140&lost=0&retrans=0&sent_bytes=571633&recv_bytes=32012&delivery_rate=111&cwnd=99600&unsent_bytes=0&cid=d930a9eeca47e4ab&ts=4825&x=1", cfExtPri, cfHdrFlush;dur=31
date: Thu, 12 Dec 2024 04:21:51 GMT
content-type: image/jpeg
last-modified: Wed, 27 Nov 2024 15:15:38 GMT
vary: Accept-Encoding
priority: u=3,i
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 8f0aee13498fc461-EWR
accept-ranges: bytes
content-length: 13611
server: cloudflare

GET
H3 200 5.jpg
pa.topads-site.com/fdze4mod1i/assets/ 11 KB
12 KB 79ms
77ms Image
image/jpeg 172.67.190.135
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pa.topads-site.com/fdze4mod1i/assets/5.jpg
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.190.135 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://pa.topads-site.com/fdze4mod1i/?pl=W7-lkuObDEWXzHM4LgqUhA&sm=phn&click_id=f1a0de4ffda52f161454304881f9075e-11246-1212&sub_id=parkdom&nrid=f4094887f2e24fecb802d82475f3e65b&tbd=864000&hash=fGAbryy1UlDlSqCPwvx_cw&exp=1733977606

Response headers

cf-cache-status: HIT
etag: "6747379a-2dc1"
age: 7108
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=LLJfVogaPSdNp1IxcNAVfvJv8%2BJtqYpD4HTQCQkBFvDd7rcL3oybetDqiXUJSpv4Sh3zN%2BeWVlzxCCkyuyYvdfVtcIauJGqUUWE0KQiQ8kKs3pYVPM4pGFS99iAPD6Pw9CIyhUQ%3D"}],"group":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=31510&min_rtt=21600&rtt_var=8987&sent=541&recv=140&lost=0&retrans=0&sent_bytes=571633&recv_bytes=32012&delivery_rate=111&cwnd=99600&unsent_bytes=0&cid=d930a9eeca47e4ab&ts=4827&x=1", cfExtPri, cfHdrFlush;dur=31
date: Thu, 12 Dec 2024 04:21:51 GMT
content-type: image/jpeg
last-modified: Wed, 27 Nov 2024 15:15:38 GMT
vary: Accept-Encoding
priority: u=3,i
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 8f0aee134990c461-EWR
accept-ranges: bytes
content-length: 11713
server: cloudflare

GET
H2 200 8j1pxoa6lVSBuEk6LnFyGM_pxaU.br.css
r.bing.com/rp/ 1 KB
1 KB 121ms
73ms Stylesheet
text/css 23.44.201.20

General

Check archive.org

Show headers Download Go to

Full URL: https://r.bing.com/rp/8j1pxoa6lVSBuEk6LnFyGM_pxaU.br.css
Requested by: Host: www.bing.com
URL: https://www.bing.com/news
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.44.201.20 -, , ASN (),
Reverse DNS
Software: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash: 02735ca0389ca4b14f0eb6b4bd53d279887af449269a349e3bb8e09b1de1f212

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://www.bing.com/

Response headers

content-md5: snZEvTACesY6rlbEa7d1kg==
content-encoding: br
x-ms-version: 2009-09-19
etag: 0x8DCEC879128E6B9
x-ms-lease-status: unlocked
report-to: {"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://aefd.nelreports.net/api/report?cat=bingaotak"}]}
expires: Fri, 13 Dec 2024 11:02:49 GMT
alt-svc: h3=":443"; ma=93600
date: Thu, 12 Dec 2024 04:21:51 GMT
last-modified: Mon, 14 Oct 2024 19:36:57 GMT
content-type: text/css
cache-control: public, no-transform, max-age=110458
timing-allow-origin: *
nel: {"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":1.0}
x-ms-request-id: 68f360f2-001e-006c-5cbb-36f99a000000
access-control-allow-origin: *
content-length: 515
akamai-grn: 0.aaca2c17.1733977311.9f3e693
x-ms-blob-type: BlockBlob
server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0

GET
H2 200 -EZ3_E7ynAvG4WDjTxZ9rUpEwcA.br.js Show response
www.bing.com/rp/ 19 KB
8 KB 67ms
66ms Script
text/javascript 23.44.201.20

General

Check archive.org

Show headers Download Go to

Full URL: https://www.bing.com/rp/-EZ3_E7ynAvG4WDjTxZ9rUpEwcA.br.js
Requested by: Host: www.bing.com
URL: https://www.bing.com/news
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.44.201.20 -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 525fa9e3b57abee5ed411c5eba2f74dff25d2591bbc142a976de1604e2502d9e

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin: https://www.bing.com
Referer: https://www.bing.com/news

Response headers

content-md5: ubIJCEWm4UOwf1nNsWHafQ==
content-encoding: br
x-ms-version: 2009-09-19
etag: 0x8DD09299CE6ADE7
x-ms-lease-status: unlocked
report-to: {"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://aefd.nelreports.net/api/report?cat=bingaotak"}]}
expires: Mon, 25 Nov 2024 18:19:46 GMT
alt-svc: h3=":443"; ma=93600
date: Thu, 12 Dec 2024 04:21:51 GMT
last-modified: Wed, 20 Nov 2024 06:07:28 GMT
content-type: text/javascript; charset=utf-8
cache-control: public, no-transform, max-age=332511
nel: {"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":1.0}
timing-allow-origin: *
x-cdn-traceid: 0.aaca2c17.1733977311.9f3e65d
x-ms-request-id: 53ffa9b3-001e-0045-5a72-3b8fd8000000
access-control-allow-origin: *
content-length: 7594
akamai-grn: 0.2959c817.1732124285.7dc884cc
x-ms-blob-type: BlockBlob

GET
H2 200 X34ZXhnosR92xwKLdl9fnNZPvm4.br.css
r.bing.com/rp/ 29 KB
7 KB 73ms
72ms Stylesheet
text/css 23.44.201.20

General

Check archive.org

Show headers Download Go to

Full URL: https://r.bing.com/rp/X34ZXhnosR92xwKLdl9fnNZPvm4.br.css
Requested by: Host: www.bing.com
URL: https://www.bing.com/news
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.44.201.20 -, , ASN (),
Reverse DNS
Software: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash: d8f63a2b6f611cb810b052ce1506897d3853de261b55e05fdb2cb1f27e10b691

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://www.bing.com/

Response headers

content-md5: lP9NnSmszh0xlbqJaGiVIA==
content-encoding: br
x-ms-version: 2009-09-19
etag: 0x8DD049132243D17
x-ms-lease-status: unlocked
report-to: {"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://aefd.nelreports.net/api/report?cat=bingaotak"}]}
expires: Fri, 13 Dec 2024 03:03:17 GMT
alt-svc: h3=":443"; ma=93600
date: Thu, 12 Dec 2024 04:21:51 GMT
last-modified: Thu, 14 Nov 2024 09:46:21 GMT
content-type: text/css
cache-control: public, no-transform, max-age=81686
timing-allow-origin: *
nel: {"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":1.0}
x-ms-request-id: 16e07b5a-601e-0033-42c6-360b64000000
access-control-allow-origin: *
content-length: 6881
akamai-grn: 0.aaca2c17.1733977311.9f3e69b
x-ms-blob-type: BlockBlob
server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0

GET
H2 200 CZwKVRB4ciQqBqIc5xpa4fPkn8A.js Show response
r.bing.com/rs/6r/f0/jnc,nj/ 85 KB
32 KB 423ms
31ms Script
application/x-javascript 23.44.201.31

General

Check archive.org

Show headers Download Go to

Full URL: https://r.bing.com/rs/6r/f0/jnc,nj/CZwKVRB4ciQqBqIc5xpa4fPkn8A.js?or=w
Requested by: Host: www.bing.com
URL: https://www.bing.com/news
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.44.201.31 -, , ASN (),
Reverse DNS
Software: Kestrel /
Resource Hash: 0a6af207f11b2c723d038ee5744976820f07d77b8852912fe131a168b9053ba4

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin: https://www.bing.com
Referer: https://www.bing.com/

Response headers

x-as-machinename: BNZEEAP0002B5A3
x-eventid: 67237d5e8e454f38a3f518f6efc5a696
content-encoding: br
report-to: {"group":"csp-endpoint","max_age":86400,"endpoints":[{"url":"https://aefd.nelreports.net/api/report?cat=bingcsp"}]}, {"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://aefd.nelreports.net/api/report?cat=bingrms"}]}
expires: Mon, 16 Dec 2024 02:15:39 GMT
alt-svc: h3=":443"; ma=93600
x-as-instrumentationoptions: AppServerLoggingMaster=1
x-as-suppresssetcookie: 1
content-type: application/x-javascript; charset=utf-8
last-modified: Mon, 14 Oct 2024 12:41:15 GMT
access-control-allow-headers: *
date: Thu, 12 Dec 2024 04:21:52 GMT
nel: {"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":0.75}
cache-control: public, max-age=338027
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-security-policy-report-only: script-src https: 'strict-dynamic' 'report-sample' 'wasm-unsafe-eval' 'nonce-/guYmS587GJEJoI2etrGSoN21vpX8Xm1hvspJJ4N8Mo='; base-uri 'self';report-to csp-endpoint
useragentreductionoptout: A7kgTC5xdZ2WIVGZEfb1hUoNuvjzOZX3VIV/BA6C18kQOOF50Q0D3oWoAm49k3BQImkujKILc7JmPysWk3CSjwUAAACMeyJvcmlnaW4iOiJodHRwczovL3d3dy5iaW5nLmNvbTo0NDMiLCJmZWF0dXJlIjoiU2VuZEZ1bGxVc2VyQWdlbnRBZnRlclJlZHVjdGlvbiIsImV4cGlyeSI6MTY4NDg4NjM5OSwiaXNTdWJkb21haW4iOnRydWUsImlzVGhpcmRQYXJ0eSI6dHJ1ZX0=
access-control-allow-origin: *
content-length: 31783
akamai-grn: 0.a4ca2c17.1733977312.8e7dcfd
server: Kestrel

GET
H2 200 th
www.bing.com/ 4 KB
5 KB 66ms
65ms Image
image/jpeg 23.44.201.20

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.bing.com/th?id=ORMS.fd109371890aabe27b25aff06e448923&pid=Wdp&w=308&h=178&c=14&rs=2&qlt=30
Requested by: Host: www.bing.com
URL: https://www.bing.com/news
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.44.201.20 -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 73305aa90a83ba24d504f6f4cfac2148dd035b170c5b514f0c473cbf57f96e89

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://www.bing.com/news

Response headers

cache-control: public, max-age=2592000
timing-allow-origin: *
nel: {"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":1.0}
x-cdn-traceid: 0.aaca2c17.1733977311.9f3e6a1
report-to: {"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://aefd.nelreports.net/api/report?cat=bingth&ndcParam=QWthbWFp"}]}
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: *
alt-svc: h3=":443"; ma=93600
content-length: 4452
date: Thu, 12 Dec 2024 04:21:51 GMT
content-type: image/jpeg
access-control-allow-headers: *

GET
H2 200 th
www.bing.com/ 4 KB
5 KB 66ms
66ms Image
image/jpeg 23.44.201.20

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.bing.com/th?id=ORMS.1d3777a191e818e8ba43c1b658c7b213&pid=Wdp&w=308&h=178&c=14&rs=2&qlt=30
Requested by: Host: www.bing.com
URL: https://www.bing.com/news
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.44.201.20 -, , ASN (),
Reverse DNS
Software: /
Resource Hash: b0fc54cdca3cc1b39c507ee67da3fc14665b100b91ad3378f7a5b86555b811af

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://www.bing.com/news

Response headers

cache-control: public, max-age=2592000
timing-allow-origin: *
nel: {"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":1.0}
x-cdn-traceid: 0.aaca2c17.1733977311.9f3e6a2
report-to: {"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://aefd.nelreports.net/api/report?cat=bingth&ndcParam=QWthbWFp"}]}
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: *
alt-svc: h3=":443"; ma=93600
content-length: 4586
date: Thu, 12 Dec 2024 04:21:51 GMT
content-type: image/jpeg
access-control-allow-headers: *

GET
H2 200 th
www.bing.com/ 5 KB
6 KB 68ms
60ms Image
image/jpeg 23.44.201.20

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.bing.com/th?id=OVFT.1ZiZIY-6BKvZl3H0mzQhxi&pid=News&w=308&h=178&c=14&rs=2&qlt=30
Requested by: Host: www.bing.com
URL: https://www.bing.com/news
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.44.201.20 -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 58a5412cf7c1f48b94fd8136b07a212d54bc30fae81e56bf296b5f3cb99bec7e

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://www.bing.com/news

Response headers

cache-control: public, max-age=2592000
timing-allow-origin: *
nel: {"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":1.0}
x-cdn-traceid: 0.aaca2c17.1733977311.9f3e72b
report-to: {"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://aefd.nelreports.net/api/report?cat=bingth&ndcParam=QWthbWFp"}]}
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: *
alt-svc: h3=":443"; ma=93600
content-length: 5477
date: Thu, 12 Dec 2024 04:21:51 GMT
content-type: image/jpeg
access-control-allow-headers: *

GET
H2 200 th
www.bing.com/ 6 KB
6 KB 69ms
61ms Image
image/jpeg 23.44.201.20

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.bing.com/th?id=ORMS.8dfd833404d7c5dde5214e2ffe549c6b&pid=Wdp&w=308&h=178&c=14&rs=2&qlt=30
Requested by: Host: www.bing.com
URL: https://www.bing.com/news
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.44.201.20 -, , ASN (),
Reverse DNS
Software: /
Resource Hash: a9793b59b3a940b4fe7d8621296b3e419951efee432c416b20959f502e4d21fb

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://www.bing.com/news

Response headers

cache-control: public, max-age=2592000
timing-allow-origin: *
nel: {"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":1.0}
x-cdn-traceid: 0.aaca2c17.1733977311.9f3e72c
report-to: {"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://aefd.nelreports.net/api/report?cat=bingth&ndcParam=QWthbWFp"}]}
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: *
alt-svc: h3=":443"; ma=93600
content-length: 5731
date: Thu, 12 Dec 2024 04:21:51 GMT
content-type: image/jpeg
access-control-allow-headers: *

GET
H2 200 th
www.bing.com/ 6 KB
6 KB 69ms
62ms Image
image/jpeg 23.44.201.20

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.bing.com/th?id=OVFT.DMVMBM3A-tvc2qS_AYZHMC&pid=News&w=308&h=178&c=14&rs=2&qlt=30
Requested by: Host: www.bing.com
URL: https://www.bing.com/news
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.44.201.20 -, , ASN (),
Reverse DNS
Software: /
Resource Hash: ff2d02c1a69f7644b6b9cf3911baa0feabd9d189a2a10a4a296ef7db369f57f0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://www.bing.com/news

Response headers

cache-control: public, max-age=2592000
timing-allow-origin: *
nel: {"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":1.0}
x-cdn-traceid: 0.aaca2c17.1733977311.9f3e72d
report-to: {"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://aefd.nelreports.net/api/report?cat=bingth&ndcParam=QWthbWFp"}]}
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: *
alt-svc: h3=":443"; ma=93600
content-length: 6015
date: Thu, 12 Dec 2024 04:21:51 GMT
content-type: image/jpeg
access-control-allow-headers: *

GET
H2 200 th
www.bing.com/ 1 KB
2 KB 70ms
64ms Image
image/jpeg 23.44.201.20

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.bing.com/th?id=ORMS.b5edb181d7e28180db631c70766beaf9&pid=Wdp&w=66&h=66&c=14&rs=2&qlt=30
Requested by: Host: www.bing.com
URL: https://www.bing.com/news
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.44.201.20 -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 18ce802614c49e87b5ce34344fa36d7c251d13abe25b299cb909731d7ae296fe

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://www.bing.com/news

Response headers

cache-control: public, max-age=2592000
timing-allow-origin: *
nel: {"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":1.0}
x-cdn-traceid: 0.aaca2c17.1733977311.9f3e72e
report-to: {"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://aefd.nelreports.net/api/report?cat=bingth&ndcParam=QWthbWFp"}]}
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: *
alt-svc: h3=":443"; ma=93600
content-length: 1427
date: Thu, 12 Dec 2024 04:21:51 GMT
content-type: image/jpeg
access-control-allow-headers: *

GET
H2 200 th
www.bing.com/ 1 KB
2 KB 76ms
69ms Image
image/jpeg 23.44.201.20

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.bing.com/th?id=OVFT.zxIPZMvERIUWrjySVUdeyi&pid=News&w=66&h=66&c=14&rs=2&qlt=30
Requested by: Host: www.bing.com
URL: https://www.bing.com/news
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.44.201.20 -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 0f7c206d9812ce4a79699a1391dc94c17d672266b2eb4cab1781161d0d383f70

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://www.bing.com/news

Response headers

cache-control: public, max-age=2592000
timing-allow-origin: *
nel: {"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":1.0}
x-cdn-traceid: 0.aaca2c17.1733977311.9f3e72f
report-to: {"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://aefd.nelreports.net/api/report?cat=bingth&ndcParam=QWthbWFp"}]}
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: *
alt-svc: h3=":443"; ma=93600
content-length: 1237
date: Thu, 12 Dec 2024 04:21:51 GMT
content-type: image/jpeg
access-control-allow-headers: *

GET
H2 200 th
www.bing.com/ 2 KB
2 KB 76ms
70ms Image
image/jpeg 23.44.201.20

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.bing.com/th?id=OVFT.QAPVV2Ov8KrHvoBwB62GhS&pid=News&w=66&h=66&c=14&rs=2&qlt=30
Requested by: Host: www.bing.com
URL: https://www.bing.com/news
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.44.201.20 -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 48a46d74a13c81d42c496c05521c08205f84adfc1d12d23d925b4daf4c15c268

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://www.bing.com/news

Response headers

cache-control: public, max-age=2592000
timing-allow-origin: *
nel: {"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":1.0}
x-cdn-traceid: 0.aaca2c17.1733977311.9f3e730
report-to: {"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://aefd.nelreports.net/api/report?cat=bingth&ndcParam=QWthbWFp"}]}
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: *
alt-svc: h3=":443"; ma=93600
content-length: 1653
date: Thu, 12 Dec 2024 04:21:51 GMT
content-type: image/jpeg
access-control-allow-headers: *

GET
H2 200 th
www.bing.com/ 1 KB
2 KB 85ms
79ms Image
image/jpeg 23.44.201.20

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.bing.com/th?id=OVFT.nj0ANoRQud2xzq-6LsAjHS&pid=News&w=66&h=66&c=14&rs=2&qlt=30
Requested by: Host: www.bing.com
URL: https://www.bing.com/news
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.44.201.20 -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 7f3e328b08cd318cc2dfa33be5509f5e8a487830d7dff898958192be70d91cba

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://www.bing.com/news

Response headers

cache-control: public, max-age=2592000
timing-allow-origin: *
nel: {"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":1.0}
x-cdn-traceid: 0.aaca2c17.1733977311.9f3e731
report-to: {"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://aefd.nelreports.net/api/report?cat=bingth&ndcParam=QWthbWFp"}]}
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: *
alt-svc: h3=":443"; ma=93600
content-length: 1429
date: Thu, 12 Dec 2024 04:21:51 GMT
content-type: image/jpeg
access-control-allow-headers: *

GET
H2 200 th
www.bing.com/ 1 KB
2 KB 76ms
70ms Image
image/jpeg 23.44.201.20

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.bing.com/th?id=OVFT.6WLlfYz16JUFSBjMOHkrHC&pid=News&w=66&h=66&c=14&rs=2&qlt=30
Requested by: Host: www.bing.com
URL: https://www.bing.com/news
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.44.201.20 -, , ASN (),
Reverse DNS
Software: /
Resource Hash: cf26eb183ebfc14b826c29cddd9cb95a1fd170558da95eefd3e05d38f6e817fc

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://www.bing.com/news

Response headers

cache-control: public, max-age=2592000
timing-allow-origin: *
nel: {"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":1.0}
x-cdn-traceid: 0.aaca2c17.1733977311.9f3e732
report-to: {"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://aefd.nelreports.net/api/report?cat=bingth&ndcParam=QWthbWFp"}]}
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: *
alt-svc: h3=":443"; ma=93600
content-length: 1521
date: Thu, 12 Dec 2024 04:21:51 GMT
content-type: image/jpeg
access-control-allow-headers: *

GET
H2 200 th
www.bing.com/ 1 KB
2 KB 76ms
71ms Image
image/jpeg 23.44.201.20

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.bing.com/th?id=OVFT.JBOqk6VkuV6QFJ2KtMtgCy&pid=News&w=66&h=66&c=14&rs=2&qlt=30
Requested by: Host: www.bing.com
URL: https://www.bing.com/news
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.44.201.20 -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 8f80b40861f1f0ddb1013f68fdc0f57cca5f3aa3e1754439edb0eac5d6288d8d

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://www.bing.com/news

Response headers

cache-control: public, max-age=2592000
timing-allow-origin: *
nel: {"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":1.0}
x-cdn-traceid: 0.aaca2c17.1733977311.9f3e733
report-to: {"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://aefd.nelreports.net/api/report?cat=bingth&ndcParam=QWthbWFp"}]}
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: *
alt-svc: h3=":443"; ma=93600
content-length: 1221
date: Thu, 12 Dec 2024 04:21:51 GMT
content-type: image/jpeg
access-control-allow-headers: *

GET
H2 200 th
www.bing.com/ 7 KB
7 KB 76ms
72ms Image
image/jpeg 23.44.201.20

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.bing.com/th?id=OVFT.FvGZ0WxTF5rgZToJCPXavi&pid=News&w=300&h=200&c=14&rs=2&qlt=30
Requested by: Host: www.bing.com
URL: https://www.bing.com/news
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.44.201.20 -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 370d045aa7d2f0af1ef6c2e467879fa2d7fef68f7ab48403e208e6328f6f29ec

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://www.bing.com/news

Response headers

cache-control: public, max-age=2592000
timing-allow-origin: *
nel: {"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":1.0}
x-cdn-traceid: 0.aaca2c17.1733977311.9f3e734
report-to: {"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://aefd.nelreports.net/api/report?cat=bingth&ndcParam=QWthbWFp"}]}
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: *
alt-svc: h3=":443"; ma=93600
content-length: 6950
date: Thu, 12 Dec 2024 04:21:51 GMT
content-type: image/jpeg
access-control-allow-headers: *

GET
H2 200 th
www.bing.com/ 8 KB
8 KB 86ms
81ms Image
image/jpeg 23.44.201.20

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.bing.com/th?id=OVFT.LZsMm338lsDehCt964ly7S&pid=News&w=300&h=200&c=14&rs=2&qlt=30
Requested by: Host: www.bing.com
URL: https://www.bing.com/news
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.44.201.20 -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 914e700ed090b9188488cdb8adfc60d5fa96e3ee07fa2d841db695d868809732

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://www.bing.com/news

Response headers

cache-control: public, max-age=2592000
timing-allow-origin: *
nel: {"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":1.0}
x-cdn-traceid: 0.aaca2c17.1733977311.9f3e735
report-to: {"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://aefd.nelreports.net/api/report?cat=bingth&ndcParam=QWthbWFp"}]}
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: *
alt-svc: h3=":443"; ma=93600
content-length: 7855
date: Thu, 12 Dec 2024 04:21:51 GMT
content-type: image/jpeg
access-control-allow-headers: *

GET
H2 200 th
www.bing.com/ 10 KB
10 KB 86ms
82ms Image
image/jpeg 23.44.201.20

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.bing.com/th?id=OVFT.cFhrPsqmFbqOVbvLr5mDhy&pid=News&w=300&h=200&c=14&rs=2&qlt=30
Requested by: Host: www.bing.com
URL: https://www.bing.com/news
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.44.201.20 -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 1f3037f427b0651f962483d0639aff39d94819adee525f2db475a18e2c1afdae

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://www.bing.com/news

Response headers

cache-control: public, max-age=2592000
timing-allow-origin: *
nel: {"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":1.0}
x-cdn-traceid: 0.aaca2c17.1733977311.9f3e736
report-to: {"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://aefd.nelreports.net/api/report?cat=bingth&ndcParam=QWthbWFp"}]}
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: *
alt-svc: h3=":443"; ma=93600
content-length: 9940
date: Thu, 12 Dec 2024 04:21:51 GMT
content-type: image/jpeg
access-control-allow-headers: *

GET
H2 200 th
www.bing.com/ 8 KB
9 KB 92ms
88ms Image
image/jpeg 23.44.201.20

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.bing.com/th?id=OVFT.kT3G7PgRei61MmgWKZXMpC&pid=News&w=300&h=200&c=14&rs=2&qlt=30
Requested by: Host: www.bing.com
URL: https://www.bing.com/news
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.44.201.20 -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 982e27051d37cbf097036191309417143cf1f85e3f90fa687a7732538c5122df

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://www.bing.com/news

Response headers

cache-control: public, max-age=2592000
timing-allow-origin: *
nel: {"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":1.0}
x-cdn-traceid: 0.aaca2c17.1733977311.9f3e737
report-to: {"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://aefd.nelreports.net/api/report?cat=bingth&ndcParam=QWthbWFp"}]}
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: *
alt-svc: h3=":443"; ma=93600
content-length: 8501
date: Thu, 12 Dec 2024 04:21:51 GMT
content-type: image/jpeg
access-control-allow-headers: *

GET
H2 200 th
www.bing.com/ 9 KB
10 KB 87ms
83ms Image
image/jpeg 23.44.201.20

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.bing.com/th?id=ORMS.2f2defff528e8f9ed7e3f181305b0497&pid=Wdp&w=300&h=200&c=14&rs=2&qlt=30
Requested by: Host: www.bing.com
URL: https://www.bing.com/news
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.44.201.20 -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 6da0347896cbc001f4d52a99607ade78afb58482d7f477bd1dbc2918d92f8377

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://www.bing.com/news

Response headers

cache-control: public, max-age=2592000
timing-allow-origin: *
nel: {"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":1.0}
x-cdn-traceid: 0.aaca2c17.1733977311.9f3e740
report-to: {"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://aefd.nelreports.net/api/report?cat=bingth&ndcParam=QWthbWFp"}]}
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: *
alt-svc: h3=":443"; ma=93600
content-length: 9426
date: Thu, 12 Dec 2024 04:21:51 GMT
content-type: image/jpeg
access-control-allow-headers: *

GET
H2 200 X36VNDAC44NgoMtBJ54W0f5aDP8.png
r.bing.com/rp/ 229 B
822 B 84ms
80ms Image
image/png 23.44.201.20

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://r.bing.com/rp/X36VNDAC44NgoMtBJ54W0f5aDP8.png
Requested by: Host: www.bing.com
URL: https://www.bing.com/news
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.44.201.20 -, , ASN (),
Reverse DNS
Software: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash: c66cf10a2e1ee46e56380c7d98d59a42a87e0317a283c63b389643710de56f56

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://www.bing.com/

Response headers

content-md5: 3TQxU4vWqZvFyuSag0k4zA==
x-ms-version: 2009-09-19
x-ms-lease-status: unlocked
etag: 0x8DCD88EAA11BE8D
report-to: {"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://aefd.nelreports.net/api/report?cat=bingaotak"}]}
expires: Fri, 13 Dec 2024 06:03:28 GMT
alt-svc: h3=":443"; ma=93600
date: Thu, 12 Dec 2024 04:21:51 GMT
last-modified: Thu, 19 Sep 2024 09:37:23 GMT
content-type: image/png
cache-control: public, no-transform, max-age=92497
timing-allow-origin: *
nel: {"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":1.0}
x-ms-request-id: b85f2a19-101e-0078-23e6-143afe000000
access-control-allow-origin: *
content-length: 229
akamai-grn: 0.aaca2c17.1733977311.9f3e741
x-ms-blob-type: BlockBlob
server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0

GET
H2 200 fR5Lloge8ADOj_fhhjhY_5ZehaU.br.js Show response
r.bing.com/rp/ 942 B
1 KB 359ms
44ms Script
text/javascript 23.44.201.31

General

Check archive.org

Show headers Download Go to

Full URL: https://r.bing.com/rp/fR5Lloge8ADOj_fhhjhY_5ZehaU.br.js
Requested by: Host: www.bing.com
URL: https://www.bing.com/news
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.44.201.31 -, , ASN (),
Reverse DNS
Software: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash: c336ef4f4bdcd30e14778115c208f64423618e2c0ea8dbe9128db5861f88536c

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin: https://www.bing.com
Referer: https://www.bing.com/

Response headers

content-md5: LEeKMPMOEm6Ji3MsKdF8lQ==
content-encoding: br
x-ms-version: 2009-09-19
etag: 0x8DCD88FDB2E6100
x-ms-lease-status: unlocked
report-to: {"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://aefd.nelreports.net/api/report?cat=bingaotak"}]}
expires: Mon, 16 Dec 2024 00:54:31 GMT
alt-svc: h3=":443"; ma=93600
date: Thu, 12 Dec 2024 04:21:52 GMT
last-modified: Thu, 19 Sep 2024 09:45:54 GMT
content-type: text/javascript; charset=utf-8
cache-control: public, no-transform, max-age=333159
timing-allow-origin: *
nel: {"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":1.0}
x-ms-request-id: 03e64ebb-101e-001e-5d17-1788a4000000
access-control-allow-origin: *
content-length: 489
akamai-grn: 0.a4ca2c17.1733977312.8e7dd01
x-ms-blob-type: BlockBlob
server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0

GET
H2 200 qwce00QJxdHzNxXh5H1mBc8QgBU.br.js Show response
r.bing.com/rp/ 280 B
797 B 358ms
44ms Script
text/javascript 23.44.201.31

General

Check archive.org

Show headers Download Go to

Full URL: https://r.bing.com/rp/qwce00QJxdHzNxXh5H1mBc8QgBU.br.js
Requested by: Host: www.bing.com
URL: https://www.bing.com/news
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.44.201.31 -, , ASN (),
Reverse DNS
Software: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash: 02f6e697a3aab3be32f5fb28488862bf9ed344b4d60ccdf85cd1e244ff285c62

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin: https://www.bing.com
Referer: https://www.bing.com/

Response headers

content-md5: v9w4V2ItZPq2nYGNSEmAzA==
content-encoding: br
x-ms-version: 2009-09-19
etag: 0x8DCD890F8606BAA
x-ms-lease-status: unlocked
report-to: {"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://aefd.nelreports.net/api/report?cat=bingaotak"}]}
expires: Tue, 17 Dec 2024 03:39:58 GMT
alt-svc: h3=":443"; ma=93600
date: Thu, 12 Dec 2024 04:21:52 GMT
last-modified: Thu, 19 Sep 2024 09:53:53 GMT
content-type: text/javascript; charset=utf-8
cache-control: public, no-transform, max-age=429486
timing-allow-origin: *
nel: {"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":1.0}
x-ms-request-id: f7644f35-d01e-0047-53ba-168d22000000
access-control-allow-origin: *
content-length: 181
akamai-grn: 0.a4ca2c17.1733977312.8e7dcff
x-ms-blob-type: BlockBlob
server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0

GET
H2 200 0KrsBMKWyD66Rwt3tiMAonQOyGw.br.js Show response
r.bing.com/rp/ 76 B
680 B 357ms
43ms Script
text/javascript 23.44.201.31

General

Check archive.org

Show headers Download Go to

Full URL: https://r.bing.com/rp/0KrsBMKWyD66Rwt3tiMAonQOyGw.br.js
Requested by: Host: www.bing.com
URL: https://www.bing.com/news
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.44.201.31 -, , ASN (),
Reverse DNS
Software: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash: 8149ebbab97636b492c4577e5d86b65001e672718bbd01218d8888b9989e7e4e

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin: https://www.bing.com
Referer: https://www.bing.com/

Response headers

content-md5: z5nlqd31IzcYeLY5KGuaJg==
content-encoding: br
x-ms-version: 2009-09-19
etag: 0x8DCEC862D6A0D11
x-ms-lease-status: unlocked
report-to: {"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://aefd.nelreports.net/api/report?cat=bingaotak"}]}
expires: Sun, 15 Dec 2024 14:51:38 GMT
alt-svc: h3=":443"; ma=93600
date: Thu, 12 Dec 2024 04:21:52 GMT
last-modified: Mon, 14 Oct 2024 19:27:01 GMT
content-type: text/javascript; charset=utf-8
cache-control: public, no-transform, max-age=296986
timing-allow-origin: *
nel: {"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":1.0}
x-ms-request-id: 5ff37aee-d01e-0047-16e7-218d22000000
access-control-allow-origin: *
content-length: 68
akamai-grn: 0.a4ca2c17.1733977312.8e7dd00
x-ms-blob-type: BlockBlob
server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0

GET
H2 200 yG-VKtw9KVp4guUc78vx7p1Xo98.br.js Show response
r.bing.com/rp/ 2 KB
2 KB 359ms
45ms Script
text/javascript 23.44.201.31

General

Check archive.org

Show headers Download Go to

Full URL: https://r.bing.com/rp/yG-VKtw9KVp4guUc78vx7p1Xo98.br.js
Requested by: Host: www.bing.com
URL: https://www.bing.com/news
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.44.201.31 -, , ASN (),
Reverse DNS
Software: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash: 17223dfcebe207a74d3638e5c03424a7989a835a55aa7d89a7ee12e9ac0ef9e9

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin: https://www.bing.com
Referer: https://www.bing.com/

Response headers

content-md5: obKYbgVyeZWj0Mk5+rsF1Q==
content-encoding: br
x-ms-version: 2009-09-19
etag: 0x8DD0EB4A9C775E4
x-ms-lease-status: unlocked
report-to: {"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://aefd.nelreports.net/api/report?cat=bingaotak"}]}
expires: Sat, 14 Dec 2024 05:42:56 GMT
alt-svc: h3=":443"; ma=93600
date: Thu, 12 Dec 2024 04:21:52 GMT
content-type: text/javascript; charset=utf-8
last-modified: Wed, 27 Nov 2024 07:25:26 GMT
nel: {"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":1.0}
cache-control: public, no-transform, max-age=177664
timing-allow-origin: *
x-ms-request-id: b5a82323-a01e-006a-5787-460ee2000000
access-control-allow-origin: *
content-length: 1012
akamai-grn: 0.8b463917.1733350649.13c2b8c, 0.9e463917.1733351473.a54274c, 0.a4ca2c17.1733977312.8e7dcfe
x-ms-blob-type: BlockBlob
server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0

GET
H2 200 ytiieusXgM2K8bLkEDP-AS1ePds.png
r.bing.com/rp/ 109 B
702 B 83ms
80ms Image
image/png 23.44.201.20

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://r.bing.com/rp/ytiieusXgM2K8bLkEDP-AS1ePds.png
Requested by: Host: www.bing.com
URL: https://www.bing.com/news
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.44.201.20 -, , ASN (),
Reverse DNS
Software: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash: bc2fafdf3346ba2de5004898e2c58e47182fda26518d240fd1b0628e6329ed1d

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://www.bing.com/

Response headers

content-md5: WjmO2nysm67xmONlqywoRQ==
x-ms-version: 2009-09-19
x-ms-lease-status: unlocked
etag: 0x8DCD8920311AB40
report-to: {"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://aefd.nelreports.net/api/report?cat=bingaotak"}]}
expires: Sat, 14 Dec 2024 07:10:48 GMT
alt-svc: h3=":443"; ma=93600
date: Thu, 12 Dec 2024 04:21:51 GMT
last-modified: Thu, 19 Sep 2024 10:01:20 GMT
content-type: image/png
cache-control: public, no-transform, max-age=182937
timing-allow-origin: *
nel: {"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":1.0}
x-ms-request-id: 907fda30-701e-002c-536f-18d074000000
access-control-allow-origin: *
content-length: 109
akamai-grn: 0.aaca2c17.1733977311.9f3e742
x-ms-blob-type: BlockBlob
server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0

GET
DATA 200
OK truncated
/ 68 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 643ac89572093a4c907c1af802b3d354453c64d545dc3f1be1ce689046064511

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://www.bing.com/

Response headers

Content-Type: image/png

GET
H2 200 kAwiv9gc4HPfHSU3xUQp2Xqm5wA.png
www.bing.com/rp/ 9 KB
10 KB 69ms
68ms Image
image/png 23.44.201.20

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.bing.com/rp/kAwiv9gc4HPfHSU3xUQp2Xqm5wA.png
Requested by: Host: www.bing.com
URL: https://www.bing.com/news
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.44.201.20 -, , ASN (),
Reverse DNS
Software: /
Resource Hash: fbf7fe8197902b32ce2c83f05db73255553c716ac7b084ff1878e617963d0f51

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://www.bing.com/news

Response headers

content-md5: GUexVzkiHrDbJxwd2PleRg==
akamai-amd-bc-debug: [a=23.198.215.137,b=898732048,c=c,d=1733807145,h=304,k=1,l=0,n=US_NJ_PISCATAWAY,o=20940,r=1]
x-ms-version: 2009-09-19
x-ms-lease-status: unlocked
etag: 0x8DCD89041252B92
report-to: {"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://aefd.nelreports.net/api/report?cat=bingaotak"}]}
expires: Thu, 07 Nov 2024 01:05:03 GMT
alt-svc: h3=":443"; ma=93600
date: Thu, 12 Dec 2024 04:21:51 GMT
last-modified: Thu, 19 Sep 2024 09:48:45 GMT
content-type: image/png
cache-control: public, no-transform, max-age=430077
timing-allow-origin: *
nel: {"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":1.0}
x-cdn-traceid: 0.aaca2c17.1733977311.9f3e743
x-ms-request-id: a3106b97-001e-0023-678e-153d82000000
access-control-allow-origin: *
content-length: 9310
akamai-grn: 0.91f3da17.1733887594.1a9106fc
x-ms-blob-type: BlockBlob

GET
DATA 200
OK truncated
/ 42 B
0 Image
image/gif

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://www.bing.com/

Response headers

Content-Type: image/gif

OPTIONS partners
ads.msn.com/ 0
0

GET
DATA 200
OK truncated
/ 870 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://www.bing.com/

Response headers

Content-Type: image/svg+xml

POST partners
ads.msn.com/ 0
0

GET qZeFzs7d4zbqMjvSUX0ww-DN1bY.png
www.bing.com/rp/ 0
0

GET ZricD7XDh2XWjN68qgUU8lqqArQ.png
www.bing.com/rp/ 0
0

GET oTTencFaM9pqcB0XZcRB3MYB8Uc.png
www.bing.com/rp/ 0
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: pa.topads-site.com
URL: https://pa.topads-site.com/ps/ps.js?&edg=true&sw=&fullscreen=true&pl=true&pp=false&id=W7-lkuObDEWXzHM4LgqUhA&sm=phn&click_id=f1a0de4ffda52f161454304881f9075e-11246-1212&sub_id=parkdom&appspot=&d=https%3A%2F%2Fpa.topads-site.com&timeout=864000&tb=true&nrid=f4094887f2e24fecb802d82475f3e65b

Domain: ads.msn.com
URL: https://ads.msn.com/partners?ocid=BingNewsBrowse&apikey=pWikTTBJ9kfC1SEMp551YadtWpusjFmtbLaRCzNYGA

Domain: ads.msn.com
URL: https://ads.msn.com/partners?ocid=BingNewsBrowse&apikey=pWikTTBJ9kfC1SEMp551YadtWpusjFmtbLaRCzNYGA

Domain: www.bing.com
URL: https://www.bing.com/rp/qZeFzs7d4zbqMjvSUX0ww-DN1bY.png

Domain: www.bing.com
URL: https://www.bing.com/rp/ZricD7XDh2XWjN68qgUU8lqqArQ.png

Domain: www.bing.com
URL: https://www.bing.com/rp/oTTencFaM9pqcB0XZcRB3MYB8Uc.png

Verdicts & Comments Add Verdict or Comment

0 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

8 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.main.proffering.xyz/	1970-01-21 01:41:03	Name: 15GUILo Value: 1
.main.proffering.xyz/	1970-01-21 01:41:03	Name: pc-cid Value: f1a0de4ffda52f161454304881f9075e-11246-1212
.main.proffering.xyz/	1970-01-21 01:41:03	Name: pc-campaign Value: 15GUIL
.main.proffering.xyz/	1969-12-31 23:59:59	Name: pc-linf Value:
qwfuu.altaircastor.com/	1970-01-21 01:45:22	Name: W7-lkuObDEWXzHM4LgqUhA Value: 19
qwfuu.altaircastor.com/	1970-01-21 11:15:37	Name: __pl Value: 8936ac5d-fff3-42c6-9993-a46cc9c5bb6f
qwfuu.altaircastor.com/	1970-01-21 01:39:40	Name: __cap Value: 1
qwfuu.topads-site.com/	1970-01-21 11:15:37	Name: __psu Value: 5e795746-3251-4e85-bdae-b74a0d66f720

1 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
rendering	warning	URL: https://longi-cba.com/zclkvisitor/97e41664-b840-11ef-89e3-0afff75116cd/1304ac30-8585-11eb-af9e-0a51339b19df?campaignid=201c7200-9877-11ef-a47d-12832fc4c381 Message: [GroupMarkerNotSet(crbug.com/242999)!:A070670024020000]Automatic fallback to software WebGL has been deprecated. Please use the --enable-unsafe-swiftshader flag to opt in to lower security guarantees for trusted content.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ads.msn.com
d38psrni17bvxu.cloudfront.net
longi-cba.com
main.proffering.xyz
pa.topads-site.com
qwfuu.altaircastor.com
qwfuu.topads-site.com
r.bing.com
www.bing.com
www.gstatic.com
www.service.sexyclicks.com
ads.msn.com
pa.topads-site.com
www.bing.com
13.33.251.117
142.250.65.227
147.182.253.216
172.67.186.42
172.67.190.135
23.44.201.20
23.44.201.31
3.231.99.165
75.2.18.233
02735ca0389ca4b14f0eb6b4bd53d279887af449269a349e3bb8e09b1de1f212
02f6e697a3aab3be32f5fb28488862bf9ed344b4d60ccdf85cd1e244ff285c62
036c94653e84e6078c087abeb3ac8804491d27b27938839ae3df42b31e2238d9
098b2a4c2b05fc238c6eae8654ea2a3bc9d5fac7c59cb420242d405fcc83ed47
0a6af207f11b2c723d038ee5744976820f07d77b8852912fe131a168b9053ba4
0f7c206d9812ce4a79699a1391dc94c17d672266b2eb4cab1781161d0d383f70
17223dfcebe207a74d3638e5c03424a7989a835a55aa7d89a7ee12e9ac0ef9e9
1824cd327adc006e13218157aa28338d22249c3b2a7fcfa090072b8dfdf08a87
18ce802614c49e87b5ce34344fa36d7c251d13abe25b299cb909731d7ae296fe
1f3037f427b0651f962483d0639aff39d94819adee525f2db475a18e2c1afdae
2136eb8d16f6998845c22535c39ecac94988841782a6fae6175e81f4e8af3cee
21f1d62f222007068c793f0947d98f4ccb7c1595adb68efeb783390fdd8b5522
30e5565eaab1c6a67ec00664541e8c7fbaab307ceb3022a3e00d1ed0a376d46f
34a3bc9a7aee67e35d57d4bb0bdccf08c3639da85d2421c58f6c4a92f5eee5e1
350f1f402cbef880c0609948ef9c67d90bf7ec4a9ad1e48cbbd81b43becdfafd
370d045aa7d2f0af1ef6c2e467879fa2d7fef68f7ab48403e208e6328f6f29ec
44d3bf237a20f5d36a663aedd4a909a6118e6e35d6fe84971861f5638c070ecd
48a46d74a13c81d42c496c05521c08205f84adfc1d12d23d925b4daf4c15c268
49ed9b1e7e3fe88fb51a8a4c1adc5d3c24cb11f7363bd02e294fb732758edb21
4fad6c5d1cd5bdb7eea1b216774e831a6e59a11ddcc8b0881747a4d278d86940
525fa9e3b57abee5ed411c5eba2f74dff25d2591bbc142a976de1604e2502d9e
55fddecdb3ed8e536018523555d995f39f85304bbc00f65ab96472236b57a49a
58a5412cf7c1f48b94fd8136b07a212d54bc30fae81e56bf296b5f3cb99bec7e
5d4408762f9d1774f06dabc68534482080329ec4d0b9a6c342a4435a7930dcd7
626b570f2ffdf83add77f51246ccb195fec4c15e4289173b8183cd47e7cfd763
643ac89572093a4c907c1af802b3d354453c64d545dc3f1be1ce689046064511
6da0347896cbc001f4d52a99607ade78afb58482d7f477bd1dbc2918d92f8377
6e1e474a8fc326cd06593e0c1a55d0e73126ada3bf169713b847e82d28646773
73305aa90a83ba24d504f6f4cfac2148dd035b170c5b514f0c473cbf57f96e89
7482cf4d44518772564144cead954c6bce6aeb83c6339205100bc718145228c6
7f3e328b08cd318cc2dfa33be5509f5e8a487830d7dff898958192be70d91cba
8149ebbab97636b492c4577e5d86b65001e672718bbd01218d8888b9989e7e4e
8f80b40861f1f0ddb1013f68fdc0f57cca5f3aa3e1754439edb0eac5d6288d8d
8fe7a1ca687ce722902004dae991d26544e415043eac429d4cc153611712df16
914e700ed090b9188488cdb8adfc60d5fa96e3ee07fa2d841db695d868809732
9499f211ffcce50cc6924ed4b36e6d53a7bcbfce19172b5b5918d9f616adc7b7
982e27051d37cbf097036191309417143cf1f85e3f90fa687a7732538c5122df
9ee7f1aecdeb64f4ce54c5d0b7ea3d92b2e9d06a7f9cb7b793e39262cda05996
a202b2051ea9810cd9ba592b3f9418a89e2062f5c185e29e288080b28eb64fe5
a77b6918c2799981aa1a09fc5f787ff109883093f2efd28beaf79031f5a8ac02
a9793b59b3a940b4fe7d8621296b3e419951efee432c416b20959f502e4d21fb
af0bb8b7a4d64839b86f8ee7fd4c1e9e0cd914e00e73006921ebace3cdc24047
b0fc54cdca3cc1b39c507ee67da3fc14665b100b91ad3378f7a5b86555b811af
b0fe8ace388ec8556bcdd46cd30a03ddaadcf80d124e9052f2a19a27061829f7
b43ef171c22c73c4c2644ee0b8094997496c3b7e7886deb93380ac5fa975a8fd
bc2fafdf3346ba2de5004898e2c58e47182fda26518d240fd1b0628e6329ed1d
bfa510c4b10dcd3c82b78bebe5a955e3b9a04565a46a3d5df27024af2e547668
c336ef4f4bdcd30e14778115c208f64423618e2c0ea8dbe9128db5861f88536c
c46c955ff315766d3f9454fae48c7043233a2490689086c8613dbb37bca8fc46
c66cf10a2e1ee46e56380c7d98d59a42a87e0317a283c63b389643710de56f56
c9f4e1af6dae5a9aa102b26ff4a5fe946b07557758028371710ef8e811459d58
cd2332792852c2a4c36d68e5eca29051c31d1644d61646b691615aa6ceeaa49e
cf26eb183ebfc14b826c29cddd9cb95a1fd170558da95eefd3e05d38f6e817fc
d8f63a2b6f611cb810b052ce1506897d3853de261b55e05fdb2cb1f27e10b691
deaddba93625d2c7610076927fcd37afadad9324ca3210a2bb12784d313dd788
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e7547c638fcf80efaf78ad599a3c81598071b8bab934f288d8792968f39f7838
e82488e5acfb2776dcb5f0b6f2029f3709b0c9fa9534dab1b3aa653a5af35e6d
e9de09f269bed108c6c88f6f5f0650db1547a23e6f180b5fd212869cd7b4990c
edb8c2bdc0f5612a5bf789af233ccaa63dd3751fbfaffb01be48e6e43e78b0bc
f71320d61eb339fdb7b5d20249d4f6aa6e37e22e618dc83e8459da1db3f79483
f98b22d07cb47175205b82d6d2a60409799180788712f097facbe2cdfffc6a28
fbf7fe8197902b32ce2c83f05db73255553c716ac7b084ff1878e617963d0f51
ff2d02c1a69f7644b6b9cf3911baa0feabd9d189a2a10a4a296ef7db369f57f0

www.bing.com Open in urlscan Pro 23.44.201.20 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page URL History Show full URLs

Detected technologies

Page Statistics

111 Requests

95 %HTTPS

0 %IPv6

9 Domains

11 Subdomains

8 IPs

1 Countries

1136 kBTransfer

2281 kBSize

8 Cookies

0 Outgoing links

Page URL History

Redirected requests

111 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 27 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

www.bing.com Open in urlscan Pro
23.44.201.20 Public Scan

Screenshot
Live screenshot

Full Image

111
Requests

95 %
HTTPS

0 %
IPv6

9
Domains

11
Subdomains

8
IPs

1
Countries

1136 kB
Transfer

2281 kB
Size

8
Cookies

111 HTTP transactions
27 data transactions