urlscan.io logo urlscan.io
SecurityTrails logo

fridaynightfunkin.angryuser.help Open in urlscan Pro
79.133.46.122  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://fridaynightfunkin.angryuser.help/
Effective URL: https://fridaynightfunkin.angryuser.help/
Submission: On May 21 via api from US — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 9 IPs in 2 countries across 8 domains to perform 46 HTTP transactions. The main IP is 79.133.46.122, located in Germany and belongs to DE-FIRSTCOLO firstcolo.net, DE. The main domain is fridaynightfunkin.angryuser.help.
TLS certificate: Issued by R3 on April 3rd 2024. Valid for: 3 months.
This is the only time fridaynightfunkin.angryuser.help was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

27    79.133.46.122 (Germany)

ASN44066 (DE-FIRSTCOLO firstcolo.net, DE)
fridaynightfunkin.angryuser.help
2    2a00:1450:4001:827::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
1    2a00:1450:4001:831::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
2    2a00:1450:4001:812::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
pagead2.googlesyndication.com
8    2a00:1450:4001:831::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
1    2001:4860:4802:32::36 (United States)

ASN15169 (GOOGLE, US)
region1.google-analytics.com
4    2a00:1450:4001:806::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fundingchoicesmessages.google.com
1    142.250.184.225 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s12-in-f1.1e100.net
lh3.googleusercontent.com
Apex Domain
Subdomains		 Transfer
27 angryuser.help
fridaynightfunkin.angryuser.help
2 MB
8 gstatic.com
fonts.gstatic.com
251 KB
4 google.com
fundingchoicesmessages.google.com — Cisco Umbrella Rank: 646
123 KB
2 googlesyndication.com
pagead2.googlesyndication.com — Cisco Umbrella Rank: 103
192 KB
2 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 33
7 KB
1 googleusercontent.com
lh3.googleusercontent.com — Cisco Umbrella Rank: 44
10 KB
1 google-analytics.com
region1.google-analytics.com — Cisco Umbrella Rank: 2533
266 B
1 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 39
100 KB
46 8
Domain Requested by
27 fridaynightfunkin.angryuser.help fridaynightfunkin.angryuser.help
8 fonts.gstatic.com fonts.googleapis.com
fridaynightfunkin.angryuser.help
4 fundingchoicesmessages.google.com pagead2.googlesyndication.com
2 pagead2.googlesyndication.com fridaynightfunkin.angryuser.help
pagead2.googlesyndication.com
2 fonts.googleapis.com fridaynightfunkin.angryuser.help
1 lh3.googleusercontent.com fridaynightfunkin.angryuser.help
1 region1.google-analytics.com www.googletagmanager.com
1 www.googletagmanager.com fridaynightfunkin.angryuser.help
46 8

This site contains links to these domains. Also see Links.

Domain
gacha.angryuser.help
poppyplaytime.angryuser.help
brawl.angryuser.help
transposh.org
Subject Issuer Validity Valid
fridaynightfunkin.angryuser.help
R3		 2024-04-03 -
2024-07-02		 3 months crt.sh
upload.video.google.com
WR2		 2024-05-06 -
2024-07-29		 3 months crt.sh
*.google-analytics.com
WR2		 2024-05-06 -
2024-07-29		 3 months crt.sh
*.g.doubleclick.net
WR2		 2024-05-06 -
2024-07-29		 3 months crt.sh
*.gstatic.com
WR2		 2024-05-06 -
2024-07-29		 3 months crt.sh
*.google.com
WR2		 2024-05-06 -
2024-07-29		 3 months crt.sh
*.googleusercontent.com
WR2		 2024-05-06 -
2024-07-29		 3 months crt.sh

This page contains 1 frames:

Primary Page: https://fridaynightfunkin.angryuser.help/
Frame ID: A2EE96A5D34E331C6ECF0969E754AA3D
Requests: 47 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Все для игры Friday Night Funkin — файлы, моды, игра онлайн, справка

Page URL History Show full URLs

  1. http://fridaynightfunkin.angryuser.help/ HTTP 307
    https://fridaynightfunkin.angryuser.help/ Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • <link rel=["']stylesheet["'] [^>]+/wp-(?:content|includes)/
  • /wp-(?:content|includes)/
Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]*?(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
  • (?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
Overall confidence: 100%
Detected patterns
  • googlesyndication\.com/
Overall confidence: 100%
Detected patterns
Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com
Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtag/js
Overall confidence: 100%
Detected patterns
  • lightbox(?:-plus-jquery)?.{0,32}\.js
Overall confidence: 100%
Detected patterns
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

46
Requests

100 %
HTTPS

75 %
IPv6

8
Domains

8
Subdomains

9
IPs

2
Countries

2697 kB
Transfer

4183 kB
Size

3
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://fridaynightfunkin.angryuser.help/ HTTP 307
    https://fridaynightfunkin.angryuser.help/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

46 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
fridaynightfunkin.angryuser.help/
Redirect Chain
  • http://fridaynightfunkin.angryuser.help/
  • https://fridaynightfunkin.angryuser.help/
52 KB
11 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://fridaynightfunkin.angryuser.help/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
79.133.46.122 , Germany, ASN44066 (DE-FIRSTCOLO firstcolo.net, DE),
Reverse DNS
Software
nginx / PHP/8.0.30 PleskLin
Resource Hash
d436260dd3f79207dc96ed8cae7690b93f3a514c7048968603add7665834501e

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36

Response headers

cache-control
no-store, no-cache, must-revalidate
content-encoding
gzip
content-length
10673
content-type
text/html; charset=UTF-8
date
Tue, 21 May 2024 15:35:32 GMT
expires
Thu, 19 Nov 1981 08:52:00 GMT
last-modified
Wed, 20 Apr 2022 07:53:22 GMT
pragma
no-cache
server
nginx
vary
Accept-Encoding
x-powered-by
PHP/8.0.30 PleskLin

Redirect headers

Location
https://fridaynightfunkin.angryuser.help/
Non-Authoritative-Reason
HttpsUpgrades
style.min.css
fridaynightfunkin.angryuser.help/wp-includes/css/dist/block-library/ 		111 KB
14 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fridaynightfunkin.angryuser.help/wp-includes/css/dist/block-library/style.min.css
Requested by
Host: fridaynightfunkin.angryuser.help
URL: https://fridaynightfunkin.angryuser.help/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
79.133.46.122 , Germany, ASN44066 (DE-FIRSTCOLO firstcolo.net, DE),
Reverse DNS
Software
nginx / PleskLin
Resource Hash
98cecf88a23542fa047ce46eedb650b5c5128761ed4386c0977b847094ddfa20

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://fridaynightfunkin.angryuser.help/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 21 May 2024 15:35:32 GMT
content-encoding
br
last-modified
Wed, 03 Apr 2024 02:36:08 GMT
server
nginx
etag
W/"660cc098-1bae5"
x-powered-by
PleskLin
content-type
text/css
kk-star-ratings.min.css
fridaynightfunkin.angryuser.help/wp-content/plugins/kk-star-ratings/src/core/public/css/ 		2 KB
638 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fridaynightfunkin.angryuser.help/wp-content/plugins/kk-star-ratings/src/core/public/css/kk-star-ratings.min.css
Requested by
Host: fridaynightfunkin.angryuser.help
URL: https://fridaynightfunkin.angryuser.help/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
79.133.46.122 , Germany, ASN44066 (DE-FIRSTCOLO firstcolo.net, DE),
Reverse DNS
Software
nginx / PleskLin
Resource Hash
1cd6396792d7bfdd898dcb9f2ee195387179b30fb4cc2cdc0c57575fab655230

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://fridaynightfunkin.angryuser.help/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 21 May 2024 15:35:32 GMT
content-encoding
br
last-modified
Sun, 28 Jan 2024 17:40:22 GMT
server
nginx
etag
W/"65b69186-8d3"
x-powered-by
PleskLin
content-type
text/css
css
fonts.googleapis.com/ 		7 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Roboto%3A400%2C400i%2C700&subset=cyrillic&display=swap
Requested by
Host: fridaynightfunkin.angryuser.help
URL: https://fridaynightfunkin.angryuser.help/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
a43b52551128afc75d151d3601470850d85aabd4ce7275a7fb6ba59a39231ebc
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://fridaynightfunkin.angryuser.help/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

strict-transport-security
max-age=31536000
date
Tue, 21 May 2024 15:35:32 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Tue, 21 May 2024 15:25:25 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Tue, 21 May 2024 15:35:32 GMT
style.min.css
fridaynightfunkin.angryuser.help/wp-content/themes/root/assets/css/ 		163 KB
30 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fridaynightfunkin.angryuser.help/wp-content/themes/root/assets/css/style.min.css
Requested by
Host: fridaynightfunkin.angryuser.help
URL: https://fridaynightfunkin.angryuser.help/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
79.133.46.122 , Germany, ASN44066 (DE-FIRSTCOLO firstcolo.net, DE),
Reverse DNS
Software
nginx / PleskLin
Resource Hash
4dfe805ab2bed8d37971273a380cba262da43634048d8741a032015eb256c201

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://fridaynightfunkin.angryuser.help/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 21 May 2024 15:35:32 GMT
content-encoding
br
last-modified
Mon, 21 Nov 2022 14:34:06 GMT
server
nginx
etag
W/"637b8c5e-28a9a"
x-powered-by
PleskLin
content-type
text/css
style.css
fridaynightfunkin.angryuser.help/wp-content/themes/root_child/ 		278 B
429 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fridaynightfunkin.angryuser.help/wp-content/themes/root_child/style.css
Requested by
Host: fridaynightfunkin.angryuser.help
URL: https://fridaynightfunkin.angryuser.help/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
79.133.46.122 , Germany, ASN44066 (DE-FIRSTCOLO firstcolo.net, DE),
Reverse DNS
Software
nginx / PleskLin
Resource Hash
53cb486a3f6a61535fd7bb4fa01a15a1b1154f18e5f14ce32950ec257bc66aba

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://fridaynightfunkin.angryuser.help/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 21 May 2024 15:35:32 GMT
content-encoding
gzip
last-modified
Wed, 02 Mar 2022 15:51:14 GMT
server
nginx
x-accel-version
0.01
etag
"116-5d93e40540080-gzip"
x-powered-by
PleskLin
vary
Accept-Encoding
content-type
text/css
accept-ranges
bytes
content-length
222
jquery.min.js
fridaynightfunkin.angryuser.help/wp-includes/js/jquery/ 		86 KB
29 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://fridaynightfunkin.angryuser.help/wp-includes/js/jquery/jquery.min.js
Requested by
Host: fridaynightfunkin.angryuser.help
URL: https://fridaynightfunkin.angryuser.help/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
79.133.46.122 , Germany, ASN44066 (DE-FIRSTCOLO firstcolo.net, DE),
Reverse DNS
Software
nginx / PleskLin
Resource Hash
cb6f2d32c49d1c2b25e9ffc9aaafa3f83075346c01bcd4ae6eb187392a4292cf

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://fridaynightfunkin.angryuser.help/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 21 May 2024 15:35:32 GMT
content-encoding
br
last-modified
Wed, 08 Nov 2023 01:34:08 GMT
server
nginx
etag
W/"654ae590-15601"
x-powered-by
PleskLin
content-type
text/javascript
style.css
fridaynightfunkin.angryuser.help/wp-topfile/ 		2 KB
680 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fridaynightfunkin.angryuser.help/wp-topfile/style.css
Requested by
Host: fridaynightfunkin.angryuser.help
URL: https://fridaynightfunkin.angryuser.help/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
79.133.46.122 , Germany, ASN44066 (DE-FIRSTCOLO firstcolo.net, DE),
Reverse DNS
Software
nginx / PleskLin
Resource Hash
ad5813737c44162a43de03d9cdcc06d8fbd5bc3991873819a89cf544d038f822

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://fridaynightfunkin.angryuser.help/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 21 May 2024 15:35:32 GMT
content-encoding
br
last-modified
Tue, 24 May 2022 10:14:02 GMT
server
nginx
etag
W/"628cafea-751"
x-powered-by
PleskLin
content-type
text/css
js
www.googletagmanager.com/gtag/ 		301 KB
100 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-ZFV6TXLCTH
Requested by
Host: fridaynightfunkin.angryuser.help
URL: https://fridaynightfunkin.angryuser.help/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
854ddf23e95aabe0abe86b196b75864d8326ceededc54bbc7a895adeb5c1989e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://fridaynightfunkin.angryuser.help/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 21 May 2024 15:35:32 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
102280
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Tue, 21 May 2024 15:35:32 GMT
fontawesome-webfont.ttf
fridaynightfunkin.angryuser.help/wp-content/themes/root/fonts/ 		162 KB
162 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fridaynightfunkin.angryuser.help/wp-content/themes/root/fonts/fontawesome-webfont.ttf
Requested by
Host: fridaynightfunkin.angryuser.help
URL: https://fridaynightfunkin.angryuser.help/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
79.133.46.122 , Germany, ASN44066 (DE-FIRSTCOLO firstcolo.net, DE),
Reverse DNS
Software
nginx / PleskLin
Resource Hash
aa58f33f239a0fb02f5c7a6c45c043d7a9ac9a093335806694ecd6d4edc0d6a8

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://fridaynightfunkin.angryuser.help/
Origin
https://fridaynightfunkin.angryuser.help
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 21 May 2024 15:35:32 GMT
last-modified
Mon, 21 Nov 2022 14:34:06 GMT
server
nginx
etag
"637b8c5e-286ac"
x-powered-by
PleskLin
content-type
font/ttf
accept-ranges
bytes
content-length
165548
Friday_Night_Funkin.png
fridaynightfunkin.angryuser.help/wp-content/uploads/2021/05/ 		245 KB
246 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://fridaynightfunkin.angryuser.help/wp-content/uploads/2021/05/Friday_Night_Funkin.png
Requested by
Host: fridaynightfunkin.angryuser.help
URL: https://fridaynightfunkin.angryuser.help/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
79.133.46.122 , Germany, ASN44066 (DE-FIRSTCOLO firstcolo.net, DE),
Reverse DNS
Software
nginx / PleskLin
Resource Hash
cdfa9b19ab958b8f561096dea7158090b067699d030e59e822466c703efaac37

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://fridaynightfunkin.angryuser.help/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 21 May 2024 15:35:32 GMT
last-modified
Wed, 02 Mar 2022 15:51:14 GMT
server
nginx
etag
"621f9272-3d5b2"
x-powered-by
PleskLin
content-type
image/png
accept-ranges
bytes
content-length
251314
friday-night-funkin.png
fridaynightfunkin.angryuser.help/wp-content/uploads/2021/05/ 		477 KB
478 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://fridaynightfunkin.angryuser.help/wp-content/uploads/2021/05/friday-night-funkin.png
Requested by
Host: fridaynightfunkin.angryuser.help
URL: https://fridaynightfunkin.angryuser.help/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
79.133.46.122 , Germany, ASN44066 (DE-FIRSTCOLO firstcolo.net, DE),
Reverse DNS
Software
nginx / PleskLin
Resource Hash
12d2528285c2b04109501e2f6b0b4c4af722c38b05d34bc1a54a74d7dccd2e9f

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://fridaynightfunkin.angryuser.help/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 21 May 2024 15:35:32 GMT
last-modified
Wed, 02 Mar 2022 15:51:14 GMT
server
nginx
etag
"621f9272-77524"
x-powered-by
PleskLin
content-type
image/png
accept-ranges
bytes
content-length
488740
friday-night-funkin-screen1.png
fridaynightfunkin.angryuser.help/wp-content/uploads/2021/05/ 		429 KB
430 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://fridaynightfunkin.angryuser.help/wp-content/uploads/2021/05/friday-night-funkin-screen1.png
Requested by
Host: fridaynightfunkin.angryuser.help
URL: https://fridaynightfunkin.angryuser.help/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
79.133.46.122 , Germany, ASN44066 (DE-FIRSTCOLO firstcolo.net, DE),
Reverse DNS
Software
nginx / PleskLin
Resource Hash
d5920e34f37f28c71fa94aea4f348c82695ba1cf442a817f7debd7d0b7025cb7

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://fridaynightfunkin.angryuser.help/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 21 May 2024 15:35:32 GMT
last-modified
Wed, 02 Mar 2022 15:51:14 GMT
server
nginx
etag
"621f9272-6b4f5"
x-powered-by
PleskLin
content-type
image/png
accept-ranges
bytes
content-length
439541
friday-night-funkin-screen2.png
fridaynightfunkin.angryuser.help/wp-content/uploads/2021/05/ 		309 KB
309 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://fridaynightfunkin.angryuser.help/wp-content/uploads/2021/05/friday-night-funkin-screen2.png
Requested by
Host: fridaynightfunkin.angryuser.help
URL: https://fridaynightfunkin.angryuser.help/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
79.133.46.122 , Germany, ASN44066 (DE-FIRSTCOLO firstcolo.net, DE),
Reverse DNS
Software
nginx / PleskLin
Resource Hash
b2053eee01cef375a55fb4541d34f6f89a137a0182aba6ea7afbe6863c151f31

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://fridaynightfunkin.angryuser.help/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 21 May 2024 15:35:32 GMT
last-modified
Wed, 02 Mar 2022 15:51:14 GMT
server
nginx
etag
"621f9272-4d203"
x-powered-by
PleskLin
content-type
image/png
accept-ranges
bytes
content-length
315907
poppy-playtime.webp
fridaynightfunkin.angryuser.help/wp-content/uploads/2022/06/ 		100 KB
100 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://fridaynightfunkin.angryuser.help/wp-content/uploads/2022/06/poppy-playtime.webp
Requested by
Host: fridaynightfunkin.angryuser.help
URL: https://fridaynightfunkin.angryuser.help/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
79.133.46.122 , Germany, ASN44066 (DE-FIRSTCOLO firstcolo.net, DE),
Reverse DNS
Software
nginx / PleskLin
Resource Hash
40c09c88b06f8efef77ba9e5855940e42279a3a29575d0b214a7694a14038754

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://fridaynightfunkin.angryuser.help/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 21 May 2024 15:35:32 GMT
last-modified
Wed, 22 Jun 2022 13:22:56 GMT
server
nginx
etag
"62b317b0-190d8"
x-powered-by
PleskLin
content-type
image/webp
accept-ranges
bytes
content-length
102616
tplogo.png
fridaynightfunkin.angryuser.help/wp-content/plugins/transposh-translation-filter-for-wordpress/img/ 		997 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://fridaynightfunkin.angryuser.help/wp-content/plugins/transposh-translation-filter-for-wordpress/img/tplogo.png
Requested by
Host: fridaynightfunkin.angryuser.help
URL: https://fridaynightfunkin.angryuser.help/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
79.133.46.122 , Germany, ASN44066 (DE-FIRSTCOLO firstcolo.net, DE),
Reverse DNS
Software
nginx / PleskLin
Resource Hash
805fc1a189f57a20a8b2245e1cc243456ca1c873dfd741aceccc306d30ead935

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://fridaynightfunkin.angryuser.help/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 21 May 2024 15:35:32 GMT
last-modified
Sat, 22 Oct 2022 11:25:36 GMT
server
nginx
x-accel-version
0.01
etag
"3e5-5eb9dd1372c00"
x-powered-by
PleskLin
content-type
image/png
accept-ranges
bytes
content-length
997
download-timer.js
fridaynightfunkin.angryuser.help/wp-content/plugins/download-timer/js/ 		1 KB
770 B 		Script
General
Check archive.org
Download Go to
Full URL
https://fridaynightfunkin.angryuser.help/wp-content/plugins/download-timer/js/download-timer.js
Requested by
Host: fridaynightfunkin.angryuser.help
URL: https://fridaynightfunkin.angryuser.help/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
79.133.46.122 , Germany, ASN44066 (DE-FIRSTCOLO firstcolo.net, DE),
Reverse DNS
Software
nginx / PleskLin
Resource Hash
e7be354a4fc5292f065433736862a2d398e2494fa76389beb4f2ae44155ce24b

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://fridaynightfunkin.angryuser.help/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 21 May 2024 15:35:32 GMT
content-encoding
br
last-modified
Mon, 13 May 2024 19:30:47 GMT
server
nginx
etag
W/"66426a67-5f9"
x-powered-by
PleskLin
content-type
text/javascript
kk-star-ratings.min.js
fridaynightfunkin.angryuser.help/wp-content/plugins/kk-star-ratings/src/core/public/js/ 		1 KB
770 B 		Script
General
Check archive.org
Download Go to
Full URL
https://fridaynightfunkin.angryuser.help/wp-content/plugins/kk-star-ratings/src/core/public/js/kk-star-ratings.min.js
Requested by
Host: fridaynightfunkin.angryuser.help
URL: https://fridaynightfunkin.angryuser.help/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
79.133.46.122 , Germany, ASN44066 (DE-FIRSTCOLO firstcolo.net, DE),
Reverse DNS
Software
nginx / PleskLin
Resource Hash
acdebf935ded5cb063dcca7c46be5bbc503af5e76e295f6d0b7093c4514ed256

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://fridaynightfunkin.angryuser.help/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 21 May 2024 15:35:32 GMT
content-encoding
br
last-modified
Sun, 28 Jan 2024 17:40:22 GMT
server
nginx
etag
W/"65b69186-54f"
x-powered-by
PleskLin
content-type
text/javascript
lightbox.min.js
fridaynightfunkin.angryuser.help/wp-content/themes/root/assets/js/plugins/ 		2 KB
687 B 		Script
General
Check archive.org
Download Go to
Full URL
https://fridaynightfunkin.angryuser.help/wp-content/themes/root/assets/js/plugins/lightbox.min.js
Requested by
Host: fridaynightfunkin.angryuser.help
URL: https://fridaynightfunkin.angryuser.help/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
79.133.46.122 , Germany, ASN44066 (DE-FIRSTCOLO firstcolo.net, DE),
Reverse DNS
Software
nginx / PleskLin
Resource Hash
fbf413da8be4e1bf8fb4cb0f4e7d667ff0b7fe2bfeaca31d91205520a5111cad

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://fridaynightfunkin.angryuser.help/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 21 May 2024 15:35:32 GMT
content-encoding
br
last-modified
Mon, 21 Nov 2022 14:34:06 GMT
server
nginx
etag
W/"637b8c5e-616"
x-powered-by
PleskLin
content-type
text/javascript
scripts.min.js
fridaynightfunkin.angryuser.help/wp-content/themes/root/assets/js/ 		7 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://fridaynightfunkin.angryuser.help/wp-content/themes/root/assets/js/scripts.min.js
Requested by
Host: fridaynightfunkin.angryuser.help
URL: https://fridaynightfunkin.angryuser.help/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
79.133.46.122 , Germany, ASN44066 (DE-FIRSTCOLO firstcolo.net, DE),
Reverse DNS
Software
nginx / PleskLin
Resource Hash
68babdfc4950d6f622a966498dbe69a5d2c99665f0388af533848f4f7c165cb4

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://fridaynightfunkin.angryuser.help/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 21 May 2024 15:35:32 GMT
content-encoding
br
last-modified
Mon, 21 Nov 2022 14:34:06 GMT
server
nginx
etag
W/"637b8c5e-1d5e"
x-powered-by
PleskLin
content-type
text/javascript
adsbygoogle.js
pagead2.googlesyndication.com/pagead/js/ 		162 KB
52 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Requested by
Host: fridaynightfunkin.angryuser.help
URL: https://fridaynightfunkin.angryuser.help/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
abdf3dfc88bc35325ecf3af7356b71b54862aac4fcb3962b7bd9df7cec43c259
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://fridaynightfunkin.angryuser.help/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 21 May 2024 15:35:32 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
52968
x-xss-protection
0
server
cafe
etag
14083773834749876185
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin
*
link
<https://googleads.g.doubleclick.net>; rel="preconnect"; crossorigin
expires
Tue, 21 May 2024 15:35:32 GMT
fnf-bg1-1.jpg
fridaynightfunkin.angryuser.help/wp-content/uploads/2022/06/ 		30 KB
31 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://fridaynightfunkin.angryuser.help/wp-content/uploads/2022/06/fnf-bg1-1.jpg
Requested by
Host: fridaynightfunkin.angryuser.help
URL: https://fridaynightfunkin.angryuser.help/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
79.133.46.122 , Germany, ASN44066 (DE-FIRSTCOLO firstcolo.net, DE),
Reverse DNS
Software
nginx / PleskLin
Resource Hash
dd7fc11191a3e672da8bd34cda5bc4881f00f973176e2be30ee44b9908a8192f

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://fridaynightfunkin.angryuser.help/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 21 May 2024 15:35:32 GMT
last-modified
Mon, 13 Jun 2022 15:47:22 GMT
server
nginx
etag
"62a75c0a-79f1"
x-powered-by
PleskLin
content-type
image/jpeg
accept-ranges
bytes
content-length
31217
truncated
/ 		439 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
d1ac53e44767e808ff66b3ce88ebed0049f3d9cba0d1af7554c94bfe0b29b85b

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36

Response headers

Content-Type
image/svg+xml
KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v30/ 		15 KB
15 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A400%2C400i%2C700&subset=cyrillic&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://fonts.googleapis.com/
Origin
https://fridaynightfunkin.angryuser.help
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 21 May 2024 14:19:23 GMT
x-content-type-options
nosniff
age
4569
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15744
x-xss-protection
0
last-modified
Wed, 11 May 2022 19:24:48 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 21 May 2025 14:19:23 GMT
fontawesome-webfont.woff2
fridaynightfunkin.angryuser.help/wp-content/themes/root/fonts/ 		75 KB
76 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fridaynightfunkin.angryuser.help/wp-content/themes/root/fonts/fontawesome-webfont.woff2?v=4.7.0
Requested by
Host: fridaynightfunkin.angryuser.help
URL: https://fridaynightfunkin.angryuser.help/wp-content/themes/root/assets/css/style.min.css
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
79.133.46.122 , Germany, ASN44066 (DE-FIRSTCOLO firstcolo.net, DE),
Reverse DNS
Software
nginx / PleskLin
Resource Hash
2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://fridaynightfunkin.angryuser.help/wp-content/themes/root/assets/css/style.min.css
Origin
https://fridaynightfunkin.angryuser.help
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 21 May 2024 15:35:32 GMT
last-modified
Mon, 21 Nov 2022 14:34:06 GMT
server
nginx
etag
"637b8c5e-12d68"
x-powered-by
PleskLin
content-type
font/woff2
accept-ranges
bytes
content-length
77160
KFOlCnqEu92Fr1MmWUlfABc4EsA.woff2
fonts.gstatic.com/s/roboto/v30/ 		9 KB
10 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfABc4EsA.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A400%2C400i%2C700&subset=cyrillic&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
6a84eeee6a25e7c9a8a03191007a6720566b5a2aa2384d36168fb07f49e97e9e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://fonts.googleapis.com/
Origin
https://fridaynightfunkin.angryuser.help
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 21 May 2024 14:31:42 GMT
x-content-type-options
nosniff
age
3830
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
9644
x-xss-protection
0
last-modified
Wed, 11 May 2022 19:24:50 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 21 May 2025 14:31:42 GMT
KFOkCnqEu92Fr1Mu51xMIzIFKw.woff2
fonts.gstatic.com/s/roboto/v30/ 		10 KB
10 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v30/KFOkCnqEu92Fr1Mu51xMIzIFKw.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A400%2C400i%2C700&subset=cyrillic&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a6933e678530b263486fa7b185a449cac947e1496ef61d496642032f339e9e43
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://fonts.googleapis.com/
Origin
https://fridaynightfunkin.angryuser.help
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 21 May 2024 14:23:11 GMT
x-content-type-options
nosniff
age
4341
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
10292
x-xss-protection
0
last-modified
Wed, 11 May 2022 19:24:40 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 21 May 2025 14:23:11 GMT
KFOlCnqEu92Fr1MmWUlfBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ 		15 KB
16 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A400%2C400i%2C700&subset=cyrillic&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://fonts.googleapis.com/
Origin
https://fridaynightfunkin.angryuser.help
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 21 May 2024 14:20:12 GMT
x-content-type-options
nosniff
age
4520
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15860
x-xss-protection
0
last-modified
Wed, 11 May 2022 19:24:42 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 21 May 2025 14:20:12 GMT
KFOmCnqEu92Fr1Mu5mxKOzY.woff2
fonts.gstatic.com/s/roboto/v30/ 		9 KB
10 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu5mxKOzY.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A400%2C400i%2C700&subset=cyrillic&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
495d38d4b9741e8aa4204002414069e2d8db9f3c60b60e195e4d74381462dee9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://fonts.googleapis.com/
Origin
https://fridaynightfunkin.angryuser.help
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 21 May 2024 14:15:12 GMT
x-content-type-options
nosniff
age
4820
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
9628
x-xss-protection
0
last-modified
Wed, 11 May 2022 19:24:42 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 21 May 2025 14:15:12 GMT
KFOkCnqEu92Fr1Mu51xIIzI.woff2
fonts.gstatic.com/s/roboto/v30/ 		17 KB
17 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v30/KFOkCnqEu92Fr1Mu51xIIzI.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A400%2C400i%2C700&subset=cyrillic&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
db0424fb67fb52e7e538490240cc7fb9c05aa076333a4968f3dee30b825dabf9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://fonts.googleapis.com/
Origin
https://fridaynightfunkin.angryuser.help
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 21 May 2024 04:13:04 GMT
x-content-type-options
nosniff
age
40948
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
17368
x-xss-protection
0
last-modified
Wed, 11 May 2022 19:24:42 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 21 May 2025 04:13:04 GMT
glavnoe-3-330x140.jpg
fridaynightfunkin.angryuser.help/wp-content/uploads/2021/06/ 		19 KB
20 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://fridaynightfunkin.angryuser.help/wp-content/uploads/2021/06/glavnoe-3-330x140.jpg
Requested by
Host: fridaynightfunkin.angryuser.help
URL: https://fridaynightfunkin.angryuser.help/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
79.133.46.122 , Germany, ASN44066 (DE-FIRSTCOLO firstcolo.net, DE),
Reverse DNS
Software
nginx / PleskLin
Resource Hash
d0b5affae12bb850f763964eba21fe0b2ee874512498fed3a0b9060f13418174

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://fridaynightfunkin.angryuser.help/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 21 May 2024 15:35:32 GMT
last-modified
Wed, 02 Mar 2022 15:51:16 GMT
server
nginx
etag
"621f9274-4da1"
x-powered-by
PleskLin
content-type
image/jpeg
accept-ranges
bytes
content-length
19873
indi-cross-330x140.jpg
fridaynightfunkin.angryuser.help/wp-content/uploads/2022/06/ 		16 KB
16 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://fridaynightfunkin.angryuser.help/wp-content/uploads/2022/06/indi-cross-330x140.jpg
Requested by
Host: fridaynightfunkin.angryuser.help
URL: https://fridaynightfunkin.angryuser.help/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
79.133.46.122 , Germany, ASN44066 (DE-FIRSTCOLO firstcolo.net, DE),
Reverse DNS
Software
nginx / PleskLin
Resource Hash
82b26a2b9aed3fb6c36c4900c99b2f8bfea4b1fcfd5d1f1881d338f5759764f6

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://fridaynightfunkin.angryuser.help/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 21 May 2024 15:35:32 GMT
last-modified
Mon, 20 Jun 2022 19:42:06 GMT
server
nginx
etag
"62b0cd8e-3e29"
x-powered-by
PleskLin
content-type
image/jpeg
accept-ranges
bytes
content-length
15913
golovne-1-330x140.jpg
fridaynightfunkin.angryuser.help/wp-content/uploads/2021/10/ 		16 KB
16 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://fridaynightfunkin.angryuser.help/wp-content/uploads/2021/10/golovne-1-330x140.jpg
Requested by
Host: fridaynightfunkin.angryuser.help
URL: https://fridaynightfunkin.angryuser.help/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
79.133.46.122 , Germany, ASN44066 (DE-FIRSTCOLO firstcolo.net, DE),
Reverse DNS
Software
nginx / PleskLin
Resource Hash
33734f0612846b9fea603b5ac1df506eb1fb3555ae3a2be35348fa8d1daf0a24

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://fridaynightfunkin.angryuser.help/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 21 May 2024 15:35:32 GMT
last-modified
Wed, 02 Mar 2022 15:51:14 GMT
server
nginx
etag
"621f9272-403d"
x-powered-by
PleskLin
content-type
image/jpeg
accept-ranges
bytes
content-length
16445
golovne-4-330x140.jpg
fridaynightfunkin.angryuser.help/wp-content/uploads/2021/08/ 		13 KB
13 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://fridaynightfunkin.angryuser.help/wp-content/uploads/2021/08/golovne-4-330x140.jpg
Requested by
Host: fridaynightfunkin.angryuser.help
URL: https://fridaynightfunkin.angryuser.help/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
79.133.46.122 , Germany, ASN44066 (DE-FIRSTCOLO firstcolo.net, DE),
Reverse DNS
Software
nginx / PleskLin
Resource Hash
8db5707b30e225e73a9b9b7d5a921004e275fd27a3c633de1f52ce55d05892d4

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://fridaynightfunkin.angryuser.help/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 21 May 2024 15:35:32 GMT
last-modified
Wed, 02 Mar 2022 15:51:16 GMT
server
nginx
etag
"621f9274-346a"
x-powered-by
PleskLin
content-type
image/jpeg
accept-ranges
bytes
content-length
13418
sonik-330x140.jpg
fridaynightfunkin.angryuser.help/wp-content/uploads/2021/12/ 		17 KB
17 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://fridaynightfunkin.angryuser.help/wp-content/uploads/2021/12/sonik-330x140.jpg
Requested by
Host: fridaynightfunkin.angryuser.help
URL: https://fridaynightfunkin.angryuser.help/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
79.133.46.122 , Germany, ASN44066 (DE-FIRSTCOLO firstcolo.net, DE),
Reverse DNS
Software
nginx / PleskLin
Resource Hash
c554c05c5b4210ec94eb5bb1ad654620baf7d98bafdc5aadceec0c84690f67d9

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://fridaynightfunkin.angryuser.help/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 21 May 2024 15:35:32 GMT
last-modified
Wed, 02 Mar 2022 15:51:14 GMT
server
nginx
etag
"621f9272-455c"
x-powered-by
PleskLin
content-type
image/jpeg
accept-ranges
bytes
content-length
17756
fnf-vs-ben-drowned--330x140.webp
fridaynightfunkin.angryuser.help/wp-content/uploads/2022/11/ 		8 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://fridaynightfunkin.angryuser.help/wp-content/uploads/2022/11/fnf-vs-ben-drowned--330x140.webp
Requested by
Host: fridaynightfunkin.angryuser.help
URL: https://fridaynightfunkin.angryuser.help/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
79.133.46.122 , Germany, ASN44066 (DE-FIRSTCOLO firstcolo.net, DE),
Reverse DNS
Software
nginx / PleskLin
Resource Hash
ff55d8b291619973dd66311bb10e36595adcfea98d2f618b1e18adb02b319f9b

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://fridaynightfunkin.angryuser.help/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 21 May 2024 15:35:32 GMT
last-modified
Fri, 18 Nov 2022 11:46:34 GMT
server
nginx
etag
"6377709a-1f88"
x-powered-by
PleskLin
content-type
image/webp
accept-ranges
bytes
content-length
8072
show_ads_impl_with_ama_fy2021.js
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202405150101/ 		415 KB
140 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202405150101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-5534106068881534&plah=fridaynightfunkin.angryuser.help&aplac=true
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
b854fe5ff1e79aeb5a5e207d4743926b69ce96fb553878f8b8436d7ed59c5133
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://fridaynightfunkin.angryuser.help/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 21 May 2024 15:35:32 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
143706
x-xss-protection
0
server
cafe
etag
1433029875820013864
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin
*
expires
Tue, 21 May 2024 15:35:32 GMT
collect
region1.google-analytics.com/g/ 		0
266 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://region1.google-analytics.com/g/collect?v=2&tid=G-ZFV6TXLCTH&gtm=45je45f0v9137266191za200&_p=1716305732320&gcd=13l3l3l2l1&npa=1&dma_cps=sypham&dma=1&cid=1056038034.1716305732&ul=de-de&sr=1600x1200&uaa=x86&uab=64&uafvl=Chromium%3B124.0.6367.207%7CGoogle%2520Chrome%3B124.0.6367.207%7CNot-A.Brand%3B99.0.0.0&uamb=0&uam=&uap=Win32&uapv=10.0.0&uaw=0&frm=0&pscdl=noapi&_s=1&sid=1716305732&sct=1&seg=0&dl=https%3A%2F%2Ffridaynightfunkin.angryuser.help%2F&dt=%D0%92%D1%81%D0%B5%20%D0%B4%D0%BB%D1%8F%20%D0%B8%D0%B3%D1%80%D1%8B%20Friday%20Night%20Funkin%20%E2%80%94%20%D1%84%D0%B0%D0%B9%D0%BB%D1%8B%2C%20%D0%BC%D0%BE%D0%B4%D1%8B%2C%20%D0%B8%D0%B3%D1%80%D0%B0%20%D0%BE%D0%BD%D0%BB%D0%B0%D0%B9%D0%BD%2C%20%D1%81%D0%BF%D1%80%D0%B0%D0%B2%D0%BA%D0%B0&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1&tfd=639
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-ZFV6TXLCTH
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://fridaynightfunkin.angryuser.help/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

pragma
no-cache
date
Tue, 21 May 2024 15:35:32 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://fridaynightfunkin.angryuser.help
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ca-pub-5534106068881534
fundingchoicesmessages.google.com/i/ 		182 KB
61 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://fundingchoicesmessages.google.com/i/ca-pub-5534106068881534?href=https%3A%2F%2Ffridaynightfunkin.angryuser.help&ers=2
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202405150101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-5534106068881534&plah=fridaynightfunkin.angryuser.help&aplac=true
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:806::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
9eb0a974b373bf1234054c72809b9a5fd0dc936f7c820266a5a074faa4e038ff
Security Headers
Name Value
Content-Security-Policy require-trusted-types-for 'script';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport, script-src 'report-sample' 'nonce-awxgSbUEGhlgh3-hCYTJEA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingWebSwitchboardHttp/cspreport/allowlist
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://fridaynightfunkin.angryuser.help/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 21 May 2024 15:35:32 GMT
content-security-policy
require-trusted-types-for 'script';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport, script-src 'report-sample' 'nonce-awxgSbUEGhlgh3-hCYTJEA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingWebSwitchboardHttp/cspreport/allowlist
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
reporting-endpoints
default="/_/ContributorServingWebSwitchboardHttp/web-reports?context=eJzjqtDikmII1JBiOHHrNtMFID7vdIfpOhAbaDxnsgBiia8vmbSAOOb5dNYUIHZKn8EaAsQ-9TNY44C49eY51ulAnPTvPGsJEO9cfIH1IBCvOnKBdRMQt3--wDoTiL-xX2T9B8RljhdZ64BYiIfjyL9Nm9gEOiYuu8ikpJGUXxifnJ9XUpSZVFqSX5SWnJZanFpUlloUb2RgZGJgamipZ2AeX2AAACazS9c"
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy
same-origin
server
ESF
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-frame-options
SAMEORIGIN
content-type
application/javascript; charset=utf-8
cache-control
no-cache, no-store, max-age=0, must-revalidate
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
timing-allow-origin
*
expires
Mon, 01 Jan 1990 00:00:00 GMT
AGSKWxXiFlx3fV2q0zLhfLWsIAQ930ThBzpqI6UK11IOBUsJzmusi4_qIID1SAtZwjBZz4N0TeReMgf4RwHt74UBFmcR5iRal53EwwuG0_oUtsjWls5nipSpVrhuRLC7zSh6dpSsz69LEg==
fundingchoicesmessages.google.com/f/ 		399 KB
61 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://fundingchoicesmessages.google.com/f/AGSKWxXiFlx3fV2q0zLhfLWsIAQ930ThBzpqI6UK11IOBUsJzmusi4_qIID1SAtZwjBZz4N0TeReMgf4RwHt74UBFmcR5iRal53EwwuG0_oUtsjWls5nipSpVrhuRLC7zSh6dpSsz69LEg==?fccs=W251bGwsbnVsbCxudWxsLG51bGwsbnVsbCxudWxsLFsxNzE2MzA1NzMyLDg4NDAwMDAwMF0sbnVsbCxudWxsLG51bGwsW251bGwsWzddXSwiaHR0cHM6Ly9mcmlkYXluaWdodGZ1bmtpbi5hbmdyeXVzZXIuaGVscC8iLG51bGwsW1s4LCJ3U25MWjczYVpBOCJdLFs5LCJkZSJdLFsxOCwiW1tbMF1dXSJdLFsyMCwiW251bGwsbnVsbCxbOTUzMjk4NDJdLG51bGwsN10iXSxbMTksIjEiXV1d
Requested by
Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.de.wSnLZ73aZA8.es5.O/am=AgM/d=1/rs=AJlcJMxeKgdi-f7jXnY428K6uLgpXRKHTQ/m=kernel_loader,loader_js_executable
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:806::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
371e740f88c1171d7b0256a31acefbfb04f4d08c057c39a43eb95d1dcf7c40ef
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-eGHH4uH-kdCwLDuASEso-g' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://fridaynightfunkin.angryuser.help/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 21 May 2024 15:35:33 GMT
content-security-policy
script-src 'report-sample' 'nonce-eGHH4uH-kdCwLDuASEso-g' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
reporting-endpoints
default="/_/ContributorGlobalRouterHttp/web-reports?context=eJzjytDikmLw1pBiOO90h-k6EBtoPGeyAGKJry-ZtIA45vl01hQgdkqfwRoCxD71M1jjgLj15jnW6UCc9O88awkQ71x8gfUgEK86coF1ExC3f77AOhOIv7NfZP0PxELcHEf_bdrEJjDj8ixOJY2k_ML45Py8kqLMpNKS_KK05LTU4tSistSieCMDIxMDU0NLPQPz-AIDAE1JQxc"
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy
same-origin
server
ESF
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-frame-options
SAMEORIGIN
content-type
application/javascript; charset=utf-8
cache-control
no-cache, no-store, max-age=0, must-revalidate
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
timing-allow-origin
*
expires
Mon, 01 Jan 1990 00:00:00 GMT
css
fonts.googleapis.com/ 		109 KB
6 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Archivo:400,500|Arimo:400,500|Bitter:400,500|EB+Garamond:400,500|Lato|Libre+Baskervill|Libre+Franklin:400,500|Lora:400,500|Google+Sans:regular,medium:400,500|Material+Icons|Google+Symbols|Merriweather|Montserrat:400,500|Mukta:400,500|Muli:400,500|Nunito:400,500|Open+Sans:400,500,600|Open+Sans+Condensed:400,600|Oswald:500|Playfair+Display:400,500|Poppins:400,500|Raleway:400,500|Roboto:400,500|Roboto+Condensed:400,500|Roboto+Slab:400,500|Slabo+27px|Source+Sans+Pro|Ubuntu:400,500|Volkhov&display=swap
Requested by
Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.de.wSnLZ73aZA8.es5.O/d=1/exm=kernel_loader,loader_js_executable/ed=1/rs=AJlcJMz1hbaazwb7qJTda4GQvZjDWfjCYg/m=web_iab_tcf_v2_wall_executable
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
6b7dfb79b63e4202eaad4d930a87c85325776c5b800a672363283ad3dc73af1c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://fridaynightfunkin.angryuser.help/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

strict-transport-security
max-age=31536000
date
Tue, 21 May 2024 15:35:33 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Tue, 21 May 2024 15:35:33 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Tue, 21 May 2024 15:35:33 GMT
nQ640eq0wHvNj1Y95rltss_PGiMOUWwxCmgJHHFqR0b3Z03vu0srxez8VNmRV_RvRAVg0-BpQW-iUgEcdJzHYN3PcBExRC7mJp4RvPCBds6i2rvHl_4=h60
lh3.googleusercontent.com/ 		10 KB
10 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://lh3.googleusercontent.com/nQ640eq0wHvNj1Y95rltss_PGiMOUWwxCmgJHHFqR0b3Z03vu0srxez8VNmRV_RvRAVg0-BpQW-iUgEcdJzHYN3PcBExRC7mJp4RvPCBds6i2rvHl_4=h60
Requested by
Host: fridaynightfunkin.angryuser.help
URL: https://fridaynightfunkin.angryuser.help/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.184.225 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s12-in-f1.1e100.net
Software
fife /
Resource Hash
6d59e7160b953c872a28ff6dfc3f210881ec6122775e5b5e6be851f2f8df8991
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://fridaynightfunkin.angryuser.help/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 21 May 2024 14:12:32 GMT
x-content-type-options
nosniff
age
4981
content-disposition
inline;filename="unnamed.png"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
9751
x-xss-protection
0
server
fife
etag
"v1"
vary
Origin
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
Content-Length
cache-control
public, max-age=86400, no-transform
timing-allow-origin
*
expires
Wed, 22 May 2024 14:12:32 GMT
flUhRq6tzZclQEJ-Vdg-IuiaDsNc.woff2
fonts.gstatic.com/s/materialicons/v142/ 		125 KB
126 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/materialicons/v142/flUhRq6tzZclQEJ-Vdg-IuiaDsNc.woff2
Requested by
Host: fridaynightfunkin.angryuser.help
URL: https://fridaynightfunkin.angryuser.help/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
8265f64786397d6b832d1ca0aafdf149ad84e72759fffa9f7272e91a0fb015d1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://fridaynightfunkin.angryuser.help/
Origin
https://fridaynightfunkin.angryuser.help
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 21 May 2024 14:16:48 GMT
x-content-type-options
nosniff
age
4725
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
128352
x-xss-protection
0
last-modified
Mon, 08 Apr 2024 19:04:47 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 21 May 2025 14:16:48 GMT
memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
fonts.gstatic.com/s/opensans/v40/ 		47 KB
47 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/opensans/v40/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
Requested by
Host: fridaynightfunkin.angryuser.help
URL: https://fridaynightfunkin.angryuser.help/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
3c4d6a1421c7ddb7e404521fe8c4cd5be5af446d7689cd880be26612eaad3cfa
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://fridaynightfunkin.angryuser.help/
Origin
https://fridaynightfunkin.angryuser.help
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 21 May 2024 00:50:53 GMT
x-content-type-options
nosniff
age
53080
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
48236
x-xss-protection
0
last-modified
Thu, 14 Dec 2023 02:08:40 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 21 May 2025 00:50:53 GMT
AGSKWxW86Zzyv9bC92G15MFi_nbqQRTaiZJwsrLkxaIgmrwj05CCTfkFTnP9cgXZiNuQ6_LVvpjGlFqylNMfrEnjDZjJ_6eq0BKg80U3qqOCTWNbwAVFhmfyElNYpV6894G-CrUYyubOgQ==
fundingchoicesmessages.google.com/el/ 		0
29 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://fundingchoicesmessages.google.com/el/AGSKWxW86Zzyv9bC92G15MFi_nbqQRTaiZJwsrLkxaIgmrwj05CCTfkFTnP9cgXZiNuQ6_LVvpjGlFqylNMfrEnjDZjJ_6eq0BKg80U3qqOCTWNbwAVFhmfyElNYpV6894G-CrUYyubOgQ==
Requested by
Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.de.wSnLZ73aZA8.es5.O/am=AgM/d=1/rs=AJlcJMxeKgdi-f7jXnY428K6uLgpXRKHTQ/m=kernel_loader,loader_js_executable
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-uV4RbIUTyrraznNTwV_GOA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
sec-ch-ua-platform
"Win32"
Referer
https://fridaynightfunkin.angryuser.help/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
Content-Type
text/plain

Response headers

date
Tue, 21 May 2024 15:35:33 GMT
content-security-policy
script-src 'report-sample' 'nonce-uV4RbIUTyrraznNTwV_GOA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
reporting-endpoints
default="/_/ContributorLoggingHttp/web-reports?context=eJzjEtDikmLw0JBicEqfwRoCxELcHEf_bdrEJtDwb7K9kktSfmF8cn5eSWpeiW5iSrEuiF2UmVRakl-Ewk4tA6nIyU9Pz8xLjzcyMDIxMDW01DMwjy8wAACk1iJn"
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy
same-origin
server
ESF
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
access-control-max-age
86400
access-control-allow-methods
POST, GET, OPTIONS
access-control-allow-origin
https://fridaynightfunkin.angryuser.help
content-type
text/html; charset=utf-8
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
x-frame-options
SAMEORIGIN
expires
Mon, 01 Jan 1990 00:00:00 GMT
AGSKWxW86Zzyv9bC92G15MFi_nbqQRTaiZJwsrLkxaIgmrwj05CCTfkFTnP9cgXZiNuQ6_LVvpjGlFqylNMfrEnjDZjJ_6eq0BKg80U3qqOCTWNbwAVFhmfyElNYpV6894G-CrUYyubOgQ==
fundingchoicesmessages.google.com/el/ 		0
29 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://fundingchoicesmessages.google.com/el/AGSKWxW86Zzyv9bC92G15MFi_nbqQRTaiZJwsrLkxaIgmrwj05CCTfkFTnP9cgXZiNuQ6_LVvpjGlFqylNMfrEnjDZjJ_6eq0BKg80U3qqOCTWNbwAVFhmfyElNYpV6894G-CrUYyubOgQ==
Requested by
Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.de.wSnLZ73aZA8.es5.O/am=AgM/d=1/rs=AJlcJMxeKgdi-f7jXnY428K6uLgpXRKHTQ/m=kernel_loader,loader_js_executable
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-JB8bvPSY-oTPMbcp_PoCRw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
sec-ch-ua-platform
"Win32"
Referer
https://fridaynightfunkin.angryuser.help/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
Content-Type
text/plain

Response headers

date
Tue, 21 May 2024 15:35:33 GMT
content-security-policy
require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-JB8bvPSY-oTPMbcp_PoCRw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
reporting-endpoints
default="/_/ContributorLoggingHttp/web-reports?context=eJzjEtDikmLw0JBicEqfwRoCxELcHEf_bdrEJtDxdZmdkktSfmF8cn5eSWpeiW5iSrEuiF2UmVRakl-Ewk4tA6nIyU9Pz8xLjzcyMDIxMDW01DMwjy8wAACppiJ4"
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy
same-origin
server
ESF
access-control-max-age
86400
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
content-type
text/html; charset=utf-8
access-control-allow-origin
https://fridaynightfunkin.angryuser.help
access-control-allow-methods
POST, GET, OPTIONS
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
x-frame-options
SAMEORIGIN
expires
Mon, 01 Jan 1990 00:00:00 GMT
cropped-fridaynightfunkin-32x32.png
fridaynightfunkin.angryuser.help/wp-content/uploads/2021/05/ 		3 KB
3 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://fridaynightfunkin.angryuser.help/wp-content/uploads/2021/05/cropped-fridaynightfunkin-32x32.png
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
79.133.46.122 , Germany, ASN44066 (DE-FIRSTCOLO firstcolo.net, DE),
Reverse DNS
Software
nginx / PleskLin
Resource Hash
3aca8844d036c52d12f802aeff3883aa73110894644beb7ab2e32adb4644c15d

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://fridaynightfunkin.angryuser.help/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 21 May 2024 15:35:33 GMT
last-modified
Wed, 02 Mar 2022 15:51:14 GMT
server
nginx
etag
"621f9272-a35"
x-powered-by
PleskLin
content-type
image/png
accept-ranges
bytes
content-length
2613

Verdicts & Comments Add Verdict or Comment

60 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| 4 object| 5 undefined| $ function| jQuery function| gtag object| dataLayer object| pseudo_links object| kk_star_ratings object| settings_array object| wps_ajax string| top_menu_mobile_position object| google_js_reporting_queue number| google_srt object| google_persistent_state_async object| google_logging_queue number| tmod object| google_ad_modifications object| ggeac boolean| google_measure_js_timing object| google_tag_data object| google_reactive_ads_global_state object| adsbygoogle object| google_sa_queue function| google_process_slots object| google_ama_state function| google_spfd number| google_unique_id object| google_sv_map number| google_rum_task_id_counter string| google_user_agent_client_hint object| google_tag_manager function| onYouTubeIframeAPIReady object| gaGlobal function| google_sa_impl object| googlefc boolean| adsbygoogle_ama_fc_has_run object| default_ContributorServingResponseClientJs object| _F_toggles object| __googlefc string| __fcInvoked string| __fcexpdef string| NzUxN2RiZmJiYWZmOTljNGxvYWRlcl9qcw== string| NzUxN2RiZmJiYWZmOTljNGNhY2hlZF9qcw== object| __fcInternalApiManager boolean| __fcInternalApiPostMessageReady object| __tcfapiEventListeners function| __tcfapi object| __tcfapiManager boolean| __tcfapiPostMessageReady function| __uspapi object| __uspapiManager boolean| __uspapiPostMessageReady object| __gppEventListeners function| __gpp object| __gppManager boolean| __gppPostMessageReady

3 Cookies

Domain/Path Name / Value
fridaynightfunkin.angryuser.help/ Name: PHPSESSID
Value: nqomt8h18ve5fjo3rqjfvdqtj9
.angryuser.help/ Name: _ga_ZFV6TXLCTH
Value: GS1.1.1716305732.1.0.1716305732.0.0.0
.angryuser.help/ Name: _ga
Value: GA1.1.1056038034.1716305732

1 Console Messages

Source Level URL
Text
javascript warning URL: https://fridaynightfunkin.angryuser.help/
Message:
The resource https://fridaynightfunkin.angryuser.help/wp-content/themes/root/fonts/fontawesome-webfont.ttf was preloaded using link preload but not used within a few seconds from the window's load event. Please make sure it has an appropriate `as` value and it is preloaded intentionally.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

fonts.googleapis.com
fonts.gstatic.com
fridaynightfunkin.angryuser.help
fundingchoicesmessages.google.com
lh3.googleusercontent.com
pagead2.googlesyndication.com
region1.google-analytics.com
www.googletagmanager.com
142.250.184.225
2001:4860:4802:32::36
2a00:1450:4001:806::200e
2a00:1450:4001:812::2002
2a00:1450:4001:827::200a
2a00:1450:4001:831::2003
2a00:1450:4001:831::2008
79.133.46.122
12d2528285c2b04109501e2f6b0b4c4af722c38b05d34bc1a54a74d7dccd2e9f
1cd6396792d7bfdd898dcb9f2ee195387179b30fb4cc2cdc0c57575fab655230
2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe
33734f0612846b9fea603b5ac1df506eb1fb3555ae3a2be35348fa8d1daf0a24
371e740f88c1171d7b0256a31acefbfb04f4d08c057c39a43eb95d1dcf7c40ef
3aca8844d036c52d12f802aeff3883aa73110894644beb7ab2e32adb4644c15d
3c4d6a1421c7ddb7e404521fe8c4cd5be5af446d7689cd880be26612eaad3cfa
40c09c88b06f8efef77ba9e5855940e42279a3a29575d0b214a7694a14038754
495d38d4b9741e8aa4204002414069e2d8db9f3c60b60e195e4d74381462dee9
4dfe805ab2bed8d37971273a380cba262da43634048d8741a032015eb256c201
53cb486a3f6a61535fd7bb4fa01a15a1b1154f18e5f14ce32950ec257bc66aba
68babdfc4950d6f622a966498dbe69a5d2c99665f0388af533848f4f7c165cb4
6a84eeee6a25e7c9a8a03191007a6720566b5a2aa2384d36168fb07f49e97e9e
6b7dfb79b63e4202eaad4d930a87c85325776c5b800a672363283ad3dc73af1c
6d59e7160b953c872a28ff6dfc3f210881ec6122775e5b5e6be851f2f8df8991
805fc1a189f57a20a8b2245e1cc243456ca1c873dfd741aceccc306d30ead935
8265f64786397d6b832d1ca0aafdf149ad84e72759fffa9f7272e91a0fb015d1
82b26a2b9aed3fb6c36c4900c99b2f8bfea4b1fcfd5d1f1881d338f5759764f6
854ddf23e95aabe0abe86b196b75864d8326ceededc54bbc7a895adeb5c1989e
8db5707b30e225e73a9b9b7d5a921004e275fd27a3c633de1f52ce55d05892d4
98cecf88a23542fa047ce46eedb650b5c5128761ed4386c0977b847094ddfa20
9eb0a974b373bf1234054c72809b9a5fd0dc936f7c820266a5a074faa4e038ff
a43b52551128afc75d151d3601470850d85aabd4ce7275a7fb6ba59a39231ebc
a6933e678530b263486fa7b185a449cac947e1496ef61d496642032f339e9e43
aa58f33f239a0fb02f5c7a6c45c043d7a9ac9a093335806694ecd6d4edc0d6a8
abdf3dfc88bc35325ecf3af7356b71b54862aac4fcb3962b7bd9df7cec43c259
acdebf935ded5cb063dcca7c46be5bbc503af5e76e295f6d0b7093c4514ed256
ad5813737c44162a43de03d9cdcc06d8fbd5bc3991873819a89cf544d038f822
b2053eee01cef375a55fb4541d34f6f89a137a0182aba6ea7afbe6863c151f31
b854fe5ff1e79aeb5a5e207d4743926b69ce96fb553878f8b8436d7ed59c5133
c554c05c5b4210ec94eb5bb1ad654620baf7d98bafdc5aadceec0c84690f67d9
cb6f2d32c49d1c2b25e9ffc9aaafa3f83075346c01bcd4ae6eb187392a4292cf
cdfa9b19ab958b8f561096dea7158090b067699d030e59e822466c703efaac37
d0b5affae12bb850f763964eba21fe0b2ee874512498fed3a0b9060f13418174
d1ac53e44767e808ff66b3ce88ebed0049f3d9cba0d1af7554c94bfe0b29b85b
d436260dd3f79207dc96ed8cae7690b93f3a514c7048968603add7665834501e
d5920e34f37f28c71fa94aea4f348c82695ba1cf442a817f7debd7d0b7025cb7
db0424fb67fb52e7e538490240cc7fb9c05aa076333a4968f3dee30b825dabf9
dd7fc11191a3e672da8bd34cda5bc4881f00f973176e2be30ee44b9908a8192f
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e7be354a4fc5292f065433736862a2d398e2494fa76389beb4f2ae44155ce24b
f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
fbf413da8be4e1bf8fb4cb0f4e7d667ff0b7fe2bfeaca31d91205520a5111cad
ff55d8b291619973dd66311bb10e36595adcfea98d2f618b1e18adb02b319f9b