c.marsflag.com Open in urlscan Pro
2600:9000:21c5:7200:1d:c7f0:c680:93a1  Public Scan

3 Outgoing links

These are links going to different origins than the main page.

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Redirected requests

There were HTTP redirect chains for the following requests:

16 HTTP transactions Everything HTML Script AJAX CSS Image Expand all
1 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H/1.1	200 OK	Primary Request / Show response c.marsflag.com/	27 KB 27 KB	132ms 120ms	Document text/html	2600:9000:21c5:7200:1d:c7f0:c680:93a1 AMAZON-02
General Check archive.org Show headers Download Go to Full URL http://c.marsflag.com/ Protocol HTTP/1.1 Server 2600:9000:21c5:7200:1d:c7f0:c680:93a1 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software AmazonS3 / Resource Hash 5b3980ad735a7c38d2540930fec2f2d11788bae4d76881f5c8bffca7f8e6702d Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36 accept-language jp-JP,jp;q=0.9 Response headers Connection keep-alive Content-Length 27691 Content-Type text/html Date Thu, 21 Apr 2022 03:42:27 GMT ETag "9f5591dc8e6bcacea1cea418c733b07e" Last-Modified Mon, 02 Oct 2017 10:09:51 GMT Server AmazonS3 Via 1.1 16c02dcd628ea4a3a8e6442ef459127a.cloudfront.net (CloudFront) X-Amz-Cf-Id cx9cMSJMT1reunLgEbPgqSNFlVWQuoweTMFZ-AFWEhfiZNi--d7eJw== X-Amz-Cf-Pop NRT57-C1 X-Cache RefreshHit from cloudfront
GET H2	200	jquery.min.js Show response ajax.googleapis.com/ajax/libs/jquery/1.9.0/	91 KB 32 KB	84ms 36ms	Script text/javascript	2404:6800:4004:81f::200a GOOGLE
General Check archive.org Show headers Download Go to Full URL https://ajax.googleapis.com/ajax/libs/jquery/1.9.0/jquery.min.js Requested by Host: c.marsflag.com URL: http://c.marsflag.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2404:6800:4004:81f::200a , Australia, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 7fa0d5c3f538c76f878e012ac390597faecaabfe6fb9d459b919258e76c5df8e Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language jp-JP,jp;q=0.9 Referer http://c.marsflag.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36 Response headers date Sat, 16 Apr 2022 04:21:30 GMT content-encoding gzip x-content-type-options nosniff age 429656 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 33140 x-xss-protection 0 last-modified Tue, 03 Mar 2020 19:15:00 GMT server sffe cross-origin-opener-policy same-origin; report-to="hosted-libraries-pushers" vary Accept-Encoding report-to {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]} content-type text/javascript; charset=UTF-8 access-control-allow-origin * cache-control public, max-age=31536000, stale-while-revalidate=2592000 accept-ranges bytes timing-allow-origin * expires Sun, 16 Apr 2023 04:21:30 GMT
GET H2	200	jquery-ui.css ajax.googleapis.com/ajax/libs/jqueryui/1.11.4/themes/smoothness/	34 KB 9 KB	62ms 14ms	Stylesheet text/css	2404:6800:4004:81f::200a GOOGLE
General Check archive.org Show headers Download Go to Full URL https://ajax.googleapis.com/ajax/libs/jqueryui/1.11.4/themes/smoothness/jquery-ui.css Requested by Host: c.marsflag.com URL: http://c.marsflag.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2404:6800:4004:81f::200a , Australia, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 7f8e420a4ac3ea7f6fd081ce07234101414d27df260a6d547663f8e0c0efbaf4 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language jp-JP,jp;q=0.9 Referer http://c.marsflag.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36 Response headers date Thu, 14 Apr 2022 11:56:14 GMT content-encoding gzip x-content-type-options nosniff age 575172 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 8060 x-xss-protection 0 last-modified Tue, 03 Mar 2020 19:15:00 GMT server sffe cross-origin-opener-policy same-origin; report-to="hosted-libraries-pushers" vary Accept-Encoding report-to {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]} content-type text/css; charset=UTF-8 access-control-allow-origin * cache-control public, max-age=31536000, stale-while-revalidate=2592000 accept-ranges bytes timing-allow-origin * expires Fri, 14 Apr 2023 11:56:14 GMT
GET H2	200	jquery-ui.min.js Show response ajax.googleapis.com/ajax/libs/jqueryui/1.11.4/	235 KB 63 KB	63ms 15ms	Script text/javascript	2404:6800:4004:81f::200a GOOGLE
General Check archive.org Show headers Download Go to Full URL https://ajax.googleapis.com/ajax/libs/jqueryui/1.11.4/jquery-ui.min.js Requested by Host: c.marsflag.com URL: http://c.marsflag.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2404:6800:4004:81f::200a , Australia, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash c4d8dbe77feb63e5a61bee0bead4e5f66e8fa6a927599bd1b74aced52467273c Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language jp-JP,jp;q=0.9 Referer http://c.marsflag.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36 Response headers date Fri, 15 Apr 2022 12:45:56 GMT content-encoding gzip x-content-type-options nosniff age 485790 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 64481 x-xss-protection 0 last-modified Tue, 03 Mar 2020 19:15:00 GMT server sffe cross-origin-opener-policy same-origin; report-to="hosted-libraries-pushers" vary Accept-Encoding report-to {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]} content-type text/javascript; charset=UTF-8 access-control-allow-origin * cache-control public, max-age=31536000, stale-while-revalidate=2592000 accept-ranges bytes timing-allow-origin * expires Sat, 15 Apr 2023 12:45:56 GMT
GET H/1.1	200 OK	kendo.common.min.css kendo.cdn.telerik.com/2016.2.607/styles/	212 KB 35 KB	18ms 3ms	Stylesheet text/css	13.32.50.62 AMAZON-02
General Check archive.org Show headers Download Go to Full URL http://kendo.cdn.telerik.com/2016.2.607/styles/kendo.common.min.css Requested by Host: c.marsflag.com URL: http://c.marsflag.com/ Protocol HTTP/1.1 Server 13.32.50.62 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-13-32-50-62.nrt57.r.cloudfront.net Software nginx / Resource Hash edaa504be0468b908bfff5178a484692ef8bf3cd92655755e52adc2f918bb744 Request headers accept-language jp-JP,jp;q=0.9 Referer http://c.marsflag.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36 Response headers Date Mon, 20 Dec 2021 19:54:42 GMT Content-Encoding gzip Age 10482463 Transfer-Encoding chunked X-Cache Hit from cloudfront Connection keep-alive Access-Control-Allow-Origin * Last-Modified Tue, 07 Dec 2021 09:25:32 GMT Server nginx ETag W/"61af288c-34f96" Content-Type text/css Via 1.1 c6fc54375aaf643cecdb06043574c032.cloudfront.net (CloudFront) Cache-Control max-age=315360000, public X-Amz-Cf-Pop NRT57-C1 X-Amz-Cf-Id JYeO7AC8eO2sMajLqUwfC4jv2DVVyFg1Rw4NiYnmCfTSPqf3mpY00Q== Expires Thu, 31 Dec 2037 23:55:55 GMT
GET H/1.1	200 OK	kendo.default.min.css kendo.cdn.telerik.com/2016.2.607/styles/	65 KB 10 KB	19ms 3ms	Stylesheet text/css	13.32.50.62 AMAZON-02
General Check archive.org Show headers Download Go to Full URL http://kendo.cdn.telerik.com/2016.2.607/styles/kendo.default.min.css Requested by Host: c.marsflag.com URL: http://c.marsflag.com/ Protocol HTTP/1.1 Server 13.32.50.62 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-13-32-50-62.nrt57.r.cloudfront.net Software nginx / Resource Hash df5bec4d8a42e00e1db758b42fc676fc902dad9d3fd02292924ea6396bd44d9d Request headers accept-language jp-JP,jp;q=0.9 Referer http://c.marsflag.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36 Response headers Date Mon, 25 Oct 2021 00:18:34 GMT Content-Encoding gzip Age 15391464 Transfer-Encoding chunked X-Cache Hit from cloudfront Connection keep-alive Access-Control-Allow-Origin * Last-Modified Wed, 15 Sep 2021 11:14:12 GMT Server nginx ETag W/"6141d584-1051a" Content-Type text/css Via 1.1 70e24e789a7f5c3f75693b4d637a2d22.cloudfront.net (CloudFront) Cache-Control max-age=315360000, public X-Amz-Cf-Pop NRT57-C1 X-Amz-Cf-Id 0-0J2jd72Nhx2rbnkpONkVs6gEbJ1TwsGSfS1gHM6Dp8hocrSKap-g== Expires Thu, 31 Dec 2037 23:55:55 GMT
GET H/1.1	200 OK	kendo.default.mobile.min.css kendo.cdn.telerik.com/2016.2.607/styles/	109 KB 18 KB	19ms 4ms	Stylesheet text/css	13.32.50.62 AMAZON-02
General Check archive.org Show headers Download Go to Full URL http://kendo.cdn.telerik.com/2016.2.607/styles/kendo.default.mobile.min.css Requested by Host: c.marsflag.com URL: http://c.marsflag.com/ Protocol HTTP/1.1 Server 13.32.50.62 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-13-32-50-62.nrt57.r.cloudfront.net Software nginx / Resource Hash d54c0ae59db925f769e2686a14cbe30c6ff16a1f5d175110091721f0b88ca05f Request headers accept-language jp-JP,jp;q=0.9 Referer http://c.marsflag.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36 Response headers Date Fri, 11 Mar 2022 10:52:01 GMT Content-Encoding gzip Age 3516624 Transfer-Encoding chunked X-Cache Hit from cloudfront Connection keep-alive Access-Control-Allow-Origin * Last-Modified Tue, 01 Mar 2022 12:21:05 GMT Server nginx ETag W/"621e0fb1-1b30c" Content-Type text/css Via 1.1 9dbab677f8be787117e804696d7d4016.cloudfront.net (CloudFront) Cache-Control max-age=315360000, public X-Amz-Cf-Pop NRT57-C1 X-Amz-Cf-Id Gv-dtUwN0dhpmw7msV58X7rJ4JM5lI7jyhXTqd2ugD3uOUSkV4TOEQ== Expires Thu, 31 Dec 2037 23:55:55 GMT
GET H/1.1	200 OK	kendo.all.min.js Show response kendo.cdn.telerik.com/2016.2.607/js/	3 MB 3 MB	22ms 7ms	Script application/x-javascript	13.32.50.62 AMAZON-02
General Check archive.org Show headers Download Go to Full URL http://kendo.cdn.telerik.com/2016.2.607/js/kendo.all.min.js Requested by Host: c.marsflag.com URL: http://c.marsflag.com/ Protocol HTTP/1.1 Server 13.32.50.62 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-13-32-50-62.nrt57.r.cloudfront.net Software nginx / Resource Hash 78853e343d8de494054f3a0a4b278f20f521f7e5e897b6bd730db1bda294b1bb Request headers accept-language jp-JP,jp;q=0.9 Referer http://c.marsflag.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36 Response headers Date Sat, 16 Apr 2022 03:46:58 GMT Via 1.1 16c02dcd628ea4a3a8e6442ef459127a.cloudfront.net (CloudFront) Age 431727 X-Cache Hit from cloudfront Connection keep-alive Content-Length 2712084 Last-Modified Tue, 12 Apr 2022 06:46:07 GMT Server nginx ETag "6255202f-296214" Content-Type application/x-javascript Access-Control-Allow-Origin * Cache-Control max-age=315360000, public X-Amz-Cf-Pop NRT57-C1 Accept-Ranges bytes X-Amz-Cf-Id 1N-4oXfZpBNpMqEDzkmCr43ahbkh2T5Ha5jzQhrt0vDaP3nVdwgjUw== Expires Thu, 31 Dec 2037 23:55:55 GMT
GET H/1.1	200 OK	moment-with-locales.js Show response c.marsflag.com/lib/momentjs/	441 KB 90 KB	223ms 222ms	Script application/javascript	2600:9000:21c5:7200:1d:c7f0:c680:93a1 AMAZON-02
General Check archive.org Show headers Download Go to Full URL http://c.marsflag.com/lib/momentjs/moment-with-locales.js Requested by Host: c.marsflag.com URL: http://c.marsflag.com/ Protocol HTTP/1.1 Server 2600:9000:21c5:7200:1d:c7f0:c680:93a1 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software AmazonS3 / Resource Hash 88009864dfe7d5c7c1c95cf5c065e96247f12c4b554ccf4393aca8e87dabb23f Request headers accept-language jp-JP,jp;q=0.9 Referer http://c.marsflag.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36 Response headers x-amz-version-id mhWltClDN4E3yIOvKkR10122J6i4iRlV Content-Encoding gzip Vary Accept-Encoding Last-Modified Thu, 22 Aug 2019 07:40:35 GMT Server AmazonS3 X-Amz-Cf-Pop NRT57-C1 ETag W/"084396f4103c2797a8dd4178abaec6c9" Transfer-Encoding chunked X-Cache RefreshHit from cloudfront Content-Type application/javascript Via 1.1 16c02dcd628ea4a3a8e6442ef459127a.cloudfront.net (CloudFront) Cache-Control public, max-age=86400 Date Thu, 21 Apr 2022 03:42:28 GMT Connection keep-alive X-Amz-Cf-Id rQhA5oQCLYLlL1QzNVh37IOqOE14fth7hXCT496ZCtzedSp6QfXNRA==
GET H/1.1	200 OK	md5.min.js Show response c.marsflag.com/js/	24 KB 25 KB	128ms 126ms	Script application/x-javascript	2600:9000:21c5:7200:1d:c7f0:c680:93a1 AMAZON-02
General Check archive.org Show headers Download Go to Full URL http://c.marsflag.com/js/md5.min.js Requested by Host: c.marsflag.com URL: http://c.marsflag.com/ Protocol HTTP/1.1 Server 2600:9000:21c5:7200:1d:c7f0:c680:93a1 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software AmazonS3 / Resource Hash 40bcae429c4543d92ebfb31bbd519f65f7b714fbbf206a783c2d47e1316d79ee Request headers accept-language jp-JP,jp;q=0.9 Referer http://c.marsflag.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36 Response headers Date Thu, 21 Apr 2022 03:42:27 GMT Via 1.1 e5907f334714433599a0e1b9c57f44d6.cloudfront.net (CloudFront) Last-Modified Tue, 14 Jul 2015 12:52:30 GMT Server AmazonS3 X-Amz-Cf-Pop NRT57-C1 ETag "7d1a3d0a659ea3dc27030c829cce143e" X-Cache RefreshHit from cloudfront Content-Type application/x-javascript Connection keep-alive Content-Length 24795 X-Amz-Cf-Id 7fkFVO4LCBATAQSsNzpzXnR9kr2mVjBhOb-bWuPz35AUa1utdPMlbw==
GET H/1.1	200 OK	jquery-deparam.min.js Show response c.marsflag.com/js/	662 B 1 KB	134ms 132ms	Script application/javascript	2600:9000:21c5:7200:1d:c7f0:c680:93a1 AMAZON-02
General Check archive.org Show headers Download Go to Full URL http://c.marsflag.com/js/jquery-deparam.min.js Requested by Host: c.marsflag.com URL: http://c.marsflag.com/ Protocol HTTP/1.1 Server 2600:9000:21c5:7200:1d:c7f0:c680:93a1 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software AmazonS3 / Resource Hash f59f14e668b7377db4f2f9a1f6f993cf79b195a9decfe5c61c9e67ae4f479e70 Request headers accept-language jp-JP,jp;q=0.9 Referer http://c.marsflag.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36 Response headers Date Thu, 21 Apr 2022 03:42:27 GMT Via 1.1 6dfb7749b068f934616db797ff5b18ee.cloudfront.net (CloudFront) Last-Modified Fri, 03 Oct 2014 12:13:36 GMT Server AmazonS3 X-Amz-Cf-Pop NRT57-C1 ETag "f90dfb1e4fb9d4b343a3e32ecdad665e" X-Cache RefreshHit from cloudfront Content-Type application/javascript Cache-Control max-age=300 Connection keep-alive Content-Length 662 X-Amz-Cf-Id vpXge5V9zcdzastimGtgyvurCqMFZbcde6zDGd387xaSJ9xWd3VtUw==
GET H/1.1	200 OK	cs.js Show response c.marsflag.com/mf/	6 KB 3 KB	11ms 9ms	Script text/javascript	2600:9000:21c5:7200:1d:c7f0:c680:93a1 AMAZON-02
General Check archive.org Show headers Download Go to Full URL http://c.marsflag.com/mf/cs.js Requested by Host: c.marsflag.com URL: http://c.marsflag.com/ Protocol HTTP/1.1 Server 2600:9000:21c5:7200:1d:c7f0:c680:93a1 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software AmazonS3 / Resource Hash 33ea9deedb9d399e75affc41ae3fa3fc0b7dbbee5c7e4a1fe67514a8755741f3 Request headers accept-language jp-JP,jp;q=0.9 Referer http://c.marsflag.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36 Response headers x-amz-version-id fuYdknz31RxwTgPKcLMpjyCvYAmgz7QD Content-Encoding gzip ETag W/"a0fe287e9279aefb20f6a2cb9f520cb1" Age 4021 Transfer-Encoding chunked X-Cache Hit from cloudfront Connection keep-alive Last-Modified Thu, 22 Aug 2019 07:39:48 GMT Server AmazonS3 Date Thu, 21 Apr 2022 02:35:26 GMT Vary Accept-Encoding Content-Type text/javascript Via 1.1 7e4ab935c7e8d0308737142200851464.cloudfront.net (CloudFront) Cache-Control public, max-age=86400 X-Amz-Cf-Pop NRT57-C1 X-Amz-Cf-Id GOtg2IlPzbtjeFWgiRGqGQbl7ZxC_XfmvKm2ypv0vr5_gkIr8C4cYQ==
GET DATA	200 OK	truncated /	37 B 0		Image image/gif
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96 Request headers accept-language jp-JP,jp;q=0.9 Referer http://c.marsflag.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36 Response headers Content-Type image/gif
GET H/1.1	200 OK	kendoui.woff kendo.cdn.telerik.com/2016.2.607/styles/images/	63 KB 63 KB	53ms 51ms	Font application/font-woff	13.32.50.62 AMAZON-02
General Check archive.org Show headers Download Go to Full URL http://kendo.cdn.telerik.com/2016.2.607/styles/images/kendoui.woff?v=1.1 Requested by Host: kendo.cdn.telerik.com URL: http://kendo.cdn.telerik.com/2016.2.607/styles/kendo.default.mobile.min.css Protocol HTTP/1.1 Server 13.32.50.62 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-13-32-50-62.nrt57.r.cloudfront.net Software nginx / Resource Hash 8329d2b4c1c7c96260d03217cae87833a6d0ff4196fa889ddb239641198db846 Request headers Referer http://kendo.cdn.telerik.com/2016.2.607/styles/kendo.default.mobile.min.css Origin http://c.marsflag.com accept-language jp-JP,jp;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36 Response headers Date Sun, 24 Oct 2021 19:01:35 GMT Via 1.1 a2447ed6669558ff303af177568ddb72.cloudfront.net (CloudFront) Age 15410484 X-Cache Hit from cloudfront Connection keep-alive Content-Length 64184 Last-Modified Wed, 15 Sep 2021 11:14:12 GMT Server nginx ETag "6141d584-fab8" Content-Type application/font-woff Access-Control-Allow-Origin * Cache-Control max-age=315360000, public X-Amz-Cf-Pop NRT57-C1 Accept-Ranges bytes X-Amz-Cf-Id TKN_hXYVxmgzAadhBn0bL9NPhAJ7r9TwgZPdYTWc8IXWwucxdLOHxg== Expires Thu, 31 Dec 2037 23:55:55 GMT
GET H/1.1	200 OK	sprite.png kendo.cdn.telerik.com/2016.2.607/styles/Default/	29 KB 29 KB	38ms 37ms	Image image/png	13.32.50.62 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL http://kendo.cdn.telerik.com/2016.2.607/styles/Default/sprite.png Requested by Host: kendo.cdn.telerik.com URL: http://kendo.cdn.telerik.com/2016.2.607/styles/kendo.default.min.css Protocol HTTP/1.1 Server 13.32.50.62 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-13-32-50-62.nrt57.r.cloudfront.net Software nginx / Resource Hash 67ef50cd15997c2b4bc21b3de3f9c03869492965076623d8f42ba4fa1b00c1d5 Request headers accept-language jp-JP,jp;q=0.9 Referer http://kendo.cdn.telerik.com/2016.2.607/styles/kendo.default.min.css User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36 Response headers Date Wed, 20 Apr 2022 07:13:42 GMT Via 1.1 16c02dcd628ea4a3a8e6442ef459127a.cloudfront.net (CloudFront) Age 73739 X-Cache Hit from cloudfront Connection keep-alive Content-Length 29330 Last-Modified Tue, 12 Apr 2022 06:46:13 GMT Server nginx ETag "62552035-7292" Content-Type image/png Access-Control-Allow-Origin * Cache-Control max-age=315360000, public X-Amz-Cf-Pop NRT57-C1 Accept-Ranges bytes X-Amz-Cf-Id CIe44SxQw13Hr4If5nzK6Fk1j1EUvpxBuFWQQOhPt8wLjSCVL0lkqg== Expires Thu, 31 Dec 2037 23:55:55 GMT
GET H/1.1	200 OK	/ Show response contents-server-us-west-2.s3-us-west-2.amazonaws.com/	401 B 878 B	308ms 164ms	XHR application/xml	52.92.160.178 AMAZON-02
General Check archive.org Show headers Download Go to Full URL http://contents-server-us-west-2.s3-us-west-2.amazonaws.com/?delimiter=%2F&prefix=skel%2F Requested by Host: ajax.googleapis.com URL: https://ajax.googleapis.com/ajax/libs/jquery/1.9.0/jquery.min.js Protocol HTTP/1.1 Server 52.92.160.178 Boardman, United States, ASN16509 (AMAZON-02, US), Reverse DNS Software AmazonS3 / Resource Hash 07feecc7aa00986e54e33bceb2c17cc65c9d1af0ff56ea480e6d9bde90b425fc Request headers Accept */* Referer http://c.marsflag.com/ accept-language jp-JP,jp;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36 Response headers Date Thu, 21 Apr 2022 03:42:28 GMT Server AmazonS3 x-amz-bucket-region us-west-2 Vary Origin, Access-Control-Request-Headers, Access-Control-Request-Method Access-Control-Allow-Methods GET Content-Type application/xml Access-Control-Allow-Origin * Access-Control-Max-Age 3000 Transfer-Encoding chunked x-amz-request-id Z5E30B7C8ZBHE6WX x-amz-id-2 8+vGmGILlbUrbfOpB6U5QegEF1JS8xumbNKeZa5V9hE4QqJqaE8BJRjBZY+wbAmzXk95leQOMz8=
GET H/1.1	200 OK	/ Show response contents-server-us-west-2.s3-us-west-2.amazonaws.com/	286 B 763 B	301ms 157ms	XHR application/xml	52.92.160.178 AMAZON-02
General Check archive.org Show headers Download Go to Full URL http://contents-server-us-west-2.s3-us-west-2.amazonaws.com/?delimiter=%2F&prefix=data%2Fd41d%2F+ Requested by Host: ajax.googleapis.com URL: https://ajax.googleapis.com/ajax/libs/jquery/1.9.0/jquery.min.js Protocol HTTP/1.1 Server 52.92.160.178 Boardman, United States, ASN16509 (AMAZON-02, US), Reverse DNS Software AmazonS3 / Resource Hash fcc47881699d2493cfc103c6cba58f336319795ddd028d04e6b234a5aa42438f Request headers Accept */* Referer http://c.marsflag.com/ accept-language jp-JP,jp;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36 Response headers Date Thu, 21 Apr 2022 03:42:28 GMT Server AmazonS3 x-amz-bucket-region us-west-2 Vary Origin, Access-Control-Request-Headers, Access-Control-Request-Method Access-Control-Allow-Methods GET Content-Type application/xml Access-Control-Allow-Origin * Access-Control-Max-Age 3000 Transfer-Encoding chunked x-amz-request-id Z5EC5HG90EG5F5AZ x-amz-id-2 iGewS8xcFwlYnEpdR9+sXFENYCglkEsxEsrvQama7qCuHyqmjmLj1irAvRKjwHOt5xXMDHwvo2w=

12 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 function| structuredClone object| oncontextlost object| oncontextrestored function| $ function| jQuery object| kendo function| moment object| CybozuLabs object| GALFSRAM object| jQuery19006616177564167289 object| kwin

0 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ajax.googleapis.com
c.marsflag.com
contents-server-us-west-2.s3-us-west-2.amazonaws.com
kendo.cdn.telerik.com
13.32.50.62
2404:6800:4004:81f::200a
2600:9000:21c5:7200:1d:c7f0:c680:93a1
52.92.160.178
07feecc7aa00986e54e33bceb2c17cc65c9d1af0ff56ea480e6d9bde90b425fc
33ea9deedb9d399e75affc41ae3fa3fc0b7dbbee5c7e4a1fe67514a8755741f3
40bcae429c4543d92ebfb31bbd519f65f7b714fbbf206a783c2d47e1316d79ee
5b3980ad735a7c38d2540930fec2f2d11788bae4d76881f5c8bffca7f8e6702d
67ef50cd15997c2b4bc21b3de3f9c03869492965076623d8f42ba4fa1b00c1d5
78853e343d8de494054f3a0a4b278f20f521f7e5e897b6bd730db1bda294b1bb
7f8e420a4ac3ea7f6fd081ce07234101414d27df260a6d547663f8e0c0efbaf4
7fa0d5c3f538c76f878e012ac390597faecaabfe6fb9d459b919258e76c5df8e
8329d2b4c1c7c96260d03217cae87833a6d0ff4196fa889ddb239641198db846
88009864dfe7d5c7c1c95cf5c065e96247f12c4b554ccf4393aca8e87dabb23f
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96
c4d8dbe77feb63e5a61bee0bead4e5f66e8fa6a927599bd1b74aced52467273c
d54c0ae59db925f769e2686a14cbe30c6ff16a1f5d175110091721f0b88ca05f
df5bec4d8a42e00e1db758b42fc676fc902dad9d3fd02292924ea6396bd44d9d
edaa504be0468b908bfff5178a484692ef8bf3cd92655755e52adc2f918bb744
f59f14e668b7377db4f2f9a1f6f993cf79b195a9decfe5c61c9e67ae4f479e70
fcc47881699d2493cfc103c6cba58f336319795ddd028d04e6b234a5aa42438f