urlscan.io logo urlscan.io
SecurityTrails logo

timespj.xyz Open in urlscan Pro
188.114.97.3  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://stationeryformidable.top/9415SAhVdX5adlljAwEBVyNgBQlgbV5VaCpaY1E2KwxfUzMeSCIPMxALDApbfyJJFzo1BlwCJEpWNnUEFU8KbBBAagFvEA?p...
Effective URL: https://timespj.xyz/7o3thdbBTRGKpq2wAghtS/5288RGB_BXxVWnF7eQp7WwtQRwZdXyRHVzgAUlkABCM4WxVYGyg?_t=1734190475354jfltms
Submission: On December 14 via api from GB — Scanned from GB
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 7 IPs in 4 countries across 7 domains to perform 31 HTTP transactions. The main IP is 188.114.97.3, located in Amsterdam, Netherlands and belongs to CLOUDFLARENET, US. The main domain is timespj.xyz.
TLS certificate: Issued by WE1 on November 14th 2024. Valid for: 3 months.
This is the only time timespj.xyz was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 104.21.16.1 13335 (CLOUDFLAR...)
6 188.114.97.3 13335 (CLOUDFLAR...)
5 188.114.96.3 13335 (CLOUDFLAR...)
8 14.215.182.140 4134 (CHINANET-...)
1 2a00:1450:400... 15169 (GOOGLE)
10 104.21.235.143 13335 (CLOUDFLAR...)
31 7
1    104.21.16.1 (None, )

ASN13335 (CLOUDFLARENET, US)
stationeryformidable.top
6    188.114.97.3 (Amsterdam, Netherlands)

ASN13335 (CLOUDFLARENET, US)
timespj.xyz
cdnmi.com
5    188.114.96.3 (Amsterdam, Netherlands)

ASN13335 (CLOUDFLARENET, US)
plausible.top
8    14.215.182.140 (Guangzhou, China)

ASN4134 (CHINANET-BACKBONE No.31,Jin-rong Street, CN)
hm.baidu.com
1    2a00:1450:4001:80f::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
10    104.21.235.143 (None, )

ASN13335 (CLOUDFLARENET, US)
263cdn.com
Apex Domain
Subdomains		 Transfer
10 263cdn.com
263cdn.com
121 KB
8 baidu.com
hm.baidu.com — Cisco Umbrella Rank: 12020
48 KB
5 plausible.top
plausible.top
4 KB
3 cdnmi.com
cdnmi.com
78 KB
3 timespj.xyz
timespj.xyz
335 KB
1 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 39
107 KB
1 stationeryformidable.top
stationeryformidable.top
2 KB
31 7
Domain Requested by
10 263cdn.com timespj.xyz
8 hm.baidu.com timespj.xyz
5 plausible.top timespj.xyz
plausible.top
3 cdnmi.com timespj.xyz
3 timespj.xyz stationeryformidable.top
timespj.xyz
1 www.googletagmanager.com timespj.xyz
1 stationeryformidable.top
31 7

This site contains no links.

Subject Issuer Validity Valid
stationeryformidable.top
WE1		 2024-11-21 -
2025-02-19		 3 months crt.sh
timespj.xyz
WE1		 2024-11-14 -
2025-02-12		 3 months crt.sh
plausible.top
WE1		 2024-11-15 -
2025-02-13		 3 months crt.sh
baidu.com
GlobalSign RSA OV SSL CA 2018		 2024-07-08 -
2025-08-09		 a year crt.sh
*.google-analytics.com
WR2		 2024-11-04 -
2025-01-27		 3 months crt.sh
cdnmi.com
WE1		 2024-11-21 -
2025-02-19		 3 months crt.sh
263cdn.com
E5		 2024-11-28 -
2025-02-26		 3 months crt.sh

This page contains 1 frames:

Primary Page: https://timespj.xyz/7o3thdbBTRGKpq2wAghtS/5288RGB_BXxVWnF7eQp7WwtQRwZdXyRHVzgAUlkABCM4WxVYGyg?_t=1734190475354jfltms
Frame ID: 7EC44895D5D4ABD9FC83E5B56B54FD7D
Requests: 33 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page URL History Show full URLs

  1. http://stationeryformidable.top/9415SAhVdX5adlljAwEBVyNgBQlgbV5VaCpaY1E2KwxfUzMeSCIPMxALDApbfyJJFzo1BlwCJEpW... HTTP 307
    https://stationeryformidable.top/9415SAhVdX5adlljAwEBVyNgBQlgbV5VaCpaY1E2KwxfUzMeSCIPMxALDApbfyJJFzo1BlwCJEpW... Page URL
  2. https://timespj.xyz/7o3thdbBTRGKpq2wAghtS/5288RGB_BXxVWnF7eQp7WwtQRwZdXyRHVzgAUlkABCM4WxVYGyg?_t... Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • hm\.baidu\.com/hm\.js
Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtag/js

Page Statistics

31
Requests

100 %
HTTPS

17 %
IPv6

7
Domains

7
Subdomains

7
IPs

4
Countries

781 kB
Transfer

1361 kB
Size

10
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://stationeryformidable.top/9415SAhVdX5adlljAwEBVyNgBQlgbV5VaCpaY1E2KwxfUzMeSCIPMxALDApbfyJJFzo1BlwCJEpWNnUEFU8KbBBAagFvEA?p=jfltms&_wi1680449461714 HTTP 307
    https://stationeryformidable.top/9415SAhVdX5adlljAwEBVyNgBQlgbV5VaCpaY1E2KwxfUzMeSCIPMxALDApbfyJJFzo1BlwCJEpWNnUEFU8KbBBAagFvEA?p=jfltms&_wi1680449461714 Page URL
  2. https://timespj.xyz/7o3thdbBTRGKpq2wAghtS/5288RGB_BXxVWnF7eQp7WwtQRwZdXyRHVzgAUlkABCM4WxVYGyg?_t=1734190475354jfltms Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0
  • http://stationeryformidable.top/9415SAhVdX5adlljAwEBVyNgBQlgbV5VaCpaY1E2KwxfUzMeSCIPMxALDApbfyJJFzo1BlwCJEpWNnUEFU8KbBBAagFvEA?p=jfltms&_wi1680449461714 HTTP 307
  • https://stationeryformidable.top/9415SAhVdX5adlljAwEBVyNgBQlgbV5VaCpaY1E2KwxfUzMeSCIPMxALDApbfyJJFzo1BlwCJEpWNnUEFU8KbBBAagFvEA?p=jfltms&_wi1680449461714

31 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
9415SAhVdX5adlljAwEBVyNgBQlgbV5VaCpaY1E2KwxfUzMeSCIPMxALDApbfyJJFzo1BlwCJEpWNnUEFU8KbBBAagFvEA
stationeryformidable.top/
Redirect Chain
  • http://stationeryformidable.top/9415SAhVdX5adlljAwEBVyNgBQlgbV5VaCpaY1E2KwxfUzMeSCIPMxALDApbfyJJFzo1BlwCJEpWNnUEFU8KbBBAagFvEA?p=jfltms&_wi1680449461714
  • https://stationeryformidable.top/9415SAhVdX5adlljAwEBVyNgBQlgbV5VaCpaY1E2KwxfUzMeSCIPMxALDApbfyJJFzo1BlwCJEpWNnUEFU8KbBBAagFvEA?p=jfltms&_wi1680449461714
4 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://stationeryformidable.top/9415SAhVdX5adlljAwEBVyNgBQlgbV5VaCpaY1E2KwxfUzMeSCIPMxALDApbfyJJFzo1BlwCJEpWNnUEFU8KbBBAagFvEA?p=jfltms&_wi1680449461714
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.21.16.1 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

access-control-allow-headers
X-Requested-With,X_Requested_With,X-PINGOTHER,Content-Type
access-control-allow-methods
POST,GET,OPTIONS
access-control-allow-origin
*
alt-svc
h3=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
8f1f42457f7b7747-LHR
content-encoding
zstd
content-type
text/html; charset=UTF-8
date
Sat, 14 Dec 2024 15:34:35 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=jrTOsPgw1vXDPReVOJxRcXxeo7FrDcT633zQkUgMT6ScgPNlMil7ve7NPp%2BFq1EdV6nMzrRtYH2%2FnFuQnaqhV4MOH6vSUb4%2F8xC2NWjE15ewO85EoUo5rf1wpzhiQJ59ujaslATBOoBOzwI%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding

Redirect headers

Location
https://stationeryformidable.top/9415SAhVdX5adlljAwEBVyNgBQlgbV5VaCpaY1E2KwxfUzMeSCIPMxALDApbfyJJFzo1BlwCJEpWNnUEFU8KbBBAagFvEA?p=jfltms&_wi1680449461714
Non-Authoritative-Reason
HttpsUpgrades
Primary Request 5288RGB_BXxVWnF7eQp7WwtQRwZdXyRHVzgAUlkABCM4WxVYGyg
timespj.xyz/7o3thdbBTRGKpq2wAghtS/ 		638 KB
328 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://timespj.xyz/7o3thdbBTRGKpq2wAghtS/5288RGB_BXxVWnF7eQp7WwtQRwZdXyRHVzgAUlkABCM4WxVYGyg?_t=1734190475354jfltms
Requested by
Host: stationeryformidable.top
URL: https://stationeryformidable.top/9415SAhVdX5adlljAwEBVyNgBQlgbV5VaCpaY1E2KwxfUzMeSCIPMxALDApbfyJJFzo1BlwCJEpWNnUEFU8KbBBAagFvEA?p=jfltms&_wi1680449461714
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
56697cc1b438e9bfca155dc5f1f7e23f3fb8a780448b239b9007c9629c71db4b

Request headers

Referer
https://stationeryformidable.top/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

alt-svc
h3=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
8f1f42482e177791-LHR
content-encoding
zstd
content-type
text/html; charset=UTF-8
date
Sat, 14 Dec 2024 15:34:35 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
priority
u=0,i
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Lu%2F7NZBBBNHl3i3ND6j1EJYjcBuig7RQgLsHwzLj%2BZAwWcmpkkMTLzmY2ngTcXnWx84aFt7LjN9MsuEQzomofsFBKbPnVbbOMNuC4KbvrZBUUqqz%2FtylTmcLZEFPAw%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
server-timing
cfL4;desc="?proto=QUIC&rtt=27470&min_rtt=24158&rtt_var=10150&sent=11&recv=10&lost=0&retrans=0&sent_bytes=4149&recv_bytes=4572&delivery_rate=569&cwnd=12000&unsent_bytes=0&cid=d3e5862c79b54f71&ts=354&x=1" cfExtPri cfHdrFlush;dur=0
vary
Accept-Encoding
script.js
plausible.top/js/ 		1 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://plausible.top/js/script.js
Requested by
Host: timespj.xyz
URL: https://timespj.xyz/7o3thdbBTRGKpq2wAghtS/5288RGB_BXxVWnF7eQp7WwtQRwZdXyRHVzgAUlkABCM4WxVYGyg?_t=1734190475354jfltms
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3409ac09af396e35fd67c5e024386d36c52138b7541e6a4644c31a94a2d33a4
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://timespj.xyz/

Response headers

content-encoding
gzip
cf-cache-status
HIT
age
32527
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=yNYU9608dvSFe0%2B9NidI5FUwvbARNiGegVm0%2BxagfVoi%2F46cVJvYaFc6%2F7DGInM00T11K67WKkR%2B%2BGgyx87xdTB7WcOJ%2Fr8v8kR92ZutvPUsmuOskZUFmdjHCXrUTO%2Fv"}],"group":"cf-nel","max_age":604800}
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=24295&min_rtt=24083&rtt_var=5269&sent=11&recv=9&lost=0&retrans=0&sent_bytes=4184&recv_bytes=4320&delivery_rate=26200&cwnd=12000&unsent_bytes=0&cid=6612b6de982dd7b1&ts=77&x=1", cfExtPri, cfHdrFlush;dur=0
date
Sat, 14 Dec 2024 15:34:36 GMT
content-type
application/javascript
vary
Accept-Encoding
last-modified
Sat, 14 Dec 2024 06:32:29 GMT
priority
u=3,i=?0
cache-control
public, max-age=86400, must-revalidate
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cross-origin-resource-policy
cross-origin
cf-ray
8f1f424e6aec6518-LHR
access-control-allow-origin
*
server
cloudflare
5288RGB_BXxVWnF7eQp7WwtQRwZdXyRHVzgAUlkABCM4WxVYGyg
timespj.xyz/7o3thdbBTRGKpq2wAghtS/ 		11 KB
6 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://timespj.xyz/7o3thdbBTRGKpq2wAghtS/5288RGB_BXxVWnF7eQp7WwtQRwZdXyRHVzgAUlkABCM4WxVYGyg?_t=1734190475354jfltms
Requested by
Host: timespj.xyz
URL: https://timespj.xyz/7o3thdbBTRGKpq2wAghtS/5288RGB_BXxVWnF7eQp7WwtQRwZdXyRHVzgAUlkABCM4WxVYGyg?_t=1734190475354jfltms
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6af2601c64e95a861c711fa28188cc21465a98876a031509c0c4b547712401af

Request headers

Referer
https://timespj.xyz/7o3thdbBTRGKpq2wAghtS/5288RGB_BXxVWnF7eQp7WwtQRwZdXyRHVzgAUlkABCM4WxVYGyg?_t=1734190475354jfltms
access-token
c6e2dn1gcHt_YHhlBndOUgBde2RvWyoUJ1FaRwBkYwUjDCUhPUQGOUA8eQcmLylLWwAOHFgQATkEDUc0JwM
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Accept
application/json, text/plain, */*
Content-Type
application/json

Response headers

nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding
zstd
cf-cache-status
DYNAMIC
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=QcEB3ETiKVc5DpDtB3xZhrJMbjYMBok85ElnNX7U5wmwAoWf7k86%2BQO7g%2BAVr1Q2KwZYZgGt4OD5%2FtBCOQcLNCVb8tuZm9U5EcLV6trTJy5APjPwpRWXvPHqHf%2BF6Q%3D%3D"}],"group":"cf-nel","max_age":604800}
cf-ray
8f1f424e6e647791-LHR
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=25382&min_rtt=23980&rtt_var=447&sent=315&recv=83&lost=0&retrans=0&sent_bytes=347925&recv_bytes=8329&delivery_rate=3751029&cwnd=108000&unsent_bytes=0&cid=d3e5862c79b54f71&ts=1203&x=1", cfExtPri, cfHdrFlush;dur=0
date
Sat, 14 Dec 2024 15:34:36 GMT
content-type
text/html; charset=UTF-8
vary
Accept-Encoding
server
cloudflare
priority
u=1,i
hm.js
hm.baidu.com/ 		29 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://hm.baidu.com/hm.js?284fccd025e62704a61082e607e5d5f8
Requested by
Host: timespj.xyz
URL: https://timespj.xyz/7o3thdbBTRGKpq2wAghtS/5288RGB_BXxVWnF7eQp7WwtQRwZdXyRHVzgAUlkABCM4WxVYGyg?_t=1734190475354jfltms
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
14.215.182.140 Guangzhou, China, ASN4134 (CHINANET-BACKBONE No.31,Jin-rong Street, CN),
Reverse DNS
Software
apache /
Resource Hash
da671803f809f53c68076155581c48d19422acc8593eebed74198fd8ae8ec20a
Security Headers
Name Value
Strict-Transport-Security max-age=172800

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://timespj.xyz/

Response headers

Strict-Transport-Security
max-age=172800
Cache-Control
max-age=0, must-revalidate
Content-Encoding
gzip
Etag
33eae0b505b5479fdd6e9de660239ea4
Content-Length
11334
P3p
CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Date
Sat, 14 Dec 2024 15:34:37 GMT
Content-Type
application/javascript
Server
apache
hm.js
hm.baidu.com/ 		29 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://hm.baidu.com/hm.js?c42f92ad140c953c620b87fd6d13a5d8
Requested by
Host: timespj.xyz
URL: https://timespj.xyz/7o3thdbBTRGKpq2wAghtS/5288RGB_BXxVWnF7eQp7WwtQRwZdXyRHVzgAUlkABCM4WxVYGyg?_t=1734190475354jfltms
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
14.215.182.140 Guangzhou, China, ASN4134 (CHINANET-BACKBONE No.31,Jin-rong Street, CN),
Reverse DNS
Software
apache /
Resource Hash
2d85f3cda4d86276651578999d5ce9da7f584a44956e4010b0672b1a3592aaca
Security Headers
Name Value
Strict-Transport-Security max-age=172800

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://timespj.xyz/

Response headers

Strict-Transport-Security
max-age=172800
Cache-Control
max-age=0, must-revalidate
Content-Encoding
gzip
Etag
031fd7e71130c4ffe348eb6870370a26
Content-Length
11290
P3p
CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Date
Sat, 14 Dec 2024 15:34:37 GMT
Content-Type
application/javascript
Server
apache
hm.js
hm.baidu.com/ 		29 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://hm.baidu.com/hm.js?8ad529876e2c64c9858bdab280259a66
Requested by
Host: timespj.xyz
URL: https://timespj.xyz/7o3thdbBTRGKpq2wAghtS/5288RGB_BXxVWnF7eQp7WwtQRwZdXyRHVzgAUlkABCM4WxVYGyg?_t=1734190475354jfltms
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
14.215.182.140 Guangzhou, China, ASN4134 (CHINANET-BACKBONE No.31,Jin-rong Street, CN),
Reverse DNS
Software
apache /
Resource Hash
d3ecca1baa9bef390bd16018589667826b50416a392225926a93c51369267cc8
Security Headers
Name Value
Strict-Transport-Security max-age=172800

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://timespj.xyz/

Response headers

Strict-Transport-Security
max-age=172800
Cache-Control
max-age=0, must-revalidate
Content-Encoding
gzip
Etag
f424bcfdb0a254700a86a28423c0d2b8
Content-Length
11294
P3p
CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Date
Sat, 14 Dec 2024 15:34:37 GMT
Content-Type
application/javascript
Server
apache
hm.js
hm.baidu.com/ 		29 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://hm.baidu.com/hm.js?c5f7d15f2bf0dd6c4bde04b74482d9aa
Requested by
Host: timespj.xyz
URL: https://timespj.xyz/7o3thdbBTRGKpq2wAghtS/5288RGB_BXxVWnF7eQp7WwtQRwZdXyRHVzgAUlkABCM4WxVYGyg?_t=1734190475354jfltms
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
14.215.182.140 Guangzhou, China, ASN4134 (CHINANET-BACKBONE No.31,Jin-rong Street, CN),
Reverse DNS
Software
apache /
Resource Hash
8d6c60a5fdae7b3f9b68e2779ee99e0e162182e371f7ba45091396d58beb950e
Security Headers
Name Value
Strict-Transport-Security max-age=172800

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://timespj.xyz/

Response headers

Strict-Transport-Security
max-age=172800
Cache-Control
max-age=0, must-revalidate
Content-Encoding
gzip
Etag
6d1c09229565c0e325fd9bca84680de3
Content-Length
11342
P3p
CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Date
Sat, 14 Dec 2024 15:34:37 GMT
Content-Type
application/javascript
Server
apache
js
www.googletagmanager.com/gtag/ 		317 KB
107 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-NKESQHG3S9
Requested by
Host: timespj.xyz
URL: https://timespj.xyz/7o3thdbBTRGKpq2wAghtS/5288RGB_BXxVWnF7eQp7WwtQRwZdXyRHVzgAUlkABCM4WxVYGyg?_t=1734190475354jfltms
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
3573b10d75f34a7c43b6a0cb1fa5b3a97bebbfff6f1ae04f414925d9e00d5796
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://timespj.xyz/

Response headers

content-encoding
br
report-to
{"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcycc:838:0"}],}
expires
Sat, 14 Dec 2024 15:34:36 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Sat, 14 Dec 2024 15:34:36 GMT
content-type
application/javascript; charset=UTF-8
vary
Accept-Encoding
access-control-allow-headers
Cache-Control
strict-transport-security
max-age=31536000; includeSubDomains
cache-control
private, max-age=900
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
content-security-policy-report-only
script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcycc:838:0
access-control-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to=coop_reporting
content-length
108443
x-xss-protection
0
server
Google Tag Manager
event
plausible.top/api/ 		2 B
722 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://plausible.top/api/event
Requested by
Host: plausible.top
URL: https://plausible.top/js/script.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Content-Type
text/plain
Referer
https://timespj.xyz/

Response headers

x-request-id
GBEVDOsNEIEc3mZGvAij
access-control-expose-headers
cf-cache-status
DYNAMIC
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=d3DrwrzoRo3MsRnco6PQAn45Ha%2FVrnhMhL7oL8dBlbiWj6Q1pHGgHLQ4Yriu7uWteQh8ir0crtTyBSTcblR0S7MtRNSPHk%2BtgVaX0Ho05b6TgXP5E7kt%2BH9pPaR6jhYK"}],"group":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=27462&min_rtt=24334&rtt_var=9091&sent=11&recv=16&lost=0&retrans=0&sent_bytes=2683&recv_bytes=6157&delivery_rate=570&cwnd=12000&unsent_bytes=0&cid=85e5c3e806f4a085&ts=193&x=1", cfExtPri, cfHdrFlush;dur=0
date
Sat, 14 Dec 2024 15:34:36 GMT
content-type
text/plain; charset=utf-8
priority
u=1,i
cache-control
max-age=0, private, must-revalidate
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
access-control-allow-credentials
true
cf-ray
8f1f424f1cfb3699-LHR
access-control-allow-origin
*
content-length
2
server
cloudflare
event
plausible.top/api/ 		2 B
705 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://plausible.top/api/event
Requested by
Host: plausible.top
URL: https://plausible.top/js/script.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Content-Type
text/plain
Referer
https://timespj.xyz/

Response headers

x-request-id
GBEVDPNM9PnarX1H7CLB
access-control-expose-headers
cf-cache-status
DYNAMIC
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=6Urk1Pd35Mp1doGiSkAXycKZUb1t6mM03XFnRPScp3cYYp2hGsTpnrnBXYnHFBd1sEVJSnPU4GSgKNWzr5xpuWFZJEM3%2FfLr8zrrUCrdmbtNHo6ka7ry2zwtuAOQx8yo"}],"group":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=30016&min_rtt=24334&rtt_var=9534&sent=14&recv=18&lost=0&retrans=0&sent_bytes=4874&recv_bytes=6244&delivery_rate=50071&cwnd=12000&unsent_bytes=0&cid=85e5c3e806f4a085&ts=361&x=1", cfExtPri, cfHdrFlush;dur=0
date
Sat, 14 Dec 2024 15:34:36 GMT
content-type
text/plain; charset=utf-8
priority
u=1,i
cache-control
max-age=0, private, must-revalidate
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
access-control-allow-credentials
true
x-plausible-dropped
1
cf-ray
8f1f424f1cff3699-LHR
access-control-allow-origin
*
content-length
2
server
cloudflare
event
plausible.top/api/ 		2 B
708 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://plausible.top/api/event
Requested by
Host: plausible.top
URL: https://plausible.top/js/script.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Content-Type
text/plain
Referer
https://timespj.xyz/

Response headers

x-request-id
GBEVDPMteb-GnrhFFPRk
access-control-expose-headers
cf-cache-status
DYNAMIC
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=E3yb03KPVVhhx2EwbAoVfG3VIOcC9rTEOqAMoeRd2R92W0oqfbrMT8Nj0lbSVB3BCH34uqh%2BmCryPPzxKEe9M9kYvd1%2FztsB5euHhIow%2BJi7I6n6YbildLHRq7G5EerW"}],"group":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=30184&min_rtt=24334&rtt_var=12263&sent=12&recv=17&lost=0&retrans=0&sent_bytes=3428&recv_bytes=6201&delivery_rate=15128&cwnd=12000&unsent_bytes=0&cid=85e5c3e806f4a085&ts=327&x=1", cfExtPri, cfHdrFlush;dur=0
date
Sat, 14 Dec 2024 15:34:36 GMT
content-type
text/plain; charset=utf-8
priority
u=1,i
cache-control
max-age=0, private, must-revalidate
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
access-control-allow-credentials
true
x-plausible-dropped
1
cf-ray
8f1f424f1d013699-LHR
access-control-allow-origin
*
content-length
2
server
cloudflare
event
plausible.top/api/ 		2 B
692 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://plausible.top/api/event
Requested by
Host: plausible.top
URL: https://plausible.top/js/script.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Content-Type
text/plain
Referer
https://timespj.xyz/

Response headers

x-request-id
GBEVDPM0uX6wnC5GvA0j
access-control-expose-headers
cf-cache-status
DYNAMIC
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=puQrXftQXcRwhh4Fw%2BH4LCkKszgvJ3QazfKJxrmiIfXTpggFOCstKeYnP0YJnnkPFUdrHU5NSEHm4CCeEie4BsFnl4OKllnT7%2Fif1aok%2Bf6Y%2FkUKkwHoikqV8hyy00Cu"}],"group":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=30184&min_rtt=24334&rtt_var=12263&sent=13&recv=17&lost=0&retrans=0&sent_bytes=4159&recv_bytes=6201&delivery_rate=15128&cwnd=12000&unsent_bytes=0&cid=85e5c3e806f4a085&ts=332&x=1", cfExtPri, cfHdrFlush;dur=0
date
Sat, 14 Dec 2024 15:34:36 GMT
content-type
text/plain; charset=utf-8
priority
u=1,i
cache-control
max-age=0, private, must-revalidate
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
access-control-allow-credentials
true
cf-ray
8f1f424f1d083699-LHR
access-control-allow-origin
*
content-length
2
server
cloudflare
ewibhuijk.yyy.png
cdnmi.com/upload/ 		1 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdnmi.com/upload/ewibhuijk.yyy.png
Requested by
Host: timespj.xyz
URL: https://timespj.xyz/7o3thdbBTRGKpq2wAghtS/5288RGB_BXxVWnF7eQp7WwtQRwZdXyRHVzgAUlkABCM4WxVYGyg?_t=1734190475354jfltms
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d18877a3c627a2f0e778067169027fc4be66062cd75989de23d0cd2c141d9581

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://timespj.xyz/

Response headers

x-goog-metageneration
1
x-goog-hash
crc32c=YMQChg==, md5=c5bXWx8NHP1vW8MQvKAbQQ==
cf-cache-status
HIT
etag
"7396d75b1f0d1cfd6f5bc310bca01b41"
age
2992
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=tluENylxnbJao3PXJ5iY2MRIl%2Bk3h7K2GJBHVX5LpUQz35vH%2FrjgOdTaWwwTTUhR0o6sG7EjexJi6jZvV4GnpcnWBMOtjbzu4LL743XETvJh10nztgX64einkZQ%3D"}],"group":"cf-nel","max_age":604800}
x-goog-stored-content-encoding
identity
expires
Sat, 14 Dec 2024 15:44:44 GMT
alt-svc
h3=":443"; ma=86400
x-goog-stored-content-length
1033
server-timing
cfL4;desc="?proto=QUIC&rtt=24514&min_rtt=24235&rtt_var=5381&sent=20&recv=11&lost=0&retrans=0&sent_bytes=16109&recv_bytes=5093&delivery_rate=23446&cwnd=12000&unsent_bytes=0&cid=b0634affd5be6427&ts=68&x=1", cfExtPri, cfHdrFlush;dur=22
date
Sat, 14 Dec 2024 15:34:36 GMT
content-type
image/png
last-modified
Sun, 09 Jul 2023 19:52:18 GMT
vary
Accept-Encoding
priority
u=1,i
x-guploader-uploadid
ACJd0NpFK15UWBpyHm_qdpK4sVC05CsmQ36eS0f-qnVJjxTFFPMX0QFBNRkBeZDjUOe5_SGeBTE
cache-control
public, max-age=14400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-goog-storage-class
STANDARD
cf-ray
8f1f42500fa763ce-LHR
accept-ranges
bytes
x-goog-generation
1688932338062926
content-length
1033
server
cloudflare
ewibhuijk.zzz.png
cdnmi.com/upload/ 		10 KB
11 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdnmi.com/upload/ewibhuijk.zzz.png
Requested by
Host: timespj.xyz
URL: https://timespj.xyz/7o3thdbBTRGKpq2wAghtS/5288RGB_BXxVWnF7eQp7WwtQRwZdXyRHVzgAUlkABCM4WxVYGyg?_t=1734190475354jfltms
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d4a57e8889ae0338d9330e0f8fa7e7aeb33d5e3fe91c53d5eb31280d2d780a4c

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://timespj.xyz/

Response headers

x-goog-metageneration
1
x-goog-hash
crc32c=0jlIhA==, md5=1seaNQR25JrtH1MqHy0I6w==
cf-cache-status
HIT
etag
"d6c79a350476e49aed1f532a1f2d08eb"
age
2992
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=ai0SpymcMuvPMjCvEHfdHQmm8uvVvIZ8iDF%2BkS8Or7anjOyPFtCqFrIXKRQyK3E56bbVWz85f7WjWhMupiyS%2BUEC2HKd85Ab5FUGLG%2BSyaBQhQZbynCn81qqJRY%3D"}],"group":"cf-nel","max_age":604800}
x-goog-stored-content-encoding
identity
expires
Sat, 14 Dec 2024 15:44:44 GMT
alt-svc
h3=":443"; ma=86400
x-goog-stored-content-length
10686
server-timing
cfL4;desc="?proto=QUIC&rtt=24514&min_rtt=24235&rtt_var=5381&sent=20&recv=11&lost=0&retrans=0&sent_bytes=16109&recv_bytes=5093&delivery_rate=23446&cwnd=12000&unsent_bytes=0&cid=b0634affd5be6427&ts=76&x=1", cfExtPri, cfHdrFlush;dur=14
date
Sat, 14 Dec 2024 15:34:36 GMT
content-type
image/png
last-modified
Sun, 09 Jul 2023 19:53:09 GMT
vary
Accept-Encoding
priority
u=1,i
x-guploader-uploadid
AHxI1nPuU6uMDAJcsGMKJX8MI2dl-G3co5kA45yIHwmvFib6H4KgJ5VXzN38E61UxVM9O4RqITA
cache-control
public, max-age=14400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-goog-storage-class
STANDARD
cf-ray
8f1f42500fab63ce-LHR
accept-ranges
bytes
x-goog-generation
1688932389336203
content-length
10686
server
cloudflare
ewibhuijk.zhu.jpg
cdnmi.com/upload/ 		63 KB
64 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdnmi.com/upload/ewibhuijk.zhu.jpg
Requested by
Host: timespj.xyz
URL: https://timespj.xyz/7o3thdbBTRGKpq2wAghtS/5288RGB_BXxVWnF7eQp7WwtQRwZdXyRHVzgAUlkABCM4WxVYGyg?_t=1734190475354jfltms
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
011099a6f1aa9ed30ad96ae35bbdc7d299c3f2712e39ccc2ee15146d027732bd

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://timespj.xyz/

Response headers

x-goog-metageneration
1
x-goog-hash
crc32c=fo84Gw==, md5=lSgnR0Q8SbyN3QmJR2e/Xg==
cf-cache-status
HIT
etag
"95282747443c49bc8ddd09894767bf5e"
age
2992
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=uqUO%2BDXa1%2FIMydVXfGxqD%2F1%2BrD90qmLqHMkfNn8i5ik%2BiokUvb2SfMHk9%2BvXItOyEy6Gdm0%2F%2FCqKgFJcUW%2FVgarYsrrGc2389rPLpJKtB9jIw3CGimLuKBfdPbc%3D"}],"group":"cf-nel","max_age":604800}
x-goog-stored-content-encoding
identity
expires
Sat, 14 Dec 2024 15:44:44 GMT
alt-svc
h3=":443"; ma=86400
x-goog-stored-content-length
64720
server-timing
cfL4;desc="?proto=QUIC&rtt=24514&min_rtt=24235&rtt_var=5381&sent=10&recv=11&lost=0&retrans=0&sent_bytes=4109&recv_bytes=5093&delivery_rate=23446&cwnd=12000&unsent_bytes=0&cid=b0634affd5be6427&ts=65&x=1", cfExtPri, cfHdrFlush;dur=0
date
Sat, 14 Dec 2024 15:34:36 GMT
content-type
image/jpeg
last-modified
Sun, 09 Jul 2023 19:52:16 GMT
vary
Accept-Encoding
priority
u=1,i
x-guploader-uploadid
AFiumC5AParZbvcGLZTuDJXVqlUJGpQ1PgBxq8KMJOQGo7CL68l-a4tgqgvK_f6s4YQL0R2Sydo
cache-control
public, max-age=14400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-goog-storage-class
STANDARD
cf-ray
8f1f42500faf63ce-LHR
accept-ranges
bytes
x-goog-generation
1688932335965823
content-length
64720
server
cloudflare
nn8.jpg
263cdn.com/upload/ 		11 KB
12 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://263cdn.com/upload/nn8.jpg
Requested by
Host: timespj.xyz
URL: https://timespj.xyz/7o3thdbBTRGKpq2wAghtS/5288RGB_BXxVWnF7eQp7WwtQRwZdXyRHVzgAUlkABCM4WxVYGyg?_t=1734190475354jfltms
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.21.235.143 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
78a94000c5a25a191ff9b1a74459709322cfc8a644a1044fa23e70dcf1631cf0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://timespj.xyz/

Response headers

x-goog-metageneration
1
x-goog-hash
crc32c=ir9zUw==, md5=PBNiWcrfYWmgU59zq7M00g==
cf-cache-status
HIT
etag
"3c136259cadf6169a0539f73abb334d2"
age
517
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=msf1XBzdvtQ9DGgL9n9TGLKi3KtqKNT%2Fj%2Bn0Y4gWuNlV0yF2%2Fk6%2BFLCpHnAWXIun7ohEXpOUqWDMk%2BSGo1nao00PbbdTU4H09fq43MGXY87DVZH%2FwZltbUIcmyyG"}],"group":"cf-nel","max_age":604800}
x-goog-stored-content-encoding
identity
expires
Sat, 14 Dec 2024 16:25:59 GMT
alt-svc
h3=":443"; ma=86400
x-goog-stored-content-length
10772
server-timing
cfL4;desc="?proto=QUIC&rtt=25681&min_rtt=25600&rtt_var=9657&sent=10&recv=13&lost=0&retrans=0&sent_bytes=3991&recv_bytes=6347&delivery_rate=100918&cwnd=12000&unsent_bytes=0&cid=9a69ecf6037e9959&ts=57&x=1", cfExtPri, cfHdrFlush;dur=0
date
Sat, 14 Dec 2024 15:34:36 GMT
content-type
image/jpeg
last-modified
Wed, 15 Jun 2022 21:58:23 GMT
vary
Accept-Encoding
priority
u=1,i
x-guploader-uploadid
ABPtcPp1SyPHpCGsebHcbzEVvDXvh30yO2Gw1QLbClkCZEfYtVzc0eDpdqEhDv-C9hB-7u-Zr7oM-3GkYQ
cache-control
public, max-age=14400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-goog-storage-class
STANDARD
cf-ray
8f1f42501ed8954d-LHR
accept-ranges
bytes
x-goog-generation
1655330303647217
content-length
10772
server
cloudflare
nn3.jpg
263cdn.com/upload/ 		8 KB
9 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://263cdn.com/upload/nn3.jpg
Requested by
Host: timespj.xyz
URL: https://timespj.xyz/7o3thdbBTRGKpq2wAghtS/5288RGB_BXxVWnF7eQp7WwtQRwZdXyRHVzgAUlkABCM4WxVYGyg?_t=1734190475354jfltms
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.21.235.143 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4c29eceb9257db113ca4806fcd6b442a08bb141804596433cfb7e70ed25db348

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://timespj.xyz/

Response headers

x-goog-metageneration
1
x-goog-hash
crc32c=Cy5reQ==, md5=JkrD+E5ZdkDpD30/3HuZ9A==
cf-cache-status
HIT
etag
"264ac3f84e597640e90f7d3fdc7b99f4"
age
517
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Q5jGDownNeyuLYT8TAk5Vc373%2FUQH3kiUK0glDRUrHUIlLyTa6nEXXdcQUNls5ePPkzTRo%2Flf5hBWZNtWlenzRVy6%2FcCdnQipDCAUUvljB1ROfMpLUVgaD%2BwHlAr"}],"group":"cf-nel","max_age":604800}
x-goog-stored-content-encoding
identity
expires
Sat, 14 Dec 2024 16:25:59 GMT
alt-svc
h3=":443"; ma=86400
x-goog-stored-content-length
7999
server-timing
cfL4;desc="?proto=QUIC&rtt=25681&min_rtt=25600&rtt_var=9657&sent=20&recv=13&lost=0&retrans=0&sent_bytes=15408&recv_bytes=6347&delivery_rate=100918&cwnd=12000&unsent_bytes=0&cid=9a69ecf6037e9959&ts=61&x=1", cfExtPri, cfHdrFlush;dur=22
date
Sat, 14 Dec 2024 15:34:36 GMT
content-type
image/jpeg
last-modified
Wed, 15 Jun 2022 21:58:23 GMT
vary
Accept-Encoding
priority
u=1,i
x-guploader-uploadid
ACJd0NoNszVAbTa9uWg_rYeWrrw3mxYpjgt4rBC3m4rwFB074l5HBMIxo8_S37utYqrTiJ18rQ
cache-control
public, max-age=14400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-goog-storage-class
STANDARD
cf-ray
8f1f42501eda954d-LHR
accept-ranges
bytes
x-goog-generation
1655330303269583
content-length
7999
server
cloudflare
nn10.jpg
263cdn.com/upload/ 		11 KB
12 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://263cdn.com/upload/nn10.jpg
Requested by
Host: timespj.xyz
URL: https://timespj.xyz/7o3thdbBTRGKpq2wAghtS/5288RGB_BXxVWnF7eQp7WwtQRwZdXyRHVzgAUlkABCM4WxVYGyg?_t=1734190475354jfltms
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.21.235.143 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c1d0b7262599f09805fa21ea68641eaa6510897e025776602642cdf4339e23db

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://timespj.xyz/

Response headers

x-goog-metageneration
1
x-goog-hash
crc32c=cqslAQ==, md5=w1zvtN+pjIviN2+ymG4eSA==
cf-cache-status
HIT
etag
"c35cefb4dfa98c8be2376fb2986e1e48"
age
41
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=WfECn7c5s6VfK%2BhuF%2B8TX9D5YoFRKBXF6OHxOBsQJURC%2F%2BqHD9DHkKnKcEEM%2Fs5wbhtgkIqcGu49VKnHEs9JWS4chcuqccLqlmM2elLW%2FfNW%2B1XEhewfNJFSZu4j"}],"group":"cf-nel","max_age":604800}
x-goog-stored-content-encoding
identity
expires
Sat, 14 Dec 2024 16:32:42 GMT
alt-svc
h3=":443"; ma=86400
x-goog-stored-content-length
10783
server-timing
cfL4;desc="?proto=QUIC&rtt=25681&min_rtt=25600&rtt_var=9657&sent=20&recv=13&lost=0&retrans=0&sent_bytes=15408&recv_bytes=6347&delivery_rate=100918&cwnd=12000&unsent_bytes=0&cid=9a69ecf6037e9959&ts=65&x=1", cfExtPri, cfHdrFlush;dur=18
date
Sat, 14 Dec 2024 15:34:36 GMT
content-type
image/jpeg
last-modified
Wed, 15 Jun 2022 21:58:23 GMT
vary
Accept-Encoding
priority
u=1,i
x-guploader-uploadid
ABPtcPqq2Kv5x1SWdy-0YhApLxOQg-_3AGKPBWQMbh3LAy6rCusC0OQSUGu4AoKpIuwKmIcVSEW4jluHuA
cache-control
public, max-age=14400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-goog-storage-class
STANDARD
cf-ray
8f1f42501ed3954d-LHR
accept-ranges
bytes
x-goog-generation
1655330303000817
content-length
10783
server
cloudflare
nn6.jpg
263cdn.com/upload/ 		16 KB
17 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://263cdn.com/upload/nn6.jpg
Requested by
Host: timespj.xyz
URL: https://timespj.xyz/7o3thdbBTRGKpq2wAghtS/5288RGB_BXxVWnF7eQp7WwtQRwZdXyRHVzgAUlkABCM4WxVYGyg?_t=1734190475354jfltms
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.21.235.143 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
fb6178eaca33cf2b22398d65e6502e76db11cdd06a4563d5c0f93242ab062cda

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://timespj.xyz/

Response headers

x-goog-metageneration
1
x-goog-hash
crc32c=YBEj/A==, md5=HOpCFL0zLeudvXtcz9vYUg==
cf-cache-status
HIT
etag
"1cea4214bd332deb9dbd7b5ccfdbd852"
age
2992
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=StBlHVLqNF0qGtSdJlXMMnyror15TyC8dhBKICyoV8JeDmDlNsp8ApuQWkZo3Tw5PQSPMVxS3R%2FBMvTbr%2BeetqZmbQnigD7Yfgfla8brS6dOSsF2nw43nVi4o9IV"}],"group":"cf-nel","max_age":604800}
x-goog-stored-content-encoding
identity
expires
Sat, 14 Dec 2024 14:55:57 GMT
alt-svc
h3=":443"; ma=86400
x-goog-stored-content-length
16136
server-timing
cfL4;desc="?proto=QUIC&rtt=25681&min_rtt=25600&rtt_var=9657&sent=10&recv=13&lost=0&retrans=0&sent_bytes=3991&recv_bytes=6347&delivery_rate=100918&cwnd=12000&unsent_bytes=0&cid=9a69ecf6037e9959&ts=57&x=1", cfExtPri, cfHdrFlush;dur=48
date
Sat, 14 Dec 2024 15:34:36 GMT
content-type
image/jpeg
last-modified
Wed, 15 Jun 2022 21:58:23 GMT
vary
Accept-Encoding
priority
u=1,i
x-guploader-uploadid
ABPtcPpPz4lyhEBF7u-zxWAGK4G8sm9oP03N4tC_dc07HuuevSnWD8EjjP4FssVdwOdKGuoxynP11xh0ug
cache-control
public, max-age=14400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-goog-storage-class
STANDARD
cf-ray
8f1f42501ee7954d-LHR
accept-ranges
bytes
x-goog-generation
1655330303530737
content-length
16136
server
cloudflare
nn7.jpg
263cdn.com/upload/ 		13 KB
14 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://263cdn.com/upload/nn7.jpg
Requested by
Host: timespj.xyz
URL: https://timespj.xyz/7o3thdbBTRGKpq2wAghtS/5288RGB_BXxVWnF7eQp7WwtQRwZdXyRHVzgAUlkABCM4WxVYGyg?_t=1734190475354jfltms
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.21.235.143 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
585c01023a199b34e7596e6a842f59f306fda0686f5b001eb2f0f6d1f3f52dcf

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://timespj.xyz/

Response headers

x-goog-metageneration
1
x-goog-hash
crc32c=HyQXEQ==, md5=jCpmv1SbO9dMKz9ZdOYFFA==
cf-cache-status
HIT
etag
"8c2a66bf549b3bd74c2b3f5974e60514"
age
2992
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=QBW6%2FQFUGJG%2BrXmC0l6LjHFymO4AHWA0wpK02erF6E1L%2BJJ%2B3Fdol0wggp1%2FWoefu%2BZ2%2BiXcfwrND%2FHrzatzGE9r%2Boc8XP28P89S%2FVqDzBiNZbKPlEo0JclBPrLm"}],"group":"cf-nel","max_age":604800}
x-goog-stored-content-encoding
identity
expires
Sat, 14 Dec 2024 15:44:44 GMT
alt-svc
h3=":443"; ma=86400
x-goog-stored-content-length
13809
server-timing
cfL4;desc="?proto=QUIC&rtt=25476&min_rtt=24771&rtt_var=5785&sent=21&recv=15&lost=0&retrans=0&sent_bytes=15991&recv_bytes=6437&delivery_rate=23535&cwnd=12000&unsent_bytes=0&cid=9a69ecf6037e9959&ts=70&x=1", cfExtPri, cfHdrFlush;dur=13
date
Sat, 14 Dec 2024 15:34:36 GMT
content-type
image/jpeg
last-modified
Wed, 15 Jun 2022 21:58:23 GMT
vary
Accept-Encoding
priority
u=1,i
x-guploader-uploadid
ABPtcPqkki-PtsXlBAemnxQjVOCctsAmrQkksrpwzgsjtwShFqCNjUgpDaHzSKwkpk8q1IeuYOA
cache-control
public, max-age=14400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-goog-storage-class
STANDARD
cf-ray
8f1f42501ed6954d-LHR
accept-ranges
bytes
x-goog-generation
1655330303646247
content-length
13809
server
cloudflare
nn2.jpg
263cdn.com/upload/ 		14 KB
15 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://263cdn.com/upload/nn2.jpg
Requested by
Host: timespj.xyz
URL: https://timespj.xyz/7o3thdbBTRGKpq2wAghtS/5288RGB_BXxVWnF7eQp7WwtQRwZdXyRHVzgAUlkABCM4WxVYGyg?_t=1734190475354jfltms
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.21.235.143 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9631c2318d3f38169166bfe0e803fb1a358580d5f0a1cda53759efb0cfcfbdea

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://timespj.xyz/

Response headers

x-goog-metageneration
1
x-goog-hash
crc32c=ZDXq/Q==, md5=DCz1VPyFO7FfgwxeHfJXwA==
cf-cache-status
HIT
etag
"0c2cf554fc853bb15f830c5e1df257c0"
age
2992
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=uqk4P8qLchoaJfw2ep3OzcAJqB%2BBLyphQ43M6hF7nhBbZPjE3rUvUH%2FWWSkvzYlb%2F8qtd2WrjtnayvIrGDWZ2j3CBUJDBvzpFaxyA2KmcZa%2BFp3PfqtxjWvV7UwM"}],"group":"cf-nel","max_age":604800}
x-goog-stored-content-encoding
identity
expires
Sat, 14 Dec 2024 15:44:44 GMT
alt-svc
h3=":443"; ma=86400
x-goog-stored-content-length
14832
server-timing
cfL4;desc="?proto=QUIC&rtt=25681&min_rtt=25600&rtt_var=9657&sent=20&recv=13&lost=0&retrans=0&sent_bytes=15408&recv_bytes=6347&delivery_rate=100918&cwnd=12000&unsent_bytes=0&cid=9a69ecf6037e9959&ts=60&x=1", cfExtPri, cfHdrFlush;dur=23
date
Sat, 14 Dec 2024 15:34:36 GMT
content-type
image/jpeg
last-modified
Wed, 15 Jun 2022 21:58:23 GMT
vary
Accept-Encoding
priority
u=1,i
x-guploader-uploadid
ACJd0Nrrh5PG80CpEQVOn4BRO6nFyRCXVJxMm91iLjuxByNtHZAq9lQfUwJMbaJRO1TLxvRcceuMlRkTlQ
cache-control
public, max-age=14400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-goog-storage-class
STANDARD
cf-ray
8f1f42501ee0954d-LHR
accept-ranges
bytes
x-goog-generation
1655330303143698
content-length
14832
server
cloudflare
nn9.jpg
263cdn.com/upload/ 		15 KB
16 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://263cdn.com/upload/nn9.jpg
Requested by
Host: timespj.xyz
URL: https://timespj.xyz/7o3thdbBTRGKpq2wAghtS/5288RGB_BXxVWnF7eQp7WwtQRwZdXyRHVzgAUlkABCM4WxVYGyg?_t=1734190475354jfltms
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.21.235.143 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
780342faffe29e503072536011f7d7c4b6f5e30c6d594a41602bbd9213c23223

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://timespj.xyz/

Response headers

x-goog-metageneration
1
x-goog-hash
crc32c=he1asw==, md5=wVhHHyrU1clo1tsugoReqQ==
cf-cache-status
HIT
etag
"c158471f2ad4d5c968d6db2e82845ea9"
age
2992
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=i3Si%2FfD5BxoP9woOD7xfRV10g7M%2Bd5gb0DR%2B0%2B8oJXz0F8vc%2B1m3J10HNkoAPXI7fJDy96TajppOswSDPX36RLoOfAmPyTggVl1vUiHOMCUi2%2F5y1GDVVpMpaUdr"}],"group":"cf-nel","max_age":604800}
x-goog-stored-content-encoding
identity
expires
Sat, 14 Dec 2024 15:44:44 GMT
alt-svc
h3=":443"; ma=86400
x-goog-stored-content-length
15622
server-timing
cfL4;desc="?proto=QUIC&rtt=25476&min_rtt=24771&rtt_var=5785&sent=21&recv=15&lost=0&retrans=0&sent_bytes=15991&recv_bytes=6437&delivery_rate=23535&cwnd=12000&unsent_bytes=0&cid=9a69ecf6037e9959&ts=66&x=1", cfExtPri, cfHdrFlush;dur=17
date
Sat, 14 Dec 2024 15:34:36 GMT
content-type
image/jpeg
last-modified
Wed, 15 Jun 2022 21:58:23 GMT
vary
Accept-Encoding
priority
u=1,i
x-guploader-uploadid
AD-8ljv-Xsc1SI-KXsRkkN1KBbZc5bUzp5wS_juZ3pMi1OAakAdvDyYBZlk7ldJrqIZ413BBPryPfFM99A
cache-control
public, max-age=14400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-goog-storage-class
STANDARD
cf-ray
8f1f42501ee5954d-LHR
accept-ranges
bytes
x-goog-generation
1655330303643824
content-length
15622
server
cloudflare
nn4.jpg
263cdn.com/upload/ 		9 KB
10 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://263cdn.com/upload/nn4.jpg
Requested by
Host: timespj.xyz
URL: https://timespj.xyz/7o3thdbBTRGKpq2wAghtS/5288RGB_BXxVWnF7eQp7WwtQRwZdXyRHVzgAUlkABCM4WxVYGyg?_t=1734190475354jfltms
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.21.235.143 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f33ca4946f2c25b8756a89a3d55a26291f0cb5582e0d696d6ddb5095bd24b355

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://timespj.xyz/

Response headers

x-goog-metageneration
1
x-goog-hash
crc32c=flpD5w==, md5=9BvpBkYrRP3KmMJ6CsXpBw==
cf-cache-status
HIT
etag
"f41be906462b44fdca98c27a0ac5e907"
age
2992
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Iiy1iQ3Fp7D5R6FfT5skeRT%2BG23oR0ne3vlRLMeFxZiG79idPXCqh6mt6gxDIEFIv9HcLQiMgHBtQEz6Q3fdH5DTNOZWN0HYn2Pm4ZuGFIouoyWUm1AnBRSEXbMm"}],"group":"cf-nel","max_age":604800}
x-goog-stored-content-encoding
identity
expires
Sat, 14 Dec 2024 15:44:44 GMT
alt-svc
h3=":443"; ma=86400
x-goog-stored-content-length
9360
server-timing
cfL4;desc="?proto=QUIC&rtt=28409&min_rtt=24771&rtt_var=3671&sent=71&recv=33&lost=0&retrans=0&sent_bytes=72108&recv_bytes=8080&delivery_rate=531369&cwnd=34500&unsent_bytes=0&cid=9a69ecf6037e9959&ts=116&x=1", cfExtPri, cfHdrFlush;dur=0
date
Sat, 14 Dec 2024 15:34:36 GMT
content-type
image/jpeg
last-modified
Wed, 15 Jun 2022 21:58:23 GMT
vary
Accept-Encoding
priority
u=3,i
x-guploader-uploadid
AFiumC66yYr07SjtjwJqMKQZ60e2Y5DXdcPDCg9fwWMt3q57RU8XxC7Ge--fWl_84D7Jn8sAALg
cache-control
public, max-age=14400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-goog-storage-class
STANDARD
cf-ray
8f1f42508f65954d-LHR
accept-ranges
bytes
x-goog-generation
1655330303548892
content-length
9360
server
cloudflare
nn5.jpg
263cdn.com/upload/ 		7 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://263cdn.com/upload/nn5.jpg
Requested by
Host: timespj.xyz
URL: https://timespj.xyz/7o3thdbBTRGKpq2wAghtS/5288RGB_BXxVWnF7eQp7WwtQRwZdXyRHVzgAUlkABCM4WxVYGyg?_t=1734190475354jfltms
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.21.235.143 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
318d7e0eabbabfc59a21ac9b6f026c6f72af09b7c80a5b5fc7eab5795bec6b7d

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://timespj.xyz/

Response headers

x-goog-metageneration
1
x-goog-hash
crc32c=gLlGFA==, md5=yxKnRp3sM9MTUywEO1rQ0Q==
cf-cache-status
HIT
etag
"cb12a7469dec33d313532c043b5ad0d1"
age
2992
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=ZWGwCGvKBXvaHjLG%2BkiXQ11ftU1kJGDXG7SMeZaebT0GJ3g5jHhEWwiegcBDKmnjXcDs6K7%2FnE2OvrbVgs42WLzO2XVXldvjoY%2BomV%2Bm9BDa4p75yfDOpQBEvrD4"}],"group":"cf-nel","max_age":604800}
x-goog-stored-content-encoding
identity
expires
Sat, 14 Dec 2024 15:44:44 GMT
alt-svc
h3=":443"; ma=86400
x-goog-stored-content-length
7430
server-timing
cfL4;desc="?proto=QUIC&rtt=28409&min_rtt=24771&rtt_var=3671&sent=71&recv=33&lost=0&retrans=0&sent_bytes=72108&recv_bytes=8080&delivery_rate=531369&cwnd=34500&unsent_bytes=0&cid=9a69ecf6037e9959&ts=119&x=1", cfExtPri, cfHdrFlush;dur=15
date
Sat, 14 Dec 2024 15:34:36 GMT
content-type
image/jpeg
last-modified
Wed, 15 Jun 2022 21:58:23 GMT
vary
Accept-Encoding
priority
u=3,i
x-guploader-uploadid
ABPtcPqnO__G632MxFuOr3t91dgIdsKEDAXmc5xl061ob7lC_HsOKNBzStU5XID0hbUQIGmuNBU
cache-control
public, max-age=14400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-goog-storage-class
STANDARD
cf-ray
8f1f42508f66954d-LHR
accept-ranges
bytes
x-goog-generation
1655330303527128
content-length
7430
server
cloudflare
nn1.jpg
263cdn.com/upload/ 		7 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://263cdn.com/upload/nn1.jpg
Requested by
Host: timespj.xyz
URL: https://timespj.xyz/7o3thdbBTRGKpq2wAghtS/5288RGB_BXxVWnF7eQp7WwtQRwZdXyRHVzgAUlkABCM4WxVYGyg?_t=1734190475354jfltms
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.21.235.143 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f46fe7894b2838f194ddf75cefd563e05227a69e2aba543983feb8d6d2da2c57

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://timespj.xyz/

Response headers

x-goog-metageneration
1
x-goog-hash
crc32c=TxY71A==, md5=BdSErDfv/oKq8v61DSBLCA==
cf-cache-status
HIT
etag
"05d484ac37effe82aaf2feb50d204b08"
age
2992
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=exMLoCRJB6ZDvTH7E9hv9XfQHbTpHPWVY3X0F%2BOVMDHI48gf57in3MsNvIpFCaD0My7OEQB6kaTXlmjHUC0vJ2VXeAz57WLkfR%2FeTxBMQJoAMyB5pu%2B4KlU4P%2FYM"}],"group":"cf-nel","max_age":604800}
x-goog-stored-content-encoding
identity
expires
Sat, 14 Dec 2024 14:57:45 GMT
alt-svc
h3=":443"; ma=86400
x-goog-stored-content-length
7195
server-timing
cfL4;desc="?proto=QUIC&rtt=28409&min_rtt=24771&rtt_var=3671&sent=71&recv=33&lost=0&retrans=0&sent_bytes=72108&recv_bytes=8080&delivery_rate=531369&cwnd=34500&unsent_bytes=0&cid=9a69ecf6037e9959&ts=121&x=1", cfExtPri, cfHdrFlush;dur=13
date
Sat, 14 Dec 2024 15:34:36 GMT
content-type
image/jpeg
last-modified
Wed, 15 Jun 2022 21:58:23 GMT
vary
Accept-Encoding
priority
u=3,i
x-guploader-uploadid
AHmUCY2Xx7OoUThYkaHaSn55scc2YWXvdcRbNfdiBQAwSW6iX85IakT4HjAUuVGToFgbMGIf7cOheMmavg
cache-control
public, max-age=14400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-goog-storage-class
STANDARD
cf-ray
8f1f42508f69954d-LHR
accept-ranges
bytes
x-goog-generation
1655330302967417
content-length
7195
server
cloudflare
truncated
/ 		43 KB
43 KB 		Font
General
Check archive.org
Download Go to
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
ddd4ef7f97f4361b60841d59753218a57134b0f99f5b46a9612234f1c2733ab0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin
https://timespj.xyz
Referer

Response headers

Content-Type
font/woff2
truncated
/ 		43 KB
43 KB 		Font
General
Check archive.org
Download Go to
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
267eef3001852f3fb5fa919e9ecaf8885ed9232e08dfa9b6e3a8547ebfd47907

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin
https://timespj.xyz
Referer

Response headers

Content-Type
font/woff2
hm.gif
hm.baidu.com/ 		43 B
299 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://hm.baidu.com/hm.gif?hca=222099233EE13B9E&cc=1&ck=1&cl=24-bit&ds=1600x1200&vl=1200&et=0&ja=0&ln=en-gb&lo=0&rnd=1421368983&si=8ad529876e2c64c9858bdab280259a66&su=https%3A%2F%2Fstationeryformidable.top%2F&v=1.3.2&lv=1&sn=3308&r=0&ww=1600&u=https%3A%2F%2Ftimespj.xyz%2F7o3thdbBTRGKpq2wAghtS%2F5288RGB_BXxVWnF7eQp7WwtQRwZdXyRHVzgAUlkABCM4WxVYGyg%3F_t%3D1734190475354jfltms%23
Requested by
Host: timespj.xyz
URL: https://timespj.xyz/7o3thdbBTRGKpq2wAghtS/5288RGB_BXxVWnF7eQp7WwtQRwZdXyRHVzgAUlkABCM4WxVYGyg?_t=1734190475354jfltms
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
14.215.182.140 Guangzhou, China, ASN4134 (CHINANET-BACKBONE No.31,Jin-rong Street, CN),
Reverse DNS
Software
apache /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
Security Headers
Name Value
Strict-Transport-Security max-age=172800
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://timespj.xyz/

Response headers

Strict-Transport-Security
max-age=172800
Cache-Control
private, max-age=0, no-cache
Pragma
no-cache
X-Content-Type-Options
nosniff
Content-Length
43
Date
Sat, 14 Dec 2024 15:34:37 GMT
Content-Type
image/gif
Server
apache
hm.gif
hm.baidu.com/ 		43 B
299 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://hm.baidu.com/hm.gif?hca=222099233EE13B9E&cc=1&ck=1&cl=24-bit&ds=1600x1200&vl=1200&et=0&ja=0&ln=en-gb&lo=0&rnd=518998723&si=284fccd025e62704a61082e607e5d5f8&su=https%3A%2F%2Fstationeryformidable.top%2F&v=1.3.2&lv=1&sn=3308&r=0&ww=1600&u=https%3A%2F%2Ftimespj.xyz%2F7o3thdbBTRGKpq2wAghtS%2F5288RGB_BXxVWnF7eQp7WwtQRwZdXyRHVzgAUlkABCM4WxVYGyg%3F_t%3D1734190475354jfltms%23
Requested by
Host: timespj.xyz
URL: https://timespj.xyz/7o3thdbBTRGKpq2wAghtS/5288RGB_BXxVWnF7eQp7WwtQRwZdXyRHVzgAUlkABCM4WxVYGyg?_t=1734190475354jfltms
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
14.215.182.140 Guangzhou, China, ASN4134 (CHINANET-BACKBONE No.31,Jin-rong Street, CN),
Reverse DNS
Software
apache /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
Security Headers
Name Value
Strict-Transport-Security max-age=172800
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://timespj.xyz/

Response headers

Strict-Transport-Security
max-age=172800
Cache-Control
private, max-age=0, no-cache
Pragma
no-cache
X-Content-Type-Options
nosniff
Content-Length
43
Date
Sat, 14 Dec 2024 15:34:37 GMT
Content-Type
image/gif
Server
apache
hm.gif
hm.baidu.com/ 		43 B
299 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://hm.baidu.com/hm.gif?hca=222099233EE13B9E&cc=1&ck=1&cl=24-bit&ds=1600x1200&vl=1200&et=0&ja=0&ln=en-gb&lo=0&rnd=14686745&si=c42f92ad140c953c620b87fd6d13a5d8&su=https%3A%2F%2Fstationeryformidable.top%2F&v=1.3.2&lv=1&sn=3308&r=0&ww=1600&u=https%3A%2F%2Ftimespj.xyz%2F7o3thdbBTRGKpq2wAghtS%2F5288RGB_BXxVWnF7eQp7WwtQRwZdXyRHVzgAUlkABCM4WxVYGyg%3F_t%3D1734190475354jfltms%23
Requested by
Host: timespj.xyz
URL: https://timespj.xyz/7o3thdbBTRGKpq2wAghtS/5288RGB_BXxVWnF7eQp7WwtQRwZdXyRHVzgAUlkABCM4WxVYGyg?_t=1734190475354jfltms
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
14.215.182.140 Guangzhou, China, ASN4134 (CHINANET-BACKBONE No.31,Jin-rong Street, CN),
Reverse DNS
Software
apache /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
Security Headers
Name Value
Strict-Transport-Security max-age=172800
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://timespj.xyz/

Response headers

Strict-Transport-Security
max-age=172800
Cache-Control
private, max-age=0, no-cache
Pragma
no-cache
X-Content-Type-Options
nosniff
Content-Length
43
Date
Sat, 14 Dec 2024 15:34:37 GMT
Content-Type
image/gif
Server
apache
hm.gif
hm.baidu.com/ 		43 B
299 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://hm.baidu.com/hm.gif?hca=222099233EE13B9E&cc=1&ck=1&cl=24-bit&ds=1600x1200&vl=1200&et=0&ja=0&ln=en-gb&lo=0&rnd=750722980&si=c5f7d15f2bf0dd6c4bde04b74482d9aa&su=https%3A%2F%2Fstationeryformidable.top%2F&v=1.3.2&lv=1&sn=3308&r=0&ww=1600&u=https%3A%2F%2Ftimespj.xyz%2F7o3thdbBTRGKpq2wAghtS%2F5288RGB_BXxVWnF7eQp7WwtQRwZdXyRHVzgAUlkABCM4WxVYGyg%3F_t%3D1734190475354jfltms%23
Requested by
Host: timespj.xyz
URL: https://timespj.xyz/7o3thdbBTRGKpq2wAghtS/5288RGB_BXxVWnF7eQp7WwtQRwZdXyRHVzgAUlkABCM4WxVYGyg?_t=1734190475354jfltms
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
14.215.182.140 Guangzhou, China, ASN4134 (CHINANET-BACKBONE No.31,Jin-rong Street, CN),
Reverse DNS
Software
apache /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
Security Headers
Name Value
Strict-Transport-Security max-age=172800
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://timespj.xyz/

Response headers

Strict-Transport-Security
max-age=172800
Cache-Control
private, max-age=0, no-cache
Pragma
no-cache
X-Content-Type-Options
nosniff
Content-Length
43
Date
Sat, 14 Dec 2024 15:34:38 GMT
Content-Type
image/gif
Server
apache
logo.svg
timespj.xyz/ 		54 B
820 B 		Other
General
Check archive.org
Download Go to
Full URL
https://timespj.xyz/logo.svg
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e6ee301985163642e8513b28e4779c16d75d3b5fb6436cd84050bffac021b56c

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://timespj.xyz/7o3thdbBTRGKpq2wAghtS/5288RGB_BXxVWnF7eQp7WwtQRwZdXyRHVzgAUlkABCM4WxVYGyg?_t=1734190475354jfltms

Response headers

content-encoding
zstd
cf-cache-status
HIT
age
4684
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=GDL7FVGqq44a6wDA10Meh%2FaQOVWEmEDewwbpMFJ9%2BP2NUrURBfoi23EuPWCk9tWqrlaGa%2F6ax2Ut3LZHHn6uYhFz7DdOicQLbnVcDruOtlPO4HP2IQ%2B4KLKfX%2FVP6g%3D%3D"}],"group":"cf-nel","max_age":604800}
access-control-allow-methods
POST,GET,OPTIONS
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=25239&min_rtt=23980&rtt_var=620&sent=322&recv=85&lost=0&retrans=0&sent_bytes=354747&recv_bytes=9120&delivery_rate=33042&cwnd=108000&unsent_bytes=0&cid=d3e5862c79b54f71&ts=2810&x=1", cfExtPri, cfHdrFlush;dur=0
date
Sat, 14 Dec 2024 15:34:38 GMT
content-type
text/html; charset=UTF-8
vary
Accept-Encoding
priority
u=1,i
access-control-allow-headers
X-Requested-With,X_Requested_With,X-PINGOTHER,Content-Type
last-modified
Sat, 14 Dec 2024 14:16:34 GMT
cache-control
max-age=14400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
8f1f42595b787791-LHR
access-control-allow-origin
*
server
cloudflare

Verdicts & Comments Add Verdict or Comment

14 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| __VUE_INSTANCE_SETTERS__ object| __VUE_SSR_SETTERS__ object| __cssrContext boolean| __VUE__ function| plausible object| google_tag_manager object| google_tag_data object| dataLayer function| onYouTubeIframeAPIReady boolean| _bdhm_loaded_8ad529876e2c64c9858bdab280259a66 object| _hmt boolean| _bdhm_loaded_284fccd025e62704a61082e607e5d5f8 boolean| _bdhm_loaded_c42f92ad140c953c620b87fd6d13a5d8 boolean| _bdhm_loaded_c5f7d15f2bf0dd6c4bde04b74482d9aa

10 Cookies

Domain/Path Name / Value
.timespj.xyz/ Name: Hm_lvt_8ad529876e2c64c9858bdab280259a66
Value: 1734190478
.timespj.xyz/ Name: Hm_lpvt_8ad529876e2c64c9858bdab280259a66
Value: 1734190478
.timespj.xyz/ Name: HMACCOUNT
Value: 222099233EE13B9E
.timespj.xyz/ Name: Hm_lvt_284fccd025e62704a61082e607e5d5f8
Value: 1734190478
.timespj.xyz/ Name: Hm_lpvt_284fccd025e62704a61082e607e5d5f8
Value: 1734190478
.timespj.xyz/ Name: Hm_lvt_c42f92ad140c953c620b87fd6d13a5d8
Value: 1734190478
.timespj.xyz/ Name: Hm_lpvt_c42f92ad140c953c620b87fd6d13a5d8
Value: 1734190478
.hm.baidu.com/ Name: HMACCOUNT_BFESS
Value: 8BB37999D6EFCCF6
.timespj.xyz/ Name: Hm_lvt_c5f7d15f2bf0dd6c4bde04b74482d9aa
Value: 1734190478
.timespj.xyz/ Name: Hm_lpvt_c5f7d15f2bf0dd6c4bde04b74482d9aa
Value: 1734190478

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

263cdn.com
cdnmi.com
hm.baidu.com
plausible.top
stationeryformidable.top
timespj.xyz
www.googletagmanager.com
104.21.16.1
104.21.235.143
14.215.182.140
188.114.96.3
188.114.97.3
2a00:1450:4001:80f::2008
011099a6f1aa9ed30ad96ae35bbdc7d299c3f2712e39ccc2ee15146d027732bd
267eef3001852f3fb5fa919e9ecaf8885ed9232e08dfa9b6e3a8547ebfd47907
2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df
2d85f3cda4d86276651578999d5ce9da7f584a44956e4010b0672b1a3592aaca
318d7e0eabbabfc59a21ac9b6f026c6f72af09b7c80a5b5fc7eab5795bec6b7d
3573b10d75f34a7c43b6a0cb1fa5b3a97bebbfff6f1ae04f414925d9e00d5796
4c29eceb9257db113ca4806fcd6b442a08bb141804596433cfb7e70ed25db348
56697cc1b438e9bfca155dc5f1f7e23f3fb8a780448b239b9007c9629c71db4b
585c01023a199b34e7596e6a842f59f306fda0686f5b001eb2f0f6d1f3f52dcf
6af2601c64e95a861c711fa28188cc21465a98876a031509c0c4b547712401af
780342faffe29e503072536011f7d7c4b6f5e30c6d594a41602bbd9213c23223
78a94000c5a25a191ff9b1a74459709322cfc8a644a1044fa23e70dcf1631cf0
8d6c60a5fdae7b3f9b68e2779ee99e0e162182e371f7ba45091396d58beb950e
9631c2318d3f38169166bfe0e803fb1a358580d5f0a1cda53759efb0cfcfbdea
c1d0b7262599f09805fa21ea68641eaa6510897e025776602642cdf4339e23db
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
d18877a3c627a2f0e778067169027fc4be66062cd75989de23d0cd2c141d9581
d3ecca1baa9bef390bd16018589667826b50416a392225926a93c51369267cc8
d4a57e8889ae0338d9330e0f8fa7e7aeb33d5e3fe91c53d5eb31280d2d780a4c
da671803f809f53c68076155581c48d19422acc8593eebed74198fd8ae8ec20a
ddd4ef7f97f4361b60841d59753218a57134b0f99f5b46a9612234f1c2733ab0
e3409ac09af396e35fd67c5e024386d36c52138b7541e6a4644c31a94a2d33a4
e6ee301985163642e8513b28e4779c16d75d3b5fb6436cd84050bffac021b56c
f33ca4946f2c25b8756a89a3d55a26291f0cb5582e0d696d6ddb5095bd24b355
f46fe7894b2838f194ddf75cefd563e05227a69e2aba543983feb8d6d2da2c57
fb6178eaca33cf2b22398d65e6502e76db11cdd06a4563d5c0f93242ab062cda