gfhft42.pages.dev Open in urlscan Pro
2606:4700:310c::ac42:2cab Malicious Activity! Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://gfhft42.pages.dev/
Effective URL:
https://gfhft42.pages.dev/
Submission Tags: threatview.io malwar3ninja rule: suspected phishing scam automated-submission Search All
Submission: On November 10 via api (November 10th 2024, 5:17:13 am UTC) from DE — Scanned from DE

Summary HTTP 180 Redirects Links 8 Behaviour Indicators

Summary

This website contacted 7 IPs in 3 countries across 5 domains to perform 180 HTTP transactions. The main IP is 2606:4700:310c::ac42:2cab, located in United States and belongs to CLOUDFLARENET, US. The main domain is gfhft42.pages.dev.
TLS certificate: Issued by WE1 on October 24th 2024. Valid for: 3 months.

This is the only time gfhft42.pages.dev was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: Generic Cloudflare (Online)

Domain & IP information

	IP Address	AS Autonomous System
1 87	2606:4700:310... 2606:4700:310c::ac42:2cab	13335 (CLOUDFLAR...) (CLOUDFLARENET)
85	2a02:26f0:480... 2a02:26f0:480:36::212:4016	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1	2620:1ec:c11:... 2620:1ec:c11::237	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1	2603:1027:1:d... 2603:1027:1:d8::9	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1 1	40.126.31.71 40.126.31.71	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1	2a02:26f0:480... 2a02:26f0:480:36::212:4008	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1	13.107.21.200 13.107.21.200	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
180	7

87 2606:4700:310c::ac42:2cab (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

gfhft42.pages.dev	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

85 2a02:26f0:480:36::212:4016 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)

r.bing.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.bing.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2620:1ec:c11::237 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

platform.bing.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2603:1027:1:d8::9 (Dublin, Ireland)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

login.microsoftonline.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 40.126.31.71 (Dublin, Ireland) 1 redirects

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

login.live.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:26f0:480:36::212:4008 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)

www.bing.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.107.21.200 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

4.bing.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
88	bing.com r.bing.com — Cisco Umbrella Rank: 449 www.bing.com — Cisco Umbrella Rank: 53 platform.bing.com — Cisco Umbrella Rank: 14324 4.bing.com — Cisco Umbrella Rank: 17636	612 KB
87	pages.dev 1 redirects gfhft42.pages.dev	1 MB
1	live.com 1 redirects login.live.com — Cisco Umbrella Rank: 63	1 KB
1	microsoftonline.com login.microsoftonline.com — Cisco Umbrella Rank: 9
0	msn.com Failed assets.msn.com Failed
180	5

	Domain	Requested by
87	gfhft42.pages.dev	1 redirects gfhft42.pages.dev r.bing.com
84	r.bing.com	gfhft42.pages.dev r.bing.com
2	www.bing.com	gfhft42.pages.dev
1	4.bing.com	r.bing.com
1	login.live.com	1 redirects
1	login.microsoftonline.com	r.bing.com
1	platform.bing.com
0	assets.msn.com Failed	gfhft42.pages.dev
180	8

This site contains links to these domains. Also see Links.

Domain
go.microsoft.com
support.microsoft.com
help.bing.microsoft.com

Subject Issuer	Validity	Valid
gfhft42.pages.dev WE1	`2024-10-24` - `2025-01-22`	3 months	crt.sh
r.bing.com Microsoft Azure ECC TLS Issuing CA 04	`2024-06-24` - `2025-06-19`	a year	crt.sh
www.bing.com Microsoft Azure RSA TLS Issuing CA 03	`2024-09-16` - `2025-03-15`	6 months	crt.sh
stamp2.login.microsoftonline.com DigiCert SHA2 Secure Server CA	`2024-08-31` - `2025-02-28`	6 months	crt.sh

This page contains 3 frames:

Primary Page: https://gfhft42.pages.dev/
Frame ID: 5AC9118FF0E0F4B35814C1D7E8A8AABD
Requests: 183 HTTP requests in this frame

Frame: https://login.microsoftonline.com/common/oauth2/authorize?client_id=9ea1ad79-fdb6-4f9a-8bc3-2b70f96e34c7&response_type=id_token+code&nonce=e7552844-42b1-458a-beb6-340890a12af3&redirect_uri=https%3a%2f%2fwww.bing.com%2forgid%2fidtoken%2fconditional&scope=openid%20email%20profile%209ea1ad79-fdb6-4f9a-8bc3-2b70f96e34c7/.default&response_mode=form_post&instance_aware=true&msafed=0&prompt=none&state=%7b%22ig%22%3a%22A740243CE30E46BBBA7D59C66EA1ACC9%22%7d
Frame ID: B124E85A8C7C2ECE15859A8584FEC41F
Requests: 1 HTTP requests in this frame

Frame: https://www.bing.com/secure/Passport.aspx?popup=1&ssl=1
Frame ID: 8D793CF865BCA8B10E8DC7D5E20E4174
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Microsoft Search

Page URL History Show full URLs

http://gfhft42.pages.dev/ HTTP 307
https://gfhft42.pages.dev/ Page URL
https://gfhft42.pages.dev/cdn-cgi/phish-bypass?atok=QukP1w042WbiEzZharI9nsIcValNtj_f7u.BmLlJIsI-173121... HTTP 301
https://gfhft42.pages.dev/ Page URL

Page Statistics

180
Requests

97 %
HTTPS

71 %
IPv6

5
Domains

8
Subdomains

7
IPs

3
Countries

1960 kB
Transfer

4948 kB
Size

17
Cookies

8 Outgoing links

These are links going to different origins than the main page.

URL: https://go.microsoft.com/fwlink/?LinkId=521839
Title: Datenschutzbestimmungen

Search URL Search Domain Scan URL

URL: https://go.microsoft.com/fwlink/?linkid=2127455
Title: Holen Sie sich die neue Bing Wallpaper-App

Search URL Search Domain Scan URL

URL: https://go.microsoft.com/fwlink/?LinkID=246338
Title: Rechtliche Hinweise

Search URL Search Domain Scan URL

URL: https://go.microsoft.com/fwlink/?linkid=868923
Title: Werbung

Search URL Search Domain Scan URL

URL: https://go.microsoft.com/fwlink/?LinkID=286759
Title: Über unsere Werbung

Search URL Search Domain Scan URL

URL: https://support.microsoft.com/topic/82d20721-2d6f-4012-a13d-d1910ccf203f
Title: Hilfe

Search URL Search Domain Scan URL

URL: http://go.microsoft.com/fwlink/?LinkId=525994&clcid=0x407
Title: Impressum

Search URL Search Domain Scan URL

URL: http://help.bing.microsoft.com/#apex/18/DE/10013/-1/DE
Title: Europäischer Datenschutz

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://gfhft42.pages.dev/ HTTP 307
https://gfhft42.pages.dev/ Page URL
https://gfhft42.pages.dev/cdn-cgi/phish-bypass?atok=QukP1w042WbiEzZharI9nsIcValNtj_f7u.BmLlJIsI-1731215823-0.0.1.1-%2F HTTP 301
https://gfhft42.pages.dev/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0

http://gfhft42.pages.dev/ HTTP 307
https://gfhft42.pages.dev/

Request Chain 161

https://login.live.com/login.srf?wa=wsignin1.0&rpsnv=11&ct=1731215827&rver=6.0.5286.0&wp=MBI_SSL&wreply=https:%2F%2fwww.bing.com%2Fsecure%2FPassport.aspx%3Fpopup%3D1%26ssl%3D1&lc=1031&id=264960&checkda=1 HTTP 302
https://www.bing.com/secure/Passport.aspx?popup=1&ssl=1

180 HTTP transactions
5 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H3

403

/ Show response
gfhft42.pages.dev/
Redirect Chain

http://gfhft42.pages.dev/
https://gfhft42.pages.dev/

4 KB
2 KB

68ms
33ms

Document
text/html

2606:4700:310c::ac42:2cab
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://gfhft42.pages.dev/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:310c::ac42:2cab , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

3881ea963a06b345f8c223a6d4af623ad3aea2f434fec3a373d74c39e77c7907

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

cf-ray: 8e0392eec8fabba3-FRA
content-encoding: gzip
content-type: text/html; charset=UTF-8
date: Sun, 10 Nov 2024 05:17:03 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=KEkKZG5uj1omBRsOKUvNy4TDMfXJwLs%2FhkyEJN44k%2BZTc1dBb%2BJfQQ%2F0ch8fBe8zk2il%2B39onh%2FYf8MovgCtVMyIOHxumKoyYKQ2%2Fc8VolETPaj61R4ZqJwlc6UlXSqxc7g0N9be4ovSajeXHdG7Lw%3D%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
x-frame-options: SAMEORIGIN

Redirect headers

Cross-Origin-Resource-Policy: Cross-Origin
Location: https://gfhft42.pages.dev/
Non-Authoritative-Reason: HSTS

GET
H3 200 cf.errors.css
gfhft42.pages.dev/cdn-cgi/styles/ 23 KB
5 KB 10ms
10ms Stylesheet
text/css 2606:4700:310c::ac42:2cab
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://gfhft42.pages.dev/cdn-cgi/styles/cf.errors.css

Requested by

Host: gfhft42.pages.dev
URL: https://gfhft42.pages.dev/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:310c::ac42:2cab , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

84e3c77025ace5af143972b4a40fc834dcdfd4e449d4b36a57e62326f16b3091

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://gfhft42.pages.dev/

Response headers

vary: Accept-Encoding
cache-control: max-age=7200, public
content-encoding: gzip
etag: W/"672b8dd6-5df3"
x-content-type-options: nosniff
cf-ray: 8e0392ef094abba3-FRA
expires: Sun, 10 Nov 2024 07:17:03 GMT
date: Sun, 10 Nov 2024 05:17:03 GMT
content-type: text/css
last-modified: Wed, 06 Nov 2024 15:40:06 GMT
server: cloudflare
x-frame-options: DENY

GET
H3 200 icon-exclamation.png
gfhft42.pages.dev/cdn-cgi/images/ 452 B
635 B 10ms
9ms Image
image/png 2606:4700:310c::ac42:2cab
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://gfhft42.pages.dev/cdn-cgi/images/icon-exclamation.png?1376755637

Requested by

Host: gfhft42.pages.dev
URL: https://gfhft42.pages.dev/cdn-cgi/styles/cf.errors.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:310c::ac42:2cab , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f1591a5221136c49438642155691ae6c68e25b7241f3d7ebe975b09a77662016

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://gfhft42.pages.dev/cdn-cgi/styles/cf.errors.css

Response headers

vary: Accept-Encoding
cache-control: max-age=7200, public
etag: "672b8dd6-1c4"
x-content-type-options: nosniff
cf-ray: 8e0392ef295dbba3-FRA
expires: Sun, 10 Nov 2024 07:17:03 GMT
accept-ranges: bytes
content-length: 452
date: Sun, 10 Nov 2024 05:17:03 GMT
content-type: image/png
last-modified: Wed, 06 Nov 2024 15:40:06 GMT
server: cloudflare
x-frame-options: DENY

GET
H3 200 favicon.ico
gfhft42.pages.dev/ 4 KB
2 KB 74ms
74ms Other
image/x-icon 2606:4700:310c::ac42:2cab
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://gfhft42.pages.dev/favicon.ico
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:310c::ac42:2cab , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5b2c34b3c4e8dd898b664dba6c3786e2ff9869eff55d673aa48361f11325ed07

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://gfhft42.pages.dev/

Response headers

x-eventid: 65e9375643bd41b7a951d2a5e15bada9
content-encoding: br
cf-cache-status: MISS
report-to: {"group":"csp-endpoint","max_age":86400,"endpoints":[{"url":"https://aefd.nelreports.net/api/report?cat=bingcsp"}]}
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=20788&sent=21&recv=14&lost=0&retrans=0&sent_bytes=11961&recv_bytes=4343&delivery_rate=56931&cwnd=12000&unsent_bytes=0&cid=f2d8158537210ecc&ts=167&x=1", cfHdrFlush;dur=0
date: Sun, 10 Nov 2024 05:17:03 GMT
content-type: image/x-icon
last-modified: Mon, 01 Jan 1601 00:00:00 GMT
vary: Accept-Encoding
cache-control: public, max-age=15552000
x-cdn-traceid: 0.33d01702.1731215823.10e8184e
accept-ch: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
x-msedge-ref: Ref A: 5F863448F517484E96DD69CA2DEA646F Ref B: FRA31EDGE0706 Ref C: 2024-03-07T09:10:35Z
content-security-policy-report-only: script-src https: 'strict-dynamic' 'report-sample' 'nonce-wk94MDVKuw1dQGLzYXKB7VDaUloFvc7ZMcuXJxqmtgM='; base-uri 'self';report-to csp-endpoint
cf-ray: 8e0392ef496abba3-FRA
useragentreductionoptout: A7kgTC5xdZ2WIVGZEfb1hUoNuvjzOZX3VIV/BA6C18kQOOF50Q0D3oWoAm49k3BQImkujKILc7JmPysWk3CSjwUAAACMeyJvcmlnaW4iOiJodHRwczovL3d3dy5iaW5nLmNvbTo0NDMiLCJmZWF0dXJlIjoiU2VuZEZ1bGxVc2VyQWdlbnRBZnRlclJlZHVjdGlvbiIsImV4cGlyeSI6MTY4NDg4NjM5OSwiaXNTdWJkb21haW4iOnRydWUsImlzVGhpcmRQYXJ0eSI6dHJ1ZX0=
server: cloudflare

GET
H3

200

Primary Request / Show response
gfhft42.pages.dev/
Redirect Chain

https://gfhft42.pages.dev/cdn-cgi/phish-bypass?atok=QukP1w042WbiEzZharI9nsIcValNtj_f7u.BmLlJIsI-1731215823-0.0.1.1-%2F
https://gfhft42.pages.dev/

171 KB
52 KB

86ms
86ms

Document
text/html

2606:4700:310c::ac42:2cab
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://gfhft42.pages.dev/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:310c::ac42:2cab , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d6f2e73a463d63d23c32bd14f96113e9c7c6b2eef02c4316e75994ed3080a4c6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://gfhft42.pages.dev/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

alt-svc: h3=":443"; ma=86400
cache-control: private
cf-cache-status: DYNAMIC
cf-ray: 8e0393095b41bba3-FRA
content-encoding: br
content-security-policy-report-only: script-src https: 'strict-dynamic' 'report-sample' 'wasm-unsafe-eval' 'nonce-ADbEvAQd2agEoCa33uQiQN6o1mpvm79LXePGAX/zCYs='; base-uri 'self';report-to csp-endpoint
content-type: text/html; charset=utf-8
cross-origin-embedder-policy-report-only: 'same-origin; report-to=\"crossorigin-errors\"'
cross-origin-opener-policy-report-only: 'require-corp; report-to=\"crossorigin-errors\"'
date: Sun, 10 Nov 2024 05:17:07 GMT
nel: {"report_to":"network-errors","max_age":604800,"success_fraction":0.01,"failure_fraction":1.0,"include_subdomains":true}
p3p: CP="NON UNI COM NAV STA LOC CURa DEVa PSAa PSDa OUR IND"
report-to: {"group":"csp-endpoint","max_age":86400,"endpoints":[{"url":"https://aefd.nelreports.net/api/report?cat=bingcsp"}]} {"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://aefd.nelreports.net/api/report?cat=binghp&ndcParam=QWthbWFp"}]} {"group":"crossorigin-errors","max_age":604800,"endpoints":[{"url":"https://aefd.nelreports.net/api/report?cat=binghp"}]}
server: cloudflare
server-timing: cfL4;desc="?proto=QUIC&rtt=15150&sent=30&recv=21&lost=0&retrans=0&sent_bytes=14984&recv_bytes=5492&delivery_rate=731&cwnd=12000&unsent_bytes=0&cid=f2d8158537210ecc&ts=4350&x=1" cfHdrFlush;dur=0
strict-transport-security: max-age=31536000; includeSubDomains; preload
useragentreductionoptout: A7kgTC5xdZ2WIVGZEfb1hUoNuvjzOZX3VIV/BA6C18kQOOF50Q0D3oWoAm49k3BQImkujKILc7JmPysWk3CSjwUAAACMeyJvcmlnaW4iOiJodHRwczovL3d3dy5iaW5nLmNvbTo0NDMiLCJmZWF0dXJlIjoiU2VuZEZ1bGxVc2VyQWdlbnRBZnRlclJlZHVjdGlvbiIsImV4cGlyeSI6MTY4NDg4NjM5OSwiaXNTdWJkb21haW4iOnRydWUsImlzVGhpcmRQYXJ0eSI6dHJ1ZX0=
vary: Accept-Encoding
x-cdn-traceid: 0.41d01702.1731215827.1f20686d
x-eventid: 673041d3c4e64a9593a71bb17bcc88a0
x-frame-options: SAMEORIGIN

Redirect headers

cache-control: private, no-cache
cf-ray: 8e0393094b38bba3-FRA
content-length: 167
content-type: text/html
date: Sun, 10 Nov 2024 05:17:07 GMT
location: https://gfhft42.pages.dev/
server: cloudflare
x-content-type-options: nosniff
x-frame-options: DENY

GET
H3 200 th
gfhft42.pages.dev/ 230 KB
231 KB 35ms
34ms Image
image/webp 2606:4700:310c::ac42:2cab
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://gfhft42.pages.dev/th?id=OHR.YucatanFlamingos_DE-DE2009828774_1920x1080.webp&qlt=50
Requested by: Host: gfhft42.pages.dev
URL: https://gfhft42.pages.dev/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:310c::ac42:2cab , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5d744e7bae776d237bf80c2d45fbc3025c5726196fd10ea588078f4dc780494d

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://gfhft42.pages.dev/

Response headers

cf-cache-status: DYNAMIC
report-to: {"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://aefd.nelreports.net/api/report?cat=bingth&ndcParam=QWthbWFp"}]}
access-control-allow-methods: GET, POST, OPTIONS
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=7191&sent=80&recv=46&lost=0&retrans=0&sent_bytes=69793&recv_bytes=7414&delivery_rate=1672733&cwnd=27600&unsent_bytes=0&cid=f2d8158537210ecc&ts=4392&x=1", cfHdrFlush;dur=0
date: Sun, 10 Nov 2024 05:17:07 GMT
content-type: image/webp
vary: Accept-Encoding
access-control-allow-headers: *
cache-control: public, max-age=691200
nel: {"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":1.0}
timing-allow-origin: *
x-cdn-traceid: 0.0cd01702.1731215827.16b0fc3f
cf-ray: 8e039309eb8dbba3-FRA
access-control-allow-origin: *
content-length: 235440
server: cloudflare

GET
H2 200 lmu8EBCaPRMKtay8LSArGyY3mv4.br.js Show response
r.bing.com/rp/ 1 B
618 B 70ms
8ms Script
text/javascript 2a02:26f0:480:36::212:4016
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://r.bing.com/rp/lmu8EBCaPRMKtay8LSArGyY3mv4.br.js
Requested by: Host: gfhft42.pages.dev
URL: https://gfhft42.pages.dev/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:480:36::212:4016 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash: 5feceb66ffc86f38d952786c6d696c79c2dbc239dd4e91b46729d73a27fb57e9

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://gfhft42.pages.dev/

Response headers

content-md5: 5aqSHeuG+BOAJrucJAgg+w==
content-encoding: br
x-ms-version: 2009-09-19
etag: 0x8DCDC65EBC9AAE4
x-ms-lease-status: unlocked
report-to: {"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://aefd.nelreports.net/api/report?cat=bingaotak"}]}
expires: Wed, 13 Nov 2024 21:16:57 GMT
alt-svc: h3=":443"; ma=93600
date: Sun, 10 Nov 2024 05:17:07 GMT
last-modified: Tue, 24 Sep 2024 06:55:48 GMT
content-type: text/javascript; charset=utf-8
cache-control: public, no-transform, max-age=316790
timing-allow-origin: *
nel: {"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":1.0}
x-ms-request-id: de9e8402-a01e-0053-3e78-17f69f000000
access-control-allow-origin: *
content-length: 5
akamai-grn: 0.56b31402.1731215827.16308f62
x-ms-blob-type: BlockBlob
server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0

GET TojcN6GgH6kMs-g6j6O4PUJNZvU.br.css
r.bing.com/rp/ 0
0

GET
H3 200 ytiieusXgM2K8bLkEDP-AS1ePds.png
gfhft42.pages.dev/rp/ 109 B
1 KB 38ms
37ms Image
image/png 2606:4700:310c::ac42:2cab
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://gfhft42.pages.dev/rp/ytiieusXgM2K8bLkEDP-AS1ePds.png
Requested by: Host: gfhft42.pages.dev
URL: https://gfhft42.pages.dev/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:310c::ac42:2cab , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: bc2fafdf3346ba2de5004898e2c58e47182fda26518d240fd1b0628e6329ed1d

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://gfhft42.pages.dev/

Response headers

content-md5: WjmO2nysm67xmONlqywoRQ==
akamai-amd-bc-debug: [a=23.67.40.26,b=305505509,c=c,d=1731086954,h=304,k=2,l=0,n=DE_HE_FRANKFURT,o=20940,r=2]
x-ms-lease-status: unlocked
cf-cache-status: MISS
etag: 0x8DCDC68B2C5AA26
x-ms-version: 2009-09-19
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=AazWXBl1nNbIvjl37YKLLVOWKhxhULNkr26gqJ5Y6F29V1He5gf6BUz2DCk8rbqA6ySup12wK4rX660bt5rYIDn6v0e64amE3JoNFAPYObU8i9NQpkSliIYFu2N7lHHnkpSBKfnSbyjhJIw6yHRDwA%3D%3D"}],"group":"cf-nel","max_age":604800}
expires: Thu, 07 Nov 2024 04:11:45 GMT
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=6653&sent=285&recv=73&lost=0&retrans=0&sent_bytes=311202&recv_bytes=8620&delivery_rate=12539621&cwnd=136800&unsent_bytes=0&cid=f2d8158537210ecc&ts=4417&x=1", cfHdrFlush;dur=0
date: Sun, 10 Nov 2024 05:17:07 GMT
content-type: image/png
last-modified: Tue, 24 Sep 2024 07:15:41 GMT
vary: Accept-Encoding
cache-control: public, max-age=432000, no-transform, immutable
x-cdn-traceid: 0.30d01702.1731215827.8614bfe
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-ms-request-id: 216c16aa-701e-0073-482f-169a53000000
cf-ray: 8e03930a0b9bbba3-FRA
accept-ranges: bytes
access-control-allow-origin: *
content-length: 109
x-ms-blob-type: BlockBlob
server: cloudflare

GET
DATA 200
OK truncated
/ 68 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 643ac89572093a4c907c1af802b3d354453c64d545dc3f1be1ce689046064511

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer

Response headers

Content-Type: image/png

GET
H2 200 TojcN6GgH6kMs-g6j6O4PUJNZvU.br.css
r.bing.com/rp/ 18 KB
6 KB 41ms
10ms Stylesheet
text/css 2a02:26f0:480:36::212:4016
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://r.bing.com/rp/TojcN6GgH6kMs-g6j6O4PUJNZvU.br.css
Requested by: Host: gfhft42.pages.dev
URL: https://gfhft42.pages.dev/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:480:36::212:4016 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash: eea56c13709677a8c9b09c68a066b7138892e4ba785c5ce4a805fac99e4ceb24

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin: https://gfhft42.pages.dev
Referer: https://gfhft42.pages.dev/

Response headers

content-md5: gtoCeEn6TmwQatEIrrrRpQ==
content-encoding: br
x-ms-version: 2009-09-19
etag: 0x8DCFF22A780F4B6
x-ms-lease-status: unlocked
report-to: {"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://aefd.nelreports.net/api/report?cat=bingaotak"}]}
expires: Tue, 12 Nov 2024 18:39:50 GMT
alt-svc: h3=":443"; ma=93600
date: Sun, 10 Nov 2024 05:17:07 GMT
content-type: text/css
last-modified: Thu, 07 Nov 2024 11:52:28 GMT
cache-control: public, no-transform, max-age=220963
timing-allow-origin: *
nel: {"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":1.0}
x-ms-request-id: dab56de5-201e-006b-7044-31b7c6000000
access-control-allow-origin: *
content-length: 5473
akamai-grn: 0.56b31402.1731215827.16308f67
x-ms-blob-type: BlockBlob
server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0

GET
H2 200 0KrsBMKWyD66Rwt3tiMAonQOyGw.br.js Show response
r.bing.com/rp/ 76 B
682 B 42ms
10ms Script
text/javascript 2a02:26f0:480:36::212:4016
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://r.bing.com/rp/0KrsBMKWyD66Rwt3tiMAonQOyGw.br.js
Requested by: Host: gfhft42.pages.dev
URL: https://gfhft42.pages.dev/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:480:36::212:4016 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash: 8149ebbab97636b492c4577e5d86b65001e672718bbd01218d8888b9989e7e4e

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin: https://gfhft42.pages.dev
Referer: https://gfhft42.pages.dev/

Response headers

content-md5: z5nlqd31IzcYeLY5KGuaJg==
content-encoding: br
x-ms-version: 2009-09-19
etag: 0x8DCEC8651B9B166
x-ms-lease-status: unlocked
report-to: {"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://aefd.nelreports.net/api/report?cat=bingaotak"}]}
expires: Sun, 10 Nov 2024 19:53:49 GMT
alt-svc: h3=":443"; ma=93600
date: Sun, 10 Nov 2024 05:17:07 GMT
last-modified: Mon, 14 Oct 2024 19:28:02 GMT
content-type: text/javascript; charset=utf-8
cache-control: public, no-transform, max-age=52602
timing-allow-origin: *
nel: {"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":1.0}
x-ms-request-id: 9f592b76-801e-004f-5076-1f2e88000000
access-control-allow-origin: *
content-length: 68
akamai-grn: 0.56b31402.1731215827.16308f66
x-ms-blob-type: BlockBlob
server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0

GET
H3 200 ytiieusXgM2K8bLkEDP-AS1ePds.png
gfhft42.pages.dev/rp/ 109 B
0 28ms
28ms Image
image/png 2606:4700:310c::ac42:2cab
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://gfhft42.pages.dev/rp/ytiieusXgM2K8bLkEDP-AS1ePds.png
Requested by: Host: gfhft42.pages.dev
URL: https://gfhft42.pages.dev/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:310c::ac42:2cab , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: bc2fafdf3346ba2de5004898e2c58e47182fda26518d240fd1b0628e6329ed1d

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://gfhft42.pages.dev/

Response headers

content-md5: WjmO2nysm67xmONlqywoRQ==
akamai-amd-bc-debug: [a=23.67.40.26,b=305505509,c=c,d=1731086954,h=304,k=2,l=0,n=DE_HE_FRANKFURT,o=20940,r=2]
x-ms-lease-status: unlocked
cf-cache-status: MISS
etag: 0x8DCDC68B2C5AA26
x-ms-version: 2009-09-19
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=AazWXBl1nNbIvjl37YKLLVOWKhxhULNkr26gqJ5Y6F29V1He5gf6BUz2DCk8rbqA6ySup12wK4rX660bt5rYIDn6v0e64amE3JoNFAPYObU8i9NQpkSliIYFu2N7lHHnkpSBKfnSbyjhJIw6yHRDwA%3D%3D"}],"group":"cf-nel","max_age":604800}
expires: Thu, 07 Nov 2024 04:11:45 GMT
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=6653&sent=285&recv=73&lost=0&retrans=0&sent_bytes=311202&recv_bytes=8620&delivery_rate=12539621&cwnd=136800&unsent_bytes=0&cid=f2d8158537210ecc&ts=4417&x=1", cfHdrFlush;dur=0
date: Sun, 10 Nov 2024 05:17:07 GMT
content-type: image/png
last-modified: Tue, 24 Sep 2024 07:15:41 GMT
vary: Accept-Encoding
cache-control: public, max-age=432000, no-transform, immutable
x-cdn-traceid: 0.30d01702.1731215827.8614bfe
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-ms-request-id: 216c16aa-701e-0073-482f-169a53000000
cf-ray: 8e03930a0b9bbba3-FRA
accept-ranges: bytes
access-control-allow-origin: *
content-length: 109
x-ms-blob-type: BlockBlob
server: cloudflare

GET
H2 200 widget.js Show response
www.bing.com/rewardsapp/widgetassets/prod/medallion/1.0.2/js/ 127 KB
48 KB 39ms
9ms Script
application/json 2a02:26f0:480:36::212:4016
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://www.bing.com/rewardsapp/widgetassets/prod/medallion/1.0.2/js/widget.js?t=241109
Requested by: Host: gfhft42.pages.dev
URL: https://gfhft42.pages.dev/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:480:36::212:4016 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: /
Resource Hash: cecd9507277624bd8baac9fcdbede428a6bc827c41635f5b34478c5abee4e0bb

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://gfhft42.pages.dev/

Response headers

content-encoding: br
x-ms-version: 2009-09-19
x-ms-lease-status: unlocked
x-fd-int-roxy-purgeid: 0
alt-svc: h3=":443"; ma=93600
date: Sun, 10 Nov 2024 05:17:07 GMT
content-type: application/json
last-modified: Mon, 28 Oct 2024 17:38:12 GMT
vary: Accept-Encoding
cache-control: public, max-age=21600
x-cdn-traceid: 0.56b31402.1731215827.16308fdd
x-ceto-ref: 672f168036964e94978b2120cbc79d4a|AFD:672f168036964e94978b2120cbc79d4a|2024-11-09T08:00:00.625Z
x-ms-request-id: e72c9995-201e-004d-627d-32a867000000
access-control-allow-origin: *
content-length: 49115
x-azure-ref: 20241109T080000Z-1778f98c657tk4zbhC1DB1kyzw00000006v0000000002pb1
x-ms-blob-type: BlockBlob

GET
H2 200 MPXHsJgrkx_80a03vnMjBApFFfo.br.css
r.bing.com/rp/ 256 KB
131 KB 9ms
8ms Stylesheet
text/css 2a02:26f0:480:36::212:4016
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://r.bing.com/rp/MPXHsJgrkx_80a03vnMjBApFFfo.br.css
Requested by: Host: gfhft42.pages.dev
URL: https://gfhft42.pages.dev/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:480:36::212:4016 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash: c16343d5af29b2ce9fa754da3015002b1e4b340943909fa580ff3c9d5dce1fb9

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://gfhft42.pages.dev/

Response headers

content-md5: rLtMqGpEbt2/K7VxBkXSQw==
content-encoding: br
x-ms-version: 2009-09-19
etag: 0x8DCFA4FA482D436
x-ms-lease-status: unlocked
report-to: {"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://aefd.nelreports.net/api/report?cat=bingaotak"}]}
expires: Mon, 11 Nov 2024 01:36:58 GMT
alt-svc: h3=":443"; ma=93600
date: Sun, 10 Nov 2024 05:17:07 GMT
last-modified: Fri, 01 Nov 2024 08:31:54 GMT
content-type: text/css
nel: {"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":1.0}
cache-control: public, no-transform, max-age=73191
timing-allow-origin: *
x-ms-request-id: c82820de-701e-003c-427e-2c5e4b000000
access-control-allow-origin: *
content-length: 133268
akamai-grn: 0.8e257e68.1730492812.3ed0f4ab, 0.56b31402.1731215827.16309070
x-ms-blob-type: BlockBlob
server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0

GET
H2 200 R26WBsZbcppsoeYgMplxrgu53kM.br.css
r.bing.com/rp/ 30 B
628 B 17ms
16ms Stylesheet
text/css 2a02:26f0:480:36::212:4016
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://r.bing.com/rp/R26WBsZbcppsoeYgMplxrgu53kM.br.css
Requested by: Host: gfhft42.pages.dev
URL: https://gfhft42.pages.dev/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:480:36::212:4016 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash: d7213c51946975f61ba549e0b3fa83567c854557c673d56c9dddcccab6fdad0a

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://gfhft42.pages.dev/

Response headers

content-md5: deN9XSsAqqH0xJ5Fvq/E6g==
content-encoding: br
x-ms-version: 2009-09-19
etag: 0x8DCDC614CD18BA3
x-ms-lease-status: unlocked
report-to: {"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://aefd.nelreports.net/api/report?cat=bingaotak"}]}
expires: Sun, 10 Nov 2024 15:49:15 GMT
alt-svc: h3=":443"; ma=93600
date: Sun, 10 Nov 2024 05:17:07 GMT
last-modified: Tue, 24 Sep 2024 06:22:43 GMT
content-type: text/css
cache-control: public, no-transform, max-age=37928
timing-allow-origin: *
nel: {"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":1.0}
x-ms-request-id: cc7a47d5-a01e-0071-0310-1998a9000000
access-control-allow-origin: *
content-length: 31
akamai-grn: 0.56b31402.1731215827.16309074
x-ms-blob-type: BlockBlob
server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0

GET
H3 200 l
gfhft42.pages.dev/fd/ls/ 0
616 B 62ms
61ms Image
text/plain 2606:4700:310c::ac42:2cab
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://gfhft42.pages.dev/fd/ls/l?IG=A740243CE30E46BBBA7D59C66EA1ACC9&CID=160DF516170E609206A8E02516B06190&Type=Event.CPT&DATA={%22pp%22:{%22S%22:%22L%22,%22FC%22:-1,%22BC%22:-1,%22SE%22:-1,%22TC%22:-1,%22H%22:-1,%22BP%22:140,%22CT%22:142,%22IL%22:3},%22net%22:%22undefined%22}&P=SERP&DA=DUBE01
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:310c::ac42:2cab , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://gfhft42.pages.dev/

Response headers

x-cdn-traceid: 0.15d01702.1731215827.78ac3de
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=K%2BkI5XrlGuNm9AbDZcTA7I4I%2FoRG9pGhz4Z6%2F73oSjFokEaiFoHsAxbKPuLgw8g7Z6POy6tUu7FqQLrtVfu%2BYA14jA3ca2U0nL5ZkWRiF2hJq4SuY5cAd6EuhKyR7CMvdfa%2B3mcj4tI2VzopJvBLrg%3D%3D"}],"group":"cf-nel","max_age":604800}
cf-ray: 8e03930afc10bba3-FRA
access-control-allow-origin: *
alt-svc: h3=":443"; ma=86400
content-length: 0
server-timing: cfL4;desc="?proto=QUIC&rtt=7628&sent=297&recv=87&lost=0&retrans=0&sent_bytes=322136&recv_bytes=11346&delivery_rate=257536&cwnd=136800&unsent_bytes=0&cid=f2d8158537210ecc&ts=4587&x=1", cfHdrFlush;dur=0
date: Sun, 10 Nov 2024 05:17:07 GMT
vary: Accept-Encoding
server: cloudflare

GET
H3 200 favicon-trans-bg-blue-mg-png.png
gfhft42.pages.dev/sa/simg/ 308 B
1 KB 43ms
42ms Other
image/png 2606:4700:310c::ac42:2cab
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://gfhft42.pages.dev/sa/simg/favicon-trans-bg-blue-mg-png.png
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:310c::ac42:2cab , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5cbda906c7db6d50c7e200d73841a7bb7404bcff1b3c9121aa5bc79dbc608b9a

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://gfhft42.pages.dev/

Response headers

x-eventid: 65dc4509885c4ce4b4af450a89be1172
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=c%2Bfvsw4mLHjepBHObhFORv9UvGNhxnFcDpvEFO9VC24D0hcUnbG0Fhb6Z1h5wCrknEFGKnrfWd1OJlRTDDwtLT645%2F0txLyQxLGNky5pUsX7ktwaLqbxdFo6KK3I3tPV3pEweL9VapArzqrENP6xOA%3D%3D"}],"group":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=7800&sent=295&recv=85&lost=0&retrans=0&sent_bytes=320835&recv_bytes=11257&delivery_rate=5041001&cwnd=136800&unsent_bytes=0&cid=f2d8158537210ecc&ts=4570&x=1", cfHdrFlush;dur=0
date: Sun, 10 Nov 2024 05:17:07 GMT
content-type: image/png
last-modified: Mon, 01 Jan 1601 00:00:00 GMT
vary: Accept-Encoding
cache-control: public, max-age=15552000
x-cdn-traceid: 0.33d01702.1731215827.10e82b4c
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 8e03930afc12bba3-FRA
accept-ranges: bytes
useragentreductionoptout: A7kgTC5xdZ2WIVGZEfb1hUoNuvjzOZX3VIV/BA6C18kQOOF50Q0D3oWoAm49k3BQImkujKILc7JmPysWk3CSjwUAAACMeyJvcmlnaW4iOiJodHRwczovL3d3dy5iaW5nLmNvbTo0NDMiLCJmZWF0dXJlIjoiU2VuZEZ1bGxVc2VyQWdlbnRBZnRlclJlZHVjdGlvbiIsImV4cGlyeSI6MTY4NDg4NjM5OSwiaXNTdWJkb21haW4iOnRydWUsImlzVGhpcmRQYXJ0eSI6dHJ1ZX0=
content-length: 308
server: cloudflare

POST
H3 204 lsp.aspx
gfhft42.pages.dev/fd/ls/ 0
615 B 61ms
60ms Ping
text/plain 2606:4700:310c::ac42:2cab
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://gfhft42.pages.dev/fd/ls/lsp.aspx?
Requested by: Host: gfhft42.pages.dev
URL: https://gfhft42.pages.dev/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:310c::ac42:2cab , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Content-Type: text/plain;charset=UTF-8
Referer: https://gfhft42.pages.dev/

Response headers

x-cdn-traceid: 0.39d01702.1731215827.1b1cbbb1
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=a0%2FPH2ea2tIt%2FkEMaaDpw2iAf%2FPFA7Di1EhB0vlra2Zr5f4kL6Ofc2E4u4%2BWIhYVuXRiBqeDC5EsWSRfbHCenCOe9eKbVaN6ueXXxQ8mRaMbFsP5tGZ5gwLt1EpXUTcmdFVUcBU9bXI7%2FfBm0Jq0MA%3D%3D"}],"group":"cf-nel","max_age":604800}
cf-ray: 8e03930afc14bba3-FRA
access-control-allow-origin: *
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=7628&sent=298&recv=87&lost=0&retrans=0&sent_bytes=322775&recv_bytes=11346&delivery_rate=257536&cwnd=136800&unsent_bytes=0&cid=f2d8158537210ecc&ts=4589&x=1", cfHdrFlush;dur=0
date: Sun, 10 Nov 2024 05:17:07 GMT
vary: Accept-Encoding
server: cloudflare

GET
H3 200 oocd_GLJp7OiNEvIPidegylCzYE.br.js Show response
gfhft42.pages.dev/rp/ 19 KB
8 KB 39ms
38ms Script
text/javascript 2606:4700:310c::ac42:2cab
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://gfhft42.pages.dev/rp/oocd_GLJp7OiNEvIPidegylCzYE.br.js
Requested by: Host: gfhft42.pages.dev
URL: https://gfhft42.pages.dev/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:310c::ac42:2cab , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5d59969951587d02ccf8e5b8b08b16f8b8b3110e26dd195cfdbaaaae99674230

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin: https://gfhft42.pages.dev
Referer: https://gfhft42.pages.dev/

Response headers

content-md5: xjyqyLrD8Rh4DebSjkPaOg==
content-encoding: gzip
cf-cache-status: MISS
etag: 0x8DCDC668C8634C1
x-ms-lease-status: unlocked
x-ms-version: 2009-09-19
report-to: {"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://aefd.nelreports.net/api/report?cat=bingaotak"}]}
expires: Sun, 10 Nov 2024 12:31:31 GMT
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=7800&sent=287&recv=85&lost=0&retrans=0&sent_bytes=312301&recv_bytes=11257&delivery_rate=5041001&cwnd=136800&unsent_bytes=0&cid=f2d8158537210ecc&ts=4568&x=1", cfHdrFlush;dur=0
date: Sun, 10 Nov 2024 05:17:07 GMT
content-type: text/javascript; charset=utf-8
last-modified: Tue, 24 Sep 2024 07:00:18 GMT
vary: Accept-Encoding
cache-control: public, no-transform, max-age=196319
nel: {"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":1.0}
timing-allow-origin: *
x-cdn-traceid: 0.31d01702.1731215827.e8fe278
x-ms-request-id: 20b2e939-f01e-0004-3e84-151f12000000
cf-ray: 8e03930afc16bba3-FRA
accept-ranges: bytes
access-control-allow-origin: *
content-length: 7532
akamai-grn: 0.ad257e68.1728379490.130ae217
x-ms-blob-type: BlockBlob
server: cloudflare

GET
H3 200 29PIludr0ouX7uObDIN9ORIKUhg.png
r.bing.com/rp/ 4 KB
4 KB 9ms
9ms Image
image/png 2a02:26f0:480:36::212:4016
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://r.bing.com/rp/29PIludr0ouX7uObDIN9ORIKUhg.png
Requested by: Host: r.bing.com
URL: https://r.bing.com/rp/MPXHsJgrkx_80a03vnMjBApFFfo.br.css
Protocol: H3
Security: QUIC, , AES_256_GCM
Server: 2a02:26f0:480:36::212:4016 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash: 31ee0b33f7393eb212728cbab82119f00aa8a539ee6b0bb517af5b6ccc6f9879

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://r.bing.com/rp/MPXHsJgrkx_80a03vnMjBApFFfo.br.css

Response headers

content-md5: uY+5CYfOSs2LgdhiWj0GTg==
x-ms-version: 2009-09-19
x-ms-lease-status: unlocked
etag: 0x8DCEC870FB74EAA
report-to: {"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://aefd.nelreports.net/api/report?cat=bingaotak"}]}
expires: Sun, 10 Nov 2024 16:43:32 GMT
alt-svc: h3=":443"; ma=93600
date: Sun, 10 Nov 2024 05:17:07 GMT
last-modified: Mon, 14 Oct 2024 19:33:20 GMT
content-type: image/png
cache-control: public, no-transform, max-age=41185
timing-allow-origin: *
nel: {"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":1.0}
quic-version: 0x00000001
x-ms-request-id: 05b6520b-501e-006f-100f-1f4244000000
access-control-allow-origin: *
content-length: 3828
akamai-grn: 0.56b31402.1731215827.163090df
x-ms-blob-type: BlockBlob
server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0

GET
H2 200 RMR1gT-owPhjdj5T7QIDjVzDF_U.br.js Show response
r.bing.com/rp/ 370 B
809 B 26ms
16ms XHR
text/javascript 2a02:26f0:480:36::212:4016
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://r.bing.com/rp/RMR1gT-owPhjdj5T7QIDjVzDF_U.br.js
Requested by: Host: gfhft42.pages.dev
URL: https://gfhft42.pages.dev/rp/oocd_GLJp7OiNEvIPidegylCzYE.br.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:480:36::212:4016 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash: d71ac9ccdf9cad482742a4c58d3cdececa63ab196dba9bd3656da24db533c1ac

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://gfhft42.pages.dev/

Response headers

content-md5: VvkhcjFZmc5E7PrGAQWsKQ==
content-encoding: br
x-ms-version: 2009-09-19
etag: 0x8DCFDC478ADC2EC
x-ms-lease-status: unlocked
report-to: {"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://aefd.nelreports.net/api/report?cat=bingaotak"}]}
expires: Mon, 11 Nov 2024 06:01:56 GMT
alt-svc: h3=":443"; ma=93600
date: Sun, 10 Nov 2024 05:17:07 GMT
content-type: text/javascript; charset=utf-8
last-modified: Tue, 05 Nov 2024 18:05:45 GMT
cache-control: public, no-transform, max-age=89089
timing-allow-origin: *
nel: {"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":1.0}
x-ms-request-id: b1ad96c5-e01e-0054-5811-30001a000000
access-control-allow-origin: *
content-length: 195
akamai-grn: 0.56b31402.1731215827.16309110
x-ms-blob-type: BlockBlob
server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0

GET
H2 200 eeSRHmOwBCiYGkxCHmb9VbJ2hT8.br.js Show response
r.bing.com/rp/ 684 B
969 B 24ms
16ms XHR
text/javascript 2a02:26f0:480:36::212:4016
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://r.bing.com/rp/eeSRHmOwBCiYGkxCHmb9VbJ2hT8.br.js
Requested by: Host: gfhft42.pages.dev
URL: https://gfhft42.pages.dev/rp/oocd_GLJp7OiNEvIPidegylCzYE.br.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:480:36::212:4016 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash: 7c317940549467b3210d2f72da000bac3481abfde3ac5358d398eb64dcbc8532

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://gfhft42.pages.dev/

Response headers

content-md5: +CLmYDPZ4qSTibcD/NDa/Q==
content-encoding: br
x-ms-version: 2009-09-19
etag: 0x8DCDC64632A6EF0
x-ms-lease-status: unlocked
report-to: {"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://aefd.nelreports.net/api/report?cat=bingaotak"}]}
expires: Mon, 11 Nov 2024 05:27:14 GMT
alt-svc: h3=":443"; ma=93600
date: Sun, 10 Nov 2024 05:17:07 GMT
last-modified: Tue, 24 Sep 2024 06:44:49 GMT
content-type: text/javascript; charset=utf-8
nel: {"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":1.0}
cache-control: public, no-transform, max-age=87007
timing-allow-origin: *
x-ms-request-id: 76d3cfbf-201e-0006-210d-171de8000000
access-control-allow-origin: *
content-length: 323
akamai-grn: 0.30d01702.1729796718.bad286a, 0.56b31402.1731215827.16309111
x-ms-blob-type: BlockBlob
server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0

GET
H2 200 jA1xMqBzlpnpE2ru1-s0ybbi8MM.br.js Show response
r.bing.com/rp/ 37 KB
12 KB 25ms
17ms XHR
text/javascript 2a02:26f0:480:36::212:4016
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://r.bing.com/rp/jA1xMqBzlpnpE2ru1-s0ybbi8MM.br.js
Requested by: Host: gfhft42.pages.dev
URL: https://gfhft42.pages.dev/rp/oocd_GLJp7OiNEvIPidegylCzYE.br.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:480:36::212:4016 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash: 5bb552beb00af20a3a39660decabba8520cf53ff43594d1cd923f9217081d169

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://gfhft42.pages.dev/

Response headers

content-md5: OuXcJlOLJ5YKncHzThxbVw==
content-encoding: br
x-ms-version: 2009-09-19
etag: 0x8DCDC6581B8CB1B
x-ms-lease-status: unlocked
report-to: {"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://aefd.nelreports.net/api/report?cat=bingaotak"}]}
expires: Sun, 10 Nov 2024 19:51:14 GMT
alt-svc: h3=":443"; ma=93600
date: Sun, 10 Nov 2024 05:17:07 GMT
content-type: text/javascript; charset=utf-8
last-modified: Tue, 24 Sep 2024 06:52:50 GMT
nel: {"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":1.0}
cache-control: public, no-transform, max-age=52447
timing-allow-origin: *
x-ms-request-id: 07424600-001e-004e-32dc-2d2661000000
access-control-allow-origin: *
content-length: 12109
akamai-grn: 0.0cd01702.1730786945.3025f76, 0.02d01702.1730948111.10ed5bd5, 0.56b31402.1731215827.16309112
x-ms-blob-type: BlockBlob
server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0

GET
H2 200 hkXWsTcGTHs44QxzZyThd4fbbPM.br.js Show response
r.bing.com/rp/ 310 KB
64 KB 25ms
17ms XHR
text/javascript 2a02:26f0:480:36::212:4016
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://r.bing.com/rp/hkXWsTcGTHs44QxzZyThd4fbbPM.br.js
Requested by: Host: gfhft42.pages.dev
URL: https://gfhft42.pages.dev/rp/oocd_GLJp7OiNEvIPidegylCzYE.br.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:480:36::212:4016 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash: e2e4d97c20d4478e8e947480c8f6c71a2c795776d405366be70db82e4ea4ba77

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://gfhft42.pages.dev/

Response headers

content-md5: cQ12N8x+IbYv0+/mq6H9Jw==
content-encoding: br
x-ms-version: 2009-09-19
etag: 0x8DCDC651552FCB4
x-ms-lease-status: unlocked
report-to: {"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://aefd.nelreports.net/api/report?cat=bingaotak"}]}
expires: Tue, 12 Nov 2024 12:47:45 GMT
alt-svc: h3=":443"; ma=93600
date: Sun, 10 Nov 2024 05:17:07 GMT
last-modified: Tue, 24 Sep 2024 06:49:48 GMT
content-type: text/javascript; charset=utf-8
cache-control: public, no-transform, max-age=199838
timing-allow-origin: *
nel: {"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":1.0}
x-ms-request-id: 0884ff7f-501e-002b-17bf-1b9e28000000
access-control-allow-origin: *
content-length: 64993
akamai-grn: 0.56b31402.1731215827.16309113
x-ms-blob-type: BlockBlob
server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0

GET
H2 200 V793ayrBYjBUm-0gdrJPAEYeUiw.br.js Show response
r.bing.com/rp/ 13 KB
6 KB 28ms
21ms XHR
text/javascript 2a02:26f0:480:36::212:4016
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://r.bing.com/rp/V793ayrBYjBUm-0gdrJPAEYeUiw.br.js
Requested by: Host: gfhft42.pages.dev
URL: https://gfhft42.pages.dev/rp/oocd_GLJp7OiNEvIPidegylCzYE.br.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:480:36::212:4016 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash: 429c376160336dc6f748e45c07ddc068b24635f25a816f9a23d2ac733aad914f

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://gfhft42.pages.dev/

Response headers

content-md5: dbzAhNDtA54biTyiiODCKw==
content-encoding: br
x-ms-version: 2009-09-19
etag: 0x8DCDC62330B5348
x-ms-lease-status: unlocked
report-to: {"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://aefd.nelreports.net/api/report?cat=bingaotak"}]}
expires: Wed, 13 Nov 2024 20:14:02 GMT
alt-svc: h3=":443"; ma=93600
date: Sun, 10 Nov 2024 05:17:07 GMT
content-type: text/javascript; charset=utf-8
last-modified: Tue, 24 Sep 2024 06:29:10 GMT
cache-control: public, no-transform, max-age=313015
timing-allow-origin: *
nel: {"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":1.0}
x-ms-request-id: 90180520-c01e-0025-7a1a-327223000000
access-control-allow-origin: *
content-length: 5070
akamai-grn: 0.56b31402.1731215827.16309114
x-ms-blob-type: BlockBlob
server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0

GET
H2 200 rhoAAnBKNrjuZ6KOQW4ihvA6Uvo.br.js Show response
r.bing.com/rp/ 385 KB
138 KB 14ms
6ms XHR
text/javascript 2a02:26f0:480:36::212:4016
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://r.bing.com/rp/rhoAAnBKNrjuZ6KOQW4ihvA6Uvo.br.js
Requested by: Host: gfhft42.pages.dev
URL: https://gfhft42.pages.dev/rp/oocd_GLJp7OiNEvIPidegylCzYE.br.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:480:36::212:4016 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash: a84e6acc83f595fa5fc3d3603cb1589c3f10a597ce4f3fa930674a66cd9928f1

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://gfhft42.pages.dev/

Response headers

content-md5: yHJH/TCzQQXcqM0pQIfq+w==
content-encoding: br
x-ms-version: 2009-09-19
etag: 0x8DCFFD2D41EED53
x-ms-lease-status: unlocked
report-to: {"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://aefd.nelreports.net/api/report?cat=bingaotak"}]}
expires: Wed, 13 Nov 2024 17:45:29 GMT
alt-svc: h3=":443"; ma=93600
date: Sun, 10 Nov 2024 05:17:07 GMT
content-type: text/javascript; charset=utf-8
last-modified: Fri, 08 Nov 2024 08:53:34 GMT
nel: {"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":1.0}
cache-control: public, no-transform, max-age=304102
timing-allow-origin: *
x-ms-request-id: 59bef361-a01e-003e-1905-325cb1000000
access-control-allow-origin: *
content-length: 140831
akamai-grn: 0.15d01702.1731095569.368aac3, 0.3bd01702.1731108933.ff6abf6, 0.56b31402.1731215827.16309115
x-ms-blob-type: BlockBlob
server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0

GET
H2 200 ZDuP1RxmIvW4zmuvz53att_oXdo.br.js Show response
r.bing.com/rp/ 561 B
867 B 32ms
24ms XHR
text/javascript 2a02:26f0:480:36::212:4016
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://r.bing.com/rp/ZDuP1RxmIvW4zmuvz53att_oXdo.br.js
Requested by: Host: gfhft42.pages.dev
URL: https://gfhft42.pages.dev/rp/oocd_GLJp7OiNEvIPidegylCzYE.br.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:480:36::212:4016 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash: 88d86fe4ad7534bb5d79d6ceafdc527ade975d07f49a856ce0ee6783161516c3

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://gfhft42.pages.dev/

Response headers

content-md5: E/pkYW4bCY7jX+uKzdO4Xg==
content-encoding: br
x-ms-version: 2009-09-19
etag: 0x8DCDC630D29D4DA
x-ms-lease-status: unlocked
report-to: {"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://aefd.nelreports.net/api/report?cat=bingaotak"}]}
expires: Mon, 11 Nov 2024 19:43:35 GMT
alt-svc: h3=":443"; ma=93600
date: Sun, 10 Nov 2024 05:17:07 GMT
last-modified: Tue, 24 Sep 2024 06:35:16 GMT
content-type: text/javascript; charset=utf-8
cache-control: public, no-transform, max-age=138388
timing-allow-origin: *
nel: {"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":1.0}
x-ms-request-id: 9f0c72fe-501e-0064-5c7f-175a30000000
access-control-allow-origin: *
content-length: 252
akamai-grn: 0.56b31402.1731215827.1630911a
x-ms-blob-type: BlockBlob
server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0

GET
H2 200 bll21ZO27j3KPE27uQBxt24c2Fw.br.js Show response
r.bing.com/rp/ 552 KB
85 KB 32ms
24ms XHR
text/javascript 2a02:26f0:480:36::212:4016
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://r.bing.com/rp/bll21ZO27j3KPE27uQBxt24c2Fw.br.js
Requested by: Host: gfhft42.pages.dev
URL: https://gfhft42.pages.dev/rp/oocd_GLJp7OiNEvIPidegylCzYE.br.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:480:36::212:4016 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash: 0bd4e3aff07fa67e913ddcab8cf93980a472626a9c6043da546253700f344d52

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://gfhft42.pages.dev/

Response headers

content-md5: dOM7S1T00fPaBqtHxZNqEw==
content-encoding: br
x-ms-version: 2009-09-19
etag: 0x8DCDC63C057D2C3
x-ms-lease-status: unlocked
report-to: {"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://aefd.nelreports.net/api/report?cat=bingaotak"}]}
expires: Mon, 11 Nov 2024 17:44:26 GMT
alt-svc: h3=":443"; ma=93600
date: Sun, 10 Nov 2024 05:17:07 GMT
last-modified: Tue, 24 Sep 2024 06:40:16 GMT
content-type: text/javascript; charset=utf-8
nel: {"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":1.0}
cache-control: public, no-transform, max-age=131239
timing-allow-origin: *
x-ms-request-id: 55afecef-d01e-0018-7eb7-17c705000000
access-control-allow-origin: *
content-length: 86451
akamai-grn: 0.0cd01702.1729702286.9ce10a7, 0.56b31402.1731215827.1630911b
x-ms-blob-type: BlockBlob
server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0

GET
H2 200 LDPtmbi_w4y1oa90D_hi6HqB1QI.br.js Show response
r.bing.com/rp/ 3 KB
2 KB 33ms
26ms XHR
text/javascript 2a02:26f0:480:36::212:4016
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://r.bing.com/rp/LDPtmbi_w4y1oa90D_hi6HqB1QI.br.js
Requested by: Host: gfhft42.pages.dev
URL: https://gfhft42.pages.dev/rp/oocd_GLJp7OiNEvIPidegylCzYE.br.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:480:36::212:4016 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash: a6347b4c2628cedfeb5757743849800bcce481b54a8d351c2fc1f9b80d3d4c81

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://gfhft42.pages.dev/

Response headers

content-md5: 5UPX20ax2WExB2sNDDWlCg==
content-encoding: br
x-ms-version: 2009-09-19
etag: 0x8DCDC60009B36FF
x-ms-lease-status: unlocked
report-to: {"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://aefd.nelreports.net/api/report?cat=bingaotak"}]}
expires: Mon, 11 Nov 2024 13:14:50 GMT
alt-svc: h3=":443"; ma=93600
date: Sun, 10 Nov 2024 05:17:07 GMT
last-modified: Tue, 24 Sep 2024 06:13:26 GMT
content-type: text/javascript; charset=utf-8
cache-control: public, no-transform, max-age=115063
timing-allow-origin: *
nel: {"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":1.0}
x-ms-request-id: 3229abd4-f01e-0026-5101-187124000000
access-control-allow-origin: *
content-length: 1554
akamai-grn: 0.56b31402.1731215827.16309120
x-ms-blob-type: BlockBlob
server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0

GET
H2 200 fRPi0Fb1vDrxqdzIfEwP1G-sDQw.br.js Show response
r.bing.com/rp/ 6 KB
3 KB 35ms
27ms XHR
text/javascript 2a02:26f0:480:36::212:4016
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://r.bing.com/rp/fRPi0Fb1vDrxqdzIfEwP1G-sDQw.br.js
Requested by: Host: gfhft42.pages.dev
URL: https://gfhft42.pages.dev/rp/oocd_GLJp7OiNEvIPidegylCzYE.br.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:480:36::212:4016 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash: c01f1113020ec6201098a6690849ca3df40dcbc0f6fe9c7827fb616bbf8fa05b

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://gfhft42.pages.dev/

Response headers

content-md5: aaFACG/wrQSI1YwC6/zyMQ==
content-encoding: br
x-ms-version: 2009-09-19
etag: 0x8DCDC648C07608A
x-ms-lease-status: unlocked
report-to: {"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://aefd.nelreports.net/api/report?cat=bingaotak"}]}
expires: Mon, 11 Nov 2024 14:44:24 GMT
alt-svc: h3=":443"; ma=93600
date: Sun, 10 Nov 2024 05:17:07 GMT
last-modified: Tue, 24 Sep 2024 06:45:58 GMT
content-type: text/javascript; charset=utf-8
cache-control: public, no-transform, max-age=120437
timing-allow-origin: *
nel: {"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":1.0}
x-ms-request-id: 1da334c6-f01e-0026-5da6-167124000000
access-control-allow-origin: *
content-length: 2040
akamai-grn: 0.56b31402.1731215827.16309121
x-ms-blob-type: BlockBlob
server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0

GET
H2 200 lmu8EBCaPRMKtay8LSArGyY3mv4.br.js Show response
r.bing.com/rp/ 1 B
0 7ms
7ms XHR
text/javascript 2a02:26f0:480:36::212:4016
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://r.bing.com/rp/lmu8EBCaPRMKtay8LSArGyY3mv4.br.js
Requested by: Host: gfhft42.pages.dev
URL: https://gfhft42.pages.dev/rp/oocd_GLJp7OiNEvIPidegylCzYE.br.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:480:36::212:4016 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash: 5feceb66ffc86f38d952786c6d696c79c2dbc239dd4e91b46729d73a27fb57e9

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://gfhft42.pages.dev/

Response headers

content-md5: 5aqSHeuG+BOAJrucJAgg+w==
content-encoding: br
x-ms-version: 2009-09-19
etag: 0x8DCDC65EBC9AAE4
x-ms-lease-status: unlocked
report-to: {"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://aefd.nelreports.net/api/report?cat=bingaotak"}]}
expires: Wed, 13 Nov 2024 21:16:57 GMT
alt-svc: h3=":443"; ma=93600
date: Sun, 10 Nov 2024 05:17:07 GMT
last-modified: Tue, 24 Sep 2024 06:55:48 GMT
content-type: text/javascript; charset=utf-8
cache-control: public, no-transform, max-age=316790
timing-allow-origin: *
nel: {"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":1.0}
x-ms-request-id: de9e8402-a01e-0053-3e78-17f69f000000
access-control-allow-origin: *
content-length: 5
akamai-grn: 0.56b31402.1731215827.16308f62
x-ms-blob-type: BlockBlob
server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0

GET
H2 200 8xkvUeJjS0zgx9UJLaoz8Ih_Yy4.br.js Show response
r.bing.com/rp/ 1 KB
1 KB 34ms
27ms XHR
text/javascript 2a02:26f0:480:36::212:4016
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://r.bing.com/rp/8xkvUeJjS0zgx9UJLaoz8Ih_Yy4.br.js
Requested by: Host: gfhft42.pages.dev
URL: https://gfhft42.pages.dev/rp/oocd_GLJp7OiNEvIPidegylCzYE.br.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:480:36::212:4016 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash: f332b88324f67c9deb79ca7d33bd57f161e39567e774e4fdd5c0509205e60b9b

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://gfhft42.pages.dev/

Response headers

content-md5: 1nLWdicDwxe3KsJ1SxmxmQ==
x-ms-version: 2009-09-19
x-ms-lease-status: unlocked
etag: 0x8DCEC87979A4FF0
content-encoding: gzip
report-to: {"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://aefd.nelreports.net/api/report?cat=bingaotak"}]}
expires: Sun, 10 Nov 2024 21:35:40 GMT
alt-svc: h3=":443"; ma=93600
date: Sun, 10 Nov 2024 05:17:07 GMT
content-type: text/javascript; charset=utf-8
last-modified: Mon, 14 Oct 2024 19:37:08 GMT
vary: Accept-Encoding
cache-control: public, no-transform, max-age=58713
timing-allow-origin: *
nel: {"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":1.0}
x-ms-request-id: c89e97d6-201e-007b-36ca-2f8834000000
access-control-allow-origin: *
content-length: 622
akamai-grn: 0.56b31402.1731215827.1630912a
x-ms-blob-type: BlockBlob
server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0

GET
H2 200 kdaXFKcmbJ_ZSIFJtGtj5iaX3Rs.br.js Show response
r.bing.com/rp/ 5 KB
3 KB 35ms
28ms XHR
text/javascript 2a02:26f0:480:36::212:4016
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://r.bing.com/rp/kdaXFKcmbJ_ZSIFJtGtj5iaX3Rs.br.js
Requested by: Host: gfhft42.pages.dev
URL: https://gfhft42.pages.dev/rp/oocd_GLJp7OiNEvIPidegylCzYE.br.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:480:36::212:4016 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash: d367ea014ef1c234179a9060527687703c3c72ecb530ab733aa08b61144286fc

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://gfhft42.pages.dev/

Response headers

content-md5: yv1o3px24LghjlwhG91WGA==
content-encoding: br
x-ms-version: 2009-09-19
etag: 0x8DCDC659E335614
x-ms-lease-status: unlocked
report-to: {"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://aefd.nelreports.net/api/report?cat=bingaotak"}]}
expires: Tue, 12 Nov 2024 08:17:16 GMT
alt-svc: h3=":443"; ma=93600
date: Sun, 10 Nov 2024 05:17:07 GMT
last-modified: Tue, 24 Sep 2024 06:53:38 GMT
content-type: text/javascript; charset=utf-8
cache-control: public, no-transform, max-age=183609
timing-allow-origin: *
nel: {"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":1.0}
x-ms-request-id: c48922ab-401e-001d-6c95-18337a000000
access-control-allow-origin: *
content-length: 2385
akamai-grn: 0.56b31402.1731215827.1630912b
x-ms-blob-type: BlockBlob
server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0

GET
H2 200 xrUJJ8sN8ucbiFbMJle3n0IfRwU.br.js Show response
r.bing.com/rp/ 257 B
763 B 34ms
28ms XHR
text/javascript 2a02:26f0:480:36::212:4016
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://r.bing.com/rp/xrUJJ8sN8ucbiFbMJle3n0IfRwU.br.js
Requested by: Host: gfhft42.pages.dev
URL: https://gfhft42.pages.dev/rp/oocd_GLJp7OiNEvIPidegylCzYE.br.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:480:36::212:4016 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash: a5b4181611e951faecd6c164d704569c633e95fe68d3d1934b911a089ebf70e8

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://gfhft42.pages.dev/

Response headers

content-md5: JiWcdaDQ1Cccduc8L4eReg==
content-encoding: br
x-ms-version: 2009-09-19
etag: 0x8DCDC687B0F78AF
x-ms-lease-status: unlocked
report-to: {"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://aefd.nelreports.net/api/report?cat=bingaotak"}]}
expires: Mon, 11 Nov 2024 23:26:53 GMT
alt-svc: h3=":443"; ma=93600
date: Sun, 10 Nov 2024 05:17:07 GMT
last-modified: Tue, 24 Sep 2024 07:14:07 GMT
content-type: text/javascript; charset=utf-8
cache-control: public, no-transform, max-age=151786
timing-allow-origin: *
nel: {"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":1.0}
x-ms-request-id: de9f7e7e-a01e-0053-7079-17f69f000000
access-control-allow-origin: *
content-length: 151
akamai-grn: 0.56b31402.1731215827.1630912c
x-ms-blob-type: BlockBlob
server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0

GET
H2 200 LXu4eYVt3NhFk3Ud9ZbhZ_PYFaA.br.js Show response
r.bing.com/rp/ 426 B
851 B 34ms
28ms XHR
text/javascript 2a02:26f0:480:36::212:4016
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://r.bing.com/rp/LXu4eYVt3NhFk3Ud9ZbhZ_PYFaA.br.js
Requested by: Host: gfhft42.pages.dev
URL: https://gfhft42.pages.dev/rp/oocd_GLJp7OiNEvIPidegylCzYE.br.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:480:36::212:4016 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash: 3ed65f33193430c0b9db61ffe7f5fe27b29f86a28563992c3afc47d4c22c23d7

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://gfhft42.pages.dev/

Response headers

content-md5: QTej8D3Nf9S3dS9wyAdElQ==
content-encoding: br
x-ms-version: 2009-09-19
etag: 0x8DCDC600E9B2277
x-ms-lease-status: unlocked
report-to: {"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://aefd.nelreports.net/api/report?cat=bingaotak"}]}
expires: Sun, 10 Nov 2024 18:56:00 GMT
alt-svc: h3=":443"; ma=93600
date: Sun, 10 Nov 2024 05:17:07 GMT
last-modified: Tue, 24 Sep 2024 06:13:49 GMT
content-type: text/javascript; charset=utf-8
cache-control: public, no-transform, max-age=49133
timing-allow-origin: *
nel: {"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":1.0}
x-ms-request-id: be1a3135-f01e-0062-5a5e-15ad48000000
access-control-allow-origin: *
content-length: 238
akamai-grn: 0.56b31402.1731215827.1630912d
x-ms-blob-type: BlockBlob
server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0

GET
H2 200 JXkjDPywJD9oeuWPLy7bD8Jc6mw.br.js Show response
r.bing.com/rp/ 423 B
950 B 34ms
28ms XHR
text/javascript 2a02:26f0:480:36::212:4016
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://r.bing.com/rp/JXkjDPywJD9oeuWPLy7bD8Jc6mw.br.js
Requested by: Host: gfhft42.pages.dev
URL: https://gfhft42.pages.dev/rp/oocd_GLJp7OiNEvIPidegylCzYE.br.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:480:36::212:4016 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash: af8c36defed55d79106513865f69933e546e1e4c361e41c29f65905ded009047

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://gfhft42.pages.dev/

Response headers

content-md5: Dsb9bELHm1DHL/PEEhsR3g==
x-ms-version: 2009-09-19
x-ms-lease-status: unlocked
etag: 0x8DCDC5F9EF7BA5F
content-encoding: gzip
report-to: {"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://aefd.nelreports.net/api/report?cat=bingaotak"}]}
expires: Mon, 11 Nov 2024 10:04:46 GMT
alt-svc: h3=":443"; ma=93600
date: Sun, 10 Nov 2024 05:17:07 GMT
last-modified: Tue, 24 Sep 2024 06:10:42 GMT
content-type: text/javascript; charset=utf-8
vary: Accept-Encoding
nel: {"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":1.0}
cache-control: public, no-transform, max-age=103659
timing-allow-origin: *
x-ms-request-id: 0f146ab1-e01e-0032-7324-1bb240000000
access-control-allow-origin: *
content-length: 290
akamai-grn: 0.15d01702.1729313675.b0c4911, 0.56b31402.1731215827.1630912e
x-ms-blob-type: BlockBlob
server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0

GET
H2 200 ilbkF5vv0sk3tJ8LDY0Nm39p12g.br.js Show response
r.bing.com/rp/ 425 B
904 B 34ms
28ms XHR
text/javascript 2a02:26f0:480:36::212:4016
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://r.bing.com/rp/ilbkF5vv0sk3tJ8LDY0Nm39p12g.br.js
Requested by: Host: gfhft42.pages.dev
URL: https://gfhft42.pages.dev/rp/oocd_GLJp7OiNEvIPidegylCzYE.br.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:480:36::212:4016 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash: 08021ed3bca5532304b597e636beb939ff7baa6d08dca4e94c0dde1fdf940389

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://gfhft42.pages.dev/

Response headers

content-md5: mOWXO8D36JvtqS/wRuZISQ==
content-encoding: br
x-ms-version: 2009-09-19
etag: 0x8DCDC65377BDEB5
x-ms-lease-status: unlocked
report-to: {"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://aefd.nelreports.net/api/report?cat=bingaotak"}]}
expires: Tue, 12 Nov 2024 01:45:36 GMT
alt-svc: h3=":443"; ma=93600
date: Sun, 10 Nov 2024 05:17:07 GMT
last-modified: Tue, 24 Sep 2024 06:50:46 GMT
content-type: text/javascript; charset=utf-8
nel: {"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":1.0}
cache-control: public, no-transform, max-age=160109
timing-allow-origin: *
x-ms-request-id: f72e5903-301e-003b-49bc-17a8ce000000
access-control-allow-origin: *
content-length: 258
akamai-grn: 0.05d01702.1728637785.9d3b4b3, 0.56b31402.1731215827.1630912f
x-ms-blob-type: BlockBlob
server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0

GET
H2 200 OCtnrJQ3aJVfEzdQOhoPYEPIYE0.br.js Show response
r.bing.com/rp/ 22 KB
9 KB 34ms
28ms XHR
text/javascript 2a02:26f0:480:36::212:4016
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://r.bing.com/rp/OCtnrJQ3aJVfEzdQOhoPYEPIYE0.br.js
Requested by: Host: gfhft42.pages.dev
URL: https://gfhft42.pages.dev/rp/oocd_GLJp7OiNEvIPidegylCzYE.br.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:480:36::212:4016 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash: 78aa31d0b825a124c7ca14f4fe049560d1bdd186e8cdd7785be87c1d005384e4

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://gfhft42.pages.dev/

Response headers

content-md5: mIcl6ojhBI+ViFkAi8D5vw==
content-encoding: br
x-ms-version: 2009-09-19
etag: 0x8DCF8AA35C6F992
x-ms-lease-status: unlocked
report-to: {"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://aefd.nelreports.net/api/report?cat=bingaotak"}]}
expires: Tue, 12 Nov 2024 10:03:12 GMT
alt-svc: h3=":443"; ma=93600
date: Sun, 10 Nov 2024 05:17:07 GMT
last-modified: Wed, 30 Oct 2024 06:15:11 GMT
content-type: text/javascript; charset=utf-8
nel: {"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":1.0}
cache-control: public, no-transform, max-age=189965
timing-allow-origin: *
x-ms-request-id: aee4d046-d01e-0013-23e9-2adf71000000
access-control-allow-origin: *
content-length: 9011
akamai-grn: 0.39d01702.1730319329.19895f9f, 0.56b31402.1731215827.16309130
x-ms-blob-type: BlockBlob
server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0

GET
H2 200 MjkKTrIX9w2UKVd1W1WV1Gj2zWM.br.js Show response
r.bing.com/rp/ 938 B
1 KB 34ms
29ms XHR
text/javascript 2a02:26f0:480:36::212:4016
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://r.bing.com/rp/MjkKTrIX9w2UKVd1W1WV1Gj2zWM.br.js
Requested by: Host: gfhft42.pages.dev
URL: https://gfhft42.pages.dev/rp/oocd_GLJp7OiNEvIPidegylCzYE.br.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:480:36::212:4016 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash: f2c5677d58718ae60f7f4e98351643afeb8ad7fdfe4b2b6af0b7b63108cb7071

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://gfhft42.pages.dev/

Response headers

content-md5: YFrAklqNwGuL+H5Q5yxZnw==
x-ms-version: 2009-09-19
x-ms-lease-status: unlocked
etag: 0x8DCDC604D6BCADD
content-encoding: gzip
report-to: {"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://aefd.nelreports.net/api/report?cat=bingaotak"}]}
expires: Sun, 10 Nov 2024 15:06:29 GMT
alt-svc: h3=":443"; ma=93600
date: Sun, 10 Nov 2024 05:17:07 GMT
last-modified: Tue, 24 Sep 2024 06:15:35 GMT
content-type: text/javascript; charset=utf-8
vary: Accept-Encoding
nel: {"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":1.0}
cache-control: public, no-transform, max-age=35362
timing-allow-origin: *
x-ms-request-id: 9c9ff1d5-801e-0066-528e-1558ca000000
access-control-allow-origin: *
content-length: 512
akamai-grn: 0.1cd01702.1729853994.19f75053, 0.56b31402.1731215827.16309131
x-ms-blob-type: BlockBlob
server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0

GET
H2 200 Gyuq2bqitqDJM0BeAkbKXGlQXNw.br.js Show response
r.bing.com/rp/ 1 KB
1 KB 35ms
29ms XHR
text/javascript 2a02:26f0:480:36::212:4016
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://r.bing.com/rp/Gyuq2bqitqDJM0BeAkbKXGlQXNw.br.js
Requested by: Host: gfhft42.pages.dev
URL: https://gfhft42.pages.dev/rp/oocd_GLJp7OiNEvIPidegylCzYE.br.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:480:36::212:4016 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash: 8e572950cbda0558f7b9563ce4f5017e06bc9c262cf487e33927a948f8d78f7f

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://gfhft42.pages.dev/

Response headers

content-md5: wQmZQwuzNQKGWvk013IgpA==
content-encoding: br
x-ms-version: 2009-09-19
etag: 0x8DCDC5F1663B480
x-ms-lease-status: unlocked
report-to: {"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://aefd.nelreports.net/api/report?cat=bingaotak"}]}
expires: Mon, 11 Nov 2024 17:27:09 GMT
alt-svc: h3=":443"; ma=93600
date: Sun, 10 Nov 2024 05:17:07 GMT
last-modified: Tue, 24 Sep 2024 06:06:53 GMT
content-type: text/javascript; charset=utf-8
cache-control: public, no-transform, max-age=130202
timing-allow-origin: *
nel: {"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":1.0}
x-ms-request-id: 935d8deb-c01e-000c-102a-150461000000
access-control-allow-origin: *
content-length: 714
akamai-grn: 0.56b31402.1731215827.16309132
x-ms-blob-type: BlockBlob
server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0

GET
H2 200 n21aGRCN5EKHB3qObygw029dyNU.br.js Show response
r.bing.com/rp/ 2 KB
1 KB 34ms
29ms XHR
text/javascript 2a02:26f0:480:36::212:4016
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://r.bing.com/rp/n21aGRCN5EKHB3qObygw029dyNU.br.js
Requested by: Host: gfhft42.pages.dev
URL: https://gfhft42.pages.dev/rp/oocd_GLJp7OiNEvIPidegylCzYE.br.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:480:36::212:4016 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash: 04a007926a68bb33e36202eb27f53882af7fd009c1ec3ad7177fba380a5fb96f

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://gfhft42.pages.dev/

Response headers

content-md5: hRrTe9xFPcEQGLGPgVvjhw==
content-encoding: br
x-ms-version: 2009-09-19
etag: 0x8DCDC66220B7293
x-ms-lease-status: unlocked
report-to: {"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://aefd.nelreports.net/api/report?cat=bingaotak"}]}
expires: Mon, 11 Nov 2024 07:58:21 GMT
alt-svc: h3=":443"; ma=93600
date: Sun, 10 Nov 2024 05:17:07 GMT
last-modified: Tue, 24 Sep 2024 06:57:19 GMT
content-type: text/javascript; charset=utf-8
cache-control: public, no-transform, max-age=96074
timing-allow-origin: *
nel: {"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":1.0}
x-ms-request-id: 4f538754-801e-000b-56d9-15f2e4000000
access-control-allow-origin: *
content-length: 806
akamai-grn: 0.56b31402.1731215827.16309133
x-ms-blob-type: BlockBlob
server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0

GET
H2 200 8CgcSSLayxEVUBf0swP_bQGMId8.br.js Show response
r.bing.com/rp/ 226 B
770 B 35ms
29ms XHR
text/javascript 2a02:26f0:480:36::212:4016
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://r.bing.com/rp/8CgcSSLayxEVUBf0swP_bQGMId8.br.js
Requested by: Host: gfhft42.pages.dev
URL: https://gfhft42.pages.dev/rp/oocd_GLJp7OiNEvIPidegylCzYE.br.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:480:36::212:4016 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash: 8b4d85985e62c264c03c88b31e68dbabdcc9bd42f40032a43800902261ff373f

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://gfhft42.pages.dev/

Response headers

content-md5: 0ApKmxnWdlgJ/r3VvxbmFQ==
content-encoding: br
x-ms-version: 2009-09-19
etag: 0x8DCDC5D2377F40E
x-ms-lease-status: unlocked
report-to: {"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://aefd.nelreports.net/api/report?cat=bingaotak"}]}
expires: Tue, 12 Nov 2024 15:31:44 GMT
alt-svc: h3=":443"; ma=93600
date: Sun, 10 Nov 2024 05:17:07 GMT
last-modified: Tue, 24 Sep 2024 05:52:56 GMT
content-type: text/javascript; charset=utf-8
cache-control: public, no-transform, max-age=209677
timing-allow-origin: *
nel: {"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":1.0}
x-ms-request-id: 900b7e4f-301e-0030-31d8-15b0ba000000
access-control-allow-origin: *
content-length: 156
akamai-grn: 0.56b31402.1731215827.16309134
x-ms-blob-type: BlockBlob
server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0

GET
H2 200 V_fBQ_iVmAgE_Ta_T-6BNXc0ZY4.br.js Show response
r.bing.com/rp/ 576 B
983 B 35ms
30ms XHR
text/javascript 2a02:26f0:480:36::212:4016
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://r.bing.com/rp/V_fBQ_iVmAgE_Ta_T-6BNXc0ZY4.br.js
Requested by: Host: gfhft42.pages.dev
URL: https://gfhft42.pages.dev/rp/oocd_GLJp7OiNEvIPidegylCzYE.br.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:480:36::212:4016 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash: 1562669ad323019cda49a6cf3bddece1672282e7275f9d963031b30ea845ffb2

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://gfhft42.pages.dev/

Response headers

content-md5: xl2SFLZCQEcsZUNAUSfMmA==
content-encoding: br
x-ms-version: 2009-09-19
etag: 0x8DCDC6241BA29EA
x-ms-lease-status: unlocked
report-to: {"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://aefd.nelreports.net/api/report?cat=bingaotak"}]}
expires: Wed, 13 Nov 2024 09:28:05 GMT
alt-svc: h3=":443"; ma=93600
date: Sun, 10 Nov 2024 05:17:07 GMT
last-modified: Tue, 24 Sep 2024 06:29:34 GMT
content-type: text/javascript; charset=utf-8
cache-control: public, no-transform, max-age=274258
timing-allow-origin: *
nel: {"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":1.0}
x-ms-request-id: ef8ced86-c01e-0048-79ce-17d80d000000
access-control-allow-origin: *
content-length: 368
akamai-grn: 0.56b31402.1731215827.16309135
x-ms-blob-type: BlockBlob
server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0

GET
H2 200 C7TuoP5bfHv-CZlMHZy7yfvI4Fk.br.js Show response
r.bing.com/rp/ 328 B
816 B 34ms
30ms XHR
text/javascript 2a02:26f0:480:36::212:4016
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://r.bing.com/rp/C7TuoP5bfHv-CZlMHZy7yfvI4Fk.br.js
Requested by: Host: gfhft42.pages.dev
URL: https://gfhft42.pages.dev/rp/oocd_GLJp7OiNEvIPidegylCzYE.br.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:480:36::212:4016 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash: 243d212a9ff764ccda9b19c3c823b2f408a0718e56a3e7a8b5b533e108db56cb

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://gfhft42.pages.dev/

Response headers

content-md5: QIcJkitTo2dw/Udpu2lXSg==
content-encoding: br
x-ms-version: 2009-09-19
etag: 0x8DCDC5E15C3381C
x-ms-lease-status: unlocked
report-to: {"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://aefd.nelreports.net/api/report?cat=bingaotak"}]}
expires: Fri, 15 Nov 2024 04:16:27 GMT
alt-svc: h3=":443"; ma=93600
date: Sun, 10 Nov 2024 05:17:07 GMT
last-modified: Tue, 24 Sep 2024 05:59:42 GMT
content-type: text/javascript; charset=utf-8
cache-control: public, no-transform, max-age=428360
timing-allow-origin: *
nel: {"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":1.0}
x-ms-request-id: e289b1fa-d01e-0013-1933-17df71000000
access-control-allow-origin: *
content-length: 203
akamai-grn: 0.56b31402.1731215827.16309136
x-ms-blob-type: BlockBlob
server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0

GET
H2 200 _2I169N92jVtSc_VEsV0nma5sRY.br.js Show response
r.bing.com/rp/ 622 B
926 B 35ms
30ms XHR
text/javascript 2a02:26f0:480:36::212:4016
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://r.bing.com/rp/_2I169N92jVtSc_VEsV0nma5sRY.br.js
Requested by: Host: gfhft42.pages.dev
URL: https://gfhft42.pages.dev/rp/oocd_GLJp7OiNEvIPidegylCzYE.br.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:480:36::212:4016 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash: a0a1cee602080757fbadb2d23ead2bbb8b0726b82fdb2ed654da4403f1e78ef1

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://gfhft42.pages.dev/

Response headers

content-md5: Ij6CMW7d9STrT+a4Nf7dFA==
content-encoding: br
x-ms-version: 2009-09-19
etag: 0x8DCDC63331FF483
x-ms-lease-status: unlocked
report-to: {"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://aefd.nelreports.net/api/report?cat=bingaotak"}]}
expires: Mon, 11 Nov 2024 19:14:49 GMT
alt-svc: h3=":443"; ma=93600
date: Sun, 10 Nov 2024 05:17:07 GMT
last-modified: Tue, 24 Sep 2024 06:36:19 GMT
content-type: text/javascript; charset=utf-8
cache-control: public, no-transform, max-age=136662
timing-allow-origin: *
nel: {"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":1.0}
x-ms-request-id: ea381d3c-001e-0055-3769-1701e7000000
access-control-allow-origin: *
content-length: 312
akamai-grn: 0.56b31402.1731215827.16309137
x-ms-blob-type: BlockBlob
server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0

GET
H2 200 gKwIRAF4fg7noG1zyeUz8x3Jdhc.br.js Show response
r.bing.com/rp/ 924 B
1 KB 35ms
30ms XHR
text/javascript 2a02:26f0:480:36::212:4016
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://r.bing.com/rp/gKwIRAF4fg7noG1zyeUz8x3Jdhc.br.js
Requested by: Host: gfhft42.pages.dev
URL: https://gfhft42.pages.dev/rp/oocd_GLJp7OiNEvIPidegylCzYE.br.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:480:36::212:4016 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash: 15ed1579bccf1571a7d8b888226e9fe455aca5628684419d1a18f7cda68af89e

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://gfhft42.pages.dev/

Response headers

content-md5: rSmdN6tN5TS/1yEQ8Z6pNA==
content-encoding: br
x-ms-version: 2009-09-19
etag: 0x8DCDC64B5831289
x-ms-lease-status: unlocked
report-to: {"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://aefd.nelreports.net/api/report?cat=bingaotak"}]}
expires: Thu, 14 Nov 2024 16:15:07 GMT
alt-svc: h3=":443"; ma=93600
date: Sun, 10 Nov 2024 05:17:07 GMT
last-modified: Tue, 24 Sep 2024 06:47:07 GMT
content-type: text/javascript; charset=utf-8
cache-control: public, no-transform, max-age=385080
timing-allow-origin: *
nel: {"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":1.0}
x-ms-request-id: d5600e24-d01e-0031-7023-16b147000000
access-control-allow-origin: *
content-length: 492
akamai-grn: 0.56b31402.1731215827.16309138
x-ms-blob-type: BlockBlob
server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0

GET
H2 200 9cuwOQ_qE7qTGKohzrf_gIjTlPI.br.js Show response
r.bing.com/rp/ 3 KB
2 KB 35ms
31ms XHR
text/javascript 2a02:26f0:480:36::212:4016
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://r.bing.com/rp/9cuwOQ_qE7qTGKohzrf_gIjTlPI.br.js
Requested by: Host: gfhft42.pages.dev
URL: https://gfhft42.pages.dev/rp/oocd_GLJp7OiNEvIPidegylCzYE.br.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:480:36::212:4016 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash: e482bf4baaa167335f326b9b4f4b83e806cc21fb428b988a4932c806d918771c

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://gfhft42.pages.dev/

Response headers

content-md5: FXbNzL5WiMdS7y/N9ZEDfg==
content-encoding: br
x-ms-version: 2009-09-19
etag: 0x8DCDC5D73F196CA
x-ms-lease-status: unlocked
report-to: {"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://aefd.nelreports.net/api/report?cat=bingaotak"}]}
expires: Mon, 11 Nov 2024 18:30:08 GMT
alt-svc: h3=":443"; ma=93600
date: Sun, 10 Nov 2024 05:17:07 GMT
last-modified: Tue, 24 Sep 2024 05:55:11 GMT
content-type: text/javascript; charset=utf-8
cache-control: public, no-transform, max-age=133981
timing-allow-origin: *
nel: {"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":1.0}
x-ms-request-id: 6737675a-601e-0023-05fc-16855b000000
access-control-allow-origin: *
content-length: 1532
akamai-grn: 0.56b31402.1731215827.16309139
x-ms-blob-type: BlockBlob
server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0

GET
H2 200 psgXZvzYJMEW2ydikIk493Va1d4.br.js Show response
r.bing.com/rp/ 1 KB
1 KB 35ms
31ms XHR
text/javascript 2a02:26f0:480:36::212:4016
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://r.bing.com/rp/psgXZvzYJMEW2ydikIk493Va1d4.br.js
Requested by: Host: gfhft42.pages.dev
URL: https://gfhft42.pages.dev/rp/oocd_GLJp7OiNEvIPidegylCzYE.br.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:480:36::212:4016 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash: 47cb84d180c1d6ba7578c379bdc396102043b31233544e25a5a6f738bb425ac9

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://gfhft42.pages.dev/

Response headers

content-md5: cbryIH17LuJqgju0sWrerw==
x-ms-version: 2009-09-19
x-ms-lease-status: unlocked
etag: 0x8DCDC66CA2704F8
content-encoding: gzip
report-to: {"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://aefd.nelreports.net/api/report?cat=bingaotak"}]}
expires: Sun, 10 Nov 2024 10:42:51 GMT
alt-svc: h3=":443"; ma=93600
date: Sun, 10 Nov 2024 05:17:07 GMT
last-modified: Tue, 24 Sep 2024 07:02:01 GMT
content-type: text/javascript; charset=utf-8
vary: Accept-Encoding
cache-control: public, no-transform, max-age=19544
timing-allow-origin: *
nel: {"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":1.0}
x-ms-request-id: e0c8f4bc-401e-0070-1e65-159954000000
access-control-allow-origin: *
content-length: 660
akamai-grn: 0.56b31402.1731215827.1630913a
x-ms-blob-type: BlockBlob
server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0

GET
H2 200 nt6a1ZR520utsLoZmSYgwxdOPgI.js Show response
r.bing.com/rs/6v/x2/nj/ 606 B
2 KB 35ms
31ms XHR
application/x-javascript 2a02:26f0:480:36::212:4016
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://r.bing.com/rs/6v/x2/nj/nt6a1ZR520utsLoZmSYgwxdOPgI.js?or=w
Requested by: Host: gfhft42.pages.dev
URL: https://gfhft42.pages.dev/rp/oocd_GLJp7OiNEvIPidegylCzYE.br.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:480:36::212:4016 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: Kestrel /
Resource Hash: 54722cf65ab74a85441a039480691610df079e6dd3316c452667efe4a94ffd39

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://gfhft42.pages.dev/

Response headers

x-as-machinename: DUBEEAP00010626
x-eventid: 672da993c93e4d59ad69fffddcd21354
content-encoding: br
report-to: {"group":"csp-endpoint","max_age":86400,"endpoints":[{"url":"https://aefd.nelreports.net/api/report?cat=bingcsp"}]}, {"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://aefd.nelreports.net/api/report?cat=bingrms"}]}
expires: Wed, 13 Nov 2024 06:03:30 GMT
alt-svc: h3=":443"; ma=93600
x-as-instrumentationoptions: AppServerLoggingMaster=1
x-as-suppresssetcookie: 1
content-type: application/x-javascript; charset=utf-8
last-modified: Mon, 23 Sep 2024 23:58:56 GMT
access-control-allow-headers: *
date: Sun, 10 Nov 2024 05:17:07 GMT
nel: {"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":0.75}
cache-control: public, max-age=261983
timing-allow-origin: *
accept-ch: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, ECT, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
cross-origin-resource-policy: cross-origin
content-security-policy-report-only: script-src https: 'strict-dynamic' 'report-sample' 'wasm-unsafe-eval' 'nonce-dAFvvbzFY82ySqh+kxm8BIYbpvVNsutgYlBAeLEcvOg='; base-uri 'self';report-to csp-endpoint
useragentreductionoptout: A7kgTC5xdZ2WIVGZEfb1hUoNuvjzOZX3VIV/BA6C18kQOOF50Q0D3oWoAm49k3BQImkujKILc7JmPysWk3CSjwUAAACMeyJvcmlnaW4iOiJodHRwczovL3d3dy5iaW5nLmNvbTo0NDMiLCJmZWF0dXJlIjoiU2VuZEZ1bGxVc2VyQWdlbnRBZnRlclJlZHVjdGlvbiIsImV4cGlyeSI6MTY4NDg4NjM5OSwiaXNTdWJkb21haW4iOnRydWUsImlzVGhpcmRQYXJ0eSI6dHJ1ZX0=
access-control-allow-origin: *
content-length: 399
akamai-grn: 0.56b31402.1731215827.1630913b
server: Kestrel

GET
H2 200 5L3iD467J3iJWEPwIjxlK0MMDpY.br.js Show response
r.bing.com/rp/ 2 KB
1 KB 35ms
32ms XHR
text/javascript 2a02:26f0:480:36::212:4016
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://r.bing.com/rp/5L3iD467J3iJWEPwIjxlK0MMDpY.br.js
Requested by: Host: gfhft42.pages.dev
URL: https://gfhft42.pages.dev/rp/oocd_GLJp7OiNEvIPidegylCzYE.br.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:480:36::212:4016 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash: e90558eb19208ad73f0de1cd9839d0317594bf23da0514f51272bf27183f01da

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://gfhft42.pages.dev/

Response headers

content-md5: yaTET5I1fmUKhVemn0wu5w==
content-encoding: br
x-ms-version: 2009-09-19
etag: 0x8DCEC884215D06E
x-ms-lease-status: unlocked
report-to: {"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://aefd.nelreports.net/api/report?cat=bingaotak"}]}
expires: Mon, 11 Nov 2024 07:56:52 GMT
alt-svc: h3=":443"; ma=93600
date: Sun, 10 Nov 2024 05:17:07 GMT
last-modified: Mon, 14 Oct 2024 19:41:54 GMT
content-type: text/javascript; charset=utf-8
cache-control: public, no-transform, max-age=95985
timing-allow-origin: *
nel: {"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":1.0}
x-ms-request-id: 8b525d46-801e-000b-5147-20f2e4000000
access-control-allow-origin: *
content-length: 772
akamai-grn: 0.56b31402.1731215827.1630913c
x-ms-blob-type: BlockBlob
server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0

GET
H2 200 awRIKLY04rWw5wNlVL186SolQSo.br.js Show response
r.bing.com/rp/ 34 KB
8 KB 51ms
47ms XHR
text/javascript 2a02:26f0:480:36::212:4016
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://r.bing.com/rp/awRIKLY04rWw5wNlVL186SolQSo.br.js
Requested by: Host: gfhft42.pages.dev
URL: https://gfhft42.pages.dev/rp/oocd_GLJp7OiNEvIPidegylCzYE.br.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:480:36::212:4016 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash: 6838611c8ab6539005e11c84ca308158f89a51db57a62caf21faab48bf576177

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://gfhft42.pages.dev/

Response headers

content-md5: yrT84kD84PN8304R0Pvg0w==
content-encoding: br
x-ms-version: 2009-09-19
etag: 0x8DCDC6396975487
x-ms-lease-status: unlocked
report-to: {"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://aefd.nelreports.net/api/report?cat=bingaotak"}]}
expires: Wed, 13 Nov 2024 07:40:38 GMT
alt-svc: h3=":443"; ma=93600
date: Sun, 10 Nov 2024 05:17:07 GMT
last-modified: Tue, 24 Sep 2024 06:39:06 GMT
content-type: text/javascript; charset=utf-8
nel: {"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":1.0}
cache-control: public, no-transform, max-age=267811
timing-allow-origin: *
x-ms-request-id: 807d41a0-501e-0046-74e9-173406000000
access-control-allow-origin: *
content-length: 7069
akamai-grn: 0.39d01702.1730954640.11d6ade5, 0.56b31402.1731215827.1630913d
x-ms-blob-type: BlockBlob
server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0

GET
H2 200 K_V1CARn2Q2lTs5njJKUvUkHyi4.br.js Show response
r.bing.com/rp/ 242 B
755 B 36ms
32ms XHR
text/javascript 2a02:26f0:480:36::212:4016
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://r.bing.com/rp/K_V1CARn2Q2lTs5njJKUvUkHyi4.br.js
Requested by: Host: gfhft42.pages.dev
URL: https://gfhft42.pages.dev/rp/oocd_GLJp7OiNEvIPidegylCzYE.br.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:480:36::212:4016 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash: 06b77ee16a2cd34acd210b4f2b6e423762ea8874bb26ae5a37db9dd01a00ff70

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://gfhft42.pages.dev/

Response headers

content-md5: zk7Mu+IZ+1Afv84KFZt8XQ==
content-encoding: br
x-ms-version: 2009-09-19
etag: 0x8DCDC5FD53B2D55
x-ms-lease-status: unlocked
report-to: {"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://aefd.nelreports.net/api/report?cat=bingaotak"}]}
expires: Tue, 12 Nov 2024 07:06:33 GMT
alt-svc: h3=":443"; ma=93600
date: Sun, 10 Nov 2024 05:17:07 GMT
last-modified: Tue, 24 Sep 2024 06:12:13 GMT
content-type: text/javascript; charset=utf-8
cache-control: public, no-transform, max-age=179366
timing-allow-origin: *
nel: {"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":1.0}
x-ms-request-id: c304e8ea-501e-006f-1ca8-164244000000
access-control-allow-origin: *
content-length: 140
akamai-grn: 0.56b31402.1731215827.1630913e
x-ms-blob-type: BlockBlob
server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0

GET
H2 200 ZROPcAEhbj2oVXAWpOfdV-3E98k.br.js Show response
r.bing.com/rp/ 4 KB
2 KB 36ms
33ms XHR
text/javascript 2a02:26f0:480:36::212:4016
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://r.bing.com/rp/ZROPcAEhbj2oVXAWpOfdV-3E98k.br.js
Requested by: Host: gfhft42.pages.dev
URL: https://gfhft42.pages.dev/rp/oocd_GLJp7OiNEvIPidegylCzYE.br.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:480:36::212:4016 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash: a29707e768a53201e2ab26d83e5746e6f22e1c573743a66c50b7e5d19f6b531e

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://gfhft42.pages.dev/

Response headers

content-md5: XDB88L/1tOMJK/y+pV86vg==
content-encoding: br
x-ms-version: 2009-09-19
etag: 0x8DCDC631EE7C495
x-ms-lease-status: unlocked
report-to: {"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://aefd.nelreports.net/api/report?cat=bingaotak"}]}
expires: Mon, 11 Nov 2024 14:35:20 GMT
alt-svc: h3=":443"; ma=93600
date: Sun, 10 Nov 2024 05:17:07 GMT
last-modified: Tue, 24 Sep 2024 06:35:45 GMT
content-type: text/javascript; charset=utf-8
cache-control: public, no-transform, max-age=119893
timing-allow-origin: *
nel: {"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":1.0}
x-ms-request-id: 421cd7c8-101e-0005-37dc-151eef000000
access-control-allow-origin: *
content-length: 1709
akamai-grn: 0.56b31402.1731215827.1630913f
x-ms-blob-type: BlockBlob
server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0

GET
H3 200 l
gfhft42.pages.dev/fd/ls/ 0
615 B 125ms
123ms Image
text/plain 2606:4700:310c::ac42:2cab
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://gfhft42.pages.dev/fd/ls/l?IG=A740243CE30E46BBBA7D59C66EA1ACC9&CID=160DF516170E609206A8E02516B06190&TYPE=Event.ClientInst&DATA=%5B%7B%22T%22%3A%22CI.Init%22%2C%22TS%22%3A1731215827720%2C%22Name%22%3A%22Base%22%2C%22FID%22%3A%22CI%22%7D%2C%7B%22T%22%3A%22CI.Info%22%2C%22TS%22%3A1731215827720%2C%22Name%22%3A%220%22%2C%22FID%22%3A%22DM%22%7D%5D
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:310c::ac42:2cab , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://gfhft42.pages.dev/

Response headers

x-cdn-traceid: 0.02d01702.1731215827.1d1647d6
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=%2B3Rbk96D1xKzT4N2PWKtIIf0wuQYS2y7WxrS21CYxxmF2Z6iScFd6caOpZKYM9l5mklly%2Belpseao9Y2XXbBLHs74E5p7XQMm6H7UNjMg7WMTMUR5kZbkQnMlF%2BCLMagY23%2Bw3dHqG8bN2LLu0TTDg%3D%3D"}],"group":"cf-nel","max_age":604800}
cf-ray: 8e03930b5c43bba3-FRA
access-control-allow-origin: *
alt-svc: h3=":443"; ma=86400
content-length: 0
server-timing: cfL4;desc="?proto=QUIC&rtt=7515&sent=302&recv=92&lost=0&retrans=0&sent_bytes=324097&recv_bytes=13130&delivery_rate=82117&cwnd=136800&unsent_bytes=0&cid=f2d8158537210ecc&ts=4709&x=1", cfHdrFlush;dur=0
date: Sun, 10 Nov 2024 05:17:07 GMT
vary: Accept-Encoding
server: cloudflare

GET
H3 200 l
gfhft42.pages.dev/fd/ls/ 0
611 B 70ms
68ms Image
text/plain 2606:4700:310c::ac42:2cab
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://gfhft42.pages.dev/fd/ls/l?IG=A740243CE30E46BBBA7D59C66EA1ACC9&CID=160DF516170E609206A8E02516B06190&TYPE=Event.ClientInst&DATA=%5B%7B%22T%22%3A%22CI.Info%22%2C%22TS%22%3A1731215827720%2C%22Name%22%3A%220%22%2C%22FID%22%3A%22DARKMODE%22%7D%5D
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:310c::ac42:2cab , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://gfhft42.pages.dev/

Response headers

x-cdn-traceid: 0.0cd01702.1731215827.16b0fd47
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Xy5FziOGEItyUTLu30HkT0MitZ27yWU92%2FiT3S5X1kbIScjgsMEHdOjoofsEdjzI8M2lgNG6jeViylPPoCSpeHy20LWWGsfYsPjsn3yxCE5L3XIOabFjyzbA2HnQhky5Y1o0LmiA5zZlAZIi2MeVBg%3D%3D"}],"group":"cf-nel","max_age":604800}
cf-ray: 8e03930b5c44bba3-FRA
access-control-allow-origin: *
alt-svc: h3=":443"; ma=86400
content-length: 0
server-timing: cfL4;desc="?proto=QUIC&rtt=7486&sent=300&recv=90&lost=0&retrans=0&sent_bytes=323438&recv_bytes=12647&delivery_rate=172829&cwnd=136800&unsent_bytes=0&cid=f2d8158537210ecc&ts=4654&x=1", cfHdrFlush;dur=0
date: Sun, 10 Nov 2024 05:17:07 GMT
vary: Accept-Encoding
server: cloudflare

GET
H2 200 RMR1gT-owPhjdj5T7QIDjVzDF_U.br.js Show response
r.bing.com/rp/ 370 B
0 0ms
0ms Script
text/javascript 2a02:26f0:480:36::212:4016
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://r.bing.com/rp/RMR1gT-owPhjdj5T7QIDjVzDF_U.br.js
Requested by: Host: gfhft42.pages.dev
URL: https://gfhft42.pages.dev/rp/oocd_GLJp7OiNEvIPidegylCzYE.br.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:480:36::212:4016 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash: d71ac9ccdf9cad482742a4c58d3cdececa63ab196dba9bd3656da24db533c1ac

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin: https://gfhft42.pages.dev
Referer: https://gfhft42.pages.dev/

Response headers

content-md5: VvkhcjFZmc5E7PrGAQWsKQ==
content-encoding: br
x-ms-version: 2009-09-19
etag: 0x8DCFDC478ADC2EC
x-ms-lease-status: unlocked
report-to: {"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://aefd.nelreports.net/api/report?cat=bingaotak"}]}
expires: Mon, 11 Nov 2024 06:01:56 GMT
alt-svc: h3=":443"; ma=93600
date: Sun, 10 Nov 2024 05:17:07 GMT
content-type: text/javascript; charset=utf-8
last-modified: Tue, 05 Nov 2024 18:05:45 GMT
cache-control: public, no-transform, max-age=89089
timing-allow-origin: *
nel: {"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":1.0}
x-ms-request-id: b1ad96c5-e01e-0054-5811-30001a000000
access-control-allow-origin: *
content-length: 195
akamai-grn: 0.56b31402.1731215827.16309110
x-ms-blob-type: BlockBlob
server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0

GET
H2 200 eeSRHmOwBCiYGkxCHmb9VbJ2hT8.br.js Show response
r.bing.com/rp/ 684 B
0 0ms
0ms Script
text/javascript 2a02:26f0:480:36::212:4016
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://r.bing.com/rp/eeSRHmOwBCiYGkxCHmb9VbJ2hT8.br.js
Requested by: Host: gfhft42.pages.dev
URL: https://gfhft42.pages.dev/rp/oocd_GLJp7OiNEvIPidegylCzYE.br.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:480:36::212:4016 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash: 7c317940549467b3210d2f72da000bac3481abfde3ac5358d398eb64dcbc8532

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin: https://gfhft42.pages.dev
Referer: https://gfhft42.pages.dev/

Response headers

content-md5: +CLmYDPZ4qSTibcD/NDa/Q==
content-encoding: br
x-ms-version: 2009-09-19
etag: 0x8DCDC64632A6EF0
x-ms-lease-status: unlocked
report-to: {"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://aefd.nelreports.net/api/report?cat=bingaotak"}]}
expires: Mon, 11 Nov 2024 05:27:14 GMT
alt-svc: h3=":443"; ma=93600
date: Sun, 10 Nov 2024 05:17:07 GMT
last-modified: Tue, 24 Sep 2024 06:44:49 GMT
content-type: text/javascript; charset=utf-8
nel: {"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":1.0}
cache-control: public, no-transform, max-age=87007
timing-allow-origin: *
x-ms-request-id: 76d3cfbf-201e-0006-210d-171de8000000
access-control-allow-origin: *
content-length: 323
akamai-grn: 0.30d01702.1729796718.bad286a, 0.56b31402.1731215827.16309111
x-ms-blob-type: BlockBlob
server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0

GET
H2 200 jA1xMqBzlpnpE2ru1-s0ybbi8MM.br.js Show response
r.bing.com/rp/ 37 KB
0 1ms
1ms Script
text/javascript 2a02:26f0:480:36::212:4016
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://r.bing.com/rp/jA1xMqBzlpnpE2ru1-s0ybbi8MM.br.js
Requested by: Host: gfhft42.pages.dev
URL: https://gfhft42.pages.dev/rp/oocd_GLJp7OiNEvIPidegylCzYE.br.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:480:36::212:4016 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash: 5bb552beb00af20a3a39660decabba8520cf53ff43594d1cd923f9217081d169

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin: https://gfhft42.pages.dev
Referer: https://gfhft42.pages.dev/

Response headers

content-md5: OuXcJlOLJ5YKncHzThxbVw==
content-encoding: br
x-ms-version: 2009-09-19
etag: 0x8DCDC6581B8CB1B
x-ms-lease-status: unlocked
report-to: {"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://aefd.nelreports.net/api/report?cat=bingaotak"}]}
expires: Sun, 10 Nov 2024 19:51:14 GMT
alt-svc: h3=":443"; ma=93600
date: Sun, 10 Nov 2024 05:17:07 GMT
content-type: text/javascript; charset=utf-8
last-modified: Tue, 24 Sep 2024 06:52:50 GMT
nel: {"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":1.0}
cache-control: public, no-transform, max-age=52447
timing-allow-origin: *
x-ms-request-id: 07424600-001e-004e-32dc-2d2661000000
access-control-allow-origin: *
content-length: 12109
akamai-grn: 0.0cd01702.1730786945.3025f76, 0.02d01702.1730948111.10ed5bd5, 0.56b31402.1731215827.16309112
x-ms-blob-type: BlockBlob
server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0

GET
BLOB 200
OK 4cb667dc-f3cf-4043-9a01-67081795b20e Show response
https://gfhft42.pages.dev/ 99 B
0 Script
text/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://gfhft42.pages.dev/4cb667dc-f3cf-4043-9a01-67081795b20e
Requested by: Host: r.bing.com
URL: https://r.bing.com/rp/jA1xMqBzlpnpE2ru1-s0ybbi8MM.br.js
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 062f8499e0286f4a73049f89fa2b894ccbb460bbd36518bfdfdcdfd6142f6cb2

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin: https://gfhft42.pages.dev
Referer

Response headers

Content-Type: text/javascript
Content-Length: 99

GET
BLOB 200
OK ce9338d8-7d83-4e62-b430-b5920e2baaf2 Show response
https://gfhft42.pages.dev/ 27 B
0 Script
text/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://gfhft42.pages.dev/ce9338d8-7d83-4e62-b430-b5920e2baaf2
Requested by: Host: gfhft42.pages.dev
URL: https://gfhft42.pages.dev/
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 9e62f15d7a4562d68e7b0fbfb8b97cdfa32463b7f548837b30a546301f44bb34

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin: https://gfhft42.pages.dev
Referer

Response headers

Content-Type: text/javascript
Content-Length: 27

GET
BLOB 200
OK 675015b8-881b-4a87-bdfa-3ff6d4f306f6 Show response
https://gfhft42.pages.dev/ 11 B
0 Script
text/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://gfhft42.pages.dev/675015b8-881b-4a87-bdfa-3ff6d4f306f6
Requested by: Host: gfhft42.pages.dev
URL: blob:https://gfhft42.pages.dev/ce9338d8-7d83-4e62-b430-b5920e2baaf2
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 553d0321189b23dba5f3670ea4bdb552dce0ebb1a3201e3b094e3f04cf08a7fe

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin: https://gfhft42.pages.dev
Referer

Response headers

Content-Type: text/javascript
Content-Length: 11

GET
H2 200 hkXWsTcGTHs44QxzZyThd4fbbPM.br.js Show response
r.bing.com/rp/ 310 KB
0 0ms
0ms Script
text/javascript 2a02:26f0:480:36::212:4016
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://r.bing.com/rp/hkXWsTcGTHs44QxzZyThd4fbbPM.br.js
Requested by: Host: gfhft42.pages.dev
URL: https://gfhft42.pages.dev/rp/oocd_GLJp7OiNEvIPidegylCzYE.br.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:480:36::212:4016 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash: e2e4d97c20d4478e8e947480c8f6c71a2c795776d405366be70db82e4ea4ba77

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin: https://gfhft42.pages.dev
Referer: https://gfhft42.pages.dev/

Response headers

content-md5: cQ12N8x+IbYv0+/mq6H9Jw==
content-encoding: br
x-ms-version: 2009-09-19
etag: 0x8DCDC651552FCB4
x-ms-lease-status: unlocked
report-to: {"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://aefd.nelreports.net/api/report?cat=bingaotak"}]}
expires: Tue, 12 Nov 2024 12:47:45 GMT
alt-svc: h3=":443"; ma=93600
date: Sun, 10 Nov 2024 05:17:07 GMT
last-modified: Tue, 24 Sep 2024 06:49:48 GMT
content-type: text/javascript; charset=utf-8
cache-control: public, no-transform, max-age=199838
timing-allow-origin: *
nel: {"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":1.0}
x-ms-request-id: 0884ff7f-501e-002b-17bf-1b9e28000000
access-control-allow-origin: *
content-length: 64993
akamai-grn: 0.56b31402.1731215827.16309113
x-ms-blob-type: BlockBlob
server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0

GET
H2 200 V793ayrBYjBUm-0gdrJPAEYeUiw.br.js Show response
r.bing.com/rp/ 13 KB
0 0ms
0ms Script
text/javascript 2a02:26f0:480:36::212:4016
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://r.bing.com/rp/V793ayrBYjBUm-0gdrJPAEYeUiw.br.js
Requested by: Host: gfhft42.pages.dev
URL: https://gfhft42.pages.dev/rp/oocd_GLJp7OiNEvIPidegylCzYE.br.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:480:36::212:4016 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash: 429c376160336dc6f748e45c07ddc068b24635f25a816f9a23d2ac733aad914f

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin: https://gfhft42.pages.dev
Referer: https://gfhft42.pages.dev/

Response headers

content-md5: dbzAhNDtA54biTyiiODCKw==
content-encoding: br
x-ms-version: 2009-09-19
etag: 0x8DCDC62330B5348
x-ms-lease-status: unlocked
report-to: {"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://aefd.nelreports.net/api/report?cat=bingaotak"}]}
expires: Wed, 13 Nov 2024 20:14:02 GMT
alt-svc: h3=":443"; ma=93600
date: Sun, 10 Nov 2024 05:17:07 GMT
content-type: text/javascript; charset=utf-8
last-modified: Tue, 24 Sep 2024 06:29:10 GMT
cache-control: public, no-transform, max-age=313015
timing-allow-origin: *
nel: {"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":1.0}
x-ms-request-id: 90180520-c01e-0025-7a1a-327223000000
access-control-allow-origin: *
content-length: 5070
akamai-grn: 0.56b31402.1731215827.16309114
x-ms-blob-type: BlockBlob
server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0

GET
H2 200 rhoAAnBKNrjuZ6KOQW4ihvA6Uvo.br.js Show response
r.bing.com/rp/ 385 KB
0 0ms
0ms Script
text/javascript 2a02:26f0:480:36::212:4016
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://r.bing.com/rp/rhoAAnBKNrjuZ6KOQW4ihvA6Uvo.br.js
Requested by: Host: gfhft42.pages.dev
URL: https://gfhft42.pages.dev/rp/oocd_GLJp7OiNEvIPidegylCzYE.br.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:480:36::212:4016 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash: a84e6acc83f595fa5fc3d3603cb1589c3f10a597ce4f3fa930674a66cd9928f1

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin: https://gfhft42.pages.dev
Referer: https://gfhft42.pages.dev/

Response headers

content-md5: yHJH/TCzQQXcqM0pQIfq+w==
content-encoding: br
x-ms-version: 2009-09-19
etag: 0x8DCFFD2D41EED53
x-ms-lease-status: unlocked
report-to: {"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://aefd.nelreports.net/api/report?cat=bingaotak"}]}
expires: Wed, 13 Nov 2024 17:45:29 GMT
alt-svc: h3=":443"; ma=93600
date: Sun, 10 Nov 2024 05:17:07 GMT
content-type: text/javascript; charset=utf-8
last-modified: Fri, 08 Nov 2024 08:53:34 GMT
nel: {"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":1.0}
cache-control: public, no-transform, max-age=304102
timing-allow-origin: *
x-ms-request-id: 59bef361-a01e-003e-1905-325cb1000000
access-control-allow-origin: *
content-length: 140831
akamai-grn: 0.15d01702.1731095569.368aac3, 0.3bd01702.1731108933.ff6abf6, 0.56b31402.1731215827.16309115
x-ms-blob-type: BlockBlob
server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0

GET
H2 200 ZDuP1RxmIvW4zmuvz53att_oXdo.br.js Show response
r.bing.com/rp/ 561 B
0 0ms
0ms Script
text/javascript 2a02:26f0:480:36::212:4016
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://r.bing.com/rp/ZDuP1RxmIvW4zmuvz53att_oXdo.br.js
Requested by: Host: gfhft42.pages.dev
URL: https://gfhft42.pages.dev/rp/oocd_GLJp7OiNEvIPidegylCzYE.br.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:480:36::212:4016 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash: 88d86fe4ad7534bb5d79d6ceafdc527ade975d07f49a856ce0ee6783161516c3

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin: https://gfhft42.pages.dev
Referer: https://gfhft42.pages.dev/

Response headers

content-md5: E/pkYW4bCY7jX+uKzdO4Xg==
content-encoding: br
x-ms-version: 2009-09-19
etag: 0x8DCDC630D29D4DA
x-ms-lease-status: unlocked
report-to: {"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://aefd.nelreports.net/api/report?cat=bingaotak"}]}
expires: Mon, 11 Nov 2024 19:43:35 GMT
alt-svc: h3=":443"; ma=93600
date: Sun, 10 Nov 2024 05:17:07 GMT
last-modified: Tue, 24 Sep 2024 06:35:16 GMT
content-type: text/javascript; charset=utf-8
cache-control: public, no-transform, max-age=138388
timing-allow-origin: *
nel: {"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":1.0}
x-ms-request-id: 9f0c72fe-501e-0064-5c7f-175a30000000
access-control-allow-origin: *
content-length: 252
akamai-grn: 0.56b31402.1731215827.1630911a
x-ms-blob-type: BlockBlob
server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0

GET
DATA 200
OK truncated
/ 478 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 9a267f0e8e6ed42476777f455a879cb8c21cce3b62801fe3ee0f1a057dd8efaf

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 176 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: feaaaeec0e4b14692fbafac182198f3af83a44265b8659eac94b23222644c00b

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer

Response headers

Content-Type: image/svg+xml

GET
H3 200 sbi Show response
gfhft42.pages.dev/images/ 51 KB
18 KB 72ms
72ms Fetch
text/html 2606:4700:310c::ac42:2cab
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://gfhft42.pages.dev/images/sbi?mmasync=1&ptn=Homepage&IID=SBI&IG=A740243CE30E46BBBA7D59C66EA1ACC9&
Requested by: Host: r.bing.com
URL: https://r.bing.com/rp/rhoAAnBKNrjuZ6KOQW4ihvA6Uvo.br.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:310c::ac42:2cab , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a17e669fcc16128fd599da2d27f4d766e0a1f5c06e97ed66b01e9547c607f885

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Content-type: application/json
Referer: https://gfhft42.pages.dev/

Response headers

x-eventid: 673041d3dce84cbbb1178b9f4a22a548
content-encoding: br
cf-cache-status: DYNAMIC
report-to: {"group":"csp-endpoint","max_age":86400,"endpoints":[{"url":"https://aefd.nelreports.net/api/report?cat=bingcsp"}]}
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=7060&sent=316&recv=108&lost=0&retrans=0&sent_bytes=329368&recv_bytes=21827&delivery_rate=56265&cwnd=136800&unsent_bytes=0&cid=f2d8158537210ecc&ts=4773&x=1", cfHdrFlush;dur=0
p3p: CP="NON UNI COM NAV STA LOC CURa DEVa PSAa PSDa OUR IND"
date: Sun, 10 Nov 2024 05:17:07 GMT
content-type: text/html; charset=utf-8
vary: Accept-Encoding
cache-control: private
x-cdn-traceid: 0.3bd01702.1731215827.13bdd1cb
content-security-policy-report-only: script-src https: 'strict-dynamic' 'report-sample' 'wasm-unsafe-eval' 'nonce-wlq54pJ9ang6TDKJ7s3blmfgS2uyNxcqc0R5CPbbCA8='; base-uri 'self';report-to csp-endpoint
cf-ray: 8e03930c0c9bbba3-FRA
useragentreductionoptout: A7kgTC5xdZ2WIVGZEfb1hUoNuvjzOZX3VIV/BA6C18kQOOF50Q0D3oWoAm49k3BQImkujKILc7JmPysWk3CSjwUAAACMeyJvcmlnaW4iOiJodHRwczovL3d3dy5iaW5nLmNvbTo0NDMiLCJmZWF0dXJlIjoiU2VuZEZ1bGxVc2VyQWdlbnRBZnRlclJlZHVjdGlvbiIsImV4cGlyeSI6MTY4NDg4NjM5OSwiaXNTdWJkb21haW4iOnRydWUsImlzVGhpcmRQYXJ0eSI6dHJ1ZX0=
server: cloudflare

GET
H3 200 carousel Show response
gfhft42.pages.dev/hp/api/v1/ 17 KB
5 KB 79ms
78ms Fetch
application/json 2606:4700:310c::ac42:2cab
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://gfhft42.pages.dev/hp/api/v1/carousel?&format=json&ecount=24&efirst=0&
Requested by: Host: r.bing.com
URL: https://r.bing.com/rp/rhoAAnBKNrjuZ6KOQW4ihvA6Uvo.br.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:310c::ac42:2cab , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 104f65c4f023c97349ccdd0e6c1739b2567a2d0c39d3728ba726c434682a5b6b

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Content-type: application/json
Referer: https://gfhft42.pages.dev/

Response headers

x-eventid: 673041d30e0a4eaeb70c70a86068645e
content-encoding: br
cf-cache-status: DYNAMIC
report-to: {"group":"csp-endpoint","max_age":86400,"endpoints":[{"url":"https://aefd.nelreports.net/api/report?cat=bingcsp"}]}
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=6923&sent=334&recv=109&lost=0&retrans=0&sent_bytes=348634&recv_bytes=21871&delivery_rate=82820&cwnd=136800&unsent_bytes=0&cid=f2d8158537210ecc&ts=4780&x=1", cfHdrFlush;dur=0
p3p: CP="NON UNI COM NAV STA LOC CURa DEVa PSAa PSDa OUR IND"
date: Sun, 10 Nov 2024 05:17:07 GMT
content-type: application/json; charset=utf-8
vary: Accept-Encoding
cache-control: private
x-cdn-traceid: 0.39d01702.1731215827.1b1cbc55
content-security-policy-report-only: script-src https: 'strict-dynamic' 'report-sample' 'wasm-unsafe-eval' 'nonce-N55hr5VkAJAcK2VdPaDEoSutbuP9UeJR1bkuq6Ywvw4='; base-uri 'self';report-to csp-endpoint
cf-ray: 8e03930c0c9ebba3-FRA
useragentreductionoptout: A7kgTC5xdZ2WIVGZEfb1hUoNuvjzOZX3VIV/BA6C18kQOOF50Q0D3oWoAm49k3BQImkujKILc7JmPysWk3CSjwUAAACMeyJvcmlnaW4iOiJodHRwczovL3d3dy5iaW5nLmNvbTo0NDMiLCJmZWF0dXJlIjoiU2VuZEZ1bGxVc2VyQWdlbnRBZnRlclJlZHVjdGlvbiIsImV4cGlyeSI6MTY4NDg4NjM5OSwiaXNTdWJkb21haW4iOnRydWUsImlzVGhpcmRQYXJ0eSI6dHJ1ZX0=
server: cloudflare

GET
H3 200 trivia Show response
gfhft42.pages.dev/hp/api/v1/ 1 KB
2 KB 79ms
79ms Fetch
application/json 2606:4700:310c::ac42:2cab
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://gfhft42.pages.dev/hp/api/v1/trivia?format=json&id=HPQuiz_20241110_YucatanFlamingos&
Requested by: Host: r.bing.com
URL: https://r.bing.com/rp/rhoAAnBKNrjuZ6KOQW4ihvA6Uvo.br.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:310c::ac42:2cab , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a4953b311d5b96a62fbd30a9540d038f7330d33dc054966281d3888e298149c7

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Content-type: application/json
Referer: https://gfhft42.pages.dev/

Response headers

x-eventid: 673041d33d9c49d99d9fe3c24040ca73
content-encoding: br
cf-cache-status: DYNAMIC
report-to: {"group":"csp-endpoint","max_age":86400,"endpoints":[{"url":"https://aefd.nelreports.net/api/report?cat=bingcsp"}]}
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=6792&sent=340&recv=110&lost=0&retrans=0&sent_bytes=353725&recv_bytes=21915&delivery_rate=88742&cwnd=136800&unsent_bytes=0&cid=f2d8158537210ecc&ts=4782&x=1", cfHdrFlush;dur=0
p3p: CP="NON UNI COM NAV STA LOC CURa DEVa PSAa PSDa OUR IND"
date: Sun, 10 Nov 2024 05:17:07 GMT
content-type: application/json; charset=utf-8
vary: Accept-Encoding
cache-control: private
x-cdn-traceid: 0.0cd01702.1731215827.16b0fe30
content-security-policy-report-only: script-src https: 'strict-dynamic' 'report-sample' 'wasm-unsafe-eval' 'nonce-PRLkL6aBkkdRtlL7f7hj9inKYhjyIyLvxKv/BjpaNaA='; base-uri 'self';report-to csp-endpoint
cf-ray: 8e03930c0c9fbba3-FRA
useragentreductionoptout: A7kgTC5xdZ2WIVGZEfb1hUoNuvjzOZX3VIV/BA6C18kQOOF50Q0D3oWoAm49k3BQImkujKILc7JmPysWk3CSjwUAAACMeyJvcmlnaW4iOiJodHRwczovL3d3dy5iaW5nLmNvbTo0NDMiLCJmZWF0dXJlIjoiU2VuZEZ1bGxVc2VyQWdlbnRBZnRlclJlZHVjdGlvbiIsImV4cGlyeSI6MTY4NDg4NjM5OSwiaXNTdWJkb21haW4iOnRydWUsImlzVGhpcmRQYXJ0eSI6dHJ1ZX0=
server: cloudflare

GET
H3 200 carousel Show response
gfhft42.pages.dev/hp/api/v1/ 17 KB
5 KB 82ms
82ms Fetch
application/json 2606:4700:310c::ac42:2cab
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://gfhft42.pages.dev/hp/api/v1/carousel?&format=json&ecount=20&efirst=0&&
Requested by: Host: r.bing.com
URL: https://r.bing.com/rp/rhoAAnBKNrjuZ6KOQW4ihvA6Uvo.br.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:310c::ac42:2cab , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b072744831f33c79bc22f97d44cc577c55cec2174efdfa904eb7292a7c4f8e44

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Content-type: application/json
Referer: https://gfhft42.pages.dev/

Response headers

x-eventid: 673041d3886a43d3a06607fab85c1b4d
content-encoding: br
cf-cache-status: DYNAMIC
report-to: {"group":"csp-endpoint","max_age":86400,"endpoints":[{"url":"https://aefd.nelreports.net/api/report?cat=bingcsp"}]}
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=6606&sent=347&recv=113&lost=0&retrans=0&sent_bytes=358010&recv_bytes=22751&delivery_rate=441526&cwnd=136800&unsent_bytes=0&cid=f2d8158537210ecc&ts=4786&x=1", cfHdrFlush;dur=0
p3p: CP="NON UNI COM NAV STA LOC CURa DEVa PSAa PSDa OUR IND"
date: Sun, 10 Nov 2024 05:17:07 GMT
content-type: application/json; charset=utf-8
vary: Accept-Encoding
cache-control: private
x-cdn-traceid: 0.39d01702.1731215827.1b1cbc53
content-security-policy-report-only: script-src https: 'strict-dynamic' 'report-sample' 'wasm-unsafe-eval' 'nonce-q2eQ0JB4AWnRct4p5CFS9m5NYxdczIWSlUB4nkDokro='; base-uri 'self';report-to csp-endpoint
cf-ray: 8e03930c1ca2bba3-FRA
useragentreductionoptout: A7kgTC5xdZ2WIVGZEfb1hUoNuvjzOZX3VIV/BA6C18kQOOF50Q0D3oWoAm49k3BQImkujKILc7JmPysWk3CSjwUAAACMeyJvcmlnaW4iOiJodHRwczovL3d3dy5iaW5nLmNvbTo0NDMiLCJmZWF0dXJlIjoiU2VuZEZ1bGxVc2VyQWdlbnRBZnRlclJlZHVjdGlvbiIsImV4cGlyeSI6MTY4NDg4NjM5OSwiaXNTdWJkb21haW4iOnRydWUsImlzVGhpcmRQYXJ0eSI6dHJ1ZX0=
server: cloudflare

GET
H3 200 model Show response
gfhft42.pages.dev/hp/api/ 34 KB
14 KB 78ms
78ms Fetch
application/json 2606:4700:310c::ac42:2cab
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://gfhft42.pages.dev/hp/api/model
Requested by: Host: r.bing.com
URL: https://r.bing.com/rp/rhoAAnBKNrjuZ6KOQW4ihvA6Uvo.br.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:310c::ac42:2cab , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a52d0aabfb7c912cf686b046e1125dde4581b2a88c20817bb4c1dc999a4f90e6

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Content-type: application/json
Referer: https://gfhft42.pages.dev/

Response headers

x-eventid: 673041d3db804666a4a1cc0e694e1571
content-encoding: br
cf-cache-status: DYNAMIC
report-to: {"group":"csp-endpoint","max_age":86400,"endpoints":[{"url":"https://aefd.nelreports.net/api/report?cat=bingcsp"}]}
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=6606&sent=344&recv=112&lost=0&retrans=0&sent_bytes=355852&recv_bytes=22003&delivery_rate=441526&cwnd=136800&unsent_bytes=0&cid=f2d8158537210ecc&ts=4784&x=1", cfHdrFlush;dur=0
p3p: CP="NON UNI COM NAV STA LOC CURa DEVa PSAa PSDa OUR IND"
date: Sun, 10 Nov 2024 05:17:07 GMT
content-type: application/json; charset=utf-8
vary: Accept-Encoding
cache-control: private
x-cdn-traceid: 0.39d01702.1731215827.1b1cbc5d
content-security-policy-report-only: script-src https: 'strict-dynamic' 'report-sample' 'wasm-unsafe-eval' 'nonce-DnV+JZ7fVq47bXTMG+3A+UMQN7EP3ry9aCWfNUkMJvg='; base-uri 'self';report-to csp-endpoint
cf-ray: 8e03930c1ca4bba3-FRA
useragentreductionoptout: A7kgTC5xdZ2WIVGZEfb1hUoNuvjzOZX3VIV/BA6C18kQOOF50Q0D3oWoAm49k3BQImkujKILc7JmPysWk3CSjwUAAACMeyJvcmlnaW4iOiJodHRwczovL3d3dy5iaW5nLmNvbTo0NDMiLCJmZWF0dXJlIjoiU2VuZEZ1bGxVc2VyQWdlbnRBZnRlclJlZHVjdGlvbiIsImV4cGlyeSI6MTY4NDg4NjM5OSwiaXNTdWJkb21haW4iOnRydWUsImlzVGhpcmRQYXJ0eSI6dHJ1ZX0=
server: cloudflare

GET widget-initializer.js
assets.msn.com/bundles/v1/bingHomepage/latest/ 0
0

GET
H3 200 l
gfhft42.pages.dev/fd/ls/ 0
617 B 56ms
54ms Image
text/plain 2606:4700:310c::ac42:2cab
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://gfhft42.pages.dev/fd/ls/l?IG=A740243CE30E46BBBA7D59C66EA1ACC9&CID=160DF516170E609206A8E02516B06190&TYPE=Event.ClientInst&DATA=%5B%7B%22width%22%3A%221600%22%2C%22T%22%3A%22CI.Info%22%2C%22TS%22%3A1731215827720%2C%22Name%22%3A%22XW%22%2C%22FID%22%3A%22BRW%22%7D%2C%7B%22height%22%3A%221200%22%2C%22T%22%3A%22CI.Info%22%2C%22TS%22%3A1731215827721%2C%22Name%22%3A%22T%22%2C%22FID%22%3A%22BRH%22%7D%2C%7B%22RawDPR%22%3A%221.0%22%2C%22T%22%3A%22CI.Info%22%2C%22TS%22%3A1731215827721%2C%22Name%22%3A%221.0%22%2C%22FID%22%3A%22DPR%22%7D%2C%7B%22comp%22%3A%22loaded%22%2C%22time%22%3A463%2C%22T%22%3A%22CI.Data%22%2C%22TS%22%3A1731215827855%2C%22Name%22%3A%22speech%22%2C%22FID%22%3A%22HP%22%7D%5D
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:310c::ac42:2cab , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://gfhft42.pages.dev/

Response headers

x-cdn-traceid: 0.3bd01702.1731215827.13bdd1cf
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=cMPeARM57ycHuiu3z30JPuxiPnAEC3A7zOG8hyyur6tg0Hm861AIZcvYFRITJKGzNPjSI%2FV4h95%2Baucb7XEkX8y7es%2F7MA76Zcqd4894NiuzZ0lMKN%2Bo0D1k4cixbT7jYH6S5ymBU%2BlImtOdUD3hxQ%3D%3D"}],"group":"cf-nel","max_age":604800}
cf-ray: 8e03930c1cabbba3-FRA
access-control-allow-origin: *
alt-svc: h3=":443"; ma=86400
content-length: 0
server-timing: cfL4;desc="?proto=QUIC&rtt=7336&sent=311&recv=106&lost=0&retrans=0&sent_bytes=326783&recv_bytes=21188&delivery_rate=78285&cwnd=136800&unsent_bytes=0&cid=f2d8158537210ecc&ts=4766&x=1", cfHdrFlush;dur=0
date: Sun, 10 Nov 2024 05:17:07 GMT
vary: Accept-Encoding
server: cloudflare

GET
H3 200 l
gfhft42.pages.dev/fd/ls/ 0
617 B 53ms
52ms Image
text/plain 2606:4700:310c::ac42:2cab
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://gfhft42.pages.dev/fd/ls/l?IG=A740243CE30E46BBBA7D59C66EA1ACC9&CID=160DF516170E609206A8E02516B06190&TYPE=Event.ClientInst&DATA=%5B%7B%22micComponent%22%3A%22rendered%22%2C%22time%22%3A463%2C%22T%22%3A%22CI.Data%22%2C%22TS%22%3A1731215827855%2C%22Name%22%3A%22speech%22%2C%22FID%22%3A%22HP%22%7D%5D
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:310c::ac42:2cab , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://gfhft42.pages.dev/

Response headers

x-cdn-traceid: 0.0cd01702.1731215827.16b0fe35
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=c96lF%2Bg04YvfhGiD6%2FHoEFHa6QKKmtsDseUtxxgbWM7HiwFJ3aKcMTBqZrT4jO6tw2Fzlpn0KMr%2F19mu4%2Bk5wZAs3FH%2BOyrTdzUeBKmUyjVsqGrZpndsZtOeXXFCx5hapftYrUBJHRO30sCReFmiUg%3D%3D"}],"group":"cf-nel","max_age":604800}
cf-ray: 8e03930c1cadbba3-FRA
access-control-allow-origin: *
alt-svc: h3=":443"; ma=86400
content-length: 0
server-timing: cfL4;desc="?proto=QUIC&rtt=7336&sent=308&recv=106&lost=0&retrans=0&sent_bytes=324860&recv_bytes=21188&delivery_rate=78285&cwnd=136800&unsent_bytes=0&cid=f2d8158537210ecc&ts=4764&x=1", cfHdrFlush;dur=0
date: Sun, 10 Nov 2024 05:17:07 GMT
vary: Accept-Encoding
server: cloudflare

GET
H3 200 l
gfhft42.pages.dev/fd/ls/ 0
618 B 55ms
53ms Image
text/plain 2606:4700:310c::ac42:2cab
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://gfhft42.pages.dev/fd/ls/l?IG=A740243CE30E46BBBA7D59C66EA1ACC9&CID=160DF516170E609206A8E02516B06190&TYPE=Event.ClientInst&DATA=%5B%7B%22func%22%3A%22useFetch%22%2C%22url%22%3A%22%2Fimages%2Fsbi%3Fmmasync%3D1%26ptn%3DHomepage%26IID%3DSBI%26IG%3DA740243CE30E46BBBA7D59C66EA1ACC9%26%22%2C%22format%22%3A%22dom%22%2C%22time%22%3A463%2C%22T%22%3A%22CI.Data%22%2C%22TS%22%3A1731215827855%2C%22Name%22%3A%22requested%22%2C%22FID%22%3A%22HP%22%7D%5D
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:310c::ac42:2cab , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://gfhft42.pages.dev/

Response headers

x-cdn-traceid: 0.15d01702.1731215827.78ac472
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=8yWvpFPQEvOimTwk3HAwiuMeRDyMhwlr%2Fu0Kn%2FNZwK%2BVmXz0pQ%2FQyS7L9doHnAsW3470fHaZdpXtmJ5xveb85%2FfyGbTHsKFfcOJ%2Bh8kxDOmYPuwKHfWUhYf8RpJFRs9iM1QWNKBBWE6cV3Inlvwf4g%3D%3D"}],"group":"cf-nel","max_age":604800}
cf-ray: 8e03930c1caebba3-FRA
access-control-allow-origin: *
alt-svc: h3=":443"; ma=86400
content-length: 0
server-timing: cfL4;desc="?proto=QUIC&rtt=7336&sent=310&recv=106&lost=0&retrans=0&sent_bytes=326141&recv_bytes=21188&delivery_rate=78285&cwnd=136800&unsent_bytes=0&cid=f2d8158537210ecc&ts=4765&x=1", cfHdrFlush;dur=0
date: Sun, 10 Nov 2024 05:17:07 GMT
vary: Accept-Encoding
server: cloudflare

GET
H3 200 l
gfhft42.pages.dev/fd/ls/ 0
622 B 58ms
57ms Image
text/plain 2606:4700:310c::ac42:2cab
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://gfhft42.pages.dev/fd/ls/l?IG=A740243CE30E46BBBA7D59C66EA1ACC9&CID=160DF516170E609206A8E02516B06190&TYPE=Event.ClientInst&DATA=%5B%7B%22func%22%3A%22useFetch%22%2C%22url%22%3A%22%2Fhp%2Fapi%2Fv1%2Fcarousel%3F%26format%3Djson%26ecount%3D24%26efirst%3D0%26%22%2C%22format%22%3A%22json%22%2C%22time%22%3A463%2C%22T%22%3A%22CI.Data%22%2C%22TS%22%3A1731215827855%2C%22Name%22%3A%22requested%22%2C%22FID%22%3A%22HP%22%7D%5D
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:310c::ac42:2cab , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://gfhft42.pages.dev/

Response headers

x-cdn-traceid: 0.3bd01702.1731215827.13bdd1d1
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=4nlmJ80Ln%2B0e99CV%2FSaWLHR6QQLgkeb9lKrbSGzhlwBFCRYcZ8gB11shbfptqQtwc%2FDPluxU2t%2B23sgAhIm0%2BHoRtJgE%2BHqf%2BI0ccFIGEM%2BmcgDeUdRxuLkLM%2BQvTfxUsQOUr1MqS5hTPwYmPDQaCQ%3D%3D"}],"group":"cf-nel","max_age":604800}
cf-ray: 8e03930c1cb0bba3-FRA
access-control-allow-origin: *
alt-svc: h3=":443"; ma=86400
content-length: 0
server-timing: cfL4;desc="?proto=QUIC&rtt=7336&sent=312&recv=106&lost=0&retrans=0&sent_bytes=327424&recv_bytes=21188&delivery_rate=78285&cwnd=136800&unsent_bytes=0&cid=f2d8158537210ecc&ts=4770&x=1", cfHdrFlush;dur=0
date: Sun, 10 Nov 2024 05:17:07 GMT
vary: Accept-Encoding
server: cloudflare

GET
H3 200 l
gfhft42.pages.dev/fd/ls/ 0
616 B 53ms
52ms Image
text/plain 2606:4700:310c::ac42:2cab
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://gfhft42.pages.dev/fd/ls/l?IG=A740243CE30E46BBBA7D59C66EA1ACC9&CID=160DF516170E609206A8E02516B06190&TYPE=Event.ClientInst&DATA=%5B%7B%22func%22%3A%22useFetch%22%2C%22url%22%3A%22%2Fhp%2Fapi%2Fv1%2Ftrivia%3Fformat%3Djson%26id%3DHPQuiz_20241110_YucatanFlamingos%26%22%2C%22format%22%3A%22json%22%2C%22time%22%3A463%2C%22T%22%3A%22CI.Data%22%2C%22TS%22%3A1731215827856%2C%22Name%22%3A%22requested%22%2C%22FID%22%3A%22HP%22%7D%5D
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:310c::ac42:2cab , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://gfhft42.pages.dev/

Response headers

x-cdn-traceid: 0.41d01702.1731215827.1f206ae1
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=5gFiEgKlXu78oF%2FfsQB1fIW6vrS46r0zLaijnMVpbocfsGOH6AClaoYUZHsqO6x1kCXJgmDKomfG5g51IPwLhr7%2FXgYqEHHgwRawjybb55dKyabi%2BaNk4jDQbazCtxZULOeU%2FxX%2F4izDRNc21A3DZQ%3D%3D"}],"group":"cf-nel","max_age":604800}
cf-ray: 8e03930c1cb2bba3-FRA
access-control-allow-origin: *
alt-svc: h3=":443"; ma=86400
content-length: 0
server-timing: cfL4;desc="?proto=QUIC&rtt=7336&sent=309&recv=106&lost=0&retrans=0&sent_bytes=325501&recv_bytes=21188&delivery_rate=78285&cwnd=136800&unsent_bytes=0&cid=f2d8158537210ecc&ts=4765&x=1", cfHdrFlush;dur=0
date: Sun, 10 Nov 2024 05:17:07 GMT
vary: Accept-Encoding
server: cloudflare

GET
H3 200 l
gfhft42.pages.dev/fd/ls/ 0
621 B 63ms
61ms Image
text/plain 2606:4700:310c::ac42:2cab
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://gfhft42.pages.dev/fd/ls/l?IG=A740243CE30E46BBBA7D59C66EA1ACC9&CID=160DF516170E609206A8E02516B06190&TYPE=Event.ClientInst&DATA=%5B%7B%22func%22%3A%22useFetch%22%2C%22url%22%3A%22%2Fhp%2Fapi%2Fv1%2Fcarousel%3F%26format%3Djson%26ecount%3D20%26efirst%3D0%26%26%22%2C%22format%22%3A%22json%22%2C%22time%22%3A464%2C%22T%22%3A%22CI.Data%22%2C%22TS%22%3A1731215827856%2C%22Name%22%3A%22requested%22%2C%22FID%22%3A%22HP%22%7D%5D
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:310c::ac42:2cab , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://gfhft42.pages.dev/

Response headers

x-cdn-traceid: 0.3bd01702.1731215827.13bdd1d3
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=9mXlS0vEuY7RppkQYlzXN7zF%2FvZ978gEbQwbZWW3%2FcUtCMtorjS%2BokELnos%2BTb6CCCLCxRnjBQ%2B8yG%2ByaMoKbuHdhV0ABAgJ9bJPAS%2Bq4H0RZS3C34QvdLJAP5vXEt4oSEAFA43R1LnpnA5RwCJW7w%3D%3D"}],"group":"cf-nel","max_age":604800}
cf-ray: 8e03930c1cb3bba3-FRA
access-control-allow-origin: *
alt-svc: h3=":443"; ma=86400
content-length: 0
server-timing: cfL4;desc="?proto=QUIC&rtt=7060&sent=318&recv=108&lost=0&retrans=0&sent_bytes=331062&recv_bytes=21827&delivery_rate=56265&cwnd=136800&unsent_bytes=0&cid=f2d8158537210ecc&ts=4774&x=1", cfHdrFlush;dur=0
date: Sun, 10 Nov 2024 05:17:07 GMT
vary: Accept-Encoding
server: cloudflare

GET
H3 200 l
gfhft42.pages.dev/fd/ls/ 0
610 B 59ms
58ms Image
text/plain 2606:4700:310c::ac42:2cab
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://gfhft42.pages.dev/fd/ls/l?IG=A740243CE30E46BBBA7D59C66EA1ACC9&CID=160DF516170E609206A8E02516B06190&TYPE=Event.ClientInst&DATA=%5B%7B%22func%22%3A%22useDynamicModules%22%2C%22module%22%3A%22rms-answers-HomepageVNext-PeregrineWidgets%22%2C%22error%22%3A%22%22%2C%22time%22%3A464%2C%22T%22%3A%22CI.Data%22%2C%22TS%22%3A1731215827856%2C%22Name%22%3A%22Importing%22%2C%22FID%22%3A%22HP%22%7D%5D
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:310c::ac42:2cab , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://gfhft42.pages.dev/

Response headers

x-cdn-traceid: 0.39d01702.1731215827.1b1cbc61
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=AamaEM%2BXIuv7RvrPUIvbeCHhtyuU4IUsEmVnbPrwoJtrf1kV06PgWkU0ohM1zEU2pDg%2FnPEo8LZU9cGa2Emtdcwg8ifApippp0dDTtVUSvc7ovP3qQlt6ykGgSPg3qcrMfG9r0SH4rF2DUlEcaS0Jg%3D%3D"}],"group":"cf-nel","max_age":604800}
cf-ray: 8e03930c1cb5bba3-FRA
access-control-allow-origin: *
alt-svc: h3=":443"; ma=86400
content-length: 0
server-timing: cfL4;desc="?proto=QUIC&rtt=7336&sent=314&recv=106&lost=0&retrans=0&sent_bytes=328709&recv_bytes=21188&delivery_rate=78285&cwnd=136800&unsent_bytes=0&cid=f2d8158537210ecc&ts=4770&x=1", cfHdrFlush;dur=0
date: Sun, 10 Nov 2024 05:17:07 GMT
vary: Accept-Encoding
server: cloudflare

GET
H3 200 l
gfhft42.pages.dev/fd/ls/ 0
615 B 58ms
57ms Image
text/plain 2606:4700:310c::ac42:2cab
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://gfhft42.pages.dev/fd/ls/l?IG=A740243CE30E46BBBA7D59C66EA1ACC9&CID=160DF516170E609206A8E02516B06190&TYPE=Event.ClientInst&DATA=%5B%7B%22func%22%3A%22useFetch%22%2C%22url%22%3A%22%2Fhp%2Fapi%2Fmodel%22%2C%22format%22%3A%22json%22%2C%22time%22%3A464%2C%22T%22%3A%22CI.Data%22%2C%22TS%22%3A1731215827856%2C%22Name%22%3A%22requested%22%2C%22FID%22%3A%22HP%22%7D%5D
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:310c::ac42:2cab , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://gfhft42.pages.dev/

Response headers

x-cdn-traceid: 0.41d01702.1731215827.1f206ae4
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=z%2BYOjjLlz1u5ngOTsFwr4PGrefcia1FLMrARfMrrZtDR%2B3ETUvwZ9tgegjb7wpRfnHQrBeqMSSC2CDK0BdppcWGdqEcYYgcWd0WC%2FIAAfeTpOqWPagdauqeFk1gT%2Fxb9Z6HzGs79OjmXHlXhJSabIQ%3D%3D"}],"group":"cf-nel","max_age":604800}
cf-ray: 8e03930c1cb7bba3-FRA
access-control-allow-origin: *
alt-svc: h3=":443"; ma=86400
content-length: 0
server-timing: cfL4;desc="?proto=QUIC&rtt=7336&sent=313&recv=106&lost=0&retrans=0&sent_bytes=328070&recv_bytes=21188&delivery_rate=78285&cwnd=136800&unsent_bytes=0&cid=f2d8158537210ecc&ts=4770&x=1", cfHdrFlush;dur=0
date: Sun, 10 Nov 2024 05:17:07 GMT
vary: Accept-Encoding
server: cloudflare

GET
H2 200 bll21ZO27j3KPE27uQBxt24c2Fw.br.js Show response
r.bing.com/rp/ 552 KB
0 1ms
1ms Script
text/javascript 2a02:26f0:480:36::212:4016
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://r.bing.com/rp/bll21ZO27j3KPE27uQBxt24c2Fw.br.js
Requested by: Host: gfhft42.pages.dev
URL: https://gfhft42.pages.dev/rp/oocd_GLJp7OiNEvIPidegylCzYE.br.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:480:36::212:4016 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash: 0bd4e3aff07fa67e913ddcab8cf93980a472626a9c6043da546253700f344d52

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin: https://gfhft42.pages.dev
Referer: https://gfhft42.pages.dev/

Response headers

content-md5: dOM7S1T00fPaBqtHxZNqEw==
content-encoding: br
x-ms-version: 2009-09-19
etag: 0x8DCDC63C057D2C3
x-ms-lease-status: unlocked
report-to: {"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://aefd.nelreports.net/api/report?cat=bingaotak"}]}
expires: Mon, 11 Nov 2024 17:44:26 GMT
alt-svc: h3=":443"; ma=93600
date: Sun, 10 Nov 2024 05:17:07 GMT
last-modified: Tue, 24 Sep 2024 06:40:16 GMT
content-type: text/javascript; charset=utf-8
nel: {"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":1.0}
cache-control: public, no-transform, max-age=131239
timing-allow-origin: *
x-ms-request-id: 55afecef-d01e-0018-7eb7-17c705000000
access-control-allow-origin: *
content-length: 86451
akamai-grn: 0.0cd01702.1729702286.9ce10a7, 0.56b31402.1731215827.1630911b
x-ms-blob-type: BlockBlob
server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0

GET
H2 200 LDPtmbi_w4y1oa90D_hi6HqB1QI.br.js Show response
r.bing.com/rp/ 3 KB
0 0ms
0ms Script
text/javascript 2a02:26f0:480:36::212:4016
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://r.bing.com/rp/LDPtmbi_w4y1oa90D_hi6HqB1QI.br.js
Requested by: Host: gfhft42.pages.dev
URL: https://gfhft42.pages.dev/rp/oocd_GLJp7OiNEvIPidegylCzYE.br.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:480:36::212:4016 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash: a6347b4c2628cedfeb5757743849800bcce481b54a8d351c2fc1f9b80d3d4c81

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin: https://gfhft42.pages.dev
Referer: https://gfhft42.pages.dev/

Response headers

content-md5: 5UPX20ax2WExB2sNDDWlCg==
content-encoding: br
x-ms-version: 2009-09-19
etag: 0x8DCDC60009B36FF
x-ms-lease-status: unlocked
report-to: {"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://aefd.nelreports.net/api/report?cat=bingaotak"}]}
expires: Mon, 11 Nov 2024 13:14:50 GMT
alt-svc: h3=":443"; ma=93600
date: Sun, 10 Nov 2024 05:17:07 GMT
last-modified: Tue, 24 Sep 2024 06:13:26 GMT
content-type: text/javascript; charset=utf-8
cache-control: public, no-transform, max-age=115063
timing-allow-origin: *
nel: {"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":1.0}
x-ms-request-id: 3229abd4-f01e-0026-5101-187124000000
access-control-allow-origin: *
content-length: 1554
akamai-grn: 0.56b31402.1731215827.16309120
x-ms-blob-type: BlockBlob
server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0

GET
H3 200 render Show response
gfhft42.pages.dev/notifications/ 37 KB
14 KB 117ms
116ms XHR
text/html 2606:4700:310c::ac42:2cab
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://gfhft42.pages.dev/notifications/render?bnptrigger=%7B%22PartnerId%22%3A%22HomePage%22%2C%22IID%22%3A%22Bnp%22%2C%22Attributes%22%3A%7B%22RawRequestURL%22%3A%22%2F%22%2C%22Referer%22%3A%22https%3A%2F%2Fgfhft42.pages.dev%2F%22%7D%7D&IG=A740243CE30E46BBBA7D59C66EA1ACC9&IID=Bnp
Requested by: Host: r.bing.com
URL: https://r.bing.com/rp/LDPtmbi_w4y1oa90D_hi6HqB1QI.br.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:310c::ac42:2cab , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 432e0804947b0c2c8d41219415e7c20441f7b149f5d154338add4f9fe0bb7996

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://gfhft42.pages.dev/

Response headers

x-eventid: 673041d3d83f43488f2a96d87eca0b5a
content-encoding: br
cf-cache-status: DYNAMIC
report-to: {"group":"csp-endpoint","max_age":86400,"endpoints":[{"url":"https://aefd.nelreports.net/api/report?cat=bingcsp"}]}
expires: -1
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=6673&sent=550&recv=169&lost=0&retrans=0&sent_bytes=570378&recv_bytes=48278&delivery_rate=2260857&cwnd=183600&unsent_bytes=0&cid=f2d8158537210ecc&ts=4860&x=1", cfHdrFlush;dur=0
p3p: CP="NON UNI COM NAV STA LOC CURa DEVa PSAa PSDa OUR IND"
date: Sun, 10 Nov 2024 05:17:07 GMT
content-type: text/html; charset=utf-8
vary: Accept-Encoding
cache-control: no-cache
x-cdn-traceid: 0.16d01702.1731215827.6e2fb4d
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: B7476690C7FC46EAA316D99669CCABB5 Ref B: FRA31EDGE0108 Ref C: 2024-11-10T05:17:07Z
content-security-policy-report-only: script-src https: 'strict-dynamic' 'report-sample' 'wasm-unsafe-eval' 'nonce-bFAABh5diinlLJPc+WLRw17oPkvX1CmY+mY7s3O9NQM='; base-uri 'self';report-to csp-endpoint
cf-ray: 8e03930c5cd3bba3-FRA
useragentreductionoptout: A7kgTC5xdZ2WIVGZEfb1hUoNuvjzOZX3VIV/BA6C18kQOOF50Q0D3oWoAm49k3BQImkujKILc7JmPysWk3CSjwUAAACMeyJvcmlnaW4iOiJodHRwczovL3d3dy5iaW5nLmNvbTo0NDMiLCJmZWF0dXJlIjoiU2VuZEZ1bGxVc2VyQWdlbnRBZnRlclJlZHVjdGlvbiIsImV4cGlyeSI6MTY4NDg4NjM5OSwiaXNTdWJkb21haW4iOnRydWUsImlzVGhpcmRQYXJ0eSI6dHJ1ZX0=
server: cloudflare

GET
H2 200 fRPi0Fb1vDrxqdzIfEwP1G-sDQw.br.js Show response
r.bing.com/rp/ 6 KB
0 1ms
1ms Script
text/javascript 2a02:26f0:480:36::212:4016
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://r.bing.com/rp/fRPi0Fb1vDrxqdzIfEwP1G-sDQw.br.js
Requested by: Host: gfhft42.pages.dev
URL: https://gfhft42.pages.dev/rp/oocd_GLJp7OiNEvIPidegylCzYE.br.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:480:36::212:4016 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash: c01f1113020ec6201098a6690849ca3df40dcbc0f6fe9c7827fb616bbf8fa05b

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin: https://gfhft42.pages.dev
Referer: https://gfhft42.pages.dev/

Response headers

content-md5: aaFACG/wrQSI1YwC6/zyMQ==
content-encoding: br
x-ms-version: 2009-09-19
etag: 0x8DCDC648C07608A
x-ms-lease-status: unlocked
report-to: {"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://aefd.nelreports.net/api/report?cat=bingaotak"}]}
expires: Mon, 11 Nov 2024 14:44:24 GMT
alt-svc: h3=":443"; ma=93600
date: Sun, 10 Nov 2024 05:17:07 GMT
last-modified: Tue, 24 Sep 2024 06:45:58 GMT
content-type: text/javascript; charset=utf-8
cache-control: public, no-transform, max-age=120437
timing-allow-origin: *
nel: {"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":1.0}
x-ms-request-id: 1da334c6-f01e-0026-5da6-167124000000
access-control-allow-origin: *
content-length: 2040
akamai-grn: 0.56b31402.1731215827.16309121
x-ms-blob-type: BlockBlob
server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0

GET
H2 200 lmu8EBCaPRMKtay8LSArGyY3mv4.br.js Show response
r.bing.com/rp/ 1 B
0 0ms
0ms Script
text/javascript 2a02:26f0:480:36::212:4016
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://r.bing.com/rp/lmu8EBCaPRMKtay8LSArGyY3mv4.br.js
Requested by: Host: gfhft42.pages.dev
URL: https://gfhft42.pages.dev/rp/oocd_GLJp7OiNEvIPidegylCzYE.br.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:480:36::212:4016 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash: 5feceb66ffc86f38d952786c6d696c79c2dbc239dd4e91b46729d73a27fb57e9

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin: https://gfhft42.pages.dev
Referer: https://gfhft42.pages.dev/

Response headers

content-md5: 5aqSHeuG+BOAJrucJAgg+w==
content-encoding: br
x-ms-version: 2009-09-19
etag: 0x8DCDC65EBC9AAE4
x-ms-lease-status: unlocked
report-to: {"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://aefd.nelreports.net/api/report?cat=bingaotak"}]}
expires: Wed, 13 Nov 2024 21:16:57 GMT
alt-svc: h3=":443"; ma=93600
date: Sun, 10 Nov 2024 05:17:07 GMT
last-modified: Tue, 24 Sep 2024 06:55:48 GMT
content-type: text/javascript; charset=utf-8
cache-control: public, no-transform, max-age=316790
timing-allow-origin: *
nel: {"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":1.0}
x-ms-request-id: de9e8402-a01e-0053-3e78-17f69f000000
access-control-allow-origin: *
content-length: 5
akamai-grn: 0.56b31402.1731215827.16308f62
x-ms-blob-type: BlockBlob
server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0

GET
H2 200 8xkvUeJjS0zgx9UJLaoz8Ih_Yy4.br.js Show response
r.bing.com/rp/ 1 KB
0 0ms
0ms Script
text/javascript 2a02:26f0:480:36::212:4016
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://r.bing.com/rp/8xkvUeJjS0zgx9UJLaoz8Ih_Yy4.br.js
Requested by: Host: gfhft42.pages.dev
URL: https://gfhft42.pages.dev/rp/oocd_GLJp7OiNEvIPidegylCzYE.br.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:480:36::212:4016 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash: f332b88324f67c9deb79ca7d33bd57f161e39567e774e4fdd5c0509205e60b9b

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin: https://gfhft42.pages.dev
Referer: https://gfhft42.pages.dev/

Response headers

content-md5: 1nLWdicDwxe3KsJ1SxmxmQ==
x-ms-version: 2009-09-19
x-ms-lease-status: unlocked
etag: 0x8DCEC87979A4FF0
content-encoding: gzip
report-to: {"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://aefd.nelreports.net/api/report?cat=bingaotak"}]}
expires: Sun, 10 Nov 2024 21:35:40 GMT
alt-svc: h3=":443"; ma=93600
date: Sun, 10 Nov 2024 05:17:07 GMT
content-type: text/javascript; charset=utf-8
last-modified: Mon, 14 Oct 2024 19:37:08 GMT
vary: Accept-Encoding
cache-control: public, no-transform, max-age=58713
timing-allow-origin: *
nel: {"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":1.0}
x-ms-request-id: c89e97d6-201e-007b-36ca-2f8834000000
access-control-allow-origin: *
content-length: 622
akamai-grn: 0.56b31402.1731215827.1630912a
x-ms-blob-type: BlockBlob
server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0

GET
H2 200 kdaXFKcmbJ_ZSIFJtGtj5iaX3Rs.br.js Show response
r.bing.com/rp/ 5 KB
0 0ms
0ms Script
text/javascript 2a02:26f0:480:36::212:4016
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://r.bing.com/rp/kdaXFKcmbJ_ZSIFJtGtj5iaX3Rs.br.js
Requested by: Host: gfhft42.pages.dev
URL: https://gfhft42.pages.dev/rp/oocd_GLJp7OiNEvIPidegylCzYE.br.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:480:36::212:4016 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash: d367ea014ef1c234179a9060527687703c3c72ecb530ab733aa08b61144286fc

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin: https://gfhft42.pages.dev
Referer: https://gfhft42.pages.dev/

Response headers

content-md5: yv1o3px24LghjlwhG91WGA==
content-encoding: br
x-ms-version: 2009-09-19
etag: 0x8DCDC659E335614
x-ms-lease-status: unlocked
report-to: {"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://aefd.nelreports.net/api/report?cat=bingaotak"}]}
expires: Tue, 12 Nov 2024 08:17:16 GMT
alt-svc: h3=":443"; ma=93600
date: Sun, 10 Nov 2024 05:17:07 GMT
last-modified: Tue, 24 Sep 2024 06:53:38 GMT
content-type: text/javascript; charset=utf-8
cache-control: public, no-transform, max-age=183609
timing-allow-origin: *
nel: {"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":1.0}
x-ms-request-id: c48922ab-401e-001d-6c95-18337a000000
access-control-allow-origin: *
content-length: 2385
akamai-grn: 0.56b31402.1731215827.1630912b
x-ms-blob-type: BlockBlob
server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0

GET
H2 200 xrUJJ8sN8ucbiFbMJle3n0IfRwU.br.js Show response
r.bing.com/rp/ 257 B
0 0ms
0ms Script
text/javascript 2a02:26f0:480:36::212:4016
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://r.bing.com/rp/xrUJJ8sN8ucbiFbMJle3n0IfRwU.br.js
Requested by: Host: gfhft42.pages.dev
URL: https://gfhft42.pages.dev/rp/oocd_GLJp7OiNEvIPidegylCzYE.br.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:480:36::212:4016 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash: a5b4181611e951faecd6c164d704569c633e95fe68d3d1934b911a089ebf70e8

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin: https://gfhft42.pages.dev
Referer: https://gfhft42.pages.dev/

Response headers

content-md5: JiWcdaDQ1Cccduc8L4eReg==
content-encoding: br
x-ms-version: 2009-09-19
etag: 0x8DCDC687B0F78AF
x-ms-lease-status: unlocked
report-to: {"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://aefd.nelreports.net/api/report?cat=bingaotak"}]}
expires: Mon, 11 Nov 2024 23:26:53 GMT
alt-svc: h3=":443"; ma=93600
date: Sun, 10 Nov 2024 05:17:07 GMT
last-modified: Tue, 24 Sep 2024 07:14:07 GMT
content-type: text/javascript; charset=utf-8
cache-control: public, no-transform, max-age=151786
timing-allow-origin: *
nel: {"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":1.0}
x-ms-request-id: de9f7e7e-a01e-0053-7079-17f69f000000
access-control-allow-origin: *
content-length: 151
akamai-grn: 0.56b31402.1731215827.1630912c
x-ms-blob-type: BlockBlob
server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0

GET
H3 203 l
gfhft42.pages.dev/fd/ls/ 2 B
699 B 39ms
38ms Image
text/xml 2606:4700:310c::ac42:2cab
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://gfhft42.pages.dev/fd/ls/l?IG=A740243CE30E46BBBA7D59C66EA1ACC9&CID=160DF516170E609206A8E02516B06190&Type=Event.ClientInst&DATA=[{%22T%22:%22CI.FeedbackInit%22,%22FID%22:%22CI%22,%22Name%22:%22Feedback%22,%22Text%22:%22sb_feedback%22}]
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:310c::ac42:2cab , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://gfhft42.pages.dev/

Response headers

cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=ot9UN6K6WzVv%2BiF93bblexGI%2BUnVHciIq0pjlRuo3Ed68RdG5wjcgLurKYaQMlZJ4j39V1h7C6uoKr%2FMUWdcbNUKlUnhUlbewWGPntQc7OMm6RgXupC7aUZ9zSfpC%2Fx177Y4uqjnuDCjh1i0MHlxuQ%3D%3D"}],"group":"cf-nel","max_age":604800}
expires: 0
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=6796&sent=367&recv=122&lost=0&retrans=0&sent_bytes=375456&recv_bytes=26993&delivery_rate=2632631&cwnd=136800&unsent_bytes=0&cid=f2d8158537210ecc&ts=4802&x=1", cfHdrFlush;dur=0
date: Sun, 10 Nov 2024 05:17:07 GMT
content-type: text/xml
vary: Accept-Encoding
cache-control: no-cache, no-store, must-revalidate
x-cdn-traceid: 0.33d01702.1731215827.10e82c0e
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
pragma: no-cache
cf-ray: 8e03930c7cdebba3-FRA
mime-version: 1.0
content-length: 2
server: cloudflare

GET
H2 200 LXu4eYVt3NhFk3Ud9ZbhZ_PYFaA.br.js Show response
r.bing.com/rp/ 426 B
0 1ms
1ms Script
text/javascript 2a02:26f0:480:36::212:4016
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://r.bing.com/rp/LXu4eYVt3NhFk3Ud9ZbhZ_PYFaA.br.js
Requested by: Host: gfhft42.pages.dev
URL: https://gfhft42.pages.dev/rp/oocd_GLJp7OiNEvIPidegylCzYE.br.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:480:36::212:4016 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash: 3ed65f33193430c0b9db61ffe7f5fe27b29f86a28563992c3afc47d4c22c23d7

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin: https://gfhft42.pages.dev
Referer: https://gfhft42.pages.dev/

Response headers

content-md5: QTej8D3Nf9S3dS9wyAdElQ==
content-encoding: br
x-ms-version: 2009-09-19
etag: 0x8DCDC600E9B2277
x-ms-lease-status: unlocked
report-to: {"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://aefd.nelreports.net/api/report?cat=bingaotak"}]}
expires: Sun, 10 Nov 2024 18:56:00 GMT
alt-svc: h3=":443"; ma=93600
date: Sun, 10 Nov 2024 05:17:07 GMT
last-modified: Tue, 24 Sep 2024 06:13:49 GMT
content-type: text/javascript; charset=utf-8
cache-control: public, no-transform, max-age=49133
timing-allow-origin: *
nel: {"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":1.0}
x-ms-request-id: be1a3135-f01e-0062-5a5e-15ad48000000
access-control-allow-origin: *
content-length: 238
akamai-grn: 0.56b31402.1731215827.1630912d
x-ms-blob-type: BlockBlob
server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0

GET
H2 200 JXkjDPywJD9oeuWPLy7bD8Jc6mw.br.js Show response
r.bing.com/rp/ 423 B
0 0ms
0ms Script
text/javascript 2a02:26f0:480:36::212:4016
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://r.bing.com/rp/JXkjDPywJD9oeuWPLy7bD8Jc6mw.br.js
Requested by: Host: gfhft42.pages.dev
URL: https://gfhft42.pages.dev/rp/oocd_GLJp7OiNEvIPidegylCzYE.br.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:480:36::212:4016 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash: af8c36defed55d79106513865f69933e546e1e4c361e41c29f65905ded009047

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin: https://gfhft42.pages.dev
Referer: https://gfhft42.pages.dev/

Response headers

content-md5: Dsb9bELHm1DHL/PEEhsR3g==
x-ms-version: 2009-09-19
x-ms-lease-status: unlocked
etag: 0x8DCDC5F9EF7BA5F
content-encoding: gzip
report-to: {"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://aefd.nelreports.net/api/report?cat=bingaotak"}]}
expires: Mon, 11 Nov 2024 10:04:46 GMT
alt-svc: h3=":443"; ma=93600
date: Sun, 10 Nov 2024 05:17:07 GMT
last-modified: Tue, 24 Sep 2024 06:10:42 GMT
content-type: text/javascript; charset=utf-8
vary: Accept-Encoding
nel: {"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":1.0}
cache-control: public, no-transform, max-age=103659
timing-allow-origin: *
x-ms-request-id: 0f146ab1-e01e-0032-7324-1bb240000000
access-control-allow-origin: *
content-length: 290
akamai-grn: 0.15d01702.1729313675.b0c4911, 0.56b31402.1731215827.1630912e
x-ms-blob-type: BlockBlob
server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0

GET
H2 200 ilbkF5vv0sk3tJ8LDY0Nm39p12g.br.js Show response
r.bing.com/rp/ 425 B
0 0ms
0ms Script
text/javascript 2a02:26f0:480:36::212:4016
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://r.bing.com/rp/ilbkF5vv0sk3tJ8LDY0Nm39p12g.br.js
Requested by: Host: gfhft42.pages.dev
URL: https://gfhft42.pages.dev/rp/oocd_GLJp7OiNEvIPidegylCzYE.br.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:480:36::212:4016 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash: 08021ed3bca5532304b597e636beb939ff7baa6d08dca4e94c0dde1fdf940389

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin: https://gfhft42.pages.dev
Referer: https://gfhft42.pages.dev/

Response headers

content-md5: mOWXO8D36JvtqS/wRuZISQ==
content-encoding: br
x-ms-version: 2009-09-19
etag: 0x8DCDC65377BDEB5
x-ms-lease-status: unlocked
report-to: {"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://aefd.nelreports.net/api/report?cat=bingaotak"}]}
expires: Tue, 12 Nov 2024 01:45:36 GMT
alt-svc: h3=":443"; ma=93600
date: Sun, 10 Nov 2024 05:17:07 GMT
last-modified: Tue, 24 Sep 2024 06:50:46 GMT
content-type: text/javascript; charset=utf-8
nel: {"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":1.0}
cache-control: public, no-transform, max-age=160109
timing-allow-origin: *
x-ms-request-id: f72e5903-301e-003b-49bc-17a8ce000000
access-control-allow-origin: *
content-length: 258
akamai-grn: 0.05d01702.1728637785.9d3b4b3, 0.56b31402.1731215827.1630912f
x-ms-blob-type: BlockBlob
server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0

GET
H2 200 OCtnrJQ3aJVfEzdQOhoPYEPIYE0.br.js Show response
r.bing.com/rp/ 22 KB
0 1ms
1ms Script
text/javascript 2a02:26f0:480:36::212:4016
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://r.bing.com/rp/OCtnrJQ3aJVfEzdQOhoPYEPIYE0.br.js
Requested by: Host: gfhft42.pages.dev
URL: https://gfhft42.pages.dev/rp/oocd_GLJp7OiNEvIPidegylCzYE.br.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:480:36::212:4016 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash: 78aa31d0b825a124c7ca14f4fe049560d1bdd186e8cdd7785be87c1d005384e4

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin: https://gfhft42.pages.dev
Referer: https://gfhft42.pages.dev/

Response headers

content-md5: mIcl6ojhBI+ViFkAi8D5vw==
content-encoding: br
x-ms-version: 2009-09-19
etag: 0x8DCF8AA35C6F992
x-ms-lease-status: unlocked
report-to: {"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://aefd.nelreports.net/api/report?cat=bingaotak"}]}
expires: Tue, 12 Nov 2024 10:03:12 GMT
alt-svc: h3=":443"; ma=93600
date: Sun, 10 Nov 2024 05:17:07 GMT
last-modified: Wed, 30 Oct 2024 06:15:11 GMT
content-type: text/javascript; charset=utf-8
nel: {"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":1.0}
cache-control: public, no-transform, max-age=189965
timing-allow-origin: *
x-ms-request-id: aee4d046-d01e-0013-23e9-2adf71000000
access-control-allow-origin: *
content-length: 9011
akamai-grn: 0.39d01702.1730319329.19895f9f, 0.56b31402.1731215827.16309130
x-ms-blob-type: BlockBlob
server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0

GET
H3 203 l
gfhft42.pages.dev/fd/ls/ 2 B
699 B 71ms
71ms Image
text/xml 2606:4700:310c::ac42:2cab
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://gfhft42.pages.dev/fd/ls/l?IG=A740243CE30E46BBBA7D59C66EA1ACC9&CID=160DF516170E609206A8E02516B06190&TYPE=Event.ClientInst&DATA=%5B%7B%22func%22%3A%22useFetch%22%2C%22url%22%3A%22%2Fimages%2Fsbi%3Fmmasync%3D1%26ptn%3DHomepage%26IID%3DSBI%26IG%3DA740243CE30E46BBBA7D59C66EA1ACC9%26%22%2C%22format%22%3A%22dom%22%2C%22status%22%3A200%2C%22time%22%3A529%2C%22T%22%3A%22CI.Data%22%2C%22TS%22%3A1731215827921%2C%22Name%22%3A%22fetched%22%2C%22FID%22%3A%22HP%22%7D%5D
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:310c::ac42:2cab , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://gfhft42.pages.dev/

Response headers

cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=PmtXCfclb84117VWkYC5xHnKDNheGc82VtshG4fqInH%2BUMjUQn66mx6on5AEhiX6x0LPhnD4AYX8K1hltvaQH0fX2AGZAquuUkZI%2B3sua2YgmzLt5OAtKo2f%2F2erVG%2F9JXGzzyN6MavIRPu%2BLSdtaw%3D%3D"}],"group":"cf-nel","max_age":604800}
expires: 0
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=6555&sent=380&recv=158&lost=0&retrans=0&sent_bytes=378489&recv_bytes=45644&delivery_rate=43304&cwnd=136800&unsent_bytes=0&cid=f2d8158537210ecc&ts=4849&x=1", cfHdrFlush;dur=0
date: Sun, 10 Nov 2024 05:17:07 GMT
content-type: text/xml
vary: Accept-Encoding
cache-control: no-cache, no-store, must-revalidate
x-cdn-traceid: 0.02d01702.1731215827.1d1648ef
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
pragma: no-cache
cf-ray: 8e03930c8ce7bba3-FRA
mime-version: 1.0
content-length: 2
server: cloudflare

GET
H2 200 MjkKTrIX9w2UKVd1W1WV1Gj2zWM.br.js Show response
r.bing.com/rp/ 938 B
0 0ms
0ms Script
text/javascript 2a02:26f0:480:36::212:4016
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://r.bing.com/rp/MjkKTrIX9w2UKVd1W1WV1Gj2zWM.br.js
Requested by: Host: gfhft42.pages.dev
URL: https://gfhft42.pages.dev/rp/oocd_GLJp7OiNEvIPidegylCzYE.br.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:480:36::212:4016 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash: f2c5677d58718ae60f7f4e98351643afeb8ad7fdfe4b2b6af0b7b63108cb7071

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin: https://gfhft42.pages.dev
Referer: https://gfhft42.pages.dev/

Response headers

content-md5: YFrAklqNwGuL+H5Q5yxZnw==
x-ms-version: 2009-09-19
x-ms-lease-status: unlocked
etag: 0x8DCDC604D6BCADD
content-encoding: gzip
report-to: {"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://aefd.nelreports.net/api/report?cat=bingaotak"}]}
expires: Sun, 10 Nov 2024 15:06:29 GMT
alt-svc: h3=":443"; ma=93600
date: Sun, 10 Nov 2024 05:17:07 GMT
last-modified: Tue, 24 Sep 2024 06:15:35 GMT
content-type: text/javascript; charset=utf-8
vary: Accept-Encoding
nel: {"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":1.0}
cache-control: public, no-transform, max-age=35362
timing-allow-origin: *
x-ms-request-id: 9c9ff1d5-801e-0066-528e-1558ca000000
access-control-allow-origin: *
content-length: 512
akamai-grn: 0.1cd01702.1729853994.19f75053, 0.56b31402.1731215827.16309131
x-ms-blob-type: BlockBlob
server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0

GET
H3 200 l
gfhft42.pages.dev/fd/ls/ 0
614 B 66ms
65ms Image
text/plain 2606:4700:310c::ac42:2cab
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://gfhft42.pages.dev/fd/ls/l?IG=A740243CE30E46BBBA7D59C66EA1ACC9&CID=160DF516170E609206A8E02516B06190&TYPE=Event.ClientInst&DATA=%5B%7B%22func%22%3A%22useDynamicModules%22%2C%22module%22%3A%22rms-answers-HomepageVNext-PeregrineWidgets%22%2C%22error%22%3A%22TypeError%3A%20Failed%20to%20fetch%20dynamically%20imported%20module%3A%20https%3A%2F%2Fassets.msn.com%2Fbundles%2Fv1%2FbingHomepage%2Flatest%2Fwidget-initializer.js%22%2C%22time%22%3A532%2C%22T%22%3A%22CI.Data%22%2C%22TS%22%3A1731215827924%2C%22Name%22%3A%22ImportError%22%2C%22FID%22%3A%22HP%22%7D%5D
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:310c::ac42:2cab , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://gfhft42.pages.dev/

Response headers

x-cdn-traceid: 0.3bd01702.1731215827.13bdd221
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=N7sksCQvSbpVhIGuLZIE716toOElDra%2Frtd9BfsLAlH06PeQ4b05fV7m9Xen7iq9GuSkwuP492ZHMbBImfcgKn1dvk3ls1eHZZ70IxFPmVk7R7wK78yAKh%2BzzD%2FT1Krk7ruqoPpRNrPeOPJDCutycg%3D%3D"}],"group":"cf-nel","max_age":604800}
cf-ray: 8e03930c8ce9bba3-FRA
access-control-allow-origin: *
alt-svc: h3=":443"; ma=86400
content-length: 0
server-timing: cfL4;desc="?proto=QUIC&rtt=6697&sent=377&recv=156&lost=0&retrans=0&sent_bytes=377799&recv_bytes=45114&delivery_rate=92347&cwnd=136800&unsent_bytes=0&cid=f2d8158537210ecc&ts=4846&x=1", cfHdrFlush;dur=0
date: Sun, 10 Nov 2024 05:17:07 GMT
vary: Accept-Encoding
server: cloudflare

GET
H3 203 th
gfhft42.pages.dev/ 2 B
696 B 56ms
55ms Image
text/xml 2606:4700:310c::ac42:2cab
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://gfhft42.pages.dev/th?id=OHR.YucatanFlamingos_DE-DE2009828774_1920x1080.webp
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:310c::ac42:2cab , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://gfhft42.pages.dev/

Response headers

cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=GMk%2Btim3zy10y0srv0zrBG%2FlNR9XaeRBQhtoXynawdolWm89yqBGFCeSDo%2BnB93acmzzhGWxy0GIomnOi0gqVRqjO3A2LM15ThlNFSmkUYqUf4bhUUKbVuu20tsCjy8o7f25nw9vBRtu9bWA9EM%2FhQ%3D%3D"}],"group":"cf-nel","max_age":604800}
expires: 0
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=6697&sent=375&recv=156&lost=0&retrans=0&sent_bytes=376358&recv_bytes=45114&delivery_rate=92347&cwnd=136800&unsent_bytes=0&cid=f2d8158537210ecc&ts=4840&x=1", cfHdrFlush;dur=0
date: Sun, 10 Nov 2024 05:17:07 GMT
content-type: text/xml
vary: Accept-Encoding
cache-control: no-cache, no-store, must-revalidate
x-cdn-traceid: 0.31d01702.1731215827.e8fe3e1
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
pragma: no-cache
cf-ray: 8e03930c9cecbba3-FRA
mime-version: 1.0
content-length: 2
server: cloudflare

GET
H2 200 5
platform.bing.com/geo/REST/v1/Imagery/Map/RoadVibrant/19.55111,-89.29639/ 18 KB
19 KB 126ms
73ms Image
image/png 2620:1ec:c11::237
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://platform.bing.com/geo/REST/v1/Imagery/Map/RoadVibrant/19.55111,-89.29639/5?key=AsSOKo7OOz5VAtfAj0rjgaXlhCrCZI6PGbLj7GCH8IW2HUalyg4BVhqA0z77PRCj&c=de-DE&od=2&shading=flat&pp=19.55111,-89.29639;S9;Halbinsel%20Yucat%C3%A1n,%20Mexiko&st=pp|v:false;lv:false_trs|v:false;lv:false&ml=Basemap,Landmarks&logo=no&mapSize=386,434&da=ro
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2620:1ec:c11::237 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: 95e14855ec11d2c5d0080c6fc0339b285204774575748c59c8d1aef4252a8f11

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://gfhft42.pages.dev/

Response headers

x-ms-bm-ws-info: 0
x-bm-fe-elapsed: 22
cache-control: public, max-age=600
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: A59309A269704046B5209B2C63C271BE Ref B: FRA31EDGE0122 Ref C: 2024-11-10T05:17:07Z
access-control-allow-methods: POST, GET, OPTIONS
x-bm-srv: mapsplatform-frontend-57875d957f-lb44g, mapsplatform-imagery-service-679f49b88d-qnq8w
access-control-allow-origin: *
x-bm-traceid: a59309a269704046b5209b2c63c271be
x-cache: CONFIG_NOCACHE
alt-svc: h3=":443"; ma=86400
date: Sun, 10 Nov 2024 05:17:07 GMT
content-type: image/png
access-control-allow-headers: Content-Type,X-FD-Features,X-FD-FLIGHT,PreferAnonymous

GET
H3 200 l
gfhft42.pages.dev/fd/ls/ 0
619 B 61ms
60ms Image
text/plain 2606:4700:310c::ac42:2cab
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://gfhft42.pages.dev/fd/ls/l?IG=A740243CE30E46BBBA7D59C66EA1ACC9&CID=160DF516170E609206A8E02516B06190&TYPE=Event.ClientInst&DATA=%5B%7B%22time%22%3A544%2C%22T%22%3A%22CI.Error%22%2C%22TS%22%3A1731215827936%2C%22Name%22%3A%22ImportedWidgetModuleErrorEvent%22%2C%22FID%22%3A%22HP%22%7D%5D
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:310c::ac42:2cab , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://gfhft42.pages.dev/

Response headers

x-cdn-traceid: 0.0cd01702.1731215827.16b0fe7d
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=6a9dx4DC79DYC85l%2Fmf3kVVzAUdChGDkozHnM7RIgg86RdvSmAJ4uKyriM7y%2BWldrDvk6s4DAoy64Zjk%2F4tdvMRl9zuqlSkwEGAyPNevUnz%2FUs4VNAOKF7Ld368q3QHDM5SDasB6SswtxQ5%2FFCM4LQ%3D%3D"}],"group":"cf-nel","max_age":604800}
cf-ray: 8e03930c9cf3bba3-FRA
access-control-allow-origin: *
alt-svc: h3=":443"; ma=86400
content-length: 0
server-timing: cfL4;desc="?proto=QUIC&rtt=6555&sent=383&recv=159&lost=0&retrans=0&sent_bytes=379875&recv_bytes=46722&delivery_rate=43304&cwnd=136800&unsent_bytes=0&cid=f2d8158537210ecc&ts=4850&x=1", cfHdrFlush;dur=0
date: Sun, 10 Nov 2024 05:17:07 GMT
vary: Accept-Encoding
server: cloudflare

GET
H3 200 l
gfhft42.pages.dev/fd/ls/ 0
622 B 74ms
74ms Image
text/plain 2606:4700:310c::ac42:2cab
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://gfhft42.pages.dev/fd/ls/l?IG=A740243CE30E46BBBA7D59C66EA1ACC9&CID=160DF516170E609206A8E02516B06190&TYPE=Event.ClientInst&DATA=%5B%7B%22func%22%3A%22useFetch%22%2C%22url%22%3A%22%2Fimages%2Fsbi%3Fmmasync%3D1%26ptn%3DHomepage%26IID%3DSBI%26IG%3DA740243CE30E46BBBA7D59C66EA1ACC9%26%22%2C%22format%22%3A%22dom%22%2C%22time%22%3A545%2C%22T%22%3A%22CI.Data%22%2C%22TS%22%3A1731215827937%2C%22Name%22%3A%22parsed%22%2C%22FID%22%3A%22HP%22%7D%5D
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:310c::ac42:2cab , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://gfhft42.pages.dev/

Response headers

x-cdn-traceid: 0.16d01702.1731215827.6e2fb5b
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=W7cdBUlS2%2FXQIt1EbsIqCeoh7Z41WlmpD%2Bv%2FlHN%2B5rMPrtfbHkJQZKlrkd44rSGxKzs8CAKflzpahPoX9jAnMwdJrEYamitW9z5PHsrKXXM2s6N8K0IO8ctIXIKWfxFVvKJjncH12ImTn%2F4%2BOlTZ%2Bg%3D%3D"}],"group":"cf-nel","max_age":604800}
cf-ray: 8e03930c9cf5bba3-FRA
access-control-allow-origin: *
alt-svc: h3=":443"; ma=86400
content-length: 0
server-timing: cfL4;desc="?proto=QUIC&rtt=6710&sent=591&recv=170&lost=0&retrans=0&sent_bytes=617429&recv_bytes=48369&delivery_rate=2405683&cwnd=183600&unsent_bytes=0&cid=f2d8158537210ecc&ts=4861&x=1", cfHdrFlush;dur=0
date: Sun, 10 Nov 2024 05:17:08 GMT
vary: Accept-Encoding
server: cloudflare

GET
H2 200 Gyuq2bqitqDJM0BeAkbKXGlQXNw.br.js Show response
r.bing.com/rp/ 1 KB
0 0ms
0ms Script
text/javascript 2a02:26f0:480:36::212:4016
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://r.bing.com/rp/Gyuq2bqitqDJM0BeAkbKXGlQXNw.br.js
Requested by: Host: gfhft42.pages.dev
URL: https://gfhft42.pages.dev/rp/oocd_GLJp7OiNEvIPidegylCzYE.br.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:480:36::212:4016 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash: 8e572950cbda0558f7b9563ce4f5017e06bc9c262cf487e33927a948f8d78f7f

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin: https://gfhft42.pages.dev
Referer: https://gfhft42.pages.dev/

Response headers

content-md5: wQmZQwuzNQKGWvk013IgpA==
content-encoding: br
x-ms-version: 2009-09-19
etag: 0x8DCDC5F1663B480
x-ms-lease-status: unlocked
report-to: {"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://aefd.nelreports.net/api/report?cat=bingaotak"}]}
expires: Mon, 11 Nov 2024 17:27:09 GMT
alt-svc: h3=":443"; ma=93600
date: Sun, 10 Nov 2024 05:17:07 GMT
last-modified: Tue, 24 Sep 2024 06:06:53 GMT
content-type: text/javascript; charset=utf-8
cache-control: public, no-transform, max-age=130202
timing-allow-origin: *
nel: {"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":1.0}
x-ms-request-id: 935d8deb-c01e-000c-102a-150461000000
access-control-allow-origin: *
content-length: 714
akamai-grn: 0.56b31402.1731215827.16309132
x-ms-blob-type: BlockBlob
server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0

GET
H3 200 l
gfhft42.pages.dev/fd/ls/ 0
619 B 59ms
59ms Image
text/plain 2606:4700:310c::ac42:2cab
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://gfhft42.pages.dev/fd/ls/l?IG=A740243CE30E46BBBA7D59C66EA1ACC9&CID=160DF516170E609206A8E02516B06190&TYPE=Event.ClientInst&DATA=%5B%7B%22func%22%3A%22useFetch%22%2C%22url%22%3A%22%2Fhp%2Fapi%2Fv1%2Fcarousel%3F%26format%3Djson%26ecount%3D24%26efirst%3D0%26%22%2C%22format%22%3A%22json%22%2C%22status%22%3A200%2C%22time%22%3A545%2C%22T%22%3A%22CI.Data%22%2C%22TS%22%3A1731215827938%2C%22Name%22%3A%22fetched%22%2C%22FID%22%3A%22HP%22%7D%5D
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:310c::ac42:2cab , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://gfhft42.pages.dev/

Response headers

x-cdn-traceid: 0.41d01702.1731215827.1f206b0c
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=QVxdyp6TfdFBXn6sumcMkFzdn3rTQz%2BVEsyiGn05ozCOioFThTWVYWoEfFuNYPHkghbdlGM%2FDNqQx0qEVCkAAzsfxh%2BwFvR%2BPm4sWPvt1ylXOJzCdcYpf3F46MEld%2BLzkO9YAJL4dlR845wnrqMqUg%3D%3D"}],"group":"cf-nel","max_age":604800}
cf-ray: 8e03930c9cf9bba3-FRA
access-control-allow-origin: *
alt-svc: h3=":443"; ma=86400
content-length: 0
server-timing: cfL4;desc="?proto=QUIC&rtt=6555&sent=385&recv=160&lost=0&retrans=0&sent_bytes=380543&recv_bytes=47449&delivery_rate=43304&cwnd=136800&unsent_bytes=0&cid=f2d8158537210ecc&ts=4851&x=1", cfHdrFlush;dur=0
date: Sun, 10 Nov 2024 05:17:07 GMT
vary: Accept-Encoding
server: cloudflare

GET
H3 200 l
gfhft42.pages.dev/fd/ls/ 0
614 B 55ms
55ms Image
text/plain 2606:4700:310c::ac42:2cab
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://gfhft42.pages.dev/fd/ls/l?IG=A740243CE30E46BBBA7D59C66EA1ACC9&CID=160DF516170E609206A8E02516B06190&TYPE=Event.ClientInst&DATA=%5B%7B%22func%22%3A%22useFetch%22%2C%22url%22%3A%22%2Fhp%2Fapi%2Fv1%2Ftrivia%3Fformat%3Djson%26id%3DHPQuiz_20241110_YucatanFlamingos%26%22%2C%22format%22%3A%22json%22%2C%22status%22%3A200%2C%22time%22%3A546%2C%22T%22%3A%22CI.Data%22%2C%22TS%22%3A1731215827938%2C%22Name%22%3A%22fetched%22%2C%22FID%22%3A%22HP%22%7D%5D
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:310c::ac42:2cab , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://gfhft42.pages.dev/

Response headers

x-cdn-traceid: 0.16d01702.1731215827.6e2fb59
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=5m0RUMZNPK1EUEaLhvtM3bmJcIVTpZYJpPtpMRQAkgX5xsNJnpo0Jk%2FRLK65Ptn8OT5NEqRQtWptbpXRLNukM4e1obCoWe%2FzeiId8MuUsa%2BZdlpg7nz9W7c8l3HWYL660xat8PI4ELftkGvQAudu4g%3D%3D"}],"group":"cf-nel","max_age":604800}
cf-ray: 8e03930c9cfbbba3-FRA
access-control-allow-origin: *
alt-svc: h3=":443"; ma=86400
content-length: 0
server-timing: cfL4;desc="?proto=QUIC&rtt=6555&sent=381&recv=158&lost=0&retrans=0&sent_bytes=379212&recv_bytes=45644&delivery_rate=43304&cwnd=136800&unsent_bytes=0&cid=f2d8158537210ecc&ts=4849&x=1", cfHdrFlush;dur=0
date: Sun, 10 Nov 2024 05:17:07 GMT
vary: Accept-Encoding
server: cloudflare

GET
H3 200 l
gfhft42.pages.dev/fd/ls/ 0
619 B 75ms
74ms Image
text/plain 2606:4700:310c::ac42:2cab
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://gfhft42.pages.dev/fd/ls/l?IG=A740243CE30E46BBBA7D59C66EA1ACC9&CID=160DF516170E609206A8E02516B06190&TYPE=Event.ClientInst&DATA=%5B%7B%22func%22%3A%22useFetch%22%2C%22url%22%3A%22%2Fhp%2Fapi%2Fmodel%22%2C%22format%22%3A%22json%22%2C%22status%22%3A200%2C%22time%22%3A546%2C%22T%22%3A%22CI.Data%22%2C%22TS%22%3A1731215827939%2C%22Name%22%3A%22fetched%22%2C%22FID%22%3A%22HP%22%7D%5D
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:310c::ac42:2cab , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://gfhft42.pages.dev/

Response headers

x-cdn-traceid: 0.3bd01702.1731215827.13bdd223
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Bz4VUiyp9zNB9p1A0ViTJVxSMBnsNv9FesecO2b0Mt0KRoI9%2FoOROqxrCGguYI5VijnwrVJun%2FfFALccZzZSOlqOJ%2BhKUZAfz5PABuOMknCIemll0Pj%2FbuiBLZk5C%2Fs5R0FlDsSyB59OFt2EIMyUig%3D%3D"}],"group":"cf-nel","max_age":604800}
cf-ray: 8e03930cacfdbba3-FRA
access-control-allow-origin: *
alt-svc: h3=":443"; ma=86400
content-length: 0
server-timing: cfL4;desc="?proto=QUIC&rtt=6710&sent=601&recv=170&lost=0&retrans=0&sent_bytes=629429&recv_bytes=48369&delivery_rate=2405683&cwnd=183600&unsent_bytes=0&cid=f2d8158537210ecc&ts=4862&x=1", cfHdrFlush;dur=0
date: Sun, 10 Nov 2024 05:17:08 GMT
vary: Accept-Encoding
server: cloudflare

GET
H3 200 l
gfhft42.pages.dev/fd/ls/ 0
618 B 70ms
70ms Image
text/plain 2606:4700:310c::ac42:2cab
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://gfhft42.pages.dev/fd/ls/l?IG=A740243CE30E46BBBA7D59C66EA1ACC9&CID=160DF516170E609206A8E02516B06190&TYPE=Event.ClientInst&DATA=%5B%7B%22func%22%3A%22useFetch%22%2C%22url%22%3A%22%2Fhp%2Fapi%2Fv1%2Fcarousel%3F%26format%3Djson%26ecount%3D20%26efirst%3D0%26%26%22%2C%22format%22%3A%22json%22%2C%22status%22%3A200%2C%22time%22%3A547%2C%22T%22%3A%22CI.Data%22%2C%22TS%22%3A1731215827939%2C%22Name%22%3A%22fetched%22%2C%22FID%22%3A%22HP%22%7D%5D
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:310c::ac42:2cab , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://gfhft42.pages.dev/

Response headers

x-cdn-traceid: 0.39d01702.1731215827.1b1cbcdf
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=aA1EIPEFQ3NzLLf4eksjZsDm0x%2B%2BZgpCmD3x4xHc1qbR3sGmPLV5ULFMAnC5VFMIMPjCKc882D411422whZClg7xXpujEpTizoZ4xIGxJQ0lhPy5L%2B%2Fy82wkAiTmirIttxsYqsCCJvJSxmh5psBYMw%3D%3D"}],"group":"cf-nel","max_age":604800}
cf-ray: 8e03930cacfebba3-FRA
access-control-allow-origin: *
alt-svc: h3=":443"; ma=86400
content-length: 0
server-timing: cfL4;desc="?proto=QUIC&rtt=6673&sent=552&recv=169&lost=0&retrans=0&sent_bytes=572383&recv_bytes=48278&delivery_rate=2260857&cwnd=183600&unsent_bytes=0&cid=f2d8158537210ecc&ts=4861&x=1", cfHdrFlush;dur=0
date: Sun, 10 Nov 2024 05:17:08 GMT
vary: Accept-Encoding
server: cloudflare

GET
DATA 200
OK truncated
/ 893 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: f68f6ccbdb57c7e73b51ed5c2e36fd37be5febc107a35cbd58ae4cab451c6a42

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer

Response headers

Content-Type: image/png

GET
H3 203 momentsintime Show response
gfhft42.pages.dev/hp/api/v1/ 2 B
697 B 37ms
37ms Fetch
text/xml 2606:4700:310c::ac42:2cab
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://gfhft42.pages.dev/hp/api/v1/momentsintime?format=json&ssd=20241109_2300&
Requested by: Host: r.bing.com
URL: https://r.bing.com/rp/rhoAAnBKNrjuZ6KOQW4ihvA6Uvo.br.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:310c::ac42:2cab , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Content-type: application/json
Referer: https://gfhft42.pages.dev/

Response headers

cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=E%2BZ5KEFfrpV2JGmE8VxDd5ncz%2BYQqWsFrKlkdlooaC9J09qtwjm0bYlHFH7um2UNajT3QS4jC1fmU3dScY%2FYGf9Cp78ah78CqTCKITo7RPNGNzF0uDfrb6WrU2EYDmogJ3drBG1v2wJLRd30s5VWTQ%3D%3D"}],"group":"cf-nel","max_age":604800}
expires: 0
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=6697&sent=375&recv=156&lost=0&retrans=0&sent_bytes=376358&recv_bytes=45114&delivery_rate=92347&cwnd=136800&unsent_bytes=0&cid=f2d8158537210ecc&ts=4840&x=1", cfHdrFlush;dur=0
date: Sun, 10 Nov 2024 05:17:07 GMT
content-type: text/xml
vary: Accept-Encoding
cache-control: no-cache, no-store, must-revalidate
x-cdn-traceid: 0.02d01702.1731215827.1d1648fb
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
pragma: no-cache
cf-ray: 8e03930cbd08bba3-FRA
mime-version: 1.0
content-length: 2
server: cloudflare

GET
H3 200 imagegallery Show response
gfhft42.pages.dev/hp/api/v1/ 14 KB
7 KB 70ms
70ms Fetch
application/json 2606:4700:310c::ac42:2cab
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://gfhft42.pages.dev/hp/api/v1/imagegallery?format=json&ssd=20241109_2300&
Requested by: Host: r.bing.com
URL: https://r.bing.com/rp/rhoAAnBKNrjuZ6KOQW4ihvA6Uvo.br.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:310c::ac42:2cab , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0fcf07ab124ece4d9c0f96f53464f1ab9f0cb377d693514d0ab11be996517f9c

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Content-type: application/json
Referer: https://gfhft42.pages.dev/

Response headers

x-eventid: 673041d38cb441329e24a3a8946c6f5c
content-encoding: br
cf-cache-status: DYNAMIC
report-to: {"group":"csp-endpoint","max_age":86400,"endpoints":[{"url":"https://aefd.nelreports.net/api/report?cat=bingcsp"}]}
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=6404&sent=787&recv=183&lost=0&retrans=0&sent_bytes=843855&recv_bytes=48954&delivery_rate=11497743&cwnd=264000&unsent_bytes=0&cid=f2d8158537210ecc&ts=4867&x=1", cfHdrFlush;dur=0
p3p: CP="NON UNI COM NAV STA LOC CURa DEVa PSAa PSDa OUR IND"
date: Sun, 10 Nov 2024 05:17:08 GMT
content-type: application/json; charset=utf-8
vary: Accept-Encoding
cache-control: private
x-cdn-traceid: 0.0cd01702.1731215827.16b0fe86
content-security-policy-report-only: script-src https: 'strict-dynamic' 'report-sample' 'wasm-unsafe-eval' 'nonce-5GBLAAMKH77F+R6jDacSKjaNqB3LdKAv32p/AFpKSrg='; base-uri 'self';report-to csp-endpoint
cf-ray: 8e03930cbd09bba3-FRA
useragentreductionoptout: A7kgTC5xdZ2WIVGZEfb1hUoNuvjzOZX3VIV/BA6C18kQOOF50Q0D3oWoAm49k3BQImkujKILc7JmPysWk3CSjwUAAACMeyJvcmlnaW4iOiJodHRwczovL3d3dy5iaW5nLmNvbTo0NDMiLCJmZWF0dXJlIjoiU2VuZEZ1bGxVc2VyQWdlbnRBZnRlclJlZHVjdGlvbiIsImV4cGlyeSI6MTY4NDg4NjM5OSwiaXNTdWJkb21haW4iOnRydWUsImlzVGhpcmRQYXJ0eSI6dHJ1ZX0=
server: cloudflare

GET
H3 200 l
gfhft42.pages.dev/fd/ls/ 0
618 B 59ms
59ms Image
text/plain 2606:4700:310c::ac42:2cab
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://gfhft42.pages.dev/fd/ls/l?IG=A740243CE30E46BBBA7D59C66EA1ACC9&CID=160DF516170E609206A8E02516B06190&TYPE=Event.ClientInst&DATA=%5B%7B%22func%22%3A%22useFetch%22%2C%22url%22%3A%22%2Fhp%2Fapi%2Fv1%2Fcarousel%3F%26format%3Djson%26ecount%3D24%26efirst%3D0%26%22%2C%22format%22%3A%22json%22%2C%22time%22%3A559%2C%22T%22%3A%22CI.Data%22%2C%22TS%22%3A1731215827951%2C%22Name%22%3A%22parsed%22%2C%22FID%22%3A%22HP%22%7D%5D
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:310c::ac42:2cab , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://gfhft42.pages.dev/

Response headers

x-cdn-traceid: 0.02d01702.1731215827.1d1648f2
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=9FeJ%2Bmrd0M3IjrmbLiM7rD89DiYwt937%2Bf3pmIrOjNvpD3ByK7vuORM9w3AGRUXTyGVaQBCMkb70IZ9vKIWYPblIuCuJYQ48EUN19eeJb2LXW%2FWbiU%2F4gs8aPgtA2TCaOGw9YGUaqfINPTLGWP4w4A%3D%3D"}],"group":"cf-nel","max_age":604800}
cf-ray: 8e03930cbd0cbba3-FRA
access-control-allow-origin: *
alt-svc: h3=":443"; ma=86400
content-length: 0
server-timing: cfL4;desc="?proto=QUIC&rtt=6710&sent=589&recv=170&lost=0&retrans=0&sent_bytes=615587&recv_bytes=48369&delivery_rate=2405683&cwnd=183600&unsent_bytes=0&cid=f2d8158537210ecc&ts=4861&x=1", cfHdrFlush;dur=0
date: Sun, 10 Nov 2024 05:17:08 GMT
vary: Accept-Encoding
server: cloudflare

GET
H3 200 l
gfhft42.pages.dev/fd/ls/ 0
618 B 73ms
72ms Image
text/plain 2606:4700:310c::ac42:2cab
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://gfhft42.pages.dev/fd/ls/l?IG=A740243CE30E46BBBA7D59C66EA1ACC9&CID=160DF516170E609206A8E02516B06190&TYPE=Event.ClientInst&DATA=%5B%7B%22func%22%3A%22useFetch%22%2C%22url%22%3A%22%2Fhp%2Fapi%2Fv1%2Ftrivia%3Fformat%3Djson%26id%3DHPQuiz_20241110_YucatanFlamingos%26%22%2C%22format%22%3A%22json%22%2C%22time%22%3A559%2C%22T%22%3A%22CI.Data%22%2C%22TS%22%3A1731215827951%2C%22Name%22%3A%22parsed%22%2C%22FID%22%3A%22HP%22%7D%5D
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:310c::ac42:2cab , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://gfhft42.pages.dev/

Response headers

x-cdn-traceid: 0.15d01702.1731215827.78ac4bf
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=C2qvq6LVyZ1XfqZZwLXLBeES3xIbDNdSlsOxm8%2BNb7wPG8hMtttYxOdeezLPFj5wodfO5MmAW7%2BkiEC572IxB64j4eDL0wWO3Fo2NecB4wZgcZrVku%2BHCzE9jzbx2oSo28cHorwArf9NXjyKorCKWw%3D%3D"}],"group":"cf-nel","max_age":604800}
cf-ray: 8e03930cbd0dbba3-FRA
access-control-allow-origin: *
alt-svc: h3=":443"; ma=86400
content-length: 0
server-timing: cfL4;desc="?proto=QUIC&rtt=6560&sent=898&recv=189&lost=0&retrans=0&sent_bytes=971436&recv_bytes=49224&delivery_rate=21994340&cwnd=304800&unsent_bytes=0&cid=f2d8158537210ecc&ts=4871&x=1", cfHdrFlush;dur=0
date: Sun, 10 Nov 2024 05:17:08 GMT
vary: Accept-Encoding
server: cloudflare

GET
H2 200 n21aGRCN5EKHB3qObygw029dyNU.br.js Show response
r.bing.com/rp/ 2 KB
0 0ms
0ms Script
text/javascript 2a02:26f0:480:36::212:4016
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://r.bing.com/rp/n21aGRCN5EKHB3qObygw029dyNU.br.js
Requested by: Host: gfhft42.pages.dev
URL: https://gfhft42.pages.dev/rp/oocd_GLJp7OiNEvIPidegylCzYE.br.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:480:36::212:4016 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash: 04a007926a68bb33e36202eb27f53882af7fd009c1ec3ad7177fba380a5fb96f

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin: https://gfhft42.pages.dev
Referer: https://gfhft42.pages.dev/

Response headers

content-md5: hRrTe9xFPcEQGLGPgVvjhw==
content-encoding: br
x-ms-version: 2009-09-19
etag: 0x8DCDC66220B7293
x-ms-lease-status: unlocked
report-to: {"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://aefd.nelreports.net/api/report?cat=bingaotak"}]}
expires: Mon, 11 Nov 2024 07:58:21 GMT
alt-svc: h3=":443"; ma=93600
date: Sun, 10 Nov 2024 05:17:07 GMT
last-modified: Tue, 24 Sep 2024 06:57:19 GMT
content-type: text/javascript; charset=utf-8
cache-control: public, no-transform, max-age=96074
timing-allow-origin: *
nel: {"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":1.0}
x-ms-request-id: 4f538754-801e-000b-56d9-15f2e4000000
access-control-allow-origin: *
content-length: 806
akamai-grn: 0.56b31402.1731215827.16309133
x-ms-blob-type: BlockBlob
server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0

GET
H3 200 th
gfhft42.pages.dev/ 44 KB
45 KB 38ms
38ms Image
image/png 2606:4700:310c::ac42:2cab
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://gfhft42.pages.dev/th?id=OPN.RTNews_9RSlwlcegBsTNnqhQNKBIA&w=186&h=88&c=7&rs=2&qlt=80&pid=PopNow
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:310c::ac42:2cab , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 48ab43ba6d5ed8b585f8575c86f6a11e16311ab97ddd4fcf93288f01fb691a9b

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://gfhft42.pages.dev/

Response headers

cf-cache-status: DYNAMIC
report-to: {"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://aefd.nelreports.net/api/report?cat=bingth&ndcParam=QWthbWFp"}]}
access-control-allow-methods: GET, POST, OPTIONS
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=6485&sent=456&recv=161&lost=0&retrans=0&sent_bytes=462462&recv_bytes=47494&delivery_rate=62112&cwnd=136800&unsent_bytes=0&cid=f2d8158537210ecc&ts=4856&x=1", cfHdrFlush;dur=0
date: Sun, 10 Nov 2024 05:17:07 GMT
content-type: image/png
vary: Accept-Encoding
access-control-allow-headers: *
cache-control: public, max-age=2592000
nel: {"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":1.0}
timing-allow-origin: *
x-cdn-traceid: 0.15d01702.1731215827.78ac4bc
cf-ray: 8e03930ccd15bba3-FRA
access-control-allow-origin: *
content-length: 45474
server: cloudflare

GET
H3 200 th
gfhft42.pages.dev/ 34 KB
34 KB 35ms
33ms Image
image/png 2606:4700:310c::ac42:2cab
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://gfhft42.pages.dev/th?id=OPN.RTNews_MrJ5BmxrqyF6aYlUfW5V2A&w=186&h=88&c=7&rs=2&qlt=80&pid=PopNow
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:310c::ac42:2cab , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: acf35a6e6ebf6cc558d38f00a62807fbaa4de983055426ecfe1a450644f2a6c3

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://gfhft42.pages.dev/

Response headers

cf-cache-status: DYNAMIC
report-to: {"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://aefd.nelreports.net/api/report?cat=bingth&ndcParam=QWthbWFp"}]}
access-control-allow-methods: GET, POST, OPTIONS
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=6555&sent=385&recv=160&lost=0&retrans=0&sent_bytes=380543&recv_bytes=47449&delivery_rate=43304&cwnd=136800&unsent_bytes=0&cid=f2d8158537210ecc&ts=4851&x=1", cfHdrFlush;dur=0
date: Sun, 10 Nov 2024 05:17:07 GMT
content-type: image/png
vary: Accept-Encoding
access-control-allow-headers: *
cache-control: public, max-age=2592000
nel: {"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":1.0}
timing-allow-origin: *
x-cdn-traceid: 0.3bd01702.1731215827.13bdd230
cf-ray: 8e03930ccd16bba3-FRA
access-control-allow-origin: *
content-length: 34471
server: cloudflare

GET
H3 200 th
gfhft42.pages.dev/ 42 KB
43 KB 53ms
50ms Image
image/png 2606:4700:310c::ac42:2cab
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://gfhft42.pages.dev/th?id=OPN.RTNews_CMcMlShDLQikbYP21X0kig&w=186&h=88&c=7&rs=2&qlt=80&pid=PopNow
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:310c::ac42:2cab , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3f82b79015592b102db1a3baa4e33a152cceb2f7d41f539b0b24b34be3b7261d

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://gfhft42.pages.dev/

Response headers

cf-cache-status: DYNAMIC
report-to: {"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://aefd.nelreports.net/api/report?cat=bingth&ndcParam=QWthbWFp"}]}
access-control-allow-methods: GET, POST, OPTIONS
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=6565&sent=657&recv=175&lost=0&retrans=0&sent_bytes=693193&recv_bytes=48594&delivery_rate=16508936&cwnd=183600&unsent_bytes=0&cid=f2d8158537210ecc&ts=4864&x=1", cfHdrFlush;dur=0
date: Sun, 10 Nov 2024 05:17:08 GMT
content-type: image/png
vary: Accept-Encoding
access-control-allow-headers: *
cache-control: public, max-age=2592000
nel: {"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":1.0}
timing-allow-origin: *
x-cdn-traceid: 0.3dd01702.1731215827.755e5ba
cf-ray: 8e03930ccd17bba3-FRA
access-control-allow-origin: *
content-length: 42985
server: cloudflare

GET
H3 200 th
gfhft42.pages.dev/ 47 KB
48 KB 52ms
49ms Image
image/png 2606:4700:310c::ac42:2cab
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://gfhft42.pages.dev/th?id=OPN.RTNews_7S7RySkKhEMuvig5fACnwg&w=186&h=88&c=7&rs=2&qlt=80&pid=PopNow
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:310c::ac42:2cab , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7767d90aeae41a14cf3e4f8029dbe42598766bf02df77700c4068620b8539deb

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://gfhft42.pages.dev/

Response headers

cf-cache-status: DYNAMIC
report-to: {"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://aefd.nelreports.net/api/report?cat=bingth&ndcParam=QWthbWFp"}]}
access-control-allow-methods: GET, POST, OPTIONS
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=6565&sent=605&recv=175&lost=0&retrans=0&sent_bytes=632119&recv_bytes=48594&delivery_rate=16508936&cwnd=183600&unsent_bytes=0&cid=f2d8158537210ecc&ts=4863&x=1", cfHdrFlush;dur=0
date: Sun, 10 Nov 2024 05:17:08 GMT
content-type: image/png
vary: Accept-Encoding
access-control-allow-headers: *
cache-control: public, max-age=2592000
nel: {"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":1.0}
timing-allow-origin: *
x-cdn-traceid: 0.15d01702.1731215827.78ac4c3
cf-ray: 8e03930ccd18bba3-FRA
access-control-allow-origin: *
content-length: 48626
server: cloudflare

GET
H3 200 th
gfhft42.pages.dev/ 42 KB
43 KB 36ms
33ms Image
image/png 2606:4700:310c::ac42:2cab
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://gfhft42.pages.dev/th?id=OPN.RTNews_bCJ5IXnrIhS4qJVvS8oYQw&w=186&h=88&c=7&rs=2&qlt=80&pid=PopNow
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:310c::ac42:2cab , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0baa339c64fa0e698c90f8ef5bfcee39682c17f3241c25147e17d37b6eb44fb4

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://gfhft42.pages.dev/

Response headers

cf-cache-status: DYNAMIC
report-to: {"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://aefd.nelreports.net/api/report?cat=bingth&ndcParam=QWthbWFp"}]}
access-control-allow-methods: GET, POST, OPTIONS
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=6555&sent=417&recv=160&lost=0&retrans=0&sent_bytes=417749&recv_bytes=47449&delivery_rate=43304&cwnd=136800&unsent_bytes=0&cid=f2d8158537210ecc&ts=4852&x=1", cfHdrFlush;dur=0
date: Sun, 10 Nov 2024 05:17:07 GMT
content-type: image/png
vary: Accept-Encoding
access-control-allow-headers: *
cache-control: public, max-age=2592000
nel: {"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":1.0}
timing-allow-origin: *
x-cdn-traceid: 0.15d01702.1731215827.78ac4c4
cf-ray: 8e03930ccd1abba3-FRA
access-control-allow-origin: *
content-length: 43110
server: cloudflare

GET
H3 200 th
gfhft42.pages.dev/ 53 KB
53 KB 52ms
49ms Image
image/png 2606:4700:310c::ac42:2cab
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://gfhft42.pages.dev/th?id=OPN.RTNews_FYH9MBzTQtLmJwKk68Xd5A&w=186&h=88&c=7&rs=2&qlt=80&pid=PopNow
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:310c::ac42:2cab , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2d5a0048e3c18238c1d20834300da0113b2701cf121107eb69994c0d8f301c1d

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://gfhft42.pages.dev/

Response headers

cf-cache-status: DYNAMIC
report-to: {"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://aefd.nelreports.net/api/report?cat=bingth&ndcParam=QWthbWFp"}]}
access-control-allow-methods: GET, POST, OPTIONS
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=6710&sent=591&recv=170&lost=0&retrans=0&sent_bytes=617429&recv_bytes=48369&delivery_rate=2405683&cwnd=183600&unsent_bytes=0&cid=f2d8158537210ecc&ts=4861&x=1", cfHdrFlush;dur=0
date: Sun, 10 Nov 2024 05:17:08 GMT
content-type: image/png
vary: Accept-Encoding
access-control-allow-headers: *
cache-control: public, max-age=2592000
nel: {"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":1.0}
timing-allow-origin: *
x-cdn-traceid: 0.3bd01702.1731215827.13bdd239
cf-ray: 8e03930ccd1cbba3-FRA
access-control-allow-origin: *
content-length: 54185
server: cloudflare

GET
H3 200 th
gfhft42.pages.dev/ 46 KB
47 KB 41ms
38ms Image
image/png 2606:4700:310c::ac42:2cab
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://gfhft42.pages.dev/th?id=OPN.RTNews_u99MnOxdl5O3UoAWZN29Cg&w=186&h=88&c=7&rs=2&qlt=80&pid=PopNow
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:310c::ac42:2cab , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 63fe4b5d74d906b6d61760f2d11348510302c3dedbd8b0bb8c66c82a55c8b7cc

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://gfhft42.pages.dev/

Response headers

cf-cache-status: DYNAMIC
report-to: {"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://aefd.nelreports.net/api/report?cat=bingth&ndcParam=QWthbWFp"}]}
access-control-allow-methods: GET, POST, OPTIONS
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=6471&sent=497&recv=162&lost=0&retrans=0&sent_bytes=509593&recv_bytes=47538&delivery_rate=57634&cwnd=136800&unsent_bytes=0&cid=f2d8158537210ecc&ts=4857&x=1", cfHdrFlush;dur=0
date: Sun, 10 Nov 2024 05:17:07 GMT
content-type: image/png
vary: Accept-Encoding
access-control-allow-headers: *
cache-control: public, max-age=2592000
nel: {"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":1.0}
timing-allow-origin: *
x-cdn-traceid: 0.16d01702.1731215827.6e2fb63
cf-ray: 8e03930ccd1dbba3-FRA
access-control-allow-origin: *
content-length: 47060
server: cloudflare

GET
H3 200 th
gfhft42.pages.dev/ 40 KB
41 KB 43ms
40ms Image
image/png 2606:4700:310c::ac42:2cab
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://gfhft42.pages.dev/th?id=OPN.RTNews_L_hLoyt2BPL-l1ogI2d1Pw&w=186&h=88&c=7&rs=2&qlt=80&pid=PopNow
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:310c::ac42:2cab , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b8878944d3c11b5587da4709cc04fe8469102ee6ecbda392d4b4455538d5805e

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://gfhft42.pages.dev/

Response headers

cf-cache-status: DYNAMIC
report-to: {"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://aefd.nelreports.net/api/report?cat=bingth&ndcParam=QWthbWFp"}]}
access-control-allow-methods: GET, POST, OPTIONS
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=6396&sent=540&recv=166&lost=0&retrans=0&sent_bytes=558378&recv_bytes=47714&delivery_rate=1373298&cwnd=183600&unsent_bytes=0&cid=f2d8158537210ecc&ts=4859&x=1", cfHdrFlush;dur=0
date: Sun, 10 Nov 2024 05:17:07 GMT
content-type: image/png
vary: Accept-Encoding
access-control-allow-headers: *
cache-control: public, max-age=2592000
nel: {"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":1.0}
timing-allow-origin: *
x-cdn-traceid: 0.16d01702.1731215827.6e2fb69
cf-ray: 8e03930ccd1ebba3-FRA
access-control-allow-origin: *
content-length: 41014
server: cloudflare

GET
H3 200 th
gfhft42.pages.dev/ 45 KB
45 KB 56ms
53ms Image
image/png 2606:4700:310c::ac42:2cab
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://gfhft42.pages.dev/th?id=OPN.RTNews__i59oHpGozUsRz9d5pynbQ&w=186&h=88&c=7&rs=2&qlt=80&pid=PopNow
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:310c::ac42:2cab , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: cce4730b635dfb240085ec6abd2344345d9e94f979e580f87ec8356a8e8721f6

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://gfhft42.pages.dev/

Response headers

cf-cache-status: DYNAMIC
report-to: {"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://aefd.nelreports.net/api/report?cat=bingth&ndcParam=QWthbWFp"}]}
access-control-allow-methods: GET, POST, OPTIONS
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=6611&sent=736&recv=179&lost=0&retrans=0&sent_bytes=784386&recv_bytes=48774&delivery_rate=13434993&cwnd=229200&unsent_bytes=0&cid=f2d8158537210ecc&ts=4866&x=1", cfHdrFlush;dur=0
date: Sun, 10 Nov 2024 05:17:08 GMT
content-type: image/png
vary: Accept-Encoding
access-control-allow-headers: *
cache-control: public, max-age=2592000
nel: {"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":1.0}
timing-allow-origin: *
x-cdn-traceid: 0.39d01702.1731215827.1b1cbcfb
cf-ray: 8e03930ccd20bba3-FRA
access-control-allow-origin: *
content-length: 45795
server: cloudflare

GET
H3 203 th
gfhft42.pages.dev/ 2 B
702 B 35ms
32ms Image
text/xml 2606:4700:310c::ac42:2cab
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://gfhft42.pages.dev/th?id=OPN.RTNews_EGevbQREOoju89KrMHlN1g&w=186&h=88&c=7&rs=2&qlt=80&pid=PopNow
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:310c::ac42:2cab , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://gfhft42.pages.dev/

Response headers

cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=jzLvbiPj7opsfBK9irIJReKTvOw1nCZ2DYux24mtOP8z49OMmF%2FzzECFGC39RLRGyBiq8F1%2BTeIxakMP3jcjRLU%2FOFxGiaxvFBIu%2BDQlRsTBAuWDLBh6e7vrmkZ9Z00WiE5TRdmc%2FChWNxIt3ejNBw%3D%3D"}],"group":"cf-nel","max_age":604800}
expires: 0
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=6555&sent=385&recv=160&lost=0&retrans=0&sent_bytes=380543&recv_bytes=47449&delivery_rate=43304&cwnd=136800&unsent_bytes=0&cid=f2d8158537210ecc&ts=4851&x=1", cfHdrFlush;dur=0
date: Sun, 10 Nov 2024 05:17:07 GMT
content-type: text/xml
vary: Accept-Encoding
cache-control: no-cache, no-store, must-revalidate
x-cdn-traceid: 0.33d01702.1731215827.10e82c51
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
pragma: no-cache
cf-ray: 8e03930ccd21bba3-FRA
mime-version: 1.0
content-length: 2
server: cloudflare

GET
H3 200 th
gfhft42.pages.dev/ 33 KB
34 KB 47ms
45ms Image
image/png 2606:4700:310c::ac42:2cab
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://gfhft42.pages.dev/th?id=OPN.RTNews_OUx-Pg2vUBpBMUrkIkuKVQ&w=186&h=88&c=7&rs=2&qlt=80&pid=PopNow
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:310c::ac42:2cab , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d06ebe9f300384efacd12100d077c356b8ac452c60c11ed2a16985ffbfcdcc66

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://gfhft42.pages.dev/

Response headers

cf-cache-status: DYNAMIC
report-to: {"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://aefd.nelreports.net/api/report?cat=bingth&ndcParam=QWthbWFp"}]}
access-control-allow-methods: GET, POST, OPTIONS
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=6396&sent=533&recv=166&lost=0&retrans=0&sent_bytes=550386&recv_bytes=47714&delivery_rate=1373298&cwnd=183600&unsent_bytes=0&cid=f2d8158537210ecc&ts=4858&x=1", cfHdrFlush;dur=0
date: Sun, 10 Nov 2024 05:17:07 GMT
content-type: image/png
vary: Accept-Encoding
access-control-allow-headers: *
cache-control: public, max-age=2592000
nel: {"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":1.0}
timing-allow-origin: *
x-cdn-traceid: 0.15d01702.1731215827.78ac4c9
cf-ray: 8e03930ccd22bba3-FRA
access-control-allow-origin: *
content-length: 34044
server: cloudflare

GET
H3 200 th
gfhft42.pages.dev/ 47 KB
47 KB 71ms
69ms Image
image/png 2606:4700:310c::ac42:2cab
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://gfhft42.pages.dev/th?id=OPN.RTNews_ILCAihrV8ZgTPPI1FdwrgA&w=186&h=88&c=7&rs=2&qlt=80&pid=PopNow
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:310c::ac42:2cab , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 904176d5eed3e702517406d78ba2dfdbd70f78da890e9cf032406ac53edbcd6d

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://gfhft42.pages.dev/

Response headers

cf-cache-status: DYNAMIC
report-to: {"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://aefd.nelreports.net/api/report?cat=bingth&ndcParam=QWthbWFp"}]}
access-control-allow-methods: GET, POST, OPTIONS
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=10920&sent=1057&recv=210&lost=0&retrans=0&sent_bytes=1154542&recv_bytes=50179&delivery_rate=23618798&cwnd=393600&unsent_bytes=0&cid=f2d8158537210ecc&ts=4881&x=1", cfHdrFlush;dur=0
date: Sun, 10 Nov 2024 05:17:08 GMT
content-type: image/png
vary: Accept-Encoding
access-control-allow-headers: *
cache-control: public, max-age=2592000
nel: {"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":1.0}
timing-allow-origin: *
x-cdn-traceid: 0.3dd01702.1731215827.755e5bf
cf-ray: 8e03930ccd25bba3-FRA
access-control-allow-origin: *
content-length: 47645
server: cloudflare

GET
H3 200 th
gfhft42.pages.dev/ 41 KB
42 KB 57ms
54ms Image
image/png 2606:4700:310c::ac42:2cab
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://gfhft42.pages.dev/th?id=OPN.RTNews_j6ooQhYqcUznlRMUVJpN2Q&w=186&h=88&c=7&rs=2&qlt=80&pid=PopNow
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:310c::ac42:2cab , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 97340d9eccbe1941717f3c40491e15a848abbcf4ccc25e5ee13dbd78e1993f7c

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://gfhft42.pages.dev/

Response headers

cf-cache-status: DYNAMIC
report-to: {"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://aefd.nelreports.net/api/report?cat=bingth&ndcParam=QWthbWFp"}]}
access-control-allow-methods: GET, POST, OPTIONS
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=6710&sent=601&recv=170&lost=0&retrans=0&sent_bytes=629429&recv_bytes=48369&delivery_rate=2405683&cwnd=183600&unsent_bytes=0&cid=f2d8158537210ecc&ts=4862&x=1", cfHdrFlush;dur=0
date: Sun, 10 Nov 2024 05:17:08 GMT
content-type: image/png
vary: Accept-Encoding
access-control-allow-headers: *
cache-control: public, max-age=2592000
nel: {"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":1.0}
timing-allow-origin: *
x-cdn-traceid: 0.15d01702.1731215827.78ac4cd
cf-ray: 8e03930ccd27bba3-FRA
access-control-allow-origin: *
content-length: 42409
server: cloudflare

GET
H3 200 th
gfhft42.pages.dev/ 46 KB
46 KB 59ms
57ms Image
image/png 2606:4700:310c::ac42:2cab
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://gfhft42.pages.dev/th?id=OPN.RTNews_TZkLmvTruh2MiegsR7ijMA&w=186&h=88&c=7&rs=2&qlt=80&pid=PopNow
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:310c::ac42:2cab , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ece56ee3b84bc191bcf0720255b59798c9be50d4d23e96a730f1d14f5873052f

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://gfhft42.pages.dev/

Response headers

cf-cache-status: DYNAMIC
report-to: {"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://aefd.nelreports.net/api/report?cat=bingth&ndcParam=QWthbWFp"}]}
access-control-allow-methods: GET, POST, OPTIONS
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=6673&sent=550&recv=169&lost=0&retrans=0&sent_bytes=570378&recv_bytes=48278&delivery_rate=2260857&cwnd=183600&unsent_bytes=0&cid=f2d8158537210ecc&ts=4860&x=1", cfHdrFlush;dur=0
date: Sun, 10 Nov 2024 05:17:07 GMT
content-type: image/png
vary: Accept-Encoding
access-control-allow-headers: *
cache-control: public, max-age=2592000
nel: {"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":1.0}
timing-allow-origin: *
x-cdn-traceid: 0.39d01702.1731215827.1b1cbcf7
cf-ray: 8e03930ccd2bbba3-FRA
access-control-allow-origin: *
content-length: 46609
server: cloudflare

GET
H3 200 th
gfhft42.pages.dev/ 49 KB
50 KB 61ms
59ms Image
image/png 2606:4700:310c::ac42:2cab
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://gfhft42.pages.dev/th?id=OPN.RTNews_KHso69I_W3CaQaQF7iIovw&w=186&h=88&c=7&rs=2&qlt=80&pid=PopNow
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:310c::ac42:2cab , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7982cc778e2e492587af7a6ae279201d27cba6b3cffc130276c897a9c980e0e8

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://gfhft42.pages.dev/

Response headers

cf-cache-status: DYNAMIC
report-to: {"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://aefd.nelreports.net/api/report?cat=bingth&ndcParam=QWthbWFp"}]}
access-control-allow-methods: GET, POST, OPTIONS
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=6489&sent=877&recv=188&lost=0&retrans=0&sent_bytes=947436&recv_bytes=49179&delivery_rate=20313704&cwnd=292800&unsent_bytes=0&cid=f2d8158537210ecc&ts=4870&x=1", cfHdrFlush;dur=0
date: Sun, 10 Nov 2024 05:17:08 GMT
content-type: image/png
vary: Accept-Encoding
access-control-allow-headers: *
cache-control: public, max-age=2592000
nel: {"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":1.0}
timing-allow-origin: *
x-cdn-traceid: 0.39d01702.1731215827.1b1cbd01
cf-ray: 8e03930ccd2cbba3-FRA
access-control-allow-origin: *
content-length: 50159
server: cloudflare

GET
H3 200 th
gfhft42.pages.dev/ 37 KB
37 KB 73ms
71ms Image
image/png 2606:4700:310c::ac42:2cab
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://gfhft42.pages.dev/th?id=OPN.RTNews_UNS6kspEndPXmv8Ac8h1Lg&w=186&h=88&c=7&rs=2&qlt=80&pid=PopNow
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:310c::ac42:2cab , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 80e84dc68cd83251cfc543bcaf4dd4fba1ee3a8e6584c90e7e050260515416e2

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://gfhft42.pages.dev/

Response headers

cf-cache-status: DYNAMIC
report-to: {"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://aefd.nelreports.net/api/report?cat=bingth&ndcParam=QWthbWFp"}]}
access-control-allow-methods: GET, POST, OPTIONS
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=6673&sent=550&recv=169&lost=0&retrans=0&sent_bytes=570378&recv_bytes=48278&delivery_rate=2260857&cwnd=183600&unsent_bytes=0&cid=f2d8158537210ecc&ts=4860&x=1", cfHdrFlush;dur=0
date: Sun, 10 Nov 2024 05:17:07 GMT
content-type: image/png
vary: Accept-Encoding
access-control-allow-headers: *
cache-control: public, max-age=2592000
nel: {"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":1.0}
timing-allow-origin: *
x-cdn-traceid: 0.0cd01702.1731215827.16b0fe9c
cf-ray: 8e03930ccd2dbba3-FRA
access-control-allow-origin: *
content-length: 37764
server: cloudflare

GET
H3 200 th
gfhft42.pages.dev/ 53 KB
54 KB 63ms
61ms Image
image/png 2606:4700:310c::ac42:2cab
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://gfhft42.pages.dev/th?id=OPN.RTNews_jzYanziG7XGeqJn0KSh9-w&w=186&h=88&c=7&rs=2&qlt=80&pid=PopNow
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:310c::ac42:2cab , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 29996d18fe8a760be8ca04f8d9de245e8999cdf6efcfac0f2cccfbc9cf35bf4c

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://gfhft42.pages.dev/

Response headers

cf-cache-status: DYNAMIC
report-to: {"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://aefd.nelreports.net/api/report?cat=bingth&ndcParam=QWthbWFp"}]}
access-control-allow-methods: GET, POST, OPTIONS
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=6565&sent=603&recv=175&lost=0&retrans=0&sent_bytes=630276&recv_bytes=48594&delivery_rate=16508936&cwnd=183600&unsent_bytes=0&cid=f2d8158537210ecc&ts=4863&x=1", cfHdrFlush;dur=0
date: Sun, 10 Nov 2024 05:17:08 GMT
content-type: image/png
vary: Accept-Encoding
access-control-allow-headers: *
cache-control: public, max-age=2592000
nel: {"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":1.0}
timing-allow-origin: *
x-cdn-traceid: 0.15d01702.1731215827.78ac4d2
cf-ray: 8e03930ccd2ebba3-FRA
access-control-allow-origin: *
content-length: 54527
server: cloudflare

GET
H3 200 th
gfhft42.pages.dev/ 51 KB
51 KB 75ms
73ms Image
image/png 2606:4700:310c::ac42:2cab
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://gfhft42.pages.dev/th?id=OPN.RTNews_Iyaff3X866K3jVVSqfmHjg&w=186&h=88&c=7&rs=2&qlt=80&pid=PopNow
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:310c::ac42:2cab , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0e83502c07bd4e46b3681a468d0eeab4fb9dde6bb58c777b42f7770a58362175

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://gfhft42.pages.dev/

Response headers

cf-cache-status: DYNAMIC
report-to: {"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://aefd.nelreports.net/api/report?cat=bingth&ndcParam=QWthbWFp"}]}
access-control-allow-methods: GET, POST, OPTIONS
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=11470&sent=1133&recv=226&lost=33&retrans=33&sent_bytes=1241778&recv_bytes=50915&delivery_rate=27097039&cwnd=275520&unsent_bytes=0&cid=f2d8158537210ecc&ts=4887&x=1", cfHdrFlush;dur=0
date: Sun, 10 Nov 2024 05:17:08 GMT
content-type: image/png
vary: Accept-Encoding
access-control-allow-headers: *
cache-control: public, max-age=2592000
nel: {"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":1.0}
timing-allow-origin: *
x-cdn-traceid: 0.02d01702.1731215828.1d164921
cf-ray: 8e03930ccd30bba3-FRA
access-control-allow-origin: *
content-length: 52016
server: cloudflare

GET
H3 200 th
gfhft42.pages.dev/ 51 KB
52 KB 68ms
66ms Image
image/png 2606:4700:310c::ac42:2cab
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://gfhft42.pages.dev/th?id=OPN.RTNews_xrXPOKghP4WhIxB_JFmZug&w=186&h=88&c=7&rs=2&qlt=80&pid=PopNow
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:310c::ac42:2cab , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: bb1a08ed626350a76cd1e2f9a79da222602aac8bf22f6884c271faeb8eac47dc

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://gfhft42.pages.dev/

Response headers

cf-cache-status: DYNAMIC
report-to: {"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://aefd.nelreports.net/api/report?cat=bingth&ndcParam=QWthbWFp"}]}
access-control-allow-methods: GET, POST, OPTIONS
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=6551&sent=756&recv=180&lost=0&retrans=0&sent_bytes=807978&recv_bytes=48819&delivery_rate=9887052&cwnd=241200&unsent_bytes=0&cid=f2d8158537210ecc&ts=4867&x=1", cfHdrFlush;dur=0
date: Sun, 10 Nov 2024 05:17:08 GMT
content-type: image/png
vary: Accept-Encoding
access-control-allow-headers: *
cache-control: public, max-age=2592000
nel: {"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":1.0}
timing-allow-origin: *
x-cdn-traceid: 0.05d01702.1731215827.867b21a
cf-ray: 8e03930ccd32bba3-FRA
access-control-allow-origin: *
content-length: 52714
server: cloudflare

GET
H3 203 th
gfhft42.pages.dev/ 2 B
704 B 79ms
77ms Image
text/xml 2606:4700:310c::ac42:2cab
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://gfhft42.pages.dev/th?id=OPN.RTNews_C6hKVl4gwFQ9MQHIepbYrQ&w=186&h=88&c=7&rs=2&qlt=80&pid=PopNow
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:310c::ac42:2cab , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://gfhft42.pages.dev/

Response headers

cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=z7XHhZ7j84cKYRoZgkJ%2Fum1FpI%2B9pIdjXHoTnLdvVoRPQoz4ESuTNWaZnXKzFDMq5mSS3d0MF3mMFGIMVEJS4huJHqBDkzczmz%2FDdq%2FD6aq52VPQ1ndR5aFkblrnRoF9ULgKvBTlmK2GNgnjcM2RzQ%3D%3D"}],"group":"cf-nel","max_age":604800}
expires: 0
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=6565&sent=603&recv=175&lost=0&retrans=0&sent_bytes=630276&recv_bytes=48594&delivery_rate=16508936&cwnd=183600&unsent_bytes=0&cid=f2d8158537210ecc&ts=4863&x=1", cfHdrFlush;dur=0
date: Sun, 10 Nov 2024 05:17:08 GMT
content-type: text/xml
vary: Accept-Encoding
cache-control: no-cache, no-store, must-revalidate
x-cdn-traceid: 0.02d01702.1731215827.1d16490a
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
pragma: no-cache
cf-ray: 8e03930ccd34bba3-FRA
mime-version: 1.0
content-length: 2
server: cloudflare

GET
H3 200 l
gfhft42.pages.dev/fd/ls/ 0
625 B 84ms
82ms Image
text/plain 2606:4700:310c::ac42:2cab
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://gfhft42.pages.dev/fd/ls/l?IG=A740243CE30E46BBBA7D59C66EA1ACC9&CID=160DF516170E609206A8E02516B06190&TYPE=Event.ClientInst&DATA=%5B%7B%22func%22%3A%22useFetch%22%2C%22url%22%3A%22%2Fhp%2Fapi%2Fmodel%22%2C%22format%22%3A%22json%22%2C%22time%22%3A570%2C%22T%22%3A%22CI.Data%22%2C%22TS%22%3A1731215827963%2C%22Name%22%3A%22parsed%22%2C%22FID%22%3A%22HP%22%7D%5D
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:310c::ac42:2cab , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://gfhft42.pages.dev/

Response headers

x-cdn-traceid: 0.39d01702.1731215827.1b1cbd02
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=MLxof%2BZOUmYfwtVbnNNzkL%2B%2BKP0pAUXYndMFMVWyJe3YSd82ZgxqcLIjcCmNtacRB%2Fo3gw7Oo4C9aM8SNVFQ2j6R8UsW3X%2Bw89PPY%2FrMyzUIORc7tKXgkeGDtY7aaXS9b5OjjqC0s20wTJITOFz1WA%3D%3D"}],"group":"cf-nel","max_age":604800}
cf-ray: 8e03930ccd35bba3-FRA
access-control-allow-origin: *
alt-svc: h3=":443"; ma=86400
content-length: 0
server-timing: cfL4;desc="?proto=QUIC&rtt=10614&sent=1187&recv=249&lost=37&retrans=36&sent_bytes=1299072&recv_bytes=53711&delivery_rate=15058143&cwnd=275520&unsent_bytes=0&cid=f2d8158537210ecc&ts=4901&x=1", cfHdrFlush;dur=0
date: Sun, 10 Nov 2024 05:17:08 GMT
vary: Accept-Encoding
server: cloudflare

GET
H3 200 l
gfhft42.pages.dev/fd/ls/ 0
616 B 108ms
106ms Image
text/plain 2606:4700:310c::ac42:2cab
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://gfhft42.pages.dev/fd/ls/l?IG=A740243CE30E46BBBA7D59C66EA1ACC9&CID=160DF516170E609206A8E02516B06190&TYPE=Event.ClientInst&DATA=%5B%7B%22func%22%3A%22carousel%22%2C%22count%22%3A20%2C%22time%22%3A570%2C%22T%22%3A%22CI.Data%22%2C%22TS%22%3A1731215827963%2C%22Name%22%3A%22fetched%22%2C%22FID%22%3A%22HP%22%7D%5D
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:310c::ac42:2cab , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://gfhft42.pages.dev/

Response headers

x-cdn-traceid: 0.39d01702.1731215828.1b1cbd34
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=zhMycwIHAAx4iaFF48zYpio27Ny7seCvnCd5lvaESFFlU9fGUF7fDo7q%2FYbn89QE0z5JE4vP%2FhGhgUXlLsD4gzCppxKzpMaLyIFJ0TUZhh9sStkLhYMejFZrKaA3w16xiLeYTmPiGMpG0xp8LHCNLQ%3D%3D"}],"group":"cf-nel","max_age":604800}
cf-ray: 8e03930ccd36bba3-FRA
access-control-allow-origin: *
alt-svc: h3=":443"; ma=86400
content-length: 0
server-timing: cfL4;desc="?proto=QUIC&rtt=8479&sent=1200&recv=262&lost=37&retrans=36&sent_bytes=1305722&recv_bytes=58655&delivery_rate=61103&cwnd=275520&unsent_bytes=0&cid=f2d8158537210ecc&ts=4925&x=1", cfHdrFlush;dur=0
date: Sun, 10 Nov 2024 05:17:08 GMT
vary: Accept-Encoding
server: cloudflare

GET
H3 200 l
gfhft42.pages.dev/fd/ls/ 0
622 B 95ms
93ms Image
text/plain 2606:4700:310c::ac42:2cab
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://gfhft42.pages.dev/fd/ls/l?IG=A740243CE30E46BBBA7D59C66EA1ACC9&CID=160DF516170E609206A8E02516B06190&TYPE=Event.ClientInst&DATA=%5B%7B%22func%22%3A%22useFetch%22%2C%22url%22%3A%22%2Fhp%2Fapi%2Fv1%2Fmomentsintime%3Fformat%3Djson%26ssd%3D20241109_2300%26%22%2C%22format%22%3A%22json%22%2C%22time%22%3A571%2C%22T%22%3A%22CI.Data%22%2C%22TS%22%3A1731215827963%2C%22Name%22%3A%22requested%22%2C%22FID%22%3A%22HP%22%7D%5D
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:310c::ac42:2cab , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://gfhft42.pages.dev/

Response headers

x-cdn-traceid: 0.02d01702.1731215828.1d16492a
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=sAzoCql8%2FEn0zz9WGFkFDfiReVqluJdTXYURcbCe1TUnuGK6F%2Ffga8lr9gnl%2FZ5z4toZbLceH4xQGmK7rEz%2BK%2BOzNCDAbPWgbWd6Mp165RXpD8yLKjHtJlAho4XEy%2BIBeOG31YUolabFhDlu7fZviA%3D%3D"}],"group":"cf-nel","max_age":604800}
cf-ray: 8e03930ccd37bba3-FRA
access-control-allow-origin: *
alt-svc: h3=":443"; ma=86400
content-length: 0
server-timing: cfL4;desc="?proto=QUIC&rtt=9648&sent=1191&recv=251&lost=37&retrans=36&sent_bytes=1301659&recv_bytes=53800&delivery_rate=191461&cwnd=275520&unsent_bytes=0&cid=f2d8158537210ecc&ts=4910&x=1", cfHdrFlush;dur=0
date: Sun, 10 Nov 2024 05:17:08 GMT
vary: Accept-Encoding
server: cloudflare

GET
H3 200 l
gfhft42.pages.dev/fd/ls/ 0
625 B 85ms
83ms Image
text/plain 2606:4700:310c::ac42:2cab
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://gfhft42.pages.dev/fd/ls/l?IG=A740243CE30E46BBBA7D59C66EA1ACC9&CID=160DF516170E609206A8E02516B06190&TYPE=Event.ClientInst&DATA=%5B%7B%22func%22%3A%22useFetch%22%2C%22url%22%3A%22%2Fhp%2Fapi%2Fv1%2Fimagegallery%3Fformat%3Djson%26ssd%3D20241109_2300%26%22%2C%22format%22%3A%22json%22%2C%22time%22%3A571%2C%22T%22%3A%22CI.Data%22%2C%22TS%22%3A1731215827963%2C%22Name%22%3A%22requested%22%2C%22FID%22%3A%22HP%22%7D%5D
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:310c::ac42:2cab , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://gfhft42.pages.dev/

Response headers

x-cdn-traceid: 0.39d01702.1731215828.1b1cbd0e
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=wL9lBjDjAb%2BCVDTJoWRm1u8PQofoPVu4rnj6twFYxKqQUsmgxC0LUkWe69anD%2BzAjZwnFxPsM0hw6T22rDhai5fqJS%2FVQ5BVj1OF7wY23SXAQb8E1rOxgbxjFoB%2BrM1fvJhE%2B3OHJwDCScTp9Y%2FbBw%3D%3D"}],"group":"cf-nel","max_age":604800}
cf-ray: 8e03930ccd38bba3-FRA
access-control-allow-origin: *
alt-svc: h3=":443"; ma=86400
content-length: 0
server-timing: cfL4;desc="?proto=QUIC&rtt=10614&sent=1188&recv=249&lost=37&retrans=36&sent_bytes=1299721&recv_bytes=53711&delivery_rate=15058143&cwnd=275520&unsent_bytes=0&cid=f2d8158537210ecc&ts=4901&x=1", cfHdrFlush;dur=0
date: Sun, 10 Nov 2024 05:17:08 GMT
vary: Accept-Encoding
server: cloudflare

GET
H3 200 l
gfhft42.pages.dev/fd/ls/ 0
621 B 88ms
86ms Image
text/plain 2606:4700:310c::ac42:2cab
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://gfhft42.pages.dev/fd/ls/l?IG=A740243CE30E46BBBA7D59C66EA1ACC9&CID=160DF516170E609206A8E02516B06190&TYPE=Event.ClientInst&DATA=%5B%7B%22func%22%3A%22useFetch%22%2C%22url%22%3A%22%2Fhp%2Fapi%2Fv1%2Fcarousel%3F%26format%3Djson%26ecount%3D20%26efirst%3D0%26%26%22%2C%22format%22%3A%22json%22%2C%22time%22%3A571%2C%22T%22%3A%22CI.Data%22%2C%22TS%22%3A1731215827963%2C%22Name%22%3A%22parsed%22%2C%22FID%22%3A%22HP%22%7D%5D
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:310c::ac42:2cab , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://gfhft42.pages.dev/

Response headers

x-cdn-traceid: 0.05d01702.1731215828.867b22b
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=qjvcv%2BfPWuerFbcIt4Y2snmn73P5fPOk9%2BRSIo4qS2yyFFgE8XAv0pr8LO%2B1TBqojF6XXsufnLUm6vx26w2VqBwFhwl9Ho%2FKXz4obfpO6noAJRWDWqeIzDGs4Rqoso%2BOAkE1vfN0OqL670FVnYKhow%3D%3D"}],"group":"cf-nel","max_age":604800}
cf-ray: 8e03930ccd39bba3-FRA
access-control-allow-origin: *
alt-svc: h3=":443"; ma=86400
content-length: 0
server-timing: cfL4;desc="?proto=QUIC&rtt=10048&sent=1189&recv=250&lost=37&retrans=36&sent_bytes=1300370&recv_bytes=53756&delivery_rate=6497219&cwnd=275520&unsent_bytes=0&cid=f2d8158537210ecc&ts=4904&x=1", cfHdrFlush;dur=0
date: Sun, 10 Nov 2024 05:17:08 GMT
vary: Accept-Encoding
server: cloudflare

GET
H3 200 l
gfhft42.pages.dev/fd/ls/ 0
621 B 78ms
77ms Image
text/plain 2606:4700:310c::ac42:2cab
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://gfhft42.pages.dev/fd/ls/l?IG=A740243CE30E46BBBA7D59C66EA1ACC9&CID=160DF516170E609206A8E02516B06190&TYPE=Event.ClientInst&DATA=%5B%7B%22func%22%3A%22carousel%22%2C%22count%22%3A1%2C%22time%22%3A571%2C%22T%22%3A%22CI.Data%22%2C%22TS%22%3A1731215827964%2C%22Name%22%3A%22fetched%22%2C%22FID%22%3A%22HP%22%7D%5D
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:310c::ac42:2cab , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://gfhft42.pages.dev/

Response headers

x-cdn-traceid: 0.0cd01702.1731215828.16b0feaa
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=3JkG%2FJNWmSfoJzwrc1JmcMPZn0QM2RLDf9ADPeSKOxJOcpOP15vUzoDSxjr9RbTRZTyeuS6G02r9ejVtXlJEFkoMVzRxOTRLnwfkOIjQ3gBTPvtllHLbm%2Fh9rWiA6JyFC9KxayPmQKv29ZGb2cooYw%3D%3D"}],"group":"cf-nel","max_age":604800}
cf-ray: 8e03930ccd3bbba3-FRA
access-control-allow-origin: *
alt-svc: h3=":443"; ma=86400
content-length: 0
server-timing: cfL4;desc="?proto=QUIC&rtt=10951&sent=1183&recv=239&lost=37&retrans=36&sent_bytes=1298355&recv_bytes=51919&delivery_rate=15858894&cwnd=275520&unsent_bytes=0&cid=f2d8158537210ecc&ts=4895&x=1", cfHdrFlush;dur=0
date: Sun, 10 Nov 2024 05:17:08 GMT
vary: Accept-Encoding
server: cloudflare

GET
H3 200 f21jlSMmEDN43OaavcdaB-7Phq0.svg
r.bing.com/rp/ 1 KB
1 KB 9ms
9ms Image
image/svg+xml 2a02:26f0:480:36::212:4016
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://r.bing.com/rp/f21jlSMmEDN43OaavcdaB-7Phq0.svg
Protocol: H3
Security: QUIC, , AES_256_GCM
Server: 2a02:26f0:480:36::212:4016 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash: 006563db23523a6369d81fcfa6f3515f0317cf651d74024635d2bfbe694779b8

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://gfhft42.pages.dev/

Response headers

content-md5: XoNKd1w7P5P4P3xI5ShiVw==
x-ms-version: 2009-09-19
x-ms-lease-status: unlocked
etag: 0x8DCDC648095883C
report-to: {"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://aefd.nelreports.net/api/report?cat=bingaotak"}]}
expires: Tue, 12 Nov 2024 13:43:50 GMT
alt-svc: h3=":443"; ma=93600
date: Sun, 10 Nov 2024 05:17:07 GMT
last-modified: Tue, 24 Sep 2024 06:45:39 GMT
content-type: image/svg+xml
cache-control: public, no-transform, max-age=203203
timing-allow-origin: *
nel: {"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":1.0}
quic-version: 0x00000001
x-ms-request-id: 93bb0f37-701e-001e-0352-19307d000000
access-control-allow-origin: *
content-length: 1111
akamai-grn: 0.56b31402.1731215827.163093bb
x-ms-blob-type: BlockBlob
server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0

GET
H2 200 8CgcSSLayxEVUBf0swP_bQGMId8.br.js Show response
r.bing.com/rp/ 226 B
0 0ms
0ms Script
text/javascript 2a02:26f0:480:36::212:4016
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://r.bing.com/rp/8CgcSSLayxEVUBf0swP_bQGMId8.br.js
Requested by: Host: gfhft42.pages.dev
URL: https://gfhft42.pages.dev/rp/oocd_GLJp7OiNEvIPidegylCzYE.br.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:480:36::212:4016 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash: 8b4d85985e62c264c03c88b31e68dbabdcc9bd42f40032a43800902261ff373f

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin: https://gfhft42.pages.dev
Referer: https://gfhft42.pages.dev/

Response headers

content-md5: 0ApKmxnWdlgJ/r3VvxbmFQ==
content-encoding: br
x-ms-version: 2009-09-19
etag: 0x8DCDC5D2377F40E
x-ms-lease-status: unlocked
report-to: {"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://aefd.nelreports.net/api/report?cat=bingaotak"}]}
expires: Tue, 12 Nov 2024 15:31:44 GMT
alt-svc: h3=":443"; ma=93600
date: Sun, 10 Nov 2024 05:17:07 GMT
last-modified: Tue, 24 Sep 2024 05:52:56 GMT
content-type: text/javascript; charset=utf-8
cache-control: public, no-transform, max-age=209677
timing-allow-origin: *
nel: {"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":1.0}
x-ms-request-id: 900b7e4f-301e-0030-31d8-15b0ba000000
access-control-allow-origin: *
content-length: 156
akamai-grn: 0.56b31402.1731215827.16309134
x-ms-blob-type: BlockBlob
server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0

GET
H3 200 l
gfhft42.pages.dev/fd/ls/ 0
619 B 156ms
156ms Image
text/plain 2606:4700:310c::ac42:2cab
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://gfhft42.pages.dev/fd/ls/l?IG=A740243CE30E46BBBA7D59C66EA1ACC9&CID=160DF516170E609206A8E02516B06190&TYPE=Event.ClientInst&DATA=%5B%7B%22Count%22%3A20%2C%22time%22%3A577%2C%22T%22%3A%22CI.Show%22%2C%22TS%22%3A1731215827970%2C%22Name%22%3A%22ProactiveTrendingNowTiles%22%2C%22FID%22%3A%22HP%22%7D%5D
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:310c::ac42:2cab , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://gfhft42.pages.dev/

Response headers

x-cdn-traceid: 0.3dd01702.1731215828.755e5d8
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=UnS%2BcLrM9vxtTdIdbILoqzuVYNjaUyBw2KrbtfPihz%2BOlC9GinKK%2B9EOZNHEv873m543uS1dQvXC6rVWNmMSxgXuScruDz2C4AD2fwhOD3vY0vZW4droyiyTWemQGLrtl0EX259%2BUbLtmLDCUmeFBQ%3D%3D"}],"group":"cf-nel","max_age":604800}
cf-ray: 8e03930ccd3cbba3-FRA
access-control-allow-origin: *
alt-svc: h3=":443"; ma=86400
content-length: 0
server-timing: cfL4;desc="?proto=QUIC&rtt=8355&sent=1355&recv=285&lost=52&retrans=51&sent_bytes=1473938&recv_bytes=60758&delivery_rate=2645&cwnd=192864&unsent_bytes=0&cid=f2d8158537210ecc&ts=4982&x=1", cfHdrFlush;dur=0
date: Sun, 10 Nov 2024 05:17:08 GMT
vary: Accept-Encoding
server: cloudflare

GET
H2 200 V_fBQ_iVmAgE_Ta_T-6BNXc0ZY4.br.js Show response
r.bing.com/rp/ 576 B
0 0ms
0ms Script
text/javascript 2a02:26f0:480:36::212:4016
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://r.bing.com/rp/V_fBQ_iVmAgE_Ta_T-6BNXc0ZY4.br.js
Requested by: Host: gfhft42.pages.dev
URL: https://gfhft42.pages.dev/rp/oocd_GLJp7OiNEvIPidegylCzYE.br.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:480:36::212:4016 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash: 1562669ad323019cda49a6cf3bddece1672282e7275f9d963031b30ea845ffb2

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin: https://gfhft42.pages.dev
Referer: https://gfhft42.pages.dev/

Response headers

content-md5: xl2SFLZCQEcsZUNAUSfMmA==
content-encoding: br
x-ms-version: 2009-09-19
etag: 0x8DCDC6241BA29EA
x-ms-lease-status: unlocked
report-to: {"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://aefd.nelreports.net/api/report?cat=bingaotak"}]}
expires: Wed, 13 Nov 2024 09:28:05 GMT
alt-svc: h3=":443"; ma=93600
date: Sun, 10 Nov 2024 05:17:07 GMT
last-modified: Tue, 24 Sep 2024 06:29:34 GMT
content-type: text/javascript; charset=utf-8
cache-control: public, no-transform, max-age=274258
timing-allow-origin: *
nel: {"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":1.0}
x-ms-request-id: ef8ced86-c01e-0048-79ce-17d80d000000
access-control-allow-origin: *
content-length: 368
akamai-grn: 0.56b31402.1731215827.16309135
x-ms-blob-type: BlockBlob
server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0

GET
H2 200 C7TuoP5bfHv-CZlMHZy7yfvI4Fk.br.js Show response
r.bing.com/rp/ 328 B
0 0ms
0ms Script
text/javascript 2a02:26f0:480:36::212:4016
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://r.bing.com/rp/C7TuoP5bfHv-CZlMHZy7yfvI4Fk.br.js
Requested by: Host: gfhft42.pages.dev
URL: https://gfhft42.pages.dev/rp/oocd_GLJp7OiNEvIPidegylCzYE.br.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:480:36::212:4016 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash: 243d212a9ff764ccda9b19c3c823b2f408a0718e56a3e7a8b5b533e108db56cb

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin: https://gfhft42.pages.dev
Referer: https://gfhft42.pages.dev/

Response headers

content-md5: QIcJkitTo2dw/Udpu2lXSg==
content-encoding: br
x-ms-version: 2009-09-19
etag: 0x8DCDC5E15C3381C
x-ms-lease-status: unlocked
report-to: {"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://aefd.nelreports.net/api/report?cat=bingaotak"}]}
expires: Fri, 15 Nov 2024 04:16:27 GMT
alt-svc: h3=":443"; ma=93600
date: Sun, 10 Nov 2024 05:17:07 GMT
last-modified: Tue, 24 Sep 2024 05:59:42 GMT
content-type: text/javascript; charset=utf-8
cache-control: public, no-transform, max-age=428360
timing-allow-origin: *
nel: {"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":1.0}
x-ms-request-id: e289b1fa-d01e-0013-1933-17df71000000
access-control-allow-origin: *
content-length: 203
akamai-grn: 0.56b31402.1731215827.16309136
x-ms-blob-type: BlockBlob
server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0

GET
H/1.1 200
OK authorize
login.microsoftonline.com/common/oauth2/ Frame B124 0
0 211ms
62ms Document
text/html 2603:1027:1:d8::9
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://login.microsoftonline.com/common/oauth2/authorize?client_id=9ea1ad79-fdb6-4f9a-8bc3-2b70f96e34c7&response_type=id_token+code&nonce=e7552844-42b1-458a-beb6-340890a12af3&redirect_uri=https%3a%2f%2fwww.bing.com%2forgid%2fidtoken%2fconditional&scope=openid%20email%20profile%209ea1ad79-fdb6-4f9a-8bc3-2b70f96e34c7/.default&response_mode=form_post&instance_aware=true&msafed=0&prompt=none&state=%7b%22ig%22%3a%22A740243CE30E46BBBA7D59C66EA1ACC9%22%7d

Requested by

Host: r.bing.com
URL: https://r.bing.com/rp/V_fBQ_iVmAgE_Ta_T-6BNXc0ZY4.br.js

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

2603:1027:1:d8::9 Dublin, Ireland, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://gfhft42.pages.dev/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

Cache-Control: no-store, no-cache
Content-Encoding: gzip
Content-Length: 701
Content-Security-Policy-Report-Only: object-src 'none'; base-uri 'self'; script-src 'self' 'nonce-LsJYMSeoyu161g_ofQjrKg' 'unsafe-eval' https://*.msauth.net https://*.msftauth.net https://*.msftauthimages.net https://*.msauthimages.net https://*.msidentity.com https://*.microsoftonline-p.com https://*.microsoftazuread-sso.com https://*.azureedge.net 'report-sample'; img-src 'self' https://*.msauth.net https://*.msftauth.net https://*.msftauthimages.net https://*.msauthimages.net https://*.msidentity.com https://*.microsoftonline-p.com https://*.microsoftazuread-sso.com https://*.azureedge.net 'report-sample'; report-uri https://csp.microsoft.com/report/ESTS-UX-All
Content-Type: text/html; charset=utf-8
Date: Sun, 10 Nov 2024 05:17:07 GMT
Expires: -1
P3P: CP="DSP CUR OTPi IND OTRi ONL FIN"
Pragma: no-cache
Referrer-Policy: strict-origin-when-cross-origin
Strict-Transport-Security: max-age=31536000; includeSubDomains
Vary: Accept-Encoding
X-Content-Type-Options: nosniff
X-XSS-Protection: 0
nel: {"report_to":"network-errors","max_age":86400,"success_fraction":0.001,"failure_fraction":1.0}
report-to: {"group":"network-errors","max_age":86400,"endpoints":[{"url":"https://identity.nel.measure.office.net/api/report?catId=GW+estsfd+dub2"}]}
x-ms-ests-server: 2.1.19343.4 - WEULR1 ProdSlices
x-ms-request-id: 5787cef9-639c-466d-b233-9de8c38a3000
x-ms-srs: 1.P

GET
H2 200 _2I169N92jVtSc_VEsV0nma5sRY.br.js Show response
r.bing.com/rp/ 622 B
0 0ms
0ms Script
text/javascript 2a02:26f0:480:36::212:4016
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://r.bing.com/rp/_2I169N92jVtSc_VEsV0nma5sRY.br.js
Requested by: Host: gfhft42.pages.dev
URL: https://gfhft42.pages.dev/rp/oocd_GLJp7OiNEvIPidegylCzYE.br.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:480:36::212:4016 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash: a0a1cee602080757fbadb2d23ead2bbb8b0726b82fdb2ed654da4403f1e78ef1

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin: https://gfhft42.pages.dev
Referer: https://gfhft42.pages.dev/

Response headers

content-md5: Ij6CMW7d9STrT+a4Nf7dFA==
content-encoding: br
x-ms-version: 2009-09-19
etag: 0x8DCDC63331FF483
x-ms-lease-status: unlocked
report-to: {"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://aefd.nelreports.net/api/report?cat=bingaotak"}]}
expires: Mon, 11 Nov 2024 19:14:49 GMT
alt-svc: h3=":443"; ma=93600
date: Sun, 10 Nov 2024 05:17:07 GMT
last-modified: Tue, 24 Sep 2024 06:36:19 GMT
content-type: text/javascript; charset=utf-8
cache-control: public, no-transform, max-age=136662
timing-allow-origin: *
nel: {"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":1.0}
x-ms-request-id: ea381d3c-001e-0055-3769-1701e7000000
access-control-allow-origin: *
content-length: 312
akamai-grn: 0.56b31402.1731215827.16309137
x-ms-blob-type: BlockBlob
server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0

GET
H2 200 gKwIRAF4fg7noG1zyeUz8x3Jdhc.br.js Show response
r.bing.com/rp/ 924 B
0 0ms
0ms Script
text/javascript 2a02:26f0:480:36::212:4016
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://r.bing.com/rp/gKwIRAF4fg7noG1zyeUz8x3Jdhc.br.js
Requested by: Host: gfhft42.pages.dev
URL: https://gfhft42.pages.dev/rp/oocd_GLJp7OiNEvIPidegylCzYE.br.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:480:36::212:4016 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash: 15ed1579bccf1571a7d8b888226e9fe455aca5628684419d1a18f7cda68af89e

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin: https://gfhft42.pages.dev
Referer: https://gfhft42.pages.dev/

Response headers

content-md5: rSmdN6tN5TS/1yEQ8Z6pNA==
content-encoding: br
x-ms-version: 2009-09-19
etag: 0x8DCDC64B5831289
x-ms-lease-status: unlocked
report-to: {"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://aefd.nelreports.net/api/report?cat=bingaotak"}]}
expires: Thu, 14 Nov 2024 16:15:07 GMT
alt-svc: h3=":443"; ma=93600
date: Sun, 10 Nov 2024 05:17:07 GMT
last-modified: Tue, 24 Sep 2024 06:47:07 GMT
content-type: text/javascript; charset=utf-8
cache-control: public, no-transform, max-age=385080
timing-allow-origin: *
nel: {"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":1.0}
x-ms-request-id: d5600e24-d01e-0031-7023-16b147000000
access-control-allow-origin: *
content-length: 492
akamai-grn: 0.56b31402.1731215827.16309138
x-ms-blob-type: BlockBlob
server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0

GET
H2 200 9cuwOQ_qE7qTGKohzrf_gIjTlPI.br.js Show response
r.bing.com/rp/ 3 KB
0 0ms
0ms Script
text/javascript 2a02:26f0:480:36::212:4016
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://r.bing.com/rp/9cuwOQ_qE7qTGKohzrf_gIjTlPI.br.js
Requested by: Host: gfhft42.pages.dev
URL: https://gfhft42.pages.dev/rp/oocd_GLJp7OiNEvIPidegylCzYE.br.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:480:36::212:4016 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash: e482bf4baaa167335f326b9b4f4b83e806cc21fb428b988a4932c806d918771c

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin: https://gfhft42.pages.dev
Referer: https://gfhft42.pages.dev/

Response headers

content-md5: FXbNzL5WiMdS7y/N9ZEDfg==
content-encoding: br
x-ms-version: 2009-09-19
etag: 0x8DCDC5D73F196CA
x-ms-lease-status: unlocked
report-to: {"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://aefd.nelreports.net/api/report?cat=bingaotak"}]}
expires: Mon, 11 Nov 2024 18:30:08 GMT
alt-svc: h3=":443"; ma=93600
date: Sun, 10 Nov 2024 05:17:07 GMT
last-modified: Tue, 24 Sep 2024 05:55:11 GMT
content-type: text/javascript; charset=utf-8
cache-control: public, no-transform, max-age=133981
timing-allow-origin: *
nel: {"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":1.0}
x-ms-request-id: 6737675a-601e-0023-05fc-16855b000000
access-control-allow-origin: *
content-length: 1532
akamai-grn: 0.56b31402.1731215827.16309139
x-ms-blob-type: BlockBlob
server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0

GET
H2 200 psgXZvzYJMEW2ydikIk493Va1d4.br.js Show response
r.bing.com/rp/ 1 KB
0 0ms
0ms Script
text/javascript 2a02:26f0:480:36::212:4016
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://r.bing.com/rp/psgXZvzYJMEW2ydikIk493Va1d4.br.js
Requested by: Host: gfhft42.pages.dev
URL: https://gfhft42.pages.dev/rp/oocd_GLJp7OiNEvIPidegylCzYE.br.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:480:36::212:4016 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash: 47cb84d180c1d6ba7578c379bdc396102043b31233544e25a5a6f738bb425ac9

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin: https://gfhft42.pages.dev
Referer: https://gfhft42.pages.dev/

Response headers

content-md5: cbryIH17LuJqgju0sWrerw==
x-ms-version: 2009-09-19
x-ms-lease-status: unlocked
etag: 0x8DCDC66CA2704F8
content-encoding: gzip
report-to: {"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://aefd.nelreports.net/api/report?cat=bingaotak"}]}
expires: Sun, 10 Nov 2024 10:42:51 GMT
alt-svc: h3=":443"; ma=93600
date: Sun, 10 Nov 2024 05:17:07 GMT
last-modified: Tue, 24 Sep 2024 07:02:01 GMT
content-type: text/javascript; charset=utf-8
vary: Accept-Encoding
cache-control: public, no-transform, max-age=19544
timing-allow-origin: *
nel: {"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":1.0}
x-ms-request-id: e0c8f4bc-401e-0070-1e65-159954000000
access-control-allow-origin: *
content-length: 660
akamai-grn: 0.56b31402.1731215827.1630913a
x-ms-blob-type: BlockBlob
server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0

POST
H3 200 ncheader Show response
gfhft42.pages.dev/rewardsapp/ 2 KB
3 KB 81ms
79ms XHR
text/html 2606:4700:310c::ac42:2cab
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://gfhft42.pages.dev/rewardsapp/ncheader?ver=51195484&IID=SERP.5021&IG=A740243CE30E46BBBA7D59C66EA1ACC9
Requested by: Host: r.bing.com
URL: https://r.bing.com/rp/psgXZvzYJMEW2ydikIk493Va1d4.br.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:310c::ac42:2cab , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 533a1da54d4631ce85a1efe2504bae4745b86b50c9217370bc9da0b2457d92b5

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Content-type: application/x-www-form-urlencoded
Referer: https://gfhft42.pages.dev/

Response headers

x-eventid: 673041d4ff214a239b8891256483b8c3
content-encoding: br
cf-cache-status: DYNAMIC
report-to: {"group":"csp-endpoint","max_age":86400,"endpoints":[{"url":"https://aefd.nelreports.net/api/report?cat=bingcsp"}]}
expires: -1
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=9228&sent=1195&recv=260&lost=37&retrans=36&sent_bytes=1302382&recv_bytes=58566&delivery_rate=321675&cwnd=275520&unsent_bytes=0&cid=f2d8158537210ecc&ts=4917&x=1", cfHdrFlush;dur=0
p3p: CP="NON UNI COM NAV STA LOC CURa DEVa PSAa PSDa OUR IND"
date: Sun, 10 Nov 2024 05:17:08 GMT
content-type: text/html; charset=utf-8
vary: Accept-Encoding
cache-control: no-cache, no-store, must-revalidate
x-cdn-traceid: 0.41d01702.1731215828.1f206b2a
pragma: no-cache
x-ceto-ref: 673041d4ff214a239b8891256483b8c3|AFD:673041d4ff214a239b8891256483b8c3|2024-11-10T05:17:08.023Z
content-security-policy-report-only: script-src https: 'strict-dynamic' 'report-sample' 'wasm-unsafe-eval' 'nonce-EbFOtRcwShVzX4o9AaiaQ0oBEM95KfeqcpaGs8X8Hdk='; base-uri 'self';report-to csp-endpoint
cf-ray: 8e03930ced44bba3-FRA
useragentreductionoptout: A7kgTC5xdZ2WIVGZEfb1hUoNuvjzOZX3VIV/BA6C18kQOOF50Q0D3oWoAm49k3BQImkujKILc7JmPysWk3CSjwUAAACMeyJvcmlnaW4iOiJodHRwczovL3d3dy5iaW5nLmNvbTo0NDMiLCJmZWF0dXJlIjoiU2VuZEZ1bGxVc2VyQWdlbnRBZnRlclJlZHVjdGlvbiIsImV4cGlyeSI6MTY4NDg4NjM5OSwiaXNTdWJkb21haW4iOnRydWUsImlzVGhpcmRQYXJ0eSI6dHJ1ZX0=
server: cloudflare

GET
H2 200 nt6a1ZR520utsLoZmSYgwxdOPgI.js Show response
r.bing.com/rs/6v/x2/nj/ 606 B
0 0ms
0ms Script
application/x-javascript 2a02:26f0:480:36::212:4016
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://r.bing.com/rs/6v/x2/nj/nt6a1ZR520utsLoZmSYgwxdOPgI.js?or=w
Requested by: Host: gfhft42.pages.dev
URL: https://gfhft42.pages.dev/rp/oocd_GLJp7OiNEvIPidegylCzYE.br.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:480:36::212:4016 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: Kestrel /
Resource Hash: 54722cf65ab74a85441a039480691610df079e6dd3316c452667efe4a94ffd39

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin: https://gfhft42.pages.dev
Referer: https://gfhft42.pages.dev/

Response headers

x-as-machinename: DUBEEAP00010626
x-eventid: 672da993c93e4d59ad69fffddcd21354
content-encoding: br
report-to: {"group":"csp-endpoint","max_age":86400,"endpoints":[{"url":"https://aefd.nelreports.net/api/report?cat=bingcsp"}]}, {"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://aefd.nelreports.net/api/report?cat=bingrms"}]}
expires: Wed, 13 Nov 2024 06:03:30 GMT
alt-svc: h3=":443"; ma=93600
x-as-instrumentationoptions: AppServerLoggingMaster=1
x-as-suppresssetcookie: 1
content-type: application/x-javascript; charset=utf-8
last-modified: Mon, 23 Sep 2024 23:58:56 GMT
access-control-allow-headers: *
date: Sun, 10 Nov 2024 05:17:07 GMT
nel: {"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":0.75}
cache-control: public, max-age=261983
timing-allow-origin: *
accept-ch: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, ECT, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
cross-origin-resource-policy: cross-origin
content-security-policy-report-only: script-src https: 'strict-dynamic' 'report-sample' 'wasm-unsafe-eval' 'nonce-dAFvvbzFY82ySqh+kxm8BIYbpvVNsutgYlBAeLEcvOg='; base-uri 'self';report-to csp-endpoint
useragentreductionoptout: A7kgTC5xdZ2WIVGZEfb1hUoNuvjzOZX3VIV/BA6C18kQOOF50Q0D3oWoAm49k3BQImkujKILc7JmPysWk3CSjwUAAACMeyJvcmlnaW4iOiJodHRwczovL3d3dy5iaW5nLmNvbTo0NDMiLCJmZWF0dXJlIjoiU2VuZEZ1bGxVc2VyQWdlbnRBZnRlclJlZHVjdGlvbiIsImV4cGlyeSI6MTY4NDg4NjM5OSwiaXNTdWJkb21haW4iOnRydWUsImlzVGhpcmRQYXJ0eSI6dHJ1ZX0=
access-control-allow-origin: *
content-length: 399
akamai-grn: 0.56b31402.1731215827.1630913b
server: Kestrel

GET
H3 200 l
gfhft42.pages.dev/fd/ls/ 0
620 B 67ms
67ms Image
text/plain 2606:4700:310c::ac42:2cab
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://gfhft42.pages.dev/fd/ls/l?IG=A740243CE30E46BBBA7D59C66EA1ACC9&CID=160DF516170E609206A8E02516B06190&TYPE=Event.ClientInst&DATA=%5B%7B%22T%22%3A%22CI.ClientInst%22%2C%22TS%22%3A1731215827975%2C%22Name%22%3A%22OrgId%22%2C%22FID%22%3A%22NoSignInAttempt%22%7D%2C%7B%22correlationId%22%3A%22673041d3c4e64a9593a71bb17bcc88a0%22%2C%22T%22%3A%22CI.acclink%22%2C%22TS%22%3A1731215827982%2C%22Name%22%3A%22loadJsModule%22%2C%22FID%22%3A%22init%22%7D%2C%7B%22correlationId%22%3A%22673041d3c4e64a9593a71bb17bcc88a0%22%2C%22T%22%3A%22CI.acclink%22%2C%22TS%22%3A1731215827982%2C%22Name%22%3A%22undirectflow%22%2C%22FID%22%3A%22init%22%7D%2C%7B%22func%22%3A%22useFetch%22%2C%22url%22%3A%22%2Fhp%2Fapi%2Fv1%2Fmomentsintime%3Fformat%3Djson%26ssd%3D20241109_2300%26%22%2C%22format%22%3A%22json%22%2C%22status%22%3A203%2C%22time%22%3A594%2C%22T%22%3A%22CI.Data%22%2C%22TS%22%3A1731215827986%2C%22Name%22%3A%22fetched%22%2C%22FID%22%3A%22HP%22%7D%5D
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:310c::ac42:2cab , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://gfhft42.pages.dev/

Response headers

x-cdn-traceid: 0.15d01702.1731215828.78ac4e5
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=G7heEnDZxXImHbbpM7sFyJfXrceYKcPo5a6GYkScjX%2BrZT2sAPCjFXnU%2F%2BjeTY58qot%2BNYR%2BxAv1x88sBUenssz7J82SsKHfPexE1Oe819c9PqneJyFxFC3JNl8q9DE4uL7OibymNq0qU57TQDi1pQ%3D%3D"}],"group":"cf-nel","max_age":604800}
cf-ray: 8e03930ced47bba3-FRA
access-control-allow-origin: *
alt-svc: h3=":443"; ma=86400
content-length: 0
server-timing: cfL4;desc="?proto=QUIC&rtt=10048&sent=1190&recv=250&lost=37&retrans=36&sent_bytes=1301015&recv_bytes=53756&delivery_rate=6497219&cwnd=275520&unsent_bytes=0&cid=f2d8158537210ecc&ts=4905&x=1", cfHdrFlush;dur=0
date: Sun, 10 Nov 2024 05:17:08 GMT
vary: Accept-Encoding
server: cloudflare

GET
H3 200 l
gfhft42.pages.dev/fd/ls/ 0
620 B 77ms
77ms Image
text/plain 2606:4700:310c::ac42:2cab
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://gfhft42.pages.dev/fd/ls/l?IG=A740243CE30E46BBBA7D59C66EA1ACC9&CID=160DF516170E609206A8E02516B06190&TYPE=Event.ClientInst&DATA=%5B%7B%22func%22%3A%22useFetch%22%2C%22url%22%3A%22%2Fhp%2Fapi%2Fv1%2Fmomentsintime%3Fformat%3Djson%26ssd%3D20241109_2300%26%22%2C%22format%22%3A%22json%22%2C%22message%22%3A%7B%7D%2C%22time%22%3A595%2C%22T%22%3A%22CI.Data%22%2C%22TS%22%3A1731215827987%2C%22Name%22%3A%22error%22%2C%22FID%22%3A%22HP%22%7D%5D
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:310c::ac42:2cab , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://gfhft42.pages.dev/

Response headers

x-cdn-traceid: 0.05d01702.1731215828.867b234
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=o4vqpM4Vg6C5V1qz1m4Q3iwr0E2%2BV71PFJqC7ZR0J8zOPMFZNoD0jOgUdWB8q1Po5hIEVKgRm8BGoctSknRNlxhEJ58RK0wwuv%2FBsRZn72%2F%2FCXAx74gjB7FpQ10fvgdRqqxG9AqTjXTuZcS64HGnEQ%3D%3D"}],"group":"cf-nel","max_age":604800}
cf-ray: 8e03930cfd48bba3-FRA
access-control-allow-origin: *
alt-svc: h3=":443"; ma=86400
content-length: 0
server-timing: cfL4;desc="?proto=QUIC&rtt=9228&sent=1197&recv=260&lost=37&retrans=36&sent_bytes=1304251&recv_bytes=58566&delivery_rate=321675&cwnd=275520&unsent_bytes=0&cid=f2d8158537210ecc&ts=4918&x=1", cfHdrFlush;dur=0
date: Sun, 10 Nov 2024 05:17:08 GMT
vary: Accept-Encoding
server: cloudflare

GET
H2 200 5L3iD467J3iJWEPwIjxlK0MMDpY.br.js Show response
r.bing.com/rp/ 2 KB
0 0ms
0ms Script
text/javascript 2a02:26f0:480:36::212:4016
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://r.bing.com/rp/5L3iD467J3iJWEPwIjxlK0MMDpY.br.js
Requested by: Host: gfhft42.pages.dev
URL: https://gfhft42.pages.dev/rp/oocd_GLJp7OiNEvIPidegylCzYE.br.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:480:36::212:4016 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash: e90558eb19208ad73f0de1cd9839d0317594bf23da0514f51272bf27183f01da

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin: https://gfhft42.pages.dev
Referer: https://gfhft42.pages.dev/

Response headers

content-md5: yaTET5I1fmUKhVemn0wu5w==
content-encoding: br
x-ms-version: 2009-09-19
etag: 0x8DCEC884215D06E
x-ms-lease-status: unlocked
report-to: {"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://aefd.nelreports.net/api/report?cat=bingaotak"}]}
expires: Mon, 11 Nov 2024 07:56:52 GMT
alt-svc: h3=":443"; ma=93600
date: Sun, 10 Nov 2024 05:17:07 GMT
last-modified: Mon, 14 Oct 2024 19:41:54 GMT
content-type: text/javascript; charset=utf-8
cache-control: public, no-transform, max-age=95985
timing-allow-origin: *
nel: {"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":1.0}
x-ms-request-id: 8b525d46-801e-000b-5147-20f2e4000000
access-control-allow-origin: *
content-length: 772
akamai-grn: 0.56b31402.1731215827.1630913c
x-ms-blob-type: BlockBlob
server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0

GET
H2 200 awRIKLY04rWw5wNlVL186SolQSo.br.js Show response
r.bing.com/rp/ 34 KB
0 1ms
1ms Script
text/javascript 2a02:26f0:480:36::212:4016
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://r.bing.com/rp/awRIKLY04rWw5wNlVL186SolQSo.br.js
Requested by: Host: gfhft42.pages.dev
URL: https://gfhft42.pages.dev/rp/oocd_GLJp7OiNEvIPidegylCzYE.br.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:480:36::212:4016 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash: 6838611c8ab6539005e11c84ca308158f89a51db57a62caf21faab48bf576177

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin: https://gfhft42.pages.dev
Referer: https://gfhft42.pages.dev/

Response headers

content-md5: yrT84kD84PN8304R0Pvg0w==
content-encoding: br
x-ms-version: 2009-09-19
etag: 0x8DCDC6396975487
x-ms-lease-status: unlocked
report-to: {"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://aefd.nelreports.net/api/report?cat=bingaotak"}]}
expires: Wed, 13 Nov 2024 07:40:38 GMT
alt-svc: h3=":443"; ma=93600
date: Sun, 10 Nov 2024 05:17:07 GMT
last-modified: Tue, 24 Sep 2024 06:39:06 GMT
content-type: text/javascript; charset=utf-8
nel: {"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":1.0}
cache-control: public, no-transform, max-age=267811
timing-allow-origin: *
x-ms-request-id: 807d41a0-501e-0046-74e9-173406000000
access-control-allow-origin: *
content-length: 7069
akamai-grn: 0.39d01702.1730954640.11d6ade5, 0.56b31402.1731215827.1630913d
x-ms-blob-type: BlockBlob
server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0

GET
H2 200 K_V1CARn2Q2lTs5njJKUvUkHyi4.br.js Show response
r.bing.com/rp/ 242 B
0 1ms
0ms Script
text/javascript 2a02:26f0:480:36::212:4016
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://r.bing.com/rp/K_V1CARn2Q2lTs5njJKUvUkHyi4.br.js
Requested by: Host: gfhft42.pages.dev
URL: https://gfhft42.pages.dev/rp/oocd_GLJp7OiNEvIPidegylCzYE.br.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:480:36::212:4016 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash: 06b77ee16a2cd34acd210b4f2b6e423762ea8874bb26ae5a37db9dd01a00ff70

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin: https://gfhft42.pages.dev
Referer: https://gfhft42.pages.dev/

Response headers

content-md5: zk7Mu+IZ+1Afv84KFZt8XQ==
content-encoding: br
x-ms-version: 2009-09-19
etag: 0x8DCDC5FD53B2D55
x-ms-lease-status: unlocked
report-to: {"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://aefd.nelreports.net/api/report?cat=bingaotak"}]}
expires: Tue, 12 Nov 2024 07:06:33 GMT
alt-svc: h3=":443"; ma=93600
date: Sun, 10 Nov 2024 05:17:07 GMT
last-modified: Tue, 24 Sep 2024 06:12:13 GMT
content-type: text/javascript; charset=utf-8
cache-control: public, no-transform, max-age=179366
timing-allow-origin: *
nel: {"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":1.0}
x-ms-request-id: c304e8ea-501e-006f-1ca8-164244000000
access-control-allow-origin: *
content-length: 140
akamai-grn: 0.56b31402.1731215827.1630913e
x-ms-blob-type: BlockBlob
server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0

POST
H3 200 reportActivity Show response
gfhft42.pages.dev/rewardsapp/ 2 KB
3 KB 102ms
99ms XHR
text/html 2606:4700:310c::ac42:2cab
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://gfhft42.pages.dev/rewardsapp/reportActivity?IG=A740243CE30E46BBBA7D59C66EA1ACC9&IID=SERP.5030&&src=hp
Requested by: Host: r.bing.com
URL: https://r.bing.com/rs/6v/x2/nj/nt6a1ZR520utsLoZmSYgwxdOPgI.js?or=w
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:310c::ac42:2cab , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a4b34948549aa9f9193fbf7edf4faaf3a4b3f0ef468c1a60876685c3844c410b

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Content-type: application/x-www-form-urlencoded
Referer: https://gfhft42.pages.dev/

Response headers

x-eventid: 673041d4d0344b89a08715183e0d187c
content-encoding: br
cf-cache-status: DYNAMIC
report-to: {"group":"csp-endpoint","max_age":86400,"endpoints":[{"url":"https://aefd.nelreports.net/api/report?cat=bingcsp"}]}
expires: -1
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=7673&sent=1289&recv=265&lost=37&retrans=36&sent_bytes=1405859&recv_bytes=58790&delivery_rate=62634&cwnd=275520&unsent_bytes=0&cid=f2d8158537210ecc&ts=4940&x=1", cfHdrFlush;dur=0
p3p: CP="NON UNI COM NAV STA LOC CURa DEVa PSAa PSDa OUR IND"
date: Sun, 10 Nov 2024 05:17:08 GMT
content-type: text/html; charset=utf-8
vary: Accept-Encoding
cache-control: no-cache
x-cdn-traceid: 0.3dd01702.1731215828.755e5d9
pragma: no-cache
x-ceto-ref: 673041d4d0344b89a08715183e0d187c|AFD:673041d4d0344b89a08715183e0d187c|2024-11-10T05:17:08.036Z
content-security-policy-report-only: script-src https: 'strict-dynamic' 'report-sample' 'wasm-unsafe-eval' 'nonce-Vbi1Bvp4u4D1hrGRHXNNYJ4vaUxZQla5Izp6xIGvrzw='; base-uri 'self';report-to csp-endpoint
cf-ray: 8e03930cfd52bba3-FRA
useragentreductionoptout: A7kgTC5xdZ2WIVGZEfb1hUoNuvjzOZX3VIV/BA6C18kQOOF50Q0D3oWoAm49k3BQImkujKILc7JmPysWk3CSjwUAAACMeyJvcmlnaW4iOiJodHRwczovL3d3dy5iaW5nLmNvbTo0NDMiLCJmZWF0dXJlIjoiU2VuZEZ1bGxVc2VyQWdlbnRBZnRlclJlZHVjdGlvbiIsImV4cGlyeSI6MTY4NDg4NjM5OSwiaXNTdWJkb21haW4iOnRydWUsImlzVGhpcmRQYXJ0eSI6dHJ1ZX0=
server: cloudflare

GET
H2 200 ZROPcAEhbj2oVXAWpOfdV-3E98k.br.js Show response
r.bing.com/rp/ 4 KB
0 1ms
1ms Script
text/javascript 2a02:26f0:480:36::212:4016
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://r.bing.com/rp/ZROPcAEhbj2oVXAWpOfdV-3E98k.br.js
Requested by: Host: gfhft42.pages.dev
URL: https://gfhft42.pages.dev/rp/oocd_GLJp7OiNEvIPidegylCzYE.br.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:480:36::212:4016 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash: a29707e768a53201e2ab26d83e5746e6f22e1c573743a66c50b7e5d19f6b531e

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin: https://gfhft42.pages.dev
Referer: https://gfhft42.pages.dev/

Response headers

content-md5: XDB88L/1tOMJK/y+pV86vg==
content-encoding: br
x-ms-version: 2009-09-19
etag: 0x8DCDC631EE7C495
x-ms-lease-status: unlocked
report-to: {"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://aefd.nelreports.net/api/report?cat=bingaotak"}]}
expires: Mon, 11 Nov 2024 14:35:20 GMT
alt-svc: h3=":443"; ma=93600
date: Sun, 10 Nov 2024 05:17:07 GMT
last-modified: Tue, 24 Sep 2024 06:35:45 GMT
content-type: text/javascript; charset=utf-8
cache-control: public, no-transform, max-age=119893
timing-allow-origin: *
nel: {"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":1.0}
x-ms-request-id: 421cd7c8-101e-0005-37dc-151eef000000
access-control-allow-origin: *
content-length: 1709
akamai-grn: 0.56b31402.1731215827.1630913f
x-ms-blob-type: BlockBlob
server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0

GET
H3 200 Ps73AKHQ1paRH9KPeMP5XHV_H2M.br.js Show response
r.bing.com/rp/ 94 KB
25 KB 16ms
15ms Script
text/javascript 2a02:26f0:480:36::212:4016
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://r.bing.com/rp/Ps73AKHQ1paRH9KPeMP5XHV_H2M.br.js
Requested by: Host: gfhft42.pages.dev
URL: https://gfhft42.pages.dev/rp/oocd_GLJp7OiNEvIPidegylCzYE.br.js
Protocol: H3
Security: QUIC, , AES_256_GCM
Server: 2a02:26f0:480:36::212:4016 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash: 2b94109aa361ff11c5320f7d1c04e2ad6da1a93904ea1eec16effe5972d484a6

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin: https://gfhft42.pages.dev
Referer: https://gfhft42.pages.dev/

Response headers

content-md5: Bt6SyO8875WWMOkjRZkfZA==
content-encoding: br
x-ms-version: 2009-09-19
etag: 0x8DCFF22D3C40382
x-ms-lease-status: unlocked
report-to: {"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://aefd.nelreports.net/api/report?cat=bingaotak"}]}
expires: Tue, 12 Nov 2024 20:27:16 GMT
alt-svc: h3=":443"; ma=93600
date: Sun, 10 Nov 2024 05:17:08 GMT
content-type: text/javascript; charset=utf-8
last-modified: Thu, 07 Nov 2024 11:53:42 GMT
nel: {"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":1.0}
cache-control: public, no-transform, max-age=227408
timing-allow-origin: *
quic-version: 0x00000001
x-ms-request-id: b3b1140b-401e-0052-0253-31f762000000
access-control-allow-origin: *
content-length: 25577
akamai-grn: 0.85257e68.1731024459.60edff6, 0.56b31402.1731215828.16309443
x-ms-blob-type: BlockBlob
server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0

GET
H2 200 TojcN6GgH6kMs-g6j6O4PUJNZvU.br.css
r.bing.com/rp/ 18 KB
0 2ms
2ms Stylesheet
text/css 2a02:26f0:480:36::212:4016
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://r.bing.com/rp/TojcN6GgH6kMs-g6j6O4PUJNZvU.br.css
Requested by: Host: gfhft42.pages.dev
URL: https://gfhft42.pages.dev/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:480:36::212:4016 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash: eea56c13709677a8c9b09c68a066b7138892e4ba785c5ce4a805fac99e4ceb24

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin: https://gfhft42.pages.dev
Referer: https://gfhft42.pages.dev/

Response headers

content-md5: gtoCeEn6TmwQatEIrrrRpQ==
content-encoding: br
x-ms-version: 2009-09-19
etag: 0x8DCFF22A780F4B6
x-ms-lease-status: unlocked
report-to: {"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://aefd.nelreports.net/api/report?cat=bingaotak"}]}
expires: Tue, 12 Nov 2024 18:39:50 GMT
alt-svc: h3=":443"; ma=93600
date: Sun, 10 Nov 2024 05:17:07 GMT
content-type: text/css
last-modified: Thu, 07 Nov 2024 11:52:28 GMT
cache-control: public, no-transform, max-age=220963
timing-allow-origin: *
nel: {"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":1.0}
x-ms-request-id: dab56de5-201e-006b-7044-31b7c6000000
access-control-allow-origin: *
content-length: 5473
akamai-grn: 0.56b31402.1731215827.16308f67
x-ms-blob-type: BlockBlob
server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0

GET
H3 200 mYrlYjljEaPfRzxdJWeh5VI1VKI.br.js Show response
r.bing.com/rp/ 52 KB
10 KB 16ms
15ms Script
text/javascript 2a02:26f0:480:36::212:4016
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://r.bing.com/rp/mYrlYjljEaPfRzxdJWeh5VI1VKI.br.js
Requested by: Host: gfhft42.pages.dev
URL: https://gfhft42.pages.dev/rp/oocd_GLJp7OiNEvIPidegylCzYE.br.js
Protocol: H3
Security: QUIC, , AES_256_GCM
Server: 2a02:26f0:480:36::212:4016 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash: 9650a40f7d670d73a408ada335020ceeb2cc39a843f2b63ef8a441349e6066fe

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin: https://gfhft42.pages.dev
Referer: https://gfhft42.pages.dev/

Response headers

content-md5: NU2lIRTwSy9k9bMx1ShzPA==
content-encoding: br
x-ms-version: 2009-09-19
etag: 0x8DCFF22D4EFFBD2
x-ms-lease-status: unlocked
report-to: {"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://aefd.nelreports.net/api/report?cat=bingaotak"}]}
expires: Tue, 12 Nov 2024 18:32:58 GMT
alt-svc: h3=":443"; ma=93600
date: Sun, 10 Nov 2024 05:17:08 GMT
content-type: text/javascript; charset=utf-8
last-modified: Thu, 07 Nov 2024 11:53:44 GMT
cache-control: public, no-transform, max-age=220550
timing-allow-origin: *
nel: {"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":1.0}
quic-version: 0x00000001
x-ms-request-id: aab67a6f-f01e-000f-3543-310766000000
access-control-allow-origin: *
content-length: 9825
akamai-grn: 0.56b31402.1731215828.16309457
x-ms-blob-type: BlockBlob
server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0

GET
H3 200 eKvcHdnNwo1WcxoSioV4ztnfZk8.br.js Show response
r.bing.com/rp/ 3 KB
1 KB 15ms
14ms Script
text/javascript 2a02:26f0:480:36::212:4016
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://r.bing.com/rp/eKvcHdnNwo1WcxoSioV4ztnfZk8.br.js
Requested by: Host: gfhft42.pages.dev
URL: https://gfhft42.pages.dev/rp/oocd_GLJp7OiNEvIPidegylCzYE.br.js
Protocol: H3
Security: QUIC, , AES_256_GCM
Server: 2a02:26f0:480:36::212:4016 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash: 795e9290718eb62a1fb00646dc738f6a6b715b1171dd54a3d2defa013a74f3da

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin: https://gfhft42.pages.dev
Referer: https://gfhft42.pages.dev/

Response headers

content-md5: oqLg+91b3FmpcS7e8iKMsQ==
content-encoding: br
x-ms-version: 2009-09-19
etag: 0x8DCDC644F5E5FC5
x-ms-lease-status: unlocked
report-to: {"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://aefd.nelreports.net/api/report?cat=bingaotak"}]}
expires: Mon, 11 Nov 2024 23:06:23 GMT
alt-svc: h3=":443"; ma=93600
date: Sun, 10 Nov 2024 05:17:08 GMT
last-modified: Tue, 24 Sep 2024 06:44:16 GMT
content-type: text/javascript; charset=utf-8
cache-control: public, no-transform, max-age=150555
timing-allow-origin: *
nel: {"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":1.0}
quic-version: 0x00000001
x-ms-request-id: b192bed1-501e-0046-751d-163406000000
access-control-allow-origin: *
content-length: 1076
akamai-grn: 0.56b31402.1731215828.16309458
x-ms-blob-type: BlockBlob
server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0

GET
H2

200

Passport.aspx
www.bing.com/secure/ Frame 8D79
Redirect Chain

https://login.live.com/login.srf?wa=wsignin1.0&rpsnv=11&ct=1731215827&rver=6.0.5286.0&wp=MBI_SSL&wreply=https:%2F%2fwww.bing.com%2Fsecure%2FPassport.aspx%3Fpopup%3D1%26ssl%3D1&lc=1031&id=264960&che...
https://www.bing.com/secure/Passport.aspx?popup=1&ssl=1

0
0

49ms
48ms

Document
text/html

2a02:26f0:480:36::212:4008
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://www.bing.com/secure/Passport.aspx?popup=1&ssl=1
Requested by: Host: gfhft42.pages.dev
URL: https://gfhft42.pages.dev/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:480:36::212:4008 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: /
Resource Hash

Request headers

Referer: https://gfhft42.pages.dev/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
alt-svc: h3=":443"; ma=93600
cache-control: no-cache,no-store
content-encoding: br
content-length: 238
content-security-policy-report-only: script-src https: 'strict-dynamic' 'report-sample' 'wasm-unsafe-eval' 'nonce-uA7C/0fQu6eL7PKsv4zZAh48BT/6FwnUtoNZOxJiNbw='; base-uri 'self';report-to csp-endpoint
content-type: text/html; charset=utf-8
date: Sun, 10 Nov 2024 05:17:08 GMT
expires: Thu, 01 Jan 1970 00:00:00 GMT
p3p: CP="NON UNI COM NAV STA LOC CURa DEVa PSAa PSDa OUR IND"
pragma: no-cache
report-to: {"group":"csp-endpoint","max_age":86400,"endpoints":[{"url":"https://aefd.nelreports.net/api/report?cat=bingcsp"}]}
useragentreductionoptout: A7kgTC5xdZ2WIVGZEfb1hUoNuvjzOZX3VIV/BA6C18kQOOF50Q0D3oWoAm49k3BQImkujKILc7JmPysWk3CSjwUAAACMeyJvcmlnaW4iOiJodHRwczovL3d3dy5iaW5nLmNvbTo0NDMiLCJmZWF0dXJlIjoiU2VuZEZ1bGxVc2VyQWdlbnRBZnRlclJlZHVjdGlvbiIsImV4cGlyeSI6MTY4NDg4NjM5OSwiaXNTdWJkb21haW4iOnRydWUsImlzVGhpcmRQYXJ0eSI6dHJ1ZX0=
vary: Accept-Encoding
x-cdn-traceid: 0.56b31402.1731215828.16309838
x-eventid: 673041d4311343a3b5208f53a149a31d
x-msedge-ref: Ref A: C0FA30BFC6D64C948C66867BDF7D08A7 Ref B: FRA31EDGE0108 Ref C: 2024-11-10T05:17:08Z

Redirect headers

Cache-Control: no-store, no-cache
Content-Length: 0
Content-Type: text/html; charset=utf-8
Date: Sun, 10 Nov 2024 05:17:08 GMT
Expires: Sun, 10 Nov 2024 05:16:08 GMT
Location: https://www.bing.com/secure/Passport.aspx?popup=1&ssl=1
P3P: CP="DSP CUR OTPi IND OTRi ONL FIN"
PPServer: PPV: 30 H: BL02EPF0001D7FC V: 0
Pragma: no-cache
Referrer-Policy: strict-origin-when-cross-origin
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
x-ms-request-id: 6376ecb4-a38e-42cf-839a-cad7211814fe
x-ms-route-info: C520_BL2

GET
H2 200 test Show response
4.bing.com/ipv6test/ 64 B
2 KB 147ms
55ms Script
text/html 13.107.21.200
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://4.bing.com/ipv6test/test
Requested by: Host: r.bing.com
URL: https://r.bing.com/rp/eKvcHdnNwo1WcxoSioV4ztnfZk8.br.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 13.107.21.200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: c2ba8fccfc980bcc8fc24e7a41bfcfee88cca9331c8d4d62890d7dfab4a12226

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://gfhft42.pages.dev/

Response headers

x-eventid: 673041d48a3843e4aef0ca31faa2cfe8
content-encoding: br
report-to: {"group":"csp-endpoint","max_age":86400,"endpoints":[{"url":"https://aefd.nelreports.net/api/report?cat=bingcsp"}]}
expires: -1
x-cache: CONFIG_NOCACHE
p3p: CP="NON UNI COM NAV STA LOC CURa DEVa PSAa PSDa OUR IND"
date: Sun, 10 Nov 2024 05:17:07 GMT
content-type: text/html; charset=utf-8
vary: Accept-Encoding
cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 0DBE2D99EA5C4C608AF43A35E75D12F7 Ref B: FRA31EDGE0821 Ref C: 2024-11-10T05:17:08Z
content-security-policy-report-only: script-src https: 'strict-dynamic' 'report-sample' 'wasm-unsafe-eval' 'nonce-tg2hiRrHHxskr9Mym3wLtjFtkepCZeXWwk7fdG5EGn8='; base-uri 'self';report-to csp-endpoint
useragentreductionoptout: A7kgTC5xdZ2WIVGZEfb1hUoNuvjzOZX3VIV/BA6C18kQOOF50Q0D3oWoAm49k3BQImkujKILc7JmPysWk3CSjwUAAACMeyJvcmlnaW4iOiJodHRwczovL3d3dy5iaW5nLmNvbTo0NDMiLCJmZWF0dXJlIjoiU2VuZEZ1bGxVc2VyQWdlbnRBZnRlclJlZHVjdGlvbiIsImV4cGlyeSI6MTY4NDg4NjM5OSwiaXNTdWJkb21haW4iOnRydWUsImlzVGhpcmRQYXJ0eSI6dHJ1ZX0=
content-length: 64

GET
H3 200 test Show response
gfhft42.pages.dev/ipv6test/ 64 B
2 KB 75ms
73ms XHR
text/html 2606:4700:310c::ac42:2cab
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://gfhft42.pages.dev/ipv6test/test?FORM=MONITR
Requested by: Host: r.bing.com
URL: https://r.bing.com/rp/eKvcHdnNwo1WcxoSioV4ztnfZk8.br.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:310c::ac42:2cab , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a2e338eb951a6699b5634843203c81564b257da03642cd85e02512fe4cf7296f

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://gfhft42.pages.dev/

Response headers

x-eventid: 673041d43aec41ad9da39ac5ab22924d
content-encoding: br
cf-cache-status: DYNAMIC
report-to: {"group":"csp-endpoint","max_age":86400,"endpoints":[{"url":"https://aefd.nelreports.net/api/report?cat=bingcsp"}]}
expires: -1
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=9597&sent=1348&recv=280&lost=52&retrans=51&sent_bytes=1471382&recv_bytes=59476&delivery_rate=7989725&cwnd=192864&unsent_bytes=0&cid=f2d8158537210ecc&ts=4956&x=1", cfHdrFlush;dur=0
p3p: CP="NON UNI COM NAV STA LOC CURa DEVa PSAa PSDa OUR IND"
date: Sun, 10 Nov 2024 05:17:08 GMT
content-type: text/html; charset=utf-8
vary: Accept-Encoding
cache-control: no-cache, no-store, must-revalidate
x-cdn-traceid: 0.05d01702.1731215828.867b25e
pragma: no-cache
content-security-policy-report-only: script-src https: 'strict-dynamic' 'report-sample' 'wasm-unsafe-eval' 'nonce-oEyz9f2xKM/uG0VXfHQKyu4g6HmU6HlxhtQ9YMzt7U0='; base-uri 'self';report-to csp-endpoint
cf-ray: 8e03930d3d71bba3-FRA
useragentreductionoptout: A7kgTC5xdZ2WIVGZEfb1hUoNuvjzOZX3VIV/BA6C18kQOOF50Q0D3oWoAm49k3BQImkujKILc7JmPysWk3CSjwUAAACMeyJvcmlnaW4iOiJodHRwczovL3d3dy5iaW5nLmNvbTo0NDMiLCJmZWF0dXJlIjoiU2VuZEZ1bGxVc2VyQWdlbnRBZnRlclJlZHVjdGlvbiIsImV4cGlyeSI6MTY4NDg4NjM5OSwiaXNTdWJkb21haW4iOnRydWUsImlzVGhpcmRQYXJ0eSI6dHJ1ZX0=
server: cloudflare

GET
H3 200 l
gfhft42.pages.dev/fd/ls/ 0
625 B 71ms
68ms Image
text/plain 2606:4700:310c::ac42:2cab
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://gfhft42.pages.dev/fd/ls/l?IG=A740243CE30E46BBBA7D59C66EA1ACC9&CID=160DF516170E609206A8E02516B06190&TYPE=Event.ClientInst&DATA=%5B%7B%22T%22%3A%22CI.OpalUpsell%22%2C%22TS%22%3A1731215827999%2C%22Name%22%3A%22Show%22%2C%22FID%22%3A%2214eh0vff_1469qist%22%7D%2C%7B%22T%22%3A%22CI.OpalUpsell%22%2C%22TS%22%3A1731215828000%2C%22Name%22%3A%22ShowBubble%22%2C%22FID%22%3A%2214eh0vff_1469qist%22%7D%2C%7B%22func%22%3A%22useFetch%22%2C%22url%22%3A%22%2Fhp%2Fapi%2Fv1%2Fimagegallery%3Fformat%3Djson%26ssd%3D20241109_2300%26%22%2C%22format%22%3A%22json%22%2C%22status%22%3A200%2C%22time%22%3A637%2C%22T%22%3A%22CI.Data%22%2C%22TS%22%3A1731215828030%2C%22Name%22%3A%22fetched%22%2C%22FID%22%3A%22HP%22%7D%5D
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:310c::ac42:2cab , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://gfhft42.pages.dev/

Response headers

x-cdn-traceid: 0.39d01702.1731215828.1b1cbd96
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=hZONme6OeYVEhQ%2FgefRydRXtSwb5v6Rn2%2Bls2Nf1H%2BPKOpxuE6UHEz1ygJlVoUnXz8hV5HmBE%2Frzc3%2F1wznTUJZkDq%2B3ALYYcRKoVurKi7NNS1qKK0dp2ODhRtg1bo8JcS6VdHQiGz%2BI3bly%2FoE9pA%3D%3D"}],"group":"cf-nel","max_age":604800}
cf-ray: 8e03930d3d72bba3-FRA
access-control-allow-origin: *
alt-svc: h3=":443"; ma=86400
content-length: 0
server-timing: cfL4;desc="?proto=QUIC&rtt=7673&sent=1316&recv=265&lost=37&retrans=36&sent_bytes=1435945&recv_bytes=58790&delivery_rate=62634&cwnd=275520&unsent_bytes=0&cid=f2d8158537210ecc&ts=4943&x=1", cfHdrFlush;dur=0
date: Sun, 10 Nov 2024 05:17:08 GMT
vary: Accept-Encoding
server: cloudflare

GET
H3 200 yvUvB8qvQCN6KN5FPuoFbl2pfV8.br.js Show response
r.bing.com/rp/ 5 KB
2 KB 14ms
12ms Script
text/javascript 2a02:26f0:480:36::212:4016
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://r.bing.com/rp/yvUvB8qvQCN6KN5FPuoFbl2pfV8.br.js
Requested by: Host: r.bing.com
URL: https://r.bing.com/rp/LDPtmbi_w4y1oa90D_hi6HqB1QI.br.js
Protocol: H3
Security: QUIC, , AES_256_GCM
Server: 2a02:26f0:480:36::212:4016 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash: 356a46f974bfee0299884a61d599042d897d56e4d61d8850e535b33f72d859ee

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://gfhft42.pages.dev/

Response headers

content-md5: 0MUGoWYv4bM0S/HIL8J1Tg==
content-encoding: br
x-ms-version: 2009-09-19
etag: 0x8DCDC68B7919A09
x-ms-lease-status: unlocked
report-to: {"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://aefd.nelreports.net/api/report?cat=bingaotak"}]}
expires: Mon, 11 Nov 2024 23:58:17 GMT
alt-svc: h3=":443"; ma=93600
date: Sun, 10 Nov 2024 05:17:08 GMT
last-modified: Tue, 24 Sep 2024 07:15:49 GMT
content-type: text/javascript; charset=utf-8
cache-control: public, no-transform, max-age=153669
timing-allow-origin: *
nel: {"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":1.0}
quic-version: 0x00000001
x-ms-request-id: 37e1bafa-101e-0005-4519-171eef000000
access-control-allow-origin: *
content-length: 2313
akamai-grn: 0.56b31402.1731215828.163094c0
x-ms-blob-type: BlockBlob
server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0

GET
H3 200 kAwiv9gc4HPfHSU3xUQp2Xqm5wA.png
gfhft42.pages.dev/rp/ 9 KB
10 KB 55ms
53ms Image
image/png 2606:4700:310c::ac42:2cab
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://gfhft42.pages.dev/rp/kAwiv9gc4HPfHSU3xUQp2Xqm5wA.png
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:310c::ac42:2cab , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: fbf7fe8197902b32ce2c83f05db73255553c716ac7b084ff1878e617963d0f51

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://gfhft42.pages.dev/

Response headers

content-md5: GUexVzkiHrDbJxwd2PleRg==
akamai-amd-bc-debug: [a=2.20.179.28,b=635200958,c=c,d=1730448871,h=304,k=0,l=0,n=DE_HE_FRANKFURT,o=20940,r=0]
x-ms-lease-status: unlocked
cf-cache-status: MISS
etag: 0x8DCDC6597B401F0
x-ms-version: 2009-09-19
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=1j%2BmBD4Danp9Dr6SP79i5T%2BpDtvR%2FGQ9I29To7Llr9Pfrsa1QXWKg5u%2Fm8hjwE5tK%2B5KEAGfb6GusXf6emkB5%2BUXMyZNYObXAoUEzMURrB%2FO3Pz9V8s4EfIbyrbTA9GkIMPHlXYFZPpKgZ0Oso5W4w%3D%3D"}],"group":"cf-nel","max_age":604800}
expires: Wed, 13 Nov 2024 14:00:22 GMT
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=7673&sent=1209&recv=265&lost=37&retrans=36&sent_bytes=1313877&recv_bytes=58790&delivery_rate=62634&cwnd=275520&unsent_bytes=0&cid=f2d8158537210ecc&ts=4934&x=1", cfHdrFlush;dur=0
date: Sun, 10 Nov 2024 05:17:08 GMT
content-type: image/png
last-modified: Tue, 24 Sep 2024 06:53:27 GMT
vary: Accept-Encoding
cache-control: public, no-transform, max-age=371771
x-cdn-traceid: 0.3dd01702.1731215828.755e61a
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-ms-request-id: d390293b-001e-0038-23ab-14abc9000000
cf-ray: 8e03930d3d78bba3-FRA
accept-ranges: bytes
access-control-allow-origin: *
content-length: 9310
x-ms-blob-type: BlockBlob
server: cloudflare

GET
H3 200 qwce00QJxdHzNxXh5H1mBc8QgBU.br.js Show response
r.bing.com/rp/ 280 B
213 B 16ms
13ms Script
text/javascript 2a02:26f0:480:36::212:4016
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://r.bing.com/rp/qwce00QJxdHzNxXh5H1mBc8QgBU.br.js
Requested by: Host: r.bing.com
URL: https://r.bing.com/rp/LDPtmbi_w4y1oa90D_hi6HqB1QI.br.js
Protocol: H3
Security: QUIC, , AES_256_GCM
Server: 2a02:26f0:480:36::212:4016 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash: 02f6e697a3aab3be32f5fb28488862bf9ed344b4d60ccdf85cd1e244ff285c62

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://gfhft42.pages.dev/

Response headers

content-md5: v9w4V2ItZPq2nYGNSEmAzA==
content-encoding: br
x-ms-version: 2009-09-19
etag: 0x8DCDC66FAE00DFD
x-ms-lease-status: unlocked
report-to: {"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://aefd.nelreports.net/api/report?cat=bingaotak"}]}
expires: Sun, 10 Nov 2024 11:46:18 GMT
alt-svc: h3=":443"; ma=93600
date: Sun, 10 Nov 2024 05:17:08 GMT
last-modified: Tue, 24 Sep 2024 07:03:23 GMT
content-type: text/javascript; charset=utf-8
cache-control: public, no-transform, max-age=23350
timing-allow-origin: *
nel: {"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":1.0}
quic-version: 0x00000001
x-ms-request-id: 272b274a-601e-0045-6377-193701000000
access-control-allow-origin: *
content-length: 181
akamai-grn: 0.56b31402.1731215828.163094d7
x-ms-blob-type: BlockBlob
server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0

GET
DATA 200
OK truncated
/ 368 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 2b37fccc9de03792c528f5e0a7a66a6e8ba30c7f950cf2bdbd283ab24585b466

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer

Response headers

Content-Type: image/png

GET
H3 200 th
gfhft42.pages.dev/ 34 KB
34 KB 47ms
45ms Image
image/jpeg 2606:4700:310c::ac42:2cab
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://gfhft42.pages.dev/th?id=OHR.MoroccoMilkyWay_DE-DE1390989732_1920x1080.jpg&w=720
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:310c::ac42:2cab , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 250d4fa6c9895a4aeefff31c9207b268d5661b295625bd6c7d1f332f64bcb653

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://gfhft42.pages.dev/

Response headers

cf-cache-status: DYNAMIC
report-to: {"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://aefd.nelreports.net/api/report?cat=bingth&ndcParam=QWthbWFp"}]}
access-control-allow-methods: GET, POST, OPTIONS
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=7673&sent=1258&recv=265&lost=37&retrans=36&sent_bytes=1369798&recv_bytes=58790&delivery_rate=62634&cwnd=275520&unsent_bytes=0&cid=f2d8158537210ecc&ts=4939&x=1", cfHdrFlush;dur=0
date: Sun, 10 Nov 2024 05:17:08 GMT
content-type: image/jpeg
vary: Accept-Encoding
access-control-allow-headers: *
cache-control: public, max-age=691200
nel: {"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":1.0}
timing-allow-origin: *
x-cdn-traceid: 0.3dd01702.1731215828.755e61f
cf-ray: 8e03930d5d83bba3-FRA
access-control-allow-origin: *
content-length: 34666
server: cloudflare

GET
H3 200 th
gfhft42.pages.dev/ 23 KB
23 KB 44ms
42ms Image
image/jpeg 2606:4700:310c::ac42:2cab
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://gfhft42.pages.dev/th?id=OHR.GlacialRivers_DE-DE4755000150_1920x1080.jpg&w=360
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:310c::ac42:2cab , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a76a841fe97a11a8bd2391cfad8e0b4fb5321916a92778ff3413bd0fa19d0678

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://gfhft42.pages.dev/

Response headers

cf-cache-status: DYNAMIC
report-to: {"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://aefd.nelreports.net/api/report?cat=bingth&ndcParam=QWthbWFp"}]}
access-control-allow-methods: GET, POST, OPTIONS
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=7673&sent=1218&recv=265&lost=37&retrans=36&sent_bytes=1324361&recv_bytes=58790&delivery_rate=62634&cwnd=275520&unsent_bytes=0&cid=f2d8158537210ecc&ts=4935&x=1", cfHdrFlush;dur=0
date: Sun, 10 Nov 2024 05:17:08 GMT
content-type: image/jpeg
vary: Accept-Encoding
access-control-allow-headers: *
cache-control: public, max-age=691200
nel: {"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":1.0}
timing-allow-origin: *
x-cdn-traceid: 0.15d01702.1731215828.78ac513
cf-ray: 8e03930d5d85bba3-FRA
access-control-allow-origin: *
content-length: 23175
server: cloudflare

GET
H3 200 th
gfhft42.pages.dev/ 25 KB
26 KB 47ms
45ms Image
image/jpeg 2606:4700:310c::ac42:2cab
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://gfhft42.pages.dev/th?id=OHR.CanadaWolves_DE-DE4376564886_1920x1080.jpg&w=360
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:310c::ac42:2cab , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3fb548c8a0fdaf9fec026a39c2ae1a2553a65a1c6f59075c61aeaed69342ebe

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://gfhft42.pages.dev/

Response headers

cf-cache-status: DYNAMIC
report-to: {"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://aefd.nelreports.net/api/report?cat=bingth&ndcParam=QWthbWFp"}]}
access-control-allow-methods: GET, POST, OPTIONS
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=7673&sent=1293&recv=265&lost=37&retrans=36&sent_bytes=1409144&recv_bytes=58790&delivery_rate=62634&cwnd=275520&unsent_bytes=0&cid=f2d8158537210ecc&ts=4942&x=1", cfHdrFlush;dur=0
date: Sun, 10 Nov 2024 05:17:08 GMT
content-type: image/jpeg
vary: Accept-Encoding
access-control-allow-headers: *
cache-control: public, max-age=691200
nel: {"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":1.0}
timing-allow-origin: *
x-cdn-traceid: 0.0cd01702.1731215828.16b0fef6
cf-ray: 8e03930d5d86bba3-FRA
access-control-allow-origin: *
content-length: 25627
server: cloudflare

GET
H3 200 th
gfhft42.pages.dev/ 8 KB
9 KB 46ms
44ms Image
image/jpeg 2606:4700:310c::ac42:2cab
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://gfhft42.pages.dev/th?id=OHR.ShiShiBeach_DE-DE0173093107_1920x1080.jpg&w=360
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:310c::ac42:2cab , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6abc504f8fd063aa5796fec02bd599cf8ce6f1362fca493687a9a5cc72cdac62

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://gfhft42.pages.dev/

Response headers

cf-cache-status: DYNAMIC
report-to: {"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://aefd.nelreports.net/api/report?cat=bingth&ndcParam=QWthbWFp"}]}
access-control-allow-methods: GET, POST, OPTIONS
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=7673&sent=1249&recv=265&lost=37&retrans=36&sent_bytes=1360655&recv_bytes=58790&delivery_rate=62634&cwnd=275520&unsent_bytes=0&cid=f2d8158537210ecc&ts=4938&x=1", cfHdrFlush;dur=0
date: Sun, 10 Nov 2024 05:17:08 GMT
content-type: image/jpeg
vary: Accept-Encoding
access-control-allow-headers: *
cache-control: public, max-age=691200
nel: {"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":1.0}
timing-allow-origin: *
x-cdn-traceid: 0.3bd01702.1731215828.13bdd2a1
cf-ray: 8e03930d5d87bba3-FRA
access-control-allow-origin: *
content-length: 8164
server: cloudflare

GET
H3 200 th
gfhft42.pages.dev/ 7 KB
7 KB 32ms
30ms Image
image/jpeg 2606:4700:310c::ac42:2cab
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://gfhft42.pages.dev/th?id=OHR.LencoisMaranhao_DE-DE9846218597_1920x1080.jpg&w=360
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:310c::ac42:2cab , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: bef5708c1bddb9de58613a84159578d9d554d54d2ad3d35205b89ad0519c43d8

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://gfhft42.pages.dev/

Response headers

cf-cache-status: DYNAMIC
report-to: {"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://aefd.nelreports.net/api/report?cat=bingth&ndcParam=QWthbWFp"}]}
access-control-allow-methods: GET, POST, OPTIONS
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=7891&sent=1202&recv=264&lost=37&retrans=36&sent_bytes=1306384&recv_bytes=58745&delivery_rate=352130&cwnd=275520&unsent_bytes=0&cid=f2d8158537210ecc&ts=4933&x=1", cfHdrFlush;dur=0
date: Sun, 10 Nov 2024 05:17:08 GMT
content-type: image/jpeg
vary: Accept-Encoding
access-control-allow-headers: *
cache-control: public, max-age=691200
nel: {"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":1.0}
timing-allow-origin: *
x-cdn-traceid: 0.0cd01702.1731215828.16b0feea
cf-ray: 8e03930d5d89bba3-FRA
access-control-allow-origin: *
content-length: 6738
server: cloudflare

GET
H3 200 th
gfhft42.pages.dev/ 16 KB
17 KB 51ms
49ms Image
image/jpeg 2606:4700:310c::ac42:2cab
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://gfhft42.pages.dev/th?id=OHR.CumbriaAutumn_DE-DE9239463628_1920x1080.jpg&w=360
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:310c::ac42:2cab , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2eb653d3432ead0499735e6a1244e187c09eba20ab0def90a7392cf72019494a

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://gfhft42.pages.dev/

Response headers

cf-cache-status: DYNAMIC
report-to: {"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://aefd.nelreports.net/api/report?cat=bingth&ndcParam=QWthbWFp"}]}
access-control-allow-methods: GET, POST, OPTIONS
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=7673&sent=1317&recv=265&lost=37&retrans=36&sent_bytes=1436594&recv_bytes=58790&delivery_rate=62634&cwnd=275520&unsent_bytes=0&cid=f2d8158537210ecc&ts=4947&x=1", cfHdrFlush;dur=0
date: Sun, 10 Nov 2024 05:17:08 GMT
content-type: image/jpeg
vary: Accept-Encoding
access-control-allow-headers: *
cache-control: public, max-age=691200
nel: {"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":1.0}
timing-allow-origin: *
x-cdn-traceid: 0.15d01702.1731215828.78ac51e
cf-ray: 8e03930d5d8abba3-FRA
access-control-allow-origin: *
content-length: 16552
server: cloudflare

GET
H3 200 th
gfhft42.pages.dev/ 11 KB
12 KB 43ms
41ms Image
image/jpeg 2606:4700:310c::ac42:2cab
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://gfhft42.pages.dev/th?id=OHR.YucatanBiosphere_DE-DE7980917018_1920x1080.jpg&w=360
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:310c::ac42:2cab , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 10de3d6d11f555196736f87cf8544e99618e0f1bad36d45d2a4f365c5013ebae

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://gfhft42.pages.dev/

Response headers

cf-cache-status: DYNAMIC
report-to: {"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://aefd.nelreports.net/api/report?cat=bingth&ndcParam=QWthbWFp"}]}
access-control-allow-methods: GET, POST, OPTIONS
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=7673&sent=1239&recv=265&lost=37&retrans=36&sent_bytes=1348655&recv_bytes=58790&delivery_rate=62634&cwnd=275520&unsent_bytes=0&cid=f2d8158537210ecc&ts=4938&x=1", cfHdrFlush;dur=0
date: Sun, 10 Nov 2024 05:17:08 GMT
content-type: image/jpeg
vary: Accept-Encoding
access-control-allow-headers: *
cache-control: public, max-age=691200
nel: {"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":1.0}
timing-allow-origin: *
x-cdn-traceid: 0.39d01702.1731215828.1b1cbdad
cf-ray: 8e03930d5d8bbba3-FRA
access-control-allow-origin: *
content-length: 11343
server: cloudflare

GET
H3 200 l
gfhft42.pages.dev/fd/ls/ 0
620 B 50ms
49ms Image
text/plain 2606:4700:310c::ac42:2cab
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://gfhft42.pages.dev/fd/ls/l?IG=A740243CE30E46BBBA7D59C66EA1ACC9&CID=160DF516170E609206A8E02516B06190&TYPE=Event.ClientInst&DATA=%5B%7B%22T%22%3A%22CI.Info%22%2C%22TS%22%3A1731215828033%2C%22Name%22%3A%22VisibleOrDelayed%22%2C%22FID%22%3A%22BottomBanner%22%7D%2C%7B%22ID%22%3A%2263245%22%2C%22T%22%3A%22CI.Info%22%2C%22TS%22%3A1731215828034%2C%22Name%22%3A%22BottomBanner%22%2C%22FID%22%3A%22Mcp%22%7D%2C%7B%22T%22%3A%22CI.BNP%22%2C%22TS%22%3A1731215828034%2C%22Name%22%3A%22bnp.notif.shown%22%2C%22FID%22%3A%2263245%22%7D%2C%7B%22T%22%3A%22CI.BNP%22%2C%22TS%22%3A1731215828038%2C%22Name%22%3A%22InitializationStarted%22%2C%22FID%22%3A%2263245%22%7D%2C%7B%22T%22%3A%22CI.BNP%22%2C%22TS%22%3A1731215828038%2C%22Name%22%3A%22bnp.embed.ready%22%2C%22FID%22%3A%2263245%22%7D%2C%7B%22ID%22%3A%2263245%22%2C%22T%22%3A%22CI.BNPUxAssetIndex%22%2C%22TS%22%3A1731215828038%2C%22Name%22%3A0%2C%22FID%22%3A%22BNP%22%7D%2C%7B%22T%22%3A%22CI.BNP%22%2C%22TS%22%3A1731215828039%2C%22Name%22%3A1600%2C%22FID%22%3A%22ViewPortWidth%22%7D%2C%7B%22T%22%3A%22CI.BNP%22%2C%22TS%22%3A1731215828039%2C%22Name%22%3A%22OfferIdMissing%22%2C%22FID%22%3A%22BNPOfferId%22%7D%2C%7B%22func%22%3A%22useFetch%22%2C%22url%22%3A%22%2Fhp%2Fapi%2Fv1%2Fimagegallery%3Fformat%3Djson%26ssd%3D20241109_2300%26%22%2C%22format%22%3A%22json%22%2C%22time%22%3A660%2C%22T%22%3A%22CI.Data%22%2C%22TS%22%3A1731215828053%2C%22Name%22%3A%22parsed%22%2C%22FID%22%3A%22HP%22%7D%5D
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:310c::ac42:2cab , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://gfhft42.pages.dev/

Response headers

x-cdn-traceid: 0.05d01702.1731215828.867b275
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=F3SewlQnVsusR2xarB0H4hDaUKtRctn1nqcE37oJnNkO365AO%2Fg9hgNIVlxwBlfHeeWkfgef%2FvsEDM5WyDuYEozwuDyJd3U4RrvNVAjtGUbaEcykyv8Uy%2Fbg2xnnbyQuB%2BoF%2FuWE5gYAasKaJujvjw%3D%3D"}],"group":"cf-nel","max_age":604800}
cf-ray: 8e03930d5d8cbba3-FRA
access-control-allow-origin: *
alt-svc: h3=":443"; ma=86400
content-length: 0
server-timing: cfL4;desc="?proto=QUIC&rtt=9597&sent=1352&recv=280&lost=52&retrans=51&sent_bytes=1473247&recv_bytes=59476&delivery_rate=7989725&cwnd=192864&unsent_bytes=0&cid=f2d8158537210ecc&ts=4957&x=1", cfHdrFlush;dur=0
date: Sun, 10 Nov 2024 05:17:08 GMT
vary: Accept-Encoding
server: cloudflare

GET
H3 200 c4ruj6QGsmSnOG64gJJnnnYDa44.br.css
r.bing.com/rp/ 824 B
356 B 21ms
19ms Stylesheet
text/css 2a02:26f0:480:36::212:4016
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://r.bing.com/rp/c4ruj6QGsmSnOG64gJJnnnYDa44.br.css
Requested by: Host: gfhft42.pages.dev
URL: https://gfhft42.pages.dev/
Protocol: H3
Security: QUIC, , AES_256_GCM
Server: 2a02:26f0:480:36::212:4016 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash: 21829c74fce2c9bbbb3099a7a487de71465ed712410c32bc6c69884db07a90dd

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://gfhft42.pages.dev/

Response headers

content-md5: zul1ioyI5qjKzvVMsqd8eQ==
content-encoding: br
x-ms-version: 2009-09-19
etag: 0x8DCDC63E1AC19C2
x-ms-lease-status: unlocked
report-to: {"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://aefd.nelreports.net/api/report?cat=bingaotak"}]}
expires: Sun, 10 Nov 2024 18:28:28 GMT
alt-svc: h3=":443"; ma=93600
date: Sun, 10 Nov 2024 05:17:08 GMT
last-modified: Tue, 24 Sep 2024 06:41:12 GMT
content-type: text/css
cache-control: public, no-transform, max-age=47480
timing-allow-origin: *
nel: {"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":1.0}
quic-version: 0x00000001
x-ms-request-id: e1ca360b-601e-0067-1f95-185937000000
access-control-allow-origin: *
content-length: 324
akamai-grn: 0.56b31402.1731215828.1630952c
x-ms-blob-type: BlockBlob
server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0

GET
H3 200 5-y8FBmAkXLBZZghI-X94CRnsqg.br.css
r.bing.com/rp/ 589 B
301 B 23ms
21ms Stylesheet
text/css 2a02:26f0:480:36::212:4016
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://r.bing.com/rp/5-y8FBmAkXLBZZghI-X94CRnsqg.br.css
Requested by: Host: gfhft42.pages.dev
URL: https://gfhft42.pages.dev/
Protocol: H3
Security: QUIC, , AES_256_GCM
Server: 2a02:26f0:480:36::212:4016 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash: 281d6234fd292800c2a5dbd14e524c9cee0d4438188b0b7d873abf41515a7666

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://gfhft42.pages.dev/

Response headers

content-md5: Twb1SQrgn66TMkCHmLv8IQ==
content-encoding: br
x-ms-version: 2009-09-19
etag: 0x8DCEC880F396E3D
x-ms-lease-status: unlocked
report-to: {"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://aefd.nelreports.net/api/report?cat=bingaotak"}]}
expires: Thu, 14 Nov 2024 20:57:29 GMT
alt-svc: h3=":443"; ma=93600
date: Sun, 10 Nov 2024 05:17:08 GMT
last-modified: Mon, 14 Oct 2024 19:40:29 GMT
content-type: text/css
cache-control: public, no-transform, max-age=402021
timing-allow-origin: *
nel: {"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":1.0}
quic-version: 0x00000001
x-ms-request-id: e78ae6ae-101e-000e-2af1-21069b000000
access-control-allow-origin: *
content-length: 269
akamai-grn: 0.56b31402.1731215828.16309536
x-ms-blob-type: BlockBlob
server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0

GET
H3 200 17Kbwo14aoBIPkSeISAgHKajyeA.br.css
r.bing.com/rp/ 715 B
359 B 24ms
22ms Stylesheet
text/css 2a02:26f0:480:36::212:4016
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://r.bing.com/rp/17Kbwo14aoBIPkSeISAgHKajyeA.br.css
Requested by: Host: gfhft42.pages.dev
URL: https://gfhft42.pages.dev/
Protocol: H3
Security: QUIC, , AES_256_GCM
Server: 2a02:26f0:480:36::212:4016 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash: a4579184b85367432ce944bc8652024345ba631b3e16bcf6330a9be1c45c1591

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://gfhft42.pages.dev/

Response headers

content-md5: yxQVEL8D2yYKzOkWuxDcBg==
content-encoding: br
x-ms-version: 2009-09-19
etag: 0x8DCEC86967FA2A4
x-ms-lease-status: unlocked
report-to: {"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://aefd.nelreports.net/api/report?cat=bingaotak"}]}
expires: Sun, 10 Nov 2024 19:55:12 GMT
alt-svc: h3=":443"; ma=93600
date: Sun, 10 Nov 2024 05:17:08 GMT
last-modified: Mon, 14 Oct 2024 19:29:57 GMT
content-type: text/css; charset=utf-8
cache-control: public, no-transform, max-age=52684
timing-allow-origin: *
nel: {"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":1.0}
quic-version: 0x00000001
x-ms-request-id: ea64902c-101e-0068-3b54-20b4c1000000
access-control-allow-origin: *
content-length: 326
akamai-grn: 0.56b31402.1731215828.16309537
x-ms-blob-type: BlockBlob
server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0

GET
H3 200 vDjLjnEkXEuH2C8u3tT0A004qwQ.br.css
r.bing.com/rp/ 2 KB
1 KB 21ms
19ms Stylesheet
text/css 2a02:26f0:480:36::212:4016
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://r.bing.com/rp/vDjLjnEkXEuH2C8u3tT0A004qwQ.br.css
Requested by: Host: gfhft42.pages.dev
URL: https://gfhft42.pages.dev/
Protocol: H3
Security: QUIC, , AES_256_GCM
Server: 2a02:26f0:480:36::212:4016 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash: dadf403df8cfe888e59e6a051aee3783a2bf0bcc60dc1d09a7797daaee726ca2

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://gfhft42.pages.dev/

Response headers

content-md5: DnViWNsgH/Vlo3SrH5gEzg==
content-encoding: br
x-ms-version: 2009-09-19
etag: 0x8DCDC67EC841DCF
x-ms-lease-status: unlocked
report-to: {"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://aefd.nelreports.net/api/report?cat=bingaotak"}]}
expires: Mon, 11 Nov 2024 08:39:38 GMT
alt-svc: h3=":443"; ma=93600
date: Sun, 10 Nov 2024 05:17:08 GMT
last-modified: Tue, 24 Sep 2024 07:10:08 GMT
content-type: text/css
cache-control: public, no-transform, max-age=98550
timing-allow-origin: *
nel: {"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":1.0}
quic-version: 0x00000001
x-ms-request-id: 91427956-f01e-0026-4421-167124000000
access-control-allow-origin: *
content-length: 1343
akamai-grn: 0.56b31402.1731215828.16309538
x-ms-blob-type: BlockBlob
server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0

GET
H3 200 WGsMK7cVtc-pBG-Z9UpxSyKSl_8.br.js Show response
r.bing.com/rp/ 10 KB
4 KB 21ms
20ms Script
text/javascript 2a02:26f0:480:36::212:4016
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://r.bing.com/rp/WGsMK7cVtc-pBG-Z9UpxSyKSl_8.br.js
Requested by: Host: gfhft42.pages.dev
URL: https://gfhft42.pages.dev/
Protocol: H3
Security: QUIC, , AES_256_GCM
Server: 2a02:26f0:480:36::212:4016 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash: 43431d5b3d022e0e5b7b7eb1b1745f90e845545b909c9ab8ffb37302eaac113d

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin: https://gfhft42.pages.dev
Referer: https://gfhft42.pages.dev/

Response headers

content-md5: GzmaCdOmLCqw31xlHqIo4Q==
content-encoding: br
x-ms-version: 2009-09-19
etag: 0x8DCF892B261F9D3
x-ms-lease-status: unlocked
report-to: {"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://aefd.nelreports.net/api/report?cat=bingaotak"}]}
expires: Tue, 12 Nov 2024 18:05:56 GMT
alt-svc: h3=":443"; ma=93600
date: Sun, 10 Nov 2024 05:17:08 GMT
last-modified: Wed, 30 Oct 2024 03:26:52 GMT
content-type: text/javascript; charset=utf-8
nel: {"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":1.0}
cache-control: public, no-transform, max-age=218928
timing-allow-origin: *
quic-version: 0x00000001
x-ms-request-id: 6c9feb0d-301e-0074-74ae-2a6cd6000000
access-control-allow-origin: *
content-length: 3916
akamai-grn: 0.1f257e68.1730291085.7c25fa7a, 0.56b31402.1731215828.1630952e
x-ms-blob-type: BlockBlob
server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0

GET
H3 200 l
gfhft42.pages.dev/fd/ls/ 0
620 B 67ms
67ms Image
text/plain 2606:4700:310c::ac42:2cab
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://gfhft42.pages.dev/fd/ls/l?IG=A740243CE30E46BBBA7D59C66EA1ACC9&CID=160DF516170E609206A8E02516B06190&TYPE=Event.ClientInst&DATA=%5B%7B%22T%22%3A%22CI.ASBundleLoad%22%2C%22TS%22%3A1731215828065%2C%22Name%22%3A%22AutoSuggestBootstrap%22%2C%22FID%22%3A%22AS%22%7D%2C%7B%22LoadTime%22%3A%22139.80000019073486%22%2C%22T%22%3A%22CI.AutosuggestBootstrapLoaded%22%2C%22TS%22%3A1731215828067%2C%22Name%22%3A%22PerfInst%22%2C%22FID%22%3A%22AS%22%7D%2C%7B%22LoadTime%22%3A%22672.3000001907349%22%2C%22T%22%3A%22CI.AutosuggestJSBundleLoaded%22%2C%22TS%22%3A1731215828067%2C%22Name%22%3A%22PerfInst%22%2C%22FID%22%3A%22AS%22%7D%2C%7B%22Fallback%22%3A%221%22%2C%22IsRewardUser%22%3A%22%22%2C%22IsAutoOpenFlyout%22%3A%22%22%2C%22SuppressionReason%22%3A%22NoTrigger%3APathIsNotSerp%22%2C%22FID%22%3A%22ModernRewardsFlyout%22%2C%22EventName%22%3A%22AutoOpenFlyoutFired%22%2C%22T%22%3A%22CI.Init%22%2C%22TS%22%3A1731215828101%2C%22Name%22%3A%22AutoOpenFlyoutFired%22%7D%5D
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:310c::ac42:2cab , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://gfhft42.pages.dev/

Response headers

x-cdn-traceid: 0.15d01702.1731215828.78ac558
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=%2BhIKV3kmVmPadAlIOyqhQgTYDSEB6eCCOQQJJ5m7TpVRSs2ymIETseLD%2FEjY3VUh0KO9KgYP%2FWgslqLGLPcDUs6d7BUmdIGzOakNsUXi44VNhx8m%2FEn2a0e9KJQgOtpRAED5bw2c0cSd5LeFSIqzWA%3D%3D"}],"group":"cf-nel","max_age":604800}
cf-ray: 8e03930dadbebba3-FRA
access-control-allow-origin: *
alt-svc: h3=":443"; ma=86400
content-length: 0
server-timing: cfL4;desc="?proto=QUIC&rtt=8071&sent=1356&recv=286&lost=52&retrans=51&sent_bytes=1474581&recv_bytes=60803&delivery_rate=79839&cwnd=192864&unsent_bytes=0&cid=f2d8158537210ecc&ts=5028&x=1", cfHdrFlush;dur=0
date: Sun, 10 Nov 2024 05:17:08 GMT
vary: Accept-Encoding
server: cloudflare

POST
H3 203 lsp.aspx Show response
gfhft42.pages.dev/fd/ls/ 2 B
707 B 32ms
28ms XHR
text/xml 2606:4700:310c::ac42:2cab
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://gfhft42.pages.dev/fd/ls/lsp.aspx
Requested by: Host: r.bing.com
URL: https://r.bing.com/rp/OCtnrJQ3aJVfEzdQOhoPYEPIYE0.br.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:310c::ac42:2cab , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Content-Type: text/xml
Referer: https://gfhft42.pages.dev/

Response headers

cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=TYpcZf8qiXy%2BqkQZ0%2FEsOjtE2vZwvDkYhdUVslIqvGwZAbykDhHjq1%2BQjUC9jr2iqayYC6gt9F4xuvD%2FTxyGi8VI7nq48wmzqopfk3sXIROvf%2FDp8TalEfq3Q9yG2q%2FIsGhfNTjSU5WdruH9UxM5Gg%3D%3D"}],"group":"cf-nel","max_age":604800}
expires: 0
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=7802&sent=1362&recv=298&lost=52&retrans=51&sent_bytes=1475346&recv_bytes=73564&delivery_rate=80954&cwnd=192864&unsent_bytes=0&cid=f2d8158537210ecc&ts=5759&x=1", cfHdrFlush;dur=0
date: Sun, 10 Nov 2024 05:17:08 GMT
content-type: text/xml
vary: Accept-Encoding
cache-control: no-cache, no-store, must-revalidate
x-cdn-traceid: 0.02d01702.1731215828.1d164cb2
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
pragma: no-cache
cf-ray: 8e03931278c2bba3-FRA
mime-version: 1.0
content-length: 2
server: cloudflare

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: r.bing.com
URL: https://r.bing.com/rp/TojcN6GgH6kMs-g6j6O4PUJNZvU.br.css

Domain: assets.msn.com
URL: https://assets.msn.com/bundles/v1/bingHomepage/latest/widget-initializer.js

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: Generic Cloudflare (Online)

172 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

17 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
gfhft42.pages.dev/rewardsapp	1969-12-31 23:59:59	Name: _C_Auth Value:
.gfhft42.pages.dev/	1970-01-21 00:55:02	Name: __cf_mw_byp Value: QukP1w042WbiEzZharI9nsIcValNtj_f7u.BmLlJIsI-1731215823-0.0.1.1-/
gfhft42.pages.dev/	1970-01-21 10:15:11	Name: MUIDB Value: 160DF516170E609206A8E02516B06190
.bing.com/	1970-01-21 10:15:11	Name: MUID Value: 136DDCEDD2EB62C83796C9DED347638D
.bing.com/	1970-01-21 10:15:11	Name: SRCHD Value: AF=NOFORM
.bing.com/	1970-01-21 10:15:11	Name: SRCHUID Value: V=2&GUID=AAA3B0251BFB4BBB800B3B229EDE008B&dmnchg=1
.bing.com/	1970-01-21 10:15:11	Name: SRCHUSR Value: DOB=20241110
.bing.com/	1970-01-21 10:15:11	Name: SRCHHPGUSR Value: SRCHLANG=de
.bing.com/	1969-12-31 23:59:59	Name: _SS Value: SID=0FFC68611584639828AE7D521428624F
login.microsoftonline.com/	1970-01-21 01:36:47	Name: buid Value: 1.AUgAMe_N-B6jSkuT5F9XHpElWnmtoZ62_ZpPi8MrcPluNMcBAABIAA.AQABGgEAAADW6jl31mB3T7ugrWTT8pFeuaU9E8A6Otc-Oja6ezoXCfmfDtzL2vAnh8fUq4mCPMyOup6bjGa5ylZJGCbkrPe30A8TgPHQvm5_Ea_rVPEAwcRKwNZ0mjzv_jm1UNYoE5QgAA
login.microsoftonline.com/	1970-01-21 01:36:47	Name: fpc Value: Asgtd3tJLC5HvmYIOTLsF5-CeMQLAQAAANM4wt4OAAAA
.login.microsoftonline.com/	1969-12-31 23:59:59	Name: esctx Value: PAQABBwEAAADW6jl31mB3T7ugrWTT8pFeLkGwiBAXHIKIf5UzIQ-KaqZYYZlWkG4FaMMc5-w1k0OV4afEBmRwMwPEDDnjK2l8RznVjujiAAgHk_KRYQK6quK_ev9QqE--KYn42wlHiuyX3uzGRpWQfZ2QbkQ61DNZwAkALaFeFlebvl1K79FAPu7zBlrNcAukURKHdn-FJG8gAA
login.microsoftonline.com/	1969-12-31 23:59:59	Name: x-ms-gateway-slice Value: estsfd
login.microsoftonline.com/	1969-12-31 23:59:59	Name: stsservicecookie Value: estsfd
.login.live.com/	1969-12-31 23:59:59	Name: uaid Value: 03755688adb148d2b031fd8d8db45e66
.login.live.com/	1969-12-31 23:59:59	Name: MSPRequ Value: id=264960&lt=1731215828&co=1
.login.live.com/	1969-12-31 23:59:59	Name: OParams Value: 11O.Dl4OqdQoi5YgB91crqZtZr7a7Hc8NutgiIxL4g1DmNrtc5CGaOfCTyHVaiQ!ro6neCTeZT88rTnxW1Z!QBgS6s98Wk6gCMxDxxVWN51k8EuP4xTIQ5IZs8nNMJ3N9OKfl!KOlgGQeYuGgnwtHa0wKD5K4T67wpLMerUl1YMz7bSFV3TbQRHKmA7iuy41LOGlyXtnEynF6qVWi!qXjSwoKd7kZkD1r!ZvQUw3fLVgCkpo9NlIoTQkr2yCLxJzEZ1mHKypIQGrZl!GWQo1RHmd9vu5VH121umRZGj6HIephxfRWKNCESWsQxFF6dJ2NcnkQJJ5!xxH8PJuPrQ$

5 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://gfhft42.pages.dev/ Message: Failed to load resource: the server responded with a status of 403 ()
other	warning	URL: https://gfhft42.pages.dev/rp/oocd_GLJp7OiNEvIPidegylCzYE.br.js Message: A preload for 'https://r.bing.com/rp/lmu8EBCaPRMKtay8LSArGyY3mv4.br.js' is found, but is not used because the request credentials mode does not match. Consider taking a look at crossorigin attribute.
javascript	error	URL: https://gfhft42.pages.dev/ Message: Access to script at 'https://assets.msn.com/bundles/v1/bingHomepage/latest/widget-initializer.js' from origin 'https://gfhft42.pages.dev' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network	error	URL: https://assets.msn.com/bundles/v1/bingHomepage/latest/widget-initializer.js Message: Failed to load resource: net::ERR_FAILED
javascript	warning	URL: https://gfhft42.pages.dev/ Message: The resource https://r.bing.com/rp/lmu8EBCaPRMKtay8LSArGyY3mv4.br.js was preloaded using link preload but not used within a few seconds from the window's load event. Please make sure it has an appropriate `as` value and it is preloaded intentionally.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
X-Frame-Options	SAMEORIGIN

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

4.bing.com
assets.msn.com
gfhft42.pages.dev
login.live.com
login.microsoftonline.com
platform.bing.com
r.bing.com
www.bing.com
assets.msn.com
r.bing.com
13.107.21.200
2603:1027:1:d8::9
2606:4700:310c::ac42:2cab
2620:1ec:c11::237
2a02:26f0:480:36::212:4008
2a02:26f0:480:36::212:4016
40.126.31.71
006563db23523a6369d81fcfa6f3515f0317cf651d74024635d2bfbe694779b8
02f6e697a3aab3be32f5fb28488862bf9ed344b4d60ccdf85cd1e244ff285c62
04a007926a68bb33e36202eb27f53882af7fd009c1ec3ad7177fba380a5fb96f
062f8499e0286f4a73049f89fa2b894ccbb460bbd36518bfdfdcdfd6142f6cb2
06b77ee16a2cd34acd210b4f2b6e423762ea8874bb26ae5a37db9dd01a00ff70
08021ed3bca5532304b597e636beb939ff7baa6d08dca4e94c0dde1fdf940389
0baa339c64fa0e698c90f8ef5bfcee39682c17f3241c25147e17d37b6eb44fb4
0bd4e3aff07fa67e913ddcab8cf93980a472626a9c6043da546253700f344d52
0e83502c07bd4e46b3681a468d0eeab4fb9dde6bb58c777b42f7770a58362175
0fcf07ab124ece4d9c0f96f53464f1ab9f0cb377d693514d0ab11be996517f9c
104f65c4f023c97349ccdd0e6c1739b2567a2d0c39d3728ba726c434682a5b6b
10de3d6d11f555196736f87cf8544e99618e0f1bad36d45d2a4f365c5013ebae
1562669ad323019cda49a6cf3bddece1672282e7275f9d963031b30ea845ffb2
15ed1579bccf1571a7d8b888226e9fe455aca5628684419d1a18f7cda68af89e
21829c74fce2c9bbbb3099a7a487de71465ed712410c32bc6c69884db07a90dd
243d212a9ff764ccda9b19c3c823b2f408a0718e56a3e7a8b5b533e108db56cb
250d4fa6c9895a4aeefff31c9207b268d5661b295625bd6c7d1f332f64bcb653
281d6234fd292800c2a5dbd14e524c9cee0d4438188b0b7d873abf41515a7666
29996d18fe8a760be8ca04f8d9de245e8999cdf6efcfac0f2cccfbc9cf35bf4c
2b37fccc9de03792c528f5e0a7a66a6e8ba30c7f950cf2bdbd283ab24585b466
2b94109aa361ff11c5320f7d1c04e2ad6da1a93904ea1eec16effe5972d484a6
2d5a0048e3c18238c1d20834300da0113b2701cf121107eb69994c0d8f301c1d
2eb653d3432ead0499735e6a1244e187c09eba20ab0def90a7392cf72019494a
31ee0b33f7393eb212728cbab82119f00aa8a539ee6b0bb517af5b6ccc6f9879
356a46f974bfee0299884a61d599042d897d56e4d61d8850e535b33f72d859ee
3881ea963a06b345f8c223a6d4af623ad3aea2f434fec3a373d74c39e77c7907
3ed65f33193430c0b9db61ffe7f5fe27b29f86a28563992c3afc47d4c22c23d7
3f82b79015592b102db1a3baa4e33a152cceb2f7d41f539b0b24b34be3b7261d
429c376160336dc6f748e45c07ddc068b24635f25a816f9a23d2ac733aad914f
432e0804947b0c2c8d41219415e7c20441f7b149f5d154338add4f9fe0bb7996
43431d5b3d022e0e5b7b7eb1b1745f90e845545b909c9ab8ffb37302eaac113d
47cb84d180c1d6ba7578c379bdc396102043b31233544e25a5a6f738bb425ac9
48ab43ba6d5ed8b585f8575c86f6a11e16311ab97ddd4fcf93288f01fb691a9b
533a1da54d4631ce85a1efe2504bae4745b86b50c9217370bc9da0b2457d92b5
54722cf65ab74a85441a039480691610df079e6dd3316c452667efe4a94ffd39
553d0321189b23dba5f3670ea4bdb552dce0ebb1a3201e3b094e3f04cf08a7fe
565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3
5b2c34b3c4e8dd898b664dba6c3786e2ff9869eff55d673aa48361f11325ed07
5bb552beb00af20a3a39660decabba8520cf53ff43594d1cd923f9217081d169
5cbda906c7db6d50c7e200d73841a7bb7404bcff1b3c9121aa5bc79dbc608b9a
5d59969951587d02ccf8e5b8b08b16f8b8b3110e26dd195cfdbaaaae99674230
5d744e7bae776d237bf80c2d45fbc3025c5726196fd10ea588078f4dc780494d
5feceb66ffc86f38d952786c6d696c79c2dbc239dd4e91b46729d73a27fb57e9
63fe4b5d74d906b6d61760f2d11348510302c3dedbd8b0bb8c66c82a55c8b7cc
643ac89572093a4c907c1af802b3d354453c64d545dc3f1be1ce689046064511
6838611c8ab6539005e11c84ca308158f89a51db57a62caf21faab48bf576177
6abc504f8fd063aa5796fec02bd599cf8ce6f1362fca493687a9a5cc72cdac62
7767d90aeae41a14cf3e4f8029dbe42598766bf02df77700c4068620b8539deb
78aa31d0b825a124c7ca14f4fe049560d1bdd186e8cdd7785be87c1d005384e4
795e9290718eb62a1fb00646dc738f6a6b715b1171dd54a3d2defa013a74f3da
7982cc778e2e492587af7a6ae279201d27cba6b3cffc130276c897a9c980e0e8
7c317940549467b3210d2f72da000bac3481abfde3ac5358d398eb64dcbc8532
80e84dc68cd83251cfc543bcaf4dd4fba1ee3a8e6584c90e7e050260515416e2
8149ebbab97636b492c4577e5d86b65001e672718bbd01218d8888b9989e7e4e
84e3c77025ace5af143972b4a40fc834dcdfd4e449d4b36a57e62326f16b3091
88d86fe4ad7534bb5d79d6ceafdc527ade975d07f49a856ce0ee6783161516c3
8b4d85985e62c264c03c88b31e68dbabdcc9bd42f40032a43800902261ff373f
8e572950cbda0558f7b9563ce4f5017e06bc9c262cf487e33927a948f8d78f7f
904176d5eed3e702517406d78ba2dfdbd70f78da890e9cf032406ac53edbcd6d
95e14855ec11d2c5d0080c6fc0339b285204774575748c59c8d1aef4252a8f11
9650a40f7d670d73a408ada335020ceeb2cc39a843f2b63ef8a441349e6066fe
97340d9eccbe1941717f3c40491e15a848abbcf4ccc25e5ee13dbd78e1993f7c
9a267f0e8e6ed42476777f455a879cb8c21cce3b62801fe3ee0f1a057dd8efaf
9e62f15d7a4562d68e7b0fbfb8b97cdfa32463b7f548837b30a546301f44bb34
a0a1cee602080757fbadb2d23ead2bbb8b0726b82fdb2ed654da4403f1e78ef1
a17e669fcc16128fd599da2d27f4d766e0a1f5c06e97ed66b01e9547c607f885
a29707e768a53201e2ab26d83e5746e6f22e1c573743a66c50b7e5d19f6b531e
a2e338eb951a6699b5634843203c81564b257da03642cd85e02512fe4cf7296f
a4579184b85367432ce944bc8652024345ba631b3e16bcf6330a9be1c45c1591
a4953b311d5b96a62fbd30a9540d038f7330d33dc054966281d3888e298149c7
a4b34948549aa9f9193fbf7edf4faaf3a4b3f0ef468c1a60876685c3844c410b
a52d0aabfb7c912cf686b046e1125dde4581b2a88c20817bb4c1dc999a4f90e6
a5b4181611e951faecd6c164d704569c633e95fe68d3d1934b911a089ebf70e8
a6347b4c2628cedfeb5757743849800bcce481b54a8d351c2fc1f9b80d3d4c81
a76a841fe97a11a8bd2391cfad8e0b4fb5321916a92778ff3413bd0fa19d0678
a84e6acc83f595fa5fc3d3603cb1589c3f10a597ce4f3fa930674a66cd9928f1
acf35a6e6ebf6cc558d38f00a62807fbaa4de983055426ecfe1a450644f2a6c3
af8c36defed55d79106513865f69933e546e1e4c361e41c29f65905ded009047
b072744831f33c79bc22f97d44cc577c55cec2174efdfa904eb7292a7c4f8e44
b8878944d3c11b5587da4709cc04fe8469102ee6ecbda392d4b4455538d5805e
bb1a08ed626350a76cd1e2f9a79da222602aac8bf22f6884c271faeb8eac47dc
bc2fafdf3346ba2de5004898e2c58e47182fda26518d240fd1b0628e6329ed1d
bef5708c1bddb9de58613a84159578d9d554d54d2ad3d35205b89ad0519c43d8
c01f1113020ec6201098a6690849ca3df40dcbc0f6fe9c7827fb616bbf8fa05b
c16343d5af29b2ce9fa754da3015002b1e4b340943909fa580ff3c9d5dce1fb9
c2ba8fccfc980bcc8fc24e7a41bfcfee88cca9331c8d4d62890d7dfab4a12226
cce4730b635dfb240085ec6abd2344345d9e94f979e580f87ec8356a8e8721f6
cecd9507277624bd8baac9fcdbede428a6bc827c41635f5b34478c5abee4e0bb
d06ebe9f300384efacd12100d077c356b8ac452c60c11ed2a16985ffbfcdcc66
d367ea014ef1c234179a9060527687703c3c72ecb530ab733aa08b61144286fc
d6f2e73a463d63d23c32bd14f96113e9c7c6b2eef02c4316e75994ed3080a4c6
d71ac9ccdf9cad482742a4c58d3cdececa63ab196dba9bd3656da24db533c1ac
d7213c51946975f61ba549e0b3fa83567c854557c673d56c9dddcccab6fdad0a
dadf403df8cfe888e59e6a051aee3783a2bf0bcc60dc1d09a7797daaee726ca2
e2e4d97c20d4478e8e947480c8f6c71a2c795776d405366be70db82e4ea4ba77
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e3fb548c8a0fdaf9fec026a39c2ae1a2553a65a1c6f59075c61aeaed69342ebe
e482bf4baaa167335f326b9b4f4b83e806cc21fb428b988a4932c806d918771c
e90558eb19208ad73f0de1cd9839d0317594bf23da0514f51272bf27183f01da
ece56ee3b84bc191bcf0720255b59798c9be50d4d23e96a730f1d14f5873052f
eea56c13709677a8c9b09c68a066b7138892e4ba785c5ce4a805fac99e4ceb24
f1591a5221136c49438642155691ae6c68e25b7241f3d7ebe975b09a77662016
f2c5677d58718ae60f7f4e98351643afeb8ad7fdfe4b2b6af0b7b63108cb7071
f332b88324f67c9deb79ca7d33bd57f161e39567e774e4fdd5c0509205e60b9b
f68f6ccbdb57c7e73b51ed5c2e36fd37be5febc107a35cbd58ae4cab451c6a42
fbf7fe8197902b32ce2c83f05db73255553c716ac7b084ff1878e617963d0f51
feaaaeec0e4b14692fbafac182198f3af83a44265b8659eac94b23222644c00b

gfhft42.pages.dev Open in urlscan Pro 2606:4700:310c::ac42:2cab Malicious Activity! Public Scan

Summary

urlscan.io Verdict: Potentially Malicious

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Page Statistics

180 Requests

97 %HTTPS

71 %IPv6

5 Domains

8 Subdomains

7 IPs

3 Countries

1960 kBTransfer

4948 kBSize

17 Cookies

8 Outgoing links

Page URL History

Redirected requests

180 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 5 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

gfhft42.pages.dev Open in urlscan Pro
2606:4700:310c::ac42:2cab Malicious Activity! Public Scan

Screenshot
Live screenshot

Full Image

180
Requests

97 %
HTTPS

71 %
IPv6

5
Domains

8
Subdomains

7
IPs

3
Countries

1960 kB
Transfer

4948 kB
Size

17
Cookies

180 HTTP transactions
5 data transactions