urlscan.io logo urlscan.io
SecurityTrails logo

www.xgqfrms.xyz Open in urlscan Pro
2606:4700:3036::ac43:df9e  Public Scan

Go To Rescan Add Verdict Report
URL: https://www.xgqfrms.xyz/
Submission: On November 08 via manual from US — Scanned from US
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 10 IPs in 1 countries across 8 domains to perform 30 HTTP transactions. The main IP is 2606:4700:3036::ac43:df9e, located in United States and belongs to CLOUDFLARENET, US. The main domain is www.xgqfrms.xyz.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on June 6th 2022. Valid for: a year.
This is the only time www.xgqfrms.xyz was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

9    2606:4700:3036::ac43:df9e (United States)

ASN13335 (CLOUDFLARENET, US)
www.xgqfrms.xyz
cdn.xgqfrms.xyz
8    2607:f8b0:4006:816::2001 (United States)

ASN15169 (GOOGLE, US)
cdn.ampproject.org
1    2607:f8b0:4006:81c::200a (United States)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
1    66.154.110.218 (Atlanta, United States)

ASN8100 (ASN-QUADRANET-GLOBAL, US)
PTR: s05.flagcounter.com
s05.flagcounter.com
1    151.101.2.217 (United States)

ASN54113 (FASTLY, US)
cdn.speedcurve.com
2    2607:f8b0:4006:821::2008 (United States)

ASN15169 (GOOGLE, US)
ssl.google-analytics.com
1    2607:f8b0:4006:820::2003 (United States)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
2    2607:f8b0:4006:822::200e (United States)

ASN15169 (GOOGLE, US)
www.google-analytics.com
5    2600:1901:0:742:: (Kansas City, United States)

ASN15169 (GOOGLE, US)
amp.dev
Apex Domain
Subdomains		 Transfer
9 xgqfrms.xyz
www.xgqfrms.xyz
cdn.xgqfrms.xyz
81 KB
8 ampproject.org
cdn.ampproject.org — Cisco Umbrella Rank: 317
129 KB
5 amp.dev
amp.dev — Cisco Umbrella Rank: 416280
4 MB
4 google-analytics.com
ssl.google-analytics.com — Cisco Umbrella Rank: 397
www.google-analytics.com — Cisco Umbrella Rank: 97
37 KB
1 gstatic.com
fonts.gstatic.com
44 KB
1 speedcurve.com
cdn.speedcurve.com — Cisco Umbrella Rank: 6230
517 B
1 flagcounter.com
s05.flagcounter.com — Cisco Umbrella Rank: 208302
9 KB
1 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 118
1 KB
30 8
Domain Requested by
8 cdn.ampproject.org www.xgqfrms.xyz
cdn.ampproject.org
8 www.xgqfrms.xyz www.xgqfrms.xyz
5 amp.dev www.xgqfrms.xyz
2 www.google-analytics.com www.xgqfrms.xyz
www.google-analytics.com
2 ssl.google-analytics.com www.xgqfrms.xyz
1 fonts.gstatic.com fonts.googleapis.com
1 cdn.speedcurve.com www.xgqfrms.xyz
1 cdn.xgqfrms.xyz www.xgqfrms.xyz
1 s05.flagcounter.com www.xgqfrms.xyz
1 fonts.googleapis.com www.xgqfrms.xyz
30 10

This site contains links to these domains. Also see Links.

Domain
mobile.xgqfrms.xyz
github.com
info.flagcounter.com
Subject Issuer Validity Valid
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2022-06-06 -
2023-06-05		 a year crt.sh
misc-sni.google.com
GTS CA 1C3		 2022-10-17 -
2023-01-09		 3 months crt.sh
upload.video.google.com
GTS CA 1C3		 2022-10-17 -
2023-01-09		 3 months crt.sh
s02.flagcounter.com
R3		 2022-10-08 -
2023-01-06		 3 months crt.sh
*.speedcurve.com
GlobalSign Atlas R3 DV TLS CA 2022 Q3		 2022-07-16 -
2023-08-17		 a year crt.sh
*.google-analytics.com
GTS CA 1C3		 2022-10-17 -
2023-01-09		 3 months crt.sh
*.gstatic.com
GTS CA 1C3		 2022-10-17 -
2023-01-09		 3 months crt.sh
amp.dev
GTS CA 1D4		 2022-09-27 -
2022-12-26		 3 months crt.sh

This page contains 1 frames:

Primary Page: https://www.xgqfrms.xyz/
Frame ID: B8C3C668837023AB44D6FD04B5007C3C
Requests: 40 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

👻 xgqfrms's official website!

Detected technologies

Overall confidence: 100%
Detected patterns
  • google-analytics\.com/(?:ga|urchin|analytics)\.js
Overall confidence: 100%
Detected patterns
  • lightbox(?:-plus-jquery)?.{0,32}\.js

Page Statistics

30
Requests

100 %
HTTPS

78 %
IPv6

8
Domains

10
Subdomains

10
IPs

1
Countries

4490 kB
Transfer

5390 kB
Size

8
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

30 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
www.xgqfrms.xyz/ 		11 KB
4 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.xgqfrms.xyz/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3036::ac43:df9e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
02fd42c624f0af30f030fbae29c0d398289d5446ab375c42cda1970df904f22e
Security Headers
Name Value
Strict-Transport-Security max-age=0; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

access-control-allow-origin
*
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control
max-age=600
cf-cache-status
MISS
cf-ray
7670b0363e6b78dc-EWR
content-encoding
br
content-type
text/html; charset=utf-8
date
Tue, 08 Nov 2022 19:24:20 GMT
expires
Tue, 08 Nov 2022 19:34:20 GMT
last-modified
Tue, 08 Nov 2022 01:56:58 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=MlE2988p89j60P82FZ2HqzDRxHkO9fjrObADLi4y36OF0RiY3f2JkyeML8V0lgPVf7EVXtD8OsXL8YaRJVeoBLwoomy7FRFnP6LYLAPl5y0GeQcgmOs4aW%2BwPVOc%2FxP%2FC1SLsQzUcWJYn804FKk%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
strict-transport-security
max-age=0; includeSubDomains; preload
vary
Accept-Encoding
via
1.1 varnish
x-cache
MISS
x-cache-hits
0
x-content-type-options
nosniff
x-fastly-request-id
890651fe665fa4e1a7d09adc96f32986c4a0dfa8
x-github-request-id
71FC:44E1:5B884D:79A209:636AACE4
x-proxy-cache
MISS
x-served-by
cache-lga21979-LGA
x-timer
S1667935461.891283,VS0,VE15
v0.js
cdn.ampproject.org/ 		276 KB
71 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/v0.js
Requested by
Host: www.xgqfrms.xyz
URL: https://www.xgqfrms.xyz/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:816::2001 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
af01f23413b5533c1b5a1c400e3076726312db3cb2fe0a48d3dbdb5f2b4cd231
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.xgqfrms.xyz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
date
Tue, 08 Nov 2022 19:24:21 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
72613
x-xss-protection
0
server
sffe
etag
"0367d95198e5c34f"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=3000, stale-while-revalidate=1206600
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Tue, 08 Nov 2022 19:24:21 GMT
normalize.css
www.xgqfrms.xyz/css/ 		8 KB
3 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.xgqfrms.xyz/css/normalize.css
Requested by
Host: www.xgqfrms.xyz
URL: https://www.xgqfrms.xyz/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3036::ac43:df9e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
cc05deb16561331001daa8e140f96f0d12ae6c3388c0add2e226c6376930bc32
Security Headers
Name Value
Strict-Transport-Security max-age=0; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.xgqfrms.xyz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

x-fastly-request-id
e33e0e5deefd4a2d011d78f5d2ffdc4819adb612
date
Tue, 08 Nov 2022 19:24:20 GMT
via
1.1 varnish
x-content-type-options
nosniff
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=0; includeSubDomains; preload
expires
Tue, 08 Nov 2022 19:34:20 GMT
content-encoding
br
x-cache
MISS
x-proxy-cache
MISS
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-served-by
cache-lga21971-LGA
last-modified
Tue, 08 Nov 2022 01:56:58 GMT
server
cloudflare
x-github-request-id
EC84:2088:625E45:807EA9:636AACE4
x-timer
S1667935461.939862,VS0,VE16
etag
W/"6369b76a-1e13"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=6JKEGeKUYj5njHqyU7h2AbgLSNY6BstXA%2F%2F%2B8%2BDsu7TZS0%2F1cnrgEsN2JX03SFzrhfQgxNI933CZNDlZQ5aRG8cDGlCgnk3XxAODOU57OP4tT5CYoyh%2FVojSLmps1Ga2Lz8xGmvsKg9pDkMwhy8%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=600
cf-ray
7670b036cfa378dc-EWR
x-cache-hits
0
css
fonts.googleapis.com/ 		5 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Open+Sans:400,700
Requested by
Host: www.xgqfrms.xyz
URL: https://www.xgqfrms.xyz/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:81c::200a , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
910612fc65208677f4e2fff60558e0f1949138a3696402a17ed5582efe0d2649
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.xgqfrms.xyz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Tue, 08 Nov 2022 19:24:20 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Tue, 08 Nov 2022 18:58:23 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Tue, 08 Nov 2022 19:24:20 GMT
stylesheet.css
www.xgqfrms.xyz/css/ 		6 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.xgqfrms.xyz/css/stylesheet.css
Requested by
Host: www.xgqfrms.xyz
URL: https://www.xgqfrms.xyz/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3036::ac43:df9e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
50e04910e88a5794f1913be2678b3e52e88c58fe8eea94abaf7fbdf5ccca4428
Security Headers
Name Value
Strict-Transport-Security max-age=0; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.xgqfrms.xyz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

x-fastly-request-id
0014c3726a7635c656ba6f67893ac750cb4c857c
date
Tue, 08 Nov 2022 19:24:20 GMT
via
1.1 varnish
x-content-type-options
nosniff
expires
Tue, 08 Nov 2022 19:34:20 GMT
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=0; includeSubDomains; preload
content-encoding
br
x-cache
MISS
x-proxy-cache
MISS
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-served-by
cache-lga21931-LGA
last-modified
Tue, 08 Nov 2022 01:56:58 GMT
server
cloudflare
x-github-request-id
358E:1C6B:5F72B1:7D8FEA:636AACE4
x-timer
S1667935461.952707,VS0,VE11
etag
W/"6369b76a-1693"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=JzykzW%2FqlSQDwciSogiFpQfoIT%2F%2BJ8eFsNcHMKGesqpUI4%2F%2BaToJ%2BrN8uEXzq7H6o7hTnYTrnc7LvQPc97qwN65FsWr6WG9Tnonk4DVgUL0uT4Sfzpuz%2FUZ2pQvaP1JhcSnT5xb5T3hJ38N56Do%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=600
x-origin-cache
HIT
cf-ray
7670b036cfab78dc-EWR
x-cache-hits
0
github-light.css
www.xgqfrms.xyz/css/ 		3 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.xgqfrms.xyz/css/github-light.css
Requested by
Host: www.xgqfrms.xyz
URL: https://www.xgqfrms.xyz/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3036::ac43:df9e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
38c24194e26fb2c75977a09ce8385a8a8a56f2b01520554f7b8c165093e361ee
Security Headers
Name Value
Strict-Transport-Security max-age=0; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.xgqfrms.xyz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

x-fastly-request-id
64e19c8646e33f7dbb9e2b1a90cef757e098ec76
date
Tue, 08 Nov 2022 19:24:20 GMT
via
1.1 varnish
x-content-type-options
nosniff
expires
Tue, 08 Nov 2022 19:34:20 GMT
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=0; includeSubDomains; preload
content-encoding
br
x-cache
MISS
x-proxy-cache
MISS
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-served-by
cache-lga21940-LGA
last-modified
Tue, 08 Nov 2022 01:56:58 GMT
server
cloudflare
x-github-request-id
665A:2FE3:5DCFC6:7BECD0:636AACE4
x-timer
S1667935461.958682,VS0,VE14
etag
W/"6369b76a-aa1"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=cOX9jODtRBQQiCndWkTkq9qi7Rqy44gXF9vzB6iItBz7%2F0o5BDugNSrGQOHjKoygPQJYk%2FkrSBvp5pOWf4HJyS44zCndpsQabqxTNCXw5EXmqTQttvownrHG4aJs4uB0hXLXxIof4JMp4gXP%2Bq0%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=600
x-origin-cache
HIT
cf-ray
7670b036cfae78dc-EWR
x-cache-hits
0
index.css
www.xgqfrms.xyz/ 		659 B
772 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.xgqfrms.xyz/index.css
Requested by
Host: www.xgqfrms.xyz
URL: https://www.xgqfrms.xyz/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3036::ac43:df9e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
65450264b7e415e928ad0901e0f3f3d498da73ee872782f45a95ff2f92dc98ec
Security Headers
Name Value
Strict-Transport-Security max-age=0; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.xgqfrms.xyz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

x-fastly-request-id
0873a5bdd5cf9f10ce9b16295b3fbc71ff092317
date
Tue, 08 Nov 2022 19:24:20 GMT
via
1.1 varnish
x-content-type-options
nosniff
expires
Tue, 08 Nov 2022 19:34:20 GMT
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=0; includeSubDomains; preload
content-encoding
br
x-cache
MISS
x-proxy-cache
MISS
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-served-by
cache-lga21960-LGA
last-modified
Tue, 08 Nov 2022 01:56:58 GMT
server
cloudflare
x-github-request-id
416C:7866:6676B9:849982:636AACE4
x-timer
S1667935461.968468,VS0,VE12
etag
W/"6369b76a-293"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=uLfBUReNi3bhAJ0ThRS93yZF607LMK87khAmHhdGa9Z7kUFHpd6DpAnJgcvzDUxh%2FwrQcnS1OA6efmnw52LnP9hH9Fl4c5%2Fw291D9oBcOvkGpAMew5XkMUVYoSIyxAe99qIgBywWLaomzOxIx8k%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=600
x-origin-cache
HIT
cf-ray
7670b036cfb278dc-EWR
x-cache-hits
0
amp-anim-0.1.js
cdn.ampproject.org/v0/ 		6 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/v0/amp-anim-0.1.js
Requested by
Host: www.xgqfrms.xyz
URL: https://www.xgqfrms.xyz/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:816::2001 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
873590343c34be6a11c63393447d8ca8494263eadc650e6f5f46e5b1541c1207
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.xgqfrms.xyz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
date
Tue, 08 Nov 2022 19:24:21 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2486
x-xss-protection
0
server
sffe
etag
"4aef5f3412c72b0a"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=604800, stale-while-revalidate=604800
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Tue, 08 Nov 2022 19:24:21 GMT
amp-video-0.1.js
cdn.ampproject.org/v0/ 		51 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/v0/amp-video-0.1.js
Requested by
Host: www.xgqfrms.xyz
URL: https://www.xgqfrms.xyz/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:816::2001 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f702408df1648c776698f7dadf4bd24a8b38a51e7814cbcc7c0a0cb6943131da
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.xgqfrms.xyz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
date
Tue, 08 Nov 2022 19:24:21 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15863
x-xss-protection
0
server
sffe
etag
"edbca520e5225f75"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=604800, stale-while-revalidate=604800
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Tue, 08 Nov 2022 19:24:21 GMT
amp-audio-0.1.js
cdn.ampproject.org/v0/ 		12 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/v0/amp-audio-0.1.js
Requested by
Host: www.xgqfrms.xyz
URL: https://www.xgqfrms.xyz/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:816::2001 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
4337e08b3b56c34322b374766dc1df3e293dade805425ba5980c9f0c8284ebf1
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.xgqfrms.xyz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
date
Tue, 08 Nov 2022 19:24:21 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
4329
x-xss-protection
0
server
sffe
etag
"1400838463bfdbc4"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=604800, stale-while-revalidate=604800
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Tue, 08 Nov 2022 19:24:21 GMT
amp-iframe-0.1.js
cdn.ampproject.org/v0/ 		25 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/v0/amp-iframe-0.1.js
Requested by
Host: www.xgqfrms.xyz
URL: https://www.xgqfrms.xyz/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:816::2001 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
2fa0573850512ff810d96a034c2b199fc696cf2946ec91e013505a2b56bf6bd1
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.xgqfrms.xyz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
date
Tue, 08 Nov 2022 19:24:21 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
8949
x-xss-protection
0
server
sffe
etag
"ed46e6557509e50b"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=604800, stale-while-revalidate=604800
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Tue, 08 Nov 2022 19:24:21 GMT
blacktocat.png
www.xgqfrms.xyz/images/ 		268 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.xgqfrms.xyz/images/blacktocat.png
Requested by
Host: www.xgqfrms.xyz
URL: https://www.xgqfrms.xyz/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3036::ac43:df9e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
bc7ee2aa402ed7fee29e7309da565399c223321056676f10938ddcda4e1902bb
Security Headers
Name Value
Strict-Transport-Security max-age=0; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.xgqfrms.xyz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

x-fastly-request-id
97f49f6dee84acf3a7fd0377c1ac17715e38a2ac
date
Tue, 08 Nov 2022 19:24:21 GMT
via
1.1 varnish
x-content-type-options
nosniff
expires
Tue, 08 Nov 2022 19:34:20 GMT
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=0; includeSubDomains; preload
x-proxy-cache
MISS
x-cache
MISS
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
268
x-served-by
cache-lga21933-LGA
last-modified
Tue, 08 Nov 2022 01:56:58 GMT
server
cloudflare
x-github-request-id
FF48:5790:63928E:81B733:636AACE4
x-timer
S1667935461.980573,VS0,VE18
etag
"6369b76a-10c"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2FwftMOvh6vVMi4QFB22lH69%2FzXOeGnuIJI4nOwxBuXq88TnpkGUrPGdTEEvi95K48N58ENEjtmA6FVdBJqnQWCuhkd36T9e70%2Fyn8grc8Usd%2FpLtGRJDX2THCJ6boxjQw17Qzm1lk0gacuBomQ8%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
access-control-allow-origin
*
cache-control
max-age=600
accept-ranges
bytes
x-origin-cache
HIT
cf-ray
7670b036e871f009-EWR
x-cache-hits
0
/
s05.flagcounter.com/count2/woW7/bg_000000/txt_00ff00/border_FF00FF/columns_2/maxflags_10/viewers_0/labels_1/pageviews_1/flags_0/percent_1/ 		9 KB
9 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s05.flagcounter.com/count2/woW7/bg_000000/txt_00ff00/border_FF00FF/columns_2/maxflags_10/viewers_0/labels_1/pageviews_1/flags_0/percent_1/
Requested by
Host: www.xgqfrms.xyz
URL: https://www.xgqfrms.xyz/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
66.154.110.218 Atlanta, United States, ASN8100 (ASN-QUADRANET-GLOBAL, US),
Reverse DNS
s05.flagcounter.com
Software
Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips /
Resource Hash
a4d9df0006d0a92396dde1aa67e28806a2656f31d0ae27d1dc458401e78bafec

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.xgqfrms.xyz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 08 Nov 2022 19:24:23 GMT
Cache-control
no-cache
Server
Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips
Connection
close
Transfer-Encoding
chunked
Content-Type
image/png
drc-drm.js
cdn.xgqfrms.xyz/js-hacks/ 		1 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.xgqfrms.xyz/js-hacks/drc-drm.js
Requested by
Host: www.xgqfrms.xyz
URL: https://www.xgqfrms.xyz/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3036::ac43:df9e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
978eb627d3964420e1b3d31fea6d3696a08eff48442a6e5189fe76f39005a50f
Security Headers
Name Value
Strict-Transport-Security max-age=0; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.xgqfrms.xyz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

x-fastly-request-id
5a0e6b25c84989ac72664814875c449c2e43b034
date
Tue, 08 Nov 2022 19:24:21 GMT
via
1.1 varnish
x-content-type-options
nosniff
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=0; includeSubDomains; preload
expires
Tue, 08 Nov 2022 19:34:21 GMT
content-encoding
br
x-cache
MISS
x-proxy-cache
MISS
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-served-by
cache-lga21950-LGA
last-modified
Fri, 28 Oct 2022 01:43:40 GMT
server
cloudflare
x-github-request-id
F942:3D9D:66104B:8432EF:636AACE5
x-timer
S1667935461.010493,VS0,VE14
etag
W/"635b33cc-445"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Q76yK%2BXHLKegafQHN0NLXFfaxF8NjpQOoqR%2B9MKNlbBwKn%2BChoiUAWOoxpqFIWxb5tYAG6abV9YRwz5nDtdvZ8HdpTc0o1lQiXyYmm4OoXb4HLZsQNkR74jiL1%2F%2F9SCB1XwjSkkFI2ukefWCdwA%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=600
cf-ray
7670b037184c78dc-EWR
x-cache-hits
0
lux.js
cdn.speedcurve.com/js/ 		520 B
517 B 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.speedcurve.com/js/lux.js?id=609659513
Requested by
Host: www.xgqfrms.xyz
URL: https://www.xgqfrms.xyz/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.2.217 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Apache /
Resource Hash
6bcb0b26c3cf3602feed634aec703ce4e8433da448bc01d60be783d066858c5b

Request headers

Referer
https://www.xgqfrms.xyz/
Origin
https://www.xgqfrms.xyz
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

x-cache-hits
0
date
Tue, 08 Nov 2022 19:24:21 GMT
via
1.1 vegur, 1.1 varnish
content-encoding
gzip
age
0
x-cache
MISS
content-length
228
x-served-by
cache-ewr18126-EWR
last-modified
Tue, 08 Nov 2022 19:24:21 GMT
server
Apache
x-timer
S1667935461.025579,VS0,VE32
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=604800
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 15 Nov 2022 19:24:21 GMT
index.mjs
www.xgqfrms.xyz/ 		1 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.xgqfrms.xyz/index.mjs
Requested by
Host: www.xgqfrms.xyz
URL: https://www.xgqfrms.xyz/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3036::ac43:df9e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
808edcde1c3fbf3b12d053b285b7456b09524ed00e06a7f8e86a637ca0927a5f
Security Headers
Name Value
Strict-Transport-Security max-age=0; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://www.xgqfrms.xyz/
Origin
https://www.xgqfrms.xyz
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

x-fastly-request-id
3d872addee4ea8d5a4e02ecdb4abe449523c7760
date
Tue, 08 Nov 2022 19:24:21 GMT
via
1.1 varnish
x-content-type-options
nosniff
expires
Tue, 08 Nov 2022 19:34:21 GMT
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=0; includeSubDomains; preload
content-encoding
br
x-cache
MISS
x-proxy-cache
MISS
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-served-by
cache-lga21975-LGA
last-modified
Tue, 08 Nov 2022 01:56:58 GMT
server
cloudflare
x-github-request-id
E492:2088:625E49:807EAD:636AACE5
x-timer
S1667935461.982376,VS0,VE27
etag
W/"6369b76a-443"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Xg9SrfwEOUF6ELFA734tW9JII1THrU5SlYfp12N45ux4RGtiA4ojIyRx2bt0QwEssZPdPsc0geMW0GEWjcVScjJysMyC9eZ41fJBBXncZ9jxrpihtIexosWnn8egs6iwAb7VwPzK1Yo900840Mk%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=600
x-origin-cache
HIT
cf-ray
7670b036f876f009-EWR
x-cache-hits
0
ga.js
ssl.google-analytics.com/ 		45 KB
17 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ssl.google-analytics.com/ga.js
Requested by
Host: www.xgqfrms.xyz
URL: https://www.xgqfrms.xyz/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:821::2008 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
1259ea99bd76596239bfd3102c679eb0a5052578dc526b0452f4d42f8bcdd45f
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://www.xgqfrms.xyz/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36
Intervention
<https://www.chromestatus.com/feature/5718547946799104>; level="warning"

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
date
Tue, 08 Nov 2022 17:54:08 GMT
last-modified
Tue, 27 Sep 2022 22:01:05 GMT
server
Golfe2
age
5413
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
17168
expires
Tue, 08 Nov 2022 19:54:08 GMT
memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
fonts.gstatic.com/s/opensans/v34/ 		44 KB
44 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/opensans/v34/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans:400,700
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:820::2003 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
8778e9af2422858d7052ff9a0f3c12c08ae976bdd6e0316db144cd5579cd97db
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://www.xgqfrms.xyz
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date
Mon, 07 Nov 2022 18:52:16 GMT
x-content-type-options
nosniff
age
88325
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
44856
x-xss-protection
0
last-modified
Mon, 15 Aug 2022 18:20:18 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 07 Nov 2023 18:52:16 GMT
__utm.gif
ssl.google-analytics.com/r/ 		35 B
54 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ssl.google-analytics.com/r/__utm.gif?utmwv=5.7.2&utms=1&utmn=1591784149&utmhn=www.xgqfrms.xyz&utmcs=UTF-8&utmsr=1600x1200&utmvp=1600x1200&utmsc=24-bit&utmul=en-us&utmje=0&utmfl=-&utmdt=%F0%9F%91%BB%20xgqfrms%27s%20official%20website!&utmhid=1692896128&utmr=-&utmp=%2F&utmht=1667935461084&utmac=UA-68009907-1&utmcc=__utma%3D107267979.1315956595.1667935461.1667935461.1667935461.1%3B%2B__utmz%3D107267979.1667935461.1.1.utmcsr%3D(direct)%7Cutmccn%3D(direct)%7Cutmcmd%3D(none)%3B&utmjid=1353606634&utmredir=1&utmu=DAAAAAAAAAAAAAAAAAAAAAAE~
Requested by
Host: www.xgqfrms.xyz
URL: https://www.xgqfrms.xyz/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:821::2008 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.xgqfrms.xyz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 08 Nov 2022 19:24:21 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
35
expires
Fri, 01 Jan 1990 00:00:00 GMT
analytics.js
www.google-analytics.com/ 		49 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.xgqfrms.xyz
URL: https://www.xgqfrms.xyz/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:822::200e , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
b42e4a056cb5b80c5a315040826866445ec9332f0749e184509ab2d9d3b86719
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.xgqfrms.xyz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
date
Tue, 08 Nov 2022 17:53:39 GMT
last-modified
Tue, 27 Sep 2022 22:01:05 GMT
server
Golfe2
age
5442
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
20039
expires
Tue, 08 Nov 2022 19:53:39 GMT
collect
www.google-analytics.com/j/ 		2 B
22 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j98&a=1692896128&t=pageview&_s=1&dl=https%3A%2F%2Fwww.xgqfrms.xyz%2F&ul=en-us&de=UTF-8&dt=%F0%9F%91%BB%20xgqfrms%27s%20official%20website!&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_utma=107267979.1315956595.1667935461.1667935461.1667935461.1&_utmz=107267979.1667935461.1.1.utmcsr%3D(direct)%7Cutmccn%3D(direct)%7Cutmcmd%3D(none)&_utmht=1667935461131&_u=IQBCAEABAAAAACAAI~&jid=505357382&gjid=412383179&cid=1315956595.1667935461&tid=UA-68009907-1&_gid=1734799474.1667935461&_r=1&_slc=1&z=911688005
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:822::200e , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
a048e640908046be06e00eab37742b5d5ff80964af58cfd22f7cb2de4dfe375f
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.xgqfrms.xyz/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Tue, 08 Nov 2022 19:24:21 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.xgqfrms.xyz
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2
expires
Fri, 01 Jan 1990 00:00:00 GMT
favicon.png
www.xgqfrms.xyz/ 		66 KB
67 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.xgqfrms.xyz/favicon.png
Requested by
Host: www.xgqfrms.xyz
URL: https://www.xgqfrms.xyz/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3036::ac43:df9e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f5b3a9f2c52fcf7b954e71212ea0fcdd98b4159dfa82e7310458b4573d1e554e
Security Headers
Name Value
Strict-Transport-Security max-age=0; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.xgqfrms.xyz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

x-fastly-request-id
32fb972727de147b7d938fef7c0c57b99e3dcbe4
date
Tue, 08 Nov 2022 19:24:21 GMT
via
1.1 varnish
x-content-type-options
nosniff
expires
Tue, 08 Nov 2022 19:34:21 GMT
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=0; includeSubDomains; preload
x-proxy-cache
MISS
x-cache
MISS
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
67585
x-served-by
cache-lga21938-LGA
last-modified
Tue, 08 Nov 2022 01:56:58 GMT
server
cloudflare
x-github-request-id
2772:75A3:61C512:7FE372:636AACE5
x-timer
S1667935461.229362,VS0,VE13
etag
"6369b76a-10801"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ALczeLGixLDIZrMarIp0Yyc6eTHfkaq4kXqBAbo9vJpwzhnKTpEVCxWw2HFLxBzKkCit5kYrMLvu%2BNst%2B7IkOAM7gUEIOtXGJ6UH2byye6iw%2FpZ1scTP3d2YMFTgHBnW6MqpaBVENuQxyoeN78I%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
access-control-allow-origin
*
cache-control
max-age=600
accept-ranges
bytes
x-origin-cache
HIT
cf-ray
7670b0387a03f009-EWR
x-cache-hits
0
wavepool.png
amp.dev/static/inline-examples/images/ 		345 KB
346 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://amp.dev/static/inline-examples/images/wavepool.png
Requested by
Host: www.xgqfrms.xyz
URL: https://www.xgqfrms.xyz/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:1901:0:742:: Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
63ddf585f96d456d0e91d248d210d8acb4813fd60cbe0ed557b74b770b2076cf
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.xgqfrms.xyz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Tue, 08 Nov 2022 19:24:21 GMT
x-content-type-options
nosniff
last-modified
Tue, 11 Oct 2022 06:50:00 GMT
via
1.1 google
etag
W/"565e4-183c5ceadc0"
vary
Origin
content-security-policy-report-only
default-src * data: blob:;worker-src 'self' blob:;script-src blob: 'unsafe-inline' https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/viewer/ https://cdn.ampproject.org/rtv/ https://www.googletagmanager.com/gtag/js https://playground.amp.dev/ https://preview.amp.dev/ https://go.amp.dev/ https://log.amp.dev/;object-src 'none';style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://playground.amp.dev/ https://preview.amp.dev/ https://go.amp.dev/ https://log.amp.dev/;report-uri /csp-report
content-type
image/png
cache-control
public, max-age=604800, stale-while-revalidate=1209600
access-control-allow-credentials
true
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
353764
x-xss-protection
1; mode=block
amp-auto-lightbox-0.1.js
cdn.ampproject.org/rtv/012210211855000/v0/ 		8 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012210211855000/v0/amp-auto-lightbox-0.1.js
Requested by
Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/v0.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:816::2001 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
eb0ee940fa4feb2f463a553369b5f8c9e0f226c702a2cf5f66648792a9c4ed69
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.xgqfrms.xyz/
Origin
https://www.xgqfrms.xyz
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Tue, 08 Nov 2022 06:14:45 GMT
age
47376
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2993
x-xss-protection
0
server
sffe
etag
"4c4f9dfcf3c36789"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Wed, 08 Nov 2023 06:14:45 GMT
amp-loader-0.1.js
cdn.ampproject.org/rtv/012210211855000/v0/ 		12 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012210211855000/v0/amp-loader-0.1.js
Requested by
Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/v0.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:816::2001 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
945de24b9f67ef6e2a971867bc8c251141c8f36d193f0145f5787e42cd7a7c9c
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.xgqfrms.xyz/
Origin
https://www.xgqfrms.xyz
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Tue, 08 Nov 2022 06:14:45 GMT
age
47376
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
3846
x-xss-protection
0
server
sffe
etag
"dd1527ec8ef4e804"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Wed, 08 Nov 2023 06:14:45 GMT
truncated
/ 		715 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
5a3f1dd74233f605e511f1b5b244bedf85ac88ba264caf4d6401bc7ec2017dcd

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

Content-Type
image/png
truncated
/ 		380 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
717f6bb5f6cc69c444f54376a72dee0ca7968b2a12e7c9475247ec85c0e75a53

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

Content-Type
image/svg+xml
wavepool.gif
amp.dev/static/inline-examples/images/ 		4 MB
4 MB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://amp.dev/static/inline-examples/images/wavepool.gif
Requested by
Host: www.xgqfrms.xyz
URL: https://www.xgqfrms.xyz/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:1901:0:742:: Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
2d853e6b5d57321d3b9dd85bbc3afcec0f3f89b8e5e630cda4f1a6034ed3cc56
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.xgqfrms.xyz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Tue, 08 Nov 2022 19:24:21 GMT
x-content-type-options
nosniff
last-modified
Tue, 11 Oct 2022 06:50:00 GMT
via
1.1 google
etag
W/"3aa679-183c5ceadc0"
vary
Origin
content-security-policy-report-only
default-src * data: blob:;worker-src 'self' blob:;script-src blob: 'unsafe-inline' https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/viewer/ https://cdn.ampproject.org/rtv/ https://www.googletagmanager.com/gtag/js https://playground.amp.dev/ https://preview.amp.dev/ https://go.amp.dev/ https://log.amp.dev/;object-src 'none';style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://playground.amp.dev/ https://preview.amp.dev/ https://go.amp.dev/ https://log.amp.dev/;report-uri /csp-report
content-type
image/gif
cache-control
public, max-age=604800, stale-while-revalidate=1209600
access-control-allow-credentials
true
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
3843705
x-xss-protection
1; mode=block
kitten-playing.png
amp.dev/static/inline-examples/images/ 		86 KB
86 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://amp.dev/static/inline-examples/images/kitten-playing.png
Requested by
Host: www.xgqfrms.xyz
URL: https://www.xgqfrms.xyz/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:1901:0:742:: Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
6cff14c51fafdc13a30bce3f6bebaf7c2e64a3f316c869b66459a9bb3f989003
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.xgqfrms.xyz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
via
1.1 google
x-content-type-options
nosniff
date
Mon, 07 Nov 2022 22:49:25 GMT
age
74096
content-security-policy-report-only
default-src * data: blob:;worker-src 'self' blob:;script-src blob: 'unsafe-inline' https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/viewer/ https://cdn.ampproject.org/rtv/ https://www.googletagmanager.com/gtag/js https://playground.amp.dev/ https://preview.amp.dev/ https://go.amp.dev/ https://log.amp.dev/;object-src 'none';style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://playground.amp.dev/ https://preview.amp.dev/ https://go.amp.dev/ https://log.amp.dev/;report-uri /csp-report
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
87606
x-xss-protection
1; mode=block
last-modified
Tue, 11 Oct 2022 06:50:00 GMT
etag
W/"15636-183c5ceadc0"
vary
Origin
content-type
image/png
cache-control
public, max-age=604800, stale-while-revalidate=1209600
access-control-allow-credentials
true
accept-ranges
bytes
truncated
/ 		382 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
b4f80028ddc6dc380c89927fb2d2d3dd9c580a24f99db9b93e32ce0b607d5c88

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

Content-Type
image/svg+xml
cat-meow.mp3
amp.dev/static/inline-examples/audio/ 		68 KB
0 		Media
General
Check archive.org
Download Go to
Full URL
https://amp.dev/static/inline-examples/audio/cat-meow.mp3
Requested by
Host: www.xgqfrms.xyz
URL: https://www.xgqfrms.xyz/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:1901:0:742:: Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.xgqfrms.xyz/
Accept-Encoding
identity;q=1, *;q=0
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36
Range
bytes=0-

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Tue, 08 Nov 2022 19:24:21 GMT
x-content-type-options
nosniff
via
1.1 google
content-security-policy-report-only
default-src * data: blob:;worker-src 'self' blob:;script-src blob: 'unsafe-inline' https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/viewer/ https://cdn.ampproject.org/rtv/ https://www.googletagmanager.com/gtag/js https://playground.amp.dev/ https://preview.amp.dev/ https://go.amp.dev/ https://log.amp.dev/;object-src 'none';style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://playground.amp.dev/ https://preview.amp.dev/ https://go.amp.dev/ https://log.amp.dev/;report-uri /csp-report
Content-Range
bytes 0-69831/69832
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
Content-Length
69832
x-xss-protection
1; mode=block
last-modified
Tue, 11 Oct 2022 06:50:00 GMT
etag
W/"110c8-183c5ceadc0"
vary
Origin
content-type
audio/mpeg
cache-control
public, max-age=60, stale-while-revalidate=120
access-control-allow-credentials
true
accept-ranges
bytes
kitten-playing.mp4
amp.dev/static/inline-examples/videos/ 		429 KB
0 		Media
General
Check archive.org
Download Go to
Full URL
https://amp.dev/static/inline-examples/videos/kitten-playing.mp4
Requested by
Host: www.xgqfrms.xyz
URL: https://www.xgqfrms.xyz/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:1901:0:742:: Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.xgqfrms.xyz/
Accept-Encoding
identity;q=1, *;q=0
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36
Range
bytes=0-

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Tue, 08 Nov 2022 19:24:21 GMT
x-content-type-options
nosniff
via
1.1 google
content-security-policy-report-only
default-src * data: blob:;worker-src 'self' blob:;script-src blob: 'unsafe-inline' https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/viewer/ https://cdn.ampproject.org/rtv/ https://www.googletagmanager.com/gtag/js https://playground.amp.dev/ https://preview.amp.dev/ https://go.amp.dev/ https://log.amp.dev/;object-src 'none';style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://playground.amp.dev/ https://preview.amp.dev/ https://go.amp.dev/ https://log.amp.dev/;report-uri /csp-report
Content-Range
bytes 0-4474975/4474976
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
Content-Length
4474976
x-xss-protection
1; mode=block
last-modified
Tue, 11 Oct 2022 06:50:00 GMT
etag
W/"444860-183c5ceadc0"
vary
Origin
content-type
video/mp4
cache-control
public, max-age=604800, stale-while-revalidate=1209600
access-control-allow-credentials
true
accept-ranges
bytes
truncated
/ 		547 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
eb14baeac955bb11e33cd7fd3fd2f698cf20db1b450325f45ea843b6cdc82366

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/ 		552 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
62f3f809487194fcc55a3ebd88811a604ae496027bb425d4ebd15d9ae1921945

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/ 		177 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
d692a67352a3dfa80010c86a62761cfff05c0b1086618106a8576cc45a6a8115

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/ 		351 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
145287b36883dd3061ca7aa9229a8fa9ace2cccd50e0382b4b6201f3916b57c5

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/ 		242 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
1f4513a435d6a3047d20a50c1e7d4263de42146c74be227f774b5e82e6357e75

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/ 		180 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
6cf4ddc728ae2116b65b72832d21cdf33961c094ce95ea8a5b676b7d71212f82

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/ 		354 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
77fc7e2cee3f1b71326ab2d9e121017b176205d0c8bbb013dfe7ebfccb2c5cab

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

Content-Type
image/svg+xml
amp-lightbox-gallery-0.1.js
cdn.ampproject.org/rtv/012210211855000/v0/ 		65 KB
19 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012210211855000/v0/amp-lightbox-gallery-0.1.js
Requested by
Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/v0.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:816::2001 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f9ce96c439190261189c0295a8794da58a974ab31da64f948913abcb4298a9ab
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.xgqfrms.xyz/
Origin
https://www.xgqfrms.xyz
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Tue, 01 Nov 2022 20:16:31 GMT
age
601670
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
18988
x-xss-protection
0
server
sffe
etag
"1f724d054f9f1c52"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Wed, 01 Nov 2023 20:16:31 GMT

Verdicts & Comments Add Verdict or Comment

39 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| onbeforeinput object| oncontextlost object| oncontextrestored function| structuredClone object| launchQueue object| onbeforematch function| getScreenDetails function| queryLocalFonts object| navigation string| gaJsHost object| _gat object| _gaq object| pageTracker object| gaGlobal string| GoogleAnalyticsObject function| ga object| LongTaskObserver object| LUX object| LUX_ae object| LUX_al object| AMP object| google_tag_data object| gaplugins object| gaData object| AMP_CONFIG object| AMP_EXP object| __AMP_LOG function| HTMLElementOrig object| __AMP_ERRORS object| __AMP_MODE function| __AMP_REPORT_ERROR object| __AMP_TOP object| __AMP_SERVICES object| __AMP_URL_CACHE object| __AMP__EXPERIMENT_TOGGLES boolean| __AMP_TAG object| __AMP_EXTENDED_ELEMENTS function| __AMP_BASE_CE_CLASS object| __AMP_AUTOPLAY

8 Cookies

Domain/Path Name / Value
.xgqfrms.xyz/ Name: __utma
Value: 107267979.1315956595.1667935461.1667935461.1667935461.1
.xgqfrms.xyz/ Name: __utmc
Value: 107267979
.xgqfrms.xyz/ Name: __utmz
Value: 107267979.1667935461.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none)
.xgqfrms.xyz/ Name: __utmt
Value: 1
.xgqfrms.xyz/ Name: __utmb
Value: 107267979.1.10.1667935461
.xgqfrms.xyz/ Name: _ga
Value: GA1.2.1315956595.1667935461
.xgqfrms.xyz/ Name: _gid
Value: GA1.2.1734799474.1667935461
.xgqfrms.xyz/ Name: _gat
Value: 1

2 Console Messages

Source Level URL
Text
javascript warning URL: https://www.xgqfrms.xyz/(Line 243)
Message:
A parser-blocking, cross site (i.e. different eTLD+1) script, https://ssl.google-analytics.com/ga.js, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
javascript warning URL: https://www.xgqfrms.xyz/(Line 243)
Message:
A parser-blocking, cross site (i.e. different eTLD+1) script, https://ssl.google-analytics.com/ga.js, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Strict-Transport-Security max-age=0; includeSubDomains; preload
X-Content-Type-Options nosniff

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

amp.dev
cdn.ampproject.org
cdn.speedcurve.com
cdn.xgqfrms.xyz
fonts.googleapis.com
fonts.gstatic.com
s05.flagcounter.com
ssl.google-analytics.com
www.google-analytics.com
www.xgqfrms.xyz
151.101.2.217
2600:1901:0:742::
2606:4700:3036::ac43:df9e
2607:f8b0:4006:816::2001
2607:f8b0:4006:81c::200a
2607:f8b0:4006:820::2003
2607:f8b0:4006:821::2008
2607:f8b0:4006:822::200e
66.154.110.218
02fd42c624f0af30f030fbae29c0d398289d5446ab375c42cda1970df904f22e
1259ea99bd76596239bfd3102c679eb0a5052578dc526b0452f4d42f8bcdd45f
145287b36883dd3061ca7aa9229a8fa9ace2cccd50e0382b4b6201f3916b57c5
1f4513a435d6a3047d20a50c1e7d4263de42146c74be227f774b5e82e6357e75
2d853e6b5d57321d3b9dd85bbc3afcec0f3f89b8e5e630cda4f1a6034ed3cc56
2fa0573850512ff810d96a034c2b199fc696cf2946ec91e013505a2b56bf6bd1
38c24194e26fb2c75977a09ce8385a8a8a56f2b01520554f7b8c165093e361ee
4337e08b3b56c34322b374766dc1df3e293dade805425ba5980c9f0c8284ebf1
50e04910e88a5794f1913be2678b3e52e88c58fe8eea94abaf7fbdf5ccca4428
5a3f1dd74233f605e511f1b5b244bedf85ac88ba264caf4d6401bc7ec2017dcd
62f3f809487194fcc55a3ebd88811a604ae496027bb425d4ebd15d9ae1921945
63ddf585f96d456d0e91d248d210d8acb4813fd60cbe0ed557b74b770b2076cf
65450264b7e415e928ad0901e0f3f3d498da73ee872782f45a95ff2f92dc98ec
6bcb0b26c3cf3602feed634aec703ce4e8433da448bc01d60be783d066858c5b
6cf4ddc728ae2116b65b72832d21cdf33961c094ce95ea8a5b676b7d71212f82
6cff14c51fafdc13a30bce3f6bebaf7c2e64a3f316c869b66459a9bb3f989003
717f6bb5f6cc69c444f54376a72dee0ca7968b2a12e7c9475247ec85c0e75a53
77fc7e2cee3f1b71326ab2d9e121017b176205d0c8bbb013dfe7ebfccb2c5cab
808edcde1c3fbf3b12d053b285b7456b09524ed00e06a7f8e86a637ca0927a5f
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
873590343c34be6a11c63393447d8ca8494263eadc650e6f5f46e5b1541c1207
8778e9af2422858d7052ff9a0f3c12c08ae976bdd6e0316db144cd5579cd97db
910612fc65208677f4e2fff60558e0f1949138a3696402a17ed5582efe0d2649
945de24b9f67ef6e2a971867bc8c251141c8f36d193f0145f5787e42cd7a7c9c
978eb627d3964420e1b3d31fea6d3696a08eff48442a6e5189fe76f39005a50f
a048e640908046be06e00eab37742b5d5ff80964af58cfd22f7cb2de4dfe375f
a4d9df0006d0a92396dde1aa67e28806a2656f31d0ae27d1dc458401e78bafec
af01f23413b5533c1b5a1c400e3076726312db3cb2fe0a48d3dbdb5f2b4cd231
b42e4a056cb5b80c5a315040826866445ec9332f0749e184509ab2d9d3b86719
b4f80028ddc6dc380c89927fb2d2d3dd9c580a24f99db9b93e32ce0b607d5c88
bc7ee2aa402ed7fee29e7309da565399c223321056676f10938ddcda4e1902bb
cc05deb16561331001daa8e140f96f0d12ae6c3388c0add2e226c6376930bc32
d692a67352a3dfa80010c86a62761cfff05c0b1086618106a8576cc45a6a8115
eb0ee940fa4feb2f463a553369b5f8c9e0f226c702a2cf5f66648792a9c4ed69
eb14baeac955bb11e33cd7fd3fd2f698cf20db1b450325f45ea843b6cdc82366
f5b3a9f2c52fcf7b954e71212ea0fcdd98b4159dfa82e7310458b4573d1e554e
f702408df1648c776698f7dadf4bd24a8b38a51e7814cbcc7c0a0cb6943131da
f9ce96c439190261189c0295a8794da58a974ab31da64f948913abcb4298a9ab