hax.apiku.workers.dev Open in urlscan Pro
2a06:98c1:3121::3 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://hax.apiku.workers.dev/
Submission: On December 30 via api (December 30th 2024, 6:46:39 pm UTC) from US — Scanned from NL

Summary HTTP 37 Redirects Links 11 Behaviour Indicators

Summary

This website contacted 12 IPs in 3 countries across 8 domains to perform 37 HTTP transactions. The main IP is 2a06:98c1:3121::3, located in United States and belongs to CLOUDFLARENET, US. The main domain is hax.apiku.workers.dev.
TLS certificate: Issued by WE1 on November 9th 2024. Valid for: 3 months.

This is the only time hax.apiku.workers.dev was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1	2a06:98c1:312... 2a06:98c1:3121::3	13335 (CLOUDFLAR...) (CLOUDFLARENET)
11	188.114.96.3 188.114.96.3	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a00:1450:400... 2a00:1450:4001:81c::200e	15169 (GOOGLE) (GOOGLE)
10	216.58.212.130 216.58.212.130	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:812::2008	15169 (GOOGLE) (GOOGLE)
3	2a04:4e42:200... 2a04:4e42:200::591	54113 (FASTLY) (FASTLY)
2	2a00:1450:400... 2a00:1450:4001:808::200e	15169 (GOOGLE) (GOOGLE)
1	2001:4860:480... 2001:4860:4802:32::36	15169 (GOOGLE) (GOOGLE)
1	216.58.206.34 216.58.206.34	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:830::2001	15169 (GOOGLE) (GOOGLE)
1 1	2a00:1450:400... 2a00:1450:4001:80b::200e	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:810::200e	15169 (GOOGLE) (GOOGLE)
37	12

1 2a06:98c1:3121::3 (United States)

ASN13335 (CLOUDFLARENET, US)

hax.apiku.workers.dev	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

11 188.114.96.3 (Amsterdam, Netherlands)

ASN13335 (CLOUDFLARENET, US)

hax.apiku.workers.dev	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:81c::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fundingchoicesmessages.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 216.58.212.130 (United States)

ASN15169 (GOOGLE, US)
PTR: ams15s21-in-f130.1e100.net

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:812::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a04:4e42:200::591 (United States)

ASN54113 (FASTLY, US)

brick.freetls.fastly.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:808::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2001:4860:4802:32::36 (United States)

ASN15169 (GOOGLE, US)

region1.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 216.58.206.34 (United States)

ASN15169 (GOOGLE, US)
PTR: mil07s07-in-f2.1e100.net

ep1.adtrafficquality.google	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:830::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

ep2.adtrafficquality.google	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:80b::200e (Frankfurt am Main, Germany) 1 redirects

ASN15169 (GOOGLE, US)

www3.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:810::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

marketingplatform.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
12	workers.dev hax.apiku.workers.dev	194 KB
10	googlesyndication.com pagead2.googlesyndication.com — Cisco Umbrella Rank: 110	301 KB
3	adtrafficquality.google ep1.adtrafficquality.google — Cisco Umbrella Rank: 389 ep2.adtrafficquality.google — Cisco Umbrella Rank: 403	20 KB
3	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 36 region1.google-analytics.com — Cisco Umbrella Rank: 3353	22 KB
3	fastly.net brick.freetls.fastly.net — Cisco Umbrella Rank: 152767	606 KB
3	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 39	246 KB
2	google.com fundingchoicesmessages.google.com — Cisco Umbrella Rank: 695 marketingplatform.google.com — Cisco Umbrella Rank: 9430	11 KB
1	doubleclick.net 1 redirects www3.doubleclick.net — Cisco Umbrella Rank: 11065	272 B
37	8

	Domain	Requested by
12	hax.apiku.workers.dev	hax.apiku.workers.dev
10	pagead2.googlesyndication.com	hax.apiku.workers.dev pagead2.googlesyndication.com
3	brick.freetls.fastly.net	hax.apiku.workers.dev brick.freetls.fastly.net
3	www.googletagmanager.com	hax.apiku.workers.dev www.googletagmanager.com
2	ep2.adtrafficquality.google	pagead2.googlesyndication.com ep2.adtrafficquality.google
2	www.google-analytics.com	www.googletagmanager.com www.google-analytics.com
1	marketingplatform.google.com
1	www3.doubleclick.net	1 redirects
1	ep1.adtrafficquality.google	pagead2.googlesyndication.com
1	region1.google-analytics.com	www.googletagmanager.com
1	fundingchoicesmessages.google.com	hax.apiku.workers.dev
37	11

This site contains links to these domains. Also see Links.

Domain
asiavm.net
woiden.id
ssh.hax.apiku.workers.dev
ftp.hax.apiku.workers.dev
t.me
wiki.hax.apiku.workers.dev
stats.uptimerobot.com

Subject Issuer	Validity	Valid
apiku.workers.dev WE1	`2024-11-09` - `2025-02-07`	3 months	crt.sh
*.google.com WR2	`2024-12-02` - `2025-02-24`	3 months	crt.sh
*.g.doubleclick.net WR2	`2024-12-02` - `2025-02-24`	3 months	crt.sh
*.google-analytics.com WR2	`2024-12-02` - `2025-02-24`	3 months	crt.sh
*.freetls.fastly.net GlobalSign Atlas R3 DV TLS CA 2024 Q3	`2024-09-11` - `2025-10-13`	a year	crt.sh
adtrafficquality.google WR2	`2024-12-02` - `2025-02-24`	3 months	crt.sh

This page contains 7 frames:

Primary Page: https://hax.apiku.workers.dev/
Frame ID: 2C83898AE3AA9FCA107F79BC412850FC
Requests: 31 HTTP requests in this frame

Frame: https://hax.apiku.workers.dev/cdn-cgi/challenge-platform/scripts/jsd/main.js
Frame ID: B7F91DD0B9B74DD54F068942B4CDDA2F
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/html/r20241212/r20190131/zrt_lookup_fy2021.html
Frame ID: A016708D00F7E3E23CD9707D9753485C
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/ads?client=ca-pub-7588871336474804&output=html&adk=1812271804&adf=3025194257&abgtt=6&lmt=1735584394&plat=3%3A16%2C9%3A134250504%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&plas=212x945_r&format=0x0&url=https%3A%2F%2Fhax.apiku.workers.dev%2F&pra=5&wgl=1&aihb=0&aiof=3&asro=0&ailel=1~2~4~6~7~8~9~10~11~12~13~14~15~16~17~18~19~20~21~24~29~30~34&aiael=1~2~3~4~6~7~8~9~10~11~12~13~14~15~16~17~18~19~20~21~24~29~30~34&aicel=33~38&aifxl=29_18~30_19&aiixl=29_5~30_6&aiict=1&itsi=-1&aiapm=0.3221&aiapmi=0.33938&aiombap=1&aief=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1735584394517&bpp=5&bdt=1487&idt=164&shv=r20241212&mjsv=m202412090101&ptt=9&saldr=aa&abxe=1&eoidce=1&nras=1&correlator=2993077790484&frm=20&pv=2&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31088670%2C31089326%2C31089329%2C95330279%2C95345966&oid=2&pvsid=1327727649578173&tmod=1929989347&uas=0&nvt=1&fsapi=1&fc=1920&brdim=20%2C20%2C20%2C20%2C1600%2C0%2C1600%2C1285%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&bz=1&td=1&tdf=2&nt=1&ifi=1&uci=a!1&fsb=1&dtd=193
Frame ID: 82136DBCF8E14B2D0922C632B05DEEF5
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/ads?client=ca-pub-8979619446781272&output=html&h=90&slotname=8981212333&adk=385455928&adf=854766408&pi=t.ma~as.8981212333&w=728&abgtt=6&lmt=1735584394&format=728x90&url=https%3A%2F%2Fhax.apiku.workers.dev%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1735584394522&bpp=1&bdt=1492&idt=211&shv=r20241212&mjsv=m202412090101&ptt=9&saldr=aa&abxe=1&eoidce=1&prev_fmts=0x0&nras=1&correlator=2993077790484&frm=20&pv=2&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=245&ady=57&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31088670%2C31089326%2C31089329%2C95330279%2C95345966&oid=2&pvsid=1327727649578173&tmod=1929989347&uas=0&nvt=1&fc=1920&brdim=20%2C20%2C20%2C20%2C1600%2C0%2C1600%2C1285%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&bz=1&td=1&tdf=2&nt=1&ifi=2&uci=a!2&fsb=1&dtd=224
Frame ID: 3855734DBA5BD1F5F5B281F08770CD27
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/ads?client=ca-pub-7588871336474804&output=html&h=280&slotname=9881264767&adk=2255045046&adf=3610118697&pi=t.ma~as.9881264767&w=1110&abgtt=6&fwrn=4&fwrnh=100&lmt=1735584394&rafmt=1&format=1110x280&url=https%3A%2F%2Fhax.apiku.workers.dev%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1735584394523&bpp=1&bdt=1494&idt=238&shv=r20241212&mjsv=m202412090101&ptt=9&saldr=aa&abxe=1&eoidce=1&prev_fmts=0x0%2C728x90&nras=1&correlator=2993077790484&frm=20&pv=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=245&ady=286&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31088670%2C31089326%2C31089329%2C95330279%2C95345966&oid=2&pvsid=1327727649578173&tmod=1929989347&uas=0&nvt=1&fc=1920&brdim=20%2C20%2C20%2C20%2C1600%2C0%2C1600%2C1285%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&bz=1&td=1&tdf=2&nt=1&ifi=3&uci=a!3&fsb=1&dtd=241
Frame ID: 4A3FCCEE4E166E563535CEFFE717ED86
Requests: 1 HTTP requests in this frame

Frame: https://ep2.adtrafficquality.google/sodar/sodar2/232/runner.html
Frame ID: 2F2131F6A67AF1D41D212ACECB1A9689
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

IPv6 VPS - Linux VM for Everyone - Hax.co.id

Detected technologies

Bootstrap (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/ns\.html[^>]+></iframe>
googletagmanager\.com/gtm\.js
googletagmanager\.com/gtag/js

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

37
Requests

95 %
HTTPS

75 %
IPv6

8
Domains

11
Subdomains

12
IPs

3
Countries

1399 kB
Transfer

3237 kB
Size

5
Cookies

11 Outgoing links

These are links going to different origins than the main page.

URL: https://asiavm.net/nat-vps/
Title: Buy VPS

Search URL Search Domain Scan URL

URL: https://woiden.id/
Title: Woiden IPv6 VPS

Search URL Search Domain Scan URL

URL: https://ssh.hax.apiku.workers.dev/
Title: WebBase - SSH Client

Search URL Search Domain Scan URL

URL: https://ftp.hax.apiku.workers.dev/
Title: WebBase - FTP Client

Search URL Search Domain Scan URL

URL: https://t.me/ipv6server/
Title: Telegram Group

Search URL Search Domain Scan URL

URL: https://t.me/haxserver
Title: Telegram Channel

Search URL Search Domain Scan URL

URL: https://t.me/ipv6server
Title: Join our Telegram Group

Search URL Search Domain Scan URL

URL: https://wiki.hax.apiku.workers.dev/ipv6-servers/how-to-create-a-free-vps/
Title: How to Create a Free VPS

Search URL Search Domain Scan URL

URL: https://wiki.hax.apiku.workers.dev/ipv6-servers/how-to-connect-to-ipv6-vps/
Title: How do I connect to IPv6 Server?

Search URL Search Domain Scan URL

URL: https://wiki.hax.apiku.workers.dev/
Title: More tutorials about IPv6 VPS

Search URL Search Domain Scan URL

URL: https://stats.uptimerobot.com/p60PXiQv82
Title: Uptime Robot

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 33

https://www3.doubleclick.net/ HTTP 301
https://marketingplatform.google.com/about/enterprise/

37 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request / Show response
hax.apiku.workers.dev/ 17 KB
5 KB 1135ms
735ms Document
text/html 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://hax.apiku.workers.dev/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b44d95b13bf8e6e633af3fb722c59812addd561a8fde958e5a1f433dd253b92d

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-origin: *
alt-svc: h3=":443"; ma=86400
cache-control: no-store
cf-cache-status: DYNAMIC
cf-ray: 8fa43173ca46258a-AMS
content-encoding: zstd
content-type: text/html; charset=UTF-8
date: Mon, 30 Dec 2024 18:46:32 GMT
expires: Thu, 19 Nov 1981 08:52:00 GMT, 0
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
pragma: no-cache, no-cache
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=rQ0u5ui9JB2AO7ZoZmprhjYHFnJbDBpfZXsACqiiICmbpElB4mfh10ZglO09xCoFg1RYyI4nTqBG2GvYYB7YehuRCnhvmftoWy7lHNkDsmtquFBFKkUBh29b04FbqdLoyOaV83WtXkZj%2FIiC3xgANEg%2FcQE%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
server-timing: cfL4;desc="?proto=TCP&rtt=63849&min_rtt=37553&rtt_var=30052&sent=8&recv=11&lost=0&retrans=0&sent_bytes=3943&recv_bytes=2294&delivery_rate=79359&cwnd=243&unsent_bytes=0&cid=5042866512a45a90&ts=767&x=0"
vary: Accept-Encoding,User-Agent

GET
H3 200 robust.css
hax.apiku.workers.dev/dist/css/ 248 KB
39 KB 998ms
995ms Stylesheet
text/css 188.114.96.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://hax.apiku.workers.dev/dist/css/robust.css
Requested by: Host: hax.apiku.workers.dev
URL: https://hax.apiku.workers.dev/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 61e7ec4484d4ed6f7a3082b5005879f1ba40aaf51c4b8ab9397c5600519e66d7

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://hax.apiku.workers.dev/

Response headers

content-encoding: gzip
cf-cache-status: BYPASS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=D8NAwj0fEDQJb%2BMI9lxQiQxY%2FLe13D02l19xn1rNo3rTHmmtPtq8OdJrrl0IqEY%2FVideW80gS1fYpNqOlK%2F4q0cGirnJD5i0AdA%2BFA1DAgzZJaDGkaSM9hEp4WOMYO8JDTXXbvsaAHM%3D"}],"group":"cf-nel","max_age":604800}
expires: Thu, 1 Jan 1970 00:00:00 GMT
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=38599&min_rtt=14832&rtt_var=12862&sent=64&recv=39&lost=2&retrans=4&sent_bytes=47962&recv_bytes=15015&delivery_rate=479601&cwnd=10800&unsent_bytes=0&cid=a81b0095f350f621&ts=2126&x=1", cfExtPri, cfHdrFlush;dur=3
date: Mon, 30 Dec 2024 18:46:34 GMT
content-type: text/css
vary: Accept-Encoding,User-Agent
priority: u=0,i=?0
cache-control: no-store
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
pragma: no-cache
access-control-allow-credentials: true
cf-ray: 8fa43178ad23b987-AMS
accept-ranges: bytes
access-control-allow-origin: *
content-length: 38996
server: cloudflare

GET
H3 200 jquery.js Show response
hax.apiku.workers.dev/dist/js/ 87 KB
31 KB 910ms
903ms Script
application/javascript 188.114.96.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://hax.apiku.workers.dev/dist/js/jquery.js
Requested by: Host: hax.apiku.workers.dev
URL: https://hax.apiku.workers.dev/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f7f6a5894f1d19ddad6fa392b2ece2c5e578cbf7da4ea805b6885eb6985b6e3d

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://hax.apiku.workers.dev/

Response headers

content-encoding: gzip
cf-cache-status: BYPASS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=BqVPHWCCrkPDcfU%2FQeWDK0hfvALklzp3Ji411554lcKp2YCa4WIFc2%2FU%2BHOaSQhj5bRAsX3iHZqp0bcbzor8477WNZrar0M77bJSZCvG2GqWBCovBELtC3A4uMROFROPLY6AmdAa%2Fmc%3D"}],"group":"cf-nel","max_age":604800}
expires: Thu, 1 Jan 1970 00:00:00 GMT
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=20258&min_rtt=14832&rtt_var=6454&sent=33&recv=28&lost=2&retrans=4&sent_bytes=11962&recv_bytes=14541&delivery_rate=2342&cwnd=8400&unsent_bytes=0&cid=a81b0095f350f621&ts=2018&x=1", cfExtPri, cfHdrFlush;dur=0
date: Mon, 30 Dec 2024 18:46:33 GMT
content-type: application/javascript
vary: Accept-Encoding,User-Agent
priority: u=1,i=?0
cache-control: no-store
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
pragma: no-cache
access-control-allow-credentials: true
cf-ray: 8fa43178ad2ab987-AMS
accept-ranges: bytes
access-control-allow-origin: *
content-length: 30910
server: cloudflare

GET
H2 200 pub-7588871336474804 Show response
fundingchoicesmessages.google.com/i/ 25 KB
11 KB 190ms
59ms Script
application/javascript 2a00:1450:4001:81c::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/i/pub-7588871336474804?ers=1

Requested by

Host: hax.apiku.workers.dev
URL: https://hax.apiku.workers.dev/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

f95980d70b0539b4cbc5a4518e2e1c26f0cd879d975b6d7a1b8d6645f5747288

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport, script-src 'report-sample' 'nonce-2PocOmos_xF-T_qfyV69ng' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingWebSwitchboardHttp/cspreport/allowlist
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://hax.apiku.workers.dev/

Response headers

content-encoding: gzip
x-content-type-options: nosniff
expires: Mon, 01 Jan 1990 00:00:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Mon, 30 Dec 2024 18:46:34 GMT
content-type: application/javascript; charset=utf-8
x-frame-options: SAMEORIGIN
reporting-endpoints: default="/_/ContributorServingWebSwitchboardHttp/web-reports?context=eJzjKtDikmII0pBikPj6kkkDiJ3SZ7AGAXHrzXOsU4HYaO15VicgTvp3nrUIiA0VLrE6gnDRJVZPIFbtucRqCsT3111ifQ7EH-ovs_4A4hnnL7MuAOIiiSusTUDM8PUKKwcQC_FwdF09vZtN4MDLI8sZlTSS8gvjk_PzSooyk0pL8ovSktNSi1OLylKL4o0MjEwMjQyN9AwM4wsMAJ_vRd0"
content-security-policy: require-trusted-types-for 'script';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport, script-src 'report-sample' 'nonce-2PocOmos_xF-T_qfyV69ng' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingWebSwitchboardHttp/cspreport/allowlist
cache-control: no-cache, no-store, max-age=0, must-revalidate
cross-origin-opener-policy: same-origin
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-resource-policy: cross-origin
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factors=*, ch-ua-platform=*, ch-ua-platform-version=*
x-xss-protection: 0
server: ESF

GET
H3 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 156 KB
52 KB 157ms
86ms Script
text/javascript 216.58.212.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-7588871336474804

Requested by

Host: hax.apiku.workers.dev
URL: https://hax.apiku.workers.dev/

Protocol

Security

QUIC, , AES_128_GCM

Server

216.58.212.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

ams15s21-in-f130.1e100.net

Software

cafe /

Resource Hash

11c31679277bcb5aace1417f25154c058549adda0dde4c18152775a2b8199f2a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin: https://hax.apiku.workers.dev
Referer: https://hax.apiku.workers.dev/

Response headers

content-encoding: br
etag: 17132380778266205483
x-content-type-options: nosniff
expires: Mon, 30 Dec 2024 18:46:34 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
date: Mon, 30 Dec 2024 18:46:34 GMT
content-type: text/javascript; charset=UTF-8
vary: Accept-Encoding
content-disposition: attachment; filename="f.txt"
link: <https://googleads.g.doubleclick.net>; rel="preconnect"; crossorigin
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
content-length: 53306
x-xss-protection: 0
server: cafe

GET
H3 404 ajax.js
hax.apiku.workers.dev/dist/js/ 0
0 809ms
799ms Script
text/plain 188.114.96.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://hax.apiku.workers.dev/dist/js/ajax.js
Requested by: Host: hax.apiku.workers.dev
URL: https://hax.apiku.workers.dev/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://hax.apiku.workers.dev/

Response headers

nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=xIbXtsVPr%2BGZYbFVALiQ%2Fj%2B5EYz6p%2Fp8XqjeWH9KwxcEN0P2Eo%2B%2BP6h87fNR76XkLVfxRIJasjjyLTyCgcZ4l3dpqmvdpMMvblSlVf2SsJoaiLe%2B0Z%2BkArOsefwrIdT2A77NIKkIQtc%3D"}],"group":"cf-nel","max_age":604800}
cf-ray: 8fa43178ad33b987-AMS
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=19443&min_rtt=14832&rtt_var=8582&sent=31&recv=24&lost=2&retrans=4&sent_bytes=10714&recv_bytes=14368&delivery_rate=473&cwnd=8400&unsent_bytes=0&cid=a81b0095f350f621&ts=1946&x=1", cfExtPri, cfHdrFlush;dur=0
content-length: 0
date: Mon, 30 Dec 2024 18:46:33 GMT
vary: Accept-Encoding
server: cloudflare
priority: u=1,i=?0

GET
H3 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 156 KB
52 KB 127ms
56ms Script
text/javascript 216.58.212.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-8979619446781272

Requested by

Host: hax.apiku.workers.dev
URL: https://hax.apiku.workers.dev/

Protocol

Security

QUIC, , AES_128_GCM

Server

216.58.212.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

ams15s21-in-f130.1e100.net

Software

cafe /

Resource Hash

79801117094eeec683e204468af1f99b2c91e30701f5bba6b9b3adb8e250d119

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin: https://hax.apiku.workers.dev
Referer: https://hax.apiku.workers.dev/

Response headers

content-encoding: br
etag: 17889275858002284086
x-content-type-options: nosniff
expires: Mon, 30 Dec 2024 18:46:34 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
date: Mon, 30 Dec 2024 18:46:34 GMT
content-type: text/javascript; charset=UTF-8
vary: Accept-Encoding
content-disposition: attachment; filename="f.txt"
link: <https://googleads.g.doubleclick.net>; rel="preconnect"; crossorigin
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
content-length: 53310
x-xss-protection: 0
server: cafe

GET
H3 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 156 KB
52 KB 118ms
48ms Script
text/javascript 216.58.212.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-1105901122891748

Requested by

Host: hax.apiku.workers.dev
URL: https://hax.apiku.workers.dev/

Protocol

Security

QUIC, , AES_128_GCM

Server

216.58.212.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

ams15s21-in-f130.1e100.net

Software

cafe /

Resource Hash

806736d569e3354c45151d27b588be848df00d57a55ec1a8488b2bc04d7d2111

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin: https://hax.apiku.workers.dev
Referer: https://hax.apiku.workers.dev/

Response headers

content-encoding: br
etag: 10290662653701388586
x-content-type-options: nosniff
expires: Mon, 30 Dec 2024 18:46:34 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
date: Mon, 30 Dec 2024 18:46:34 GMT
content-type: text/javascript; charset=UTF-8
vary: Accept-Encoding
content-disposition: attachment; filename="f.txt"
link: <https://googleads.g.doubleclick.net>; rel="preconnect"; crossorigin
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
content-length: 53304
x-xss-protection: 0
server: cafe

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 223 KB
81 KB 123ms
41ms Script
application/javascript 2a00:1450:4001:812::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=UA-179253361-1

Requested by

Host: hax.apiku.workers.dev
URL: https://hax.apiku.workers.dev/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

d7f55025515d895ef01eb2460692f639faa94fe87a70f59bd194165479635084

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://hax.apiku.workers.dev/

Response headers

content-encoding: br
report-to: {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcycc:838:0"}],}
expires: Mon, 30 Dec 2024 18:46:34 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Mon, 30 Dec 2024 18:46:34 GMT
content-type: application/javascript; charset=UTF-8
vary: Accept-Encoding
last-modified: Mon, 30 Dec 2024 18:00:00 GMT
access-control-allow-headers: Cache-Control
strict-transport-security: max-age=31536000; includeSubDomains
cache-control: private, max-age=900
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcycc:838:0
access-control-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to=coop_reporting
content-length: 81739
x-xss-protection: 0
server: Google Tag Manager

GET
H3 200 dfp.min.js Show response
hax.apiku.workers.dev/dist/js/ 114 B
804 B 800ms
790ms Script
application/javascript 188.114.96.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://hax.apiku.workers.dev/dist/js/dfp.min.js
Requested by: Host: hax.apiku.workers.dev
URL: https://hax.apiku.workers.dev/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 1fb123edfe4ebe8d57f2384ac69a82fbdc90a9c1c1cda81542ce5dbf87fd1c83

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://hax.apiku.workers.dev/

Response headers

content-encoding: gzip
cf-cache-status: BYPASS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=nF4xYedzDE4D5WGcdX%2Bw2vUf2YicUgyInjtmMf24SkTfFJ8db9s6bCGqjii1dZ%2FTdrHyIFn3EiwbyMfnVNnDw4aJD2hg05WY6NjvIg34iGJ2C34Itu%2BnZ2LExaAS65UQDRnTU7GUSlY%3D"}],"group":"cf-nel","max_age":604800}
expires: Thu, 1 Jan 1970 00:00:00 GMT
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=19443&min_rtt=14832&rtt_var=8582&sent=28&recv=24&lost=2&retrans=4&sent_bytes=9238&recv_bytes=14368&delivery_rate=473&cwnd=8400&unsent_bytes=0&cid=a81b0095f350f621&ts=1936&x=1", cfExtPri, cfHdrFlush;dur=0
date: Mon, 30 Dec 2024 18:46:33 GMT
content-type: application/javascript
vary: Accept-Encoding,User-Agent
priority: u=1,i=?0
cache-control: no-store
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
pragma: no-cache
access-control-allow-credentials: true
cf-ray: 8fa43178ad35b987-AMS
accept-ranges: bytes
access-control-allow-origin: *
content-length: 119
server: cloudflare

GET
H3 404 vpn.js
hax.apiku.workers.dev/dist/js/ 0
0 821ms
810ms Script
text/plain 188.114.96.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://hax.apiku.workers.dev/dist/js/vpn.js
Requested by: Host: hax.apiku.workers.dev
URL: https://hax.apiku.workers.dev/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://hax.apiku.workers.dev/

Response headers

nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=ED06bKOc7JBQfCXPAiMxpgN7Jsbnk0I6cj52eUV3iSGmNiATRhH4P28Hsx7XOcGZgIPsDu79cq4tRbSYfdMofow5BCsABwGZRzr8RUCLDxSuM494zfj2CjLNld3KebO%2BWjZg1pTsz5s%3D"}],"group":"cf-nel","max_age":604800}
cf-ray: 8fa43178ad36b987-AMS
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=19383&min_rtt=14832&rtt_var=6323&sent=32&recv=26&lost=2&retrans=4&sent_bytes=11343&recv_bytes=14454&delivery_rate=3640&cwnd=8400&unsent_bytes=0&cid=a81b0095f350f621&ts=1957&x=1", cfExtPri, cfHdrFlush;dur=0
content-length: 0
date: Mon, 30 Dec 2024 18:46:33 GMT
vary: Accept-Encoding
server: cloudflare
priority: u=1,i=?0

GET
H3 404 api.js
hax.apiku.workers.dev/dist/js/ 0
0 804ms
792ms Script
text/plain 188.114.96.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://hax.apiku.workers.dev/dist/js/api.js
Requested by: Host: hax.apiku.workers.dev
URL: https://hax.apiku.workers.dev/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://hax.apiku.workers.dev/

Response headers

nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=GMtRUrbJRvNiENHmnVJoytmmXojsYxqaPwhqQwo0jXTw4qRJjb6Atnu8CBtScx%2Fo%2BurPYpLGTQWfX%2FInUff4wMU4i6uXH%2FI635lg7KMTL%2Ftle2vgRMusalBey5ZF07Hq0bUCZgUo9Fg%3D"}],"group":"cf-nel","max_age":604800}
cf-ray: 8fa43178ad3eb987-AMS
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=19443&min_rtt=14832&rtt_var=8582&sent=30&recv=24&lost=2&retrans=4&sent_bytes=10089&recv_bytes=14368&delivery_rate=473&cwnd=8400&unsent_bytes=0&cid=a81b0095f350f621&ts=1938&x=1", cfExtPri, cfHdrFlush;dur=0
content-length: 0
date: Mon, 30 Dec 2024 18:46:33 GMT
vary: Accept-Encoding
server: cloudflare
priority: u=1,i=?0

GET
H3 200 bootstrap.js Show response
hax.apiku.workers.dev/dist/js/ 3 KB
2 KB 793ms
782ms Script
application/javascript 188.114.96.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://hax.apiku.workers.dev/dist/js/bootstrap.js
Requested by: Host: hax.apiku.workers.dev
URL: https://hax.apiku.workers.dev/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3d622190c469b5540a56cb63f7758c322e0627f7de7f7b74d8e107ae9fb7e5d

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://hax.apiku.workers.dev/

Response headers

content-encoding: gzip
cf-cache-status: BYPASS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=%2BCUSChBPfn%2F7j3ZA6SGF0Z1OP0D36meQiay46MEyvjPE1j3A%2B8DJbgOlVrc1IZhlxUkXPLrlkJflbNrtFjTLRGsyDuNSmbs%2BJ8jeNqyVfOJ6Dqerun6NPKcee%2BaUMXzeP0klHuzwLEM%3D"}],"group":"cf-nel","max_age":604800}
expires: Thu, 1 Jan 1970 00:00:00 GMT
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=19443&min_rtt=14832&rtt_var=8582&sent=26&recv=24&lost=2&retrans=4&sent_bytes=7218&recv_bytes=14368&delivery_rate=473&cwnd=8400&unsent_bytes=0&cid=a81b0095f350f621&ts=1931&x=1", cfExtPri, cfHdrFlush;dur=0
date: Mon, 30 Dec 2024 18:46:33 GMT
content-type: application/javascript
vary: Accept-Encoding,User-Agent
priority: u=1,i=?0
cache-control: no-store
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
pragma: no-cache
access-control-allow-credentials: true
cf-ray: 8fa43178ad3fb987-AMS
accept-ranges: bytes
access-control-allow-origin: *
content-length: 1246
server: cloudflare

GET
H3 200 bundle.js Show response
hax.apiku.workers.dev/dist/js/ 209 KB
64 KB 977ms
966ms Script
application/javascript 188.114.96.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://hax.apiku.workers.dev/dist/js/bundle.js
Requested by: Host: hax.apiku.workers.dev
URL: https://hax.apiku.workers.dev/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 88fce4bfa19cea2addfa7febfb18efd8a50cdf08a4216bf08f2ec947bf0c3ea0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://hax.apiku.workers.dev/

Response headers

content-encoding: gzip
cf-cache-status: BYPASS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=smiN79V%2Blfu5qQVfLmF%2BvsN6H52LiNTRx%2BeHymOQVffcMGQM0eDzpYNmpRlT8tPvnGxIWvhWWDeHBQ4JRitiM89QljIUU%2B2UZ1SUGxOKZ14buB7bNCJHVZl7RJ93AFnSTXB5ZaBbGAY%3D"}],"group":"cf-nel","max_age":604800}
expires: Thu, 1 Jan 1970 00:00:00 GMT
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=38599&min_rtt=14832&rtt_var=12862&sent=60&recv=39&lost=2&retrans=4&sent_bytes=44252&recv_bytes=15015&delivery_rate=479601&cwnd=10800&unsent_bytes=0&cid=a81b0095f350f621&ts=2115&x=1", cfExtPri, cfHdrFlush;dur=0
date: Mon, 30 Dec 2024 18:46:34 GMT
content-type: application/javascript
vary: Accept-Encoding,User-Agent
priority: u=1,i=?0
cache-control: no-store
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
pragma: no-cache
access-control-allow-credentials: true
cf-ray: 8fa43178ad42b987-AMS
access-control-allow-origin: *
server: cloudflare

GET
H2 200 Lato:400,400i,600,700
brick.freetls.fastly.net/ 626 B
485 B 104ms
24ms Stylesheet
text/css 2a04:4e42:200::591
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://brick.freetls.fastly.net/Lato:400,400i,600,700

Requested by

Host: hax.apiku.workers.dev
URL: https://hax.apiku.workers.dev/dist/css/robust.css

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a04:4e42:200::591 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Brick /

Resource Hash

b26812fac290a6b49f850e4a0e6b468aab81d8f9c10f3c49c0c93f121438af05

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://hax.apiku.workers.dev/

Response headers

content-encoding: gzip
age: 1776442
x-content-type-options: nosniff
expires: Thu, 09 Jan 2025 15:19:11 UTC
x-cache: HIT
date: Mon, 30 Dec 2024 18:46:34 GMT
content-type: text/css
last-modified: Fri, 05 Jan 2024 19:12:42 UTC
x-cache-hits: 0
x-served-by: cache-ams21082-AMS
vary: Accept-Encoding
cache-control: public, max-age=2628000
pragma: Public
x-timer: S1735584394.270485,VS0,VE2
via: 1.1 varnish
accept-ranges: bytes
access-control-allow-origin: *
content-length: 197
server: Brick

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 193 KB
70 KB 148ms
67ms Script
application/javascript 2a00:1450:4001:812::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-W8XJWPVZ

Requested by

Host: hax.apiku.workers.dev
URL: https://hax.apiku.workers.dev/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

7b7c0266cccbba878a00db276b63d911e7ca1f1ad8b824fbe0d37470ed2ce4e4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://hax.apiku.workers.dev/

Response headers

content-encoding: br
report-to: {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcycc:1080:0"}],}
expires: Mon, 30 Dec 2024 18:46:34 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Mon, 30 Dec 2024 18:46:34 GMT
content-type: application/javascript; charset=UTF-8
vary: Accept-Encoding
last-modified: Mon, 30 Dec 2024 18:00:00 GMT
access-control-allow-headers: Cache-Control
strict-transport-security: max-age=31536000; includeSubDomains
cache-control: private, max-age=900
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcycc:1080:0
access-control-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to=coop_reporting
content-length: 70914
x-xss-protection: 0
server: Google Tag Manager

GET
H3 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 156 KB
0 144ms
144ms Script
text/javascript 216.58.212.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-7588871336474804

Requested by

Host: hax.apiku.workers.dev
URL: https://hax.apiku.workers.dev/

Protocol

Security

QUIC, , AES_128_GCM

Server

216.58.212.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

ams15s21-in-f130.1e100.net

Software

cafe /

Resource Hash

11c31679277bcb5aace1417f25154c058549adda0dde4c18152775a2b8199f2a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin: https://hax.apiku.workers.dev
Referer: https://hax.apiku.workers.dev/

Response headers

content-encoding: br
etag: 17132380778266205483
x-content-type-options: nosniff
expires: Mon, 30 Dec 2024 18:46:34 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
date: Mon, 30 Dec 2024 18:46:34 GMT
content-type: text/javascript; charset=UTF-8
vary: Accept-Encoding
content-disposition: attachment; filename="f.txt"
link: <https://googleads.g.doubleclick.net>; rel="preconnect"; crossorigin
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
content-length: 53306
x-xss-protection: 0
server: cafe

GET
H3 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 156 KB
0 111ms
111ms Script
text/javascript 216.58.212.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-8979619446781272

Requested by

Host: hax.apiku.workers.dev
URL: https://hax.apiku.workers.dev/

Protocol

Security

QUIC, , AES_128_GCM

Server

216.58.212.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

ams15s21-in-f130.1e100.net

Software

cafe /

Resource Hash

79801117094eeec683e204468af1f99b2c91e30701f5bba6b9b3adb8e250d119

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin: https://hax.apiku.workers.dev
Referer: https://hax.apiku.workers.dev/

Response headers

content-encoding: br
etag: 17889275858002284086
x-content-type-options: nosniff
expires: Mon, 30 Dec 2024 18:46:34 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
date: Mon, 30 Dec 2024 18:46:34 GMT
content-type: text/javascript; charset=UTF-8
vary: Accept-Encoding
content-disposition: attachment; filename="f.txt"
link: <https://googleads.g.doubleclick.net>; rel="preconnect"; crossorigin
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
content-length: 53310
x-xss-protection: 0
server: cafe

GET
H2 200 700.woff
brick.freetls.fastly.net/fonts/lato/ 302 KB
303 KB 321ms
34ms Font
application/font-woff 2a04:4e42:200::591
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://brick.freetls.fastly.net/fonts/lato/700.woff
Requested by: Host: brick.freetls.fastly.net
URL: https://brick.freetls.fastly.net/Lato:400,400i,600,700
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2a04:4e42:200::591 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: 0e56b17d142eb366c8007031d14e34da48c70b4a9d9a0ca492e696a7bae45e1e

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin: https://hax.apiku.workers.dev
Referer: https://brick.freetls.fastly.net/Lato:400,400i,600,700

Response headers

etag: "65985402-4b9e0"
age: 30852
x-timer: S1735584395.642449,VS0,VE1
via: 1.1 varnish
accept-ranges: bytes
access-control-allow-origin: *
x-cache: HIT
content-length: 309728
date: Mon, 30 Dec 2024 18:46:34 GMT
content-type: application/font-woff
last-modified: Fri, 05 Jan 2024 19:09:54 GMT
server: nginx
x-cache-hits: 0
x-served-by: cache-ams21047-AMS

GET
H2 200 400.woff
brick.freetls.fastly.net/fonts/lato/ 302 KB
302 KB 320ms
34ms Font
application/font-woff 2a04:4e42:200::591
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://brick.freetls.fastly.net/fonts/lato/400.woff
Requested by: Host: brick.freetls.fastly.net
URL: https://brick.freetls.fastly.net/Lato:400,400i,600,700
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2a04:4e42:200::591 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: 5b9025dda4d7688e3311b0c17eddc501133b807def33effaef6593843cf5416e

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin: https://hax.apiku.workers.dev
Referer: https://brick.freetls.fastly.net/Lato:400,400i,600,700

Response headers

etag: "65985402-4b7c8"
age: 40092
x-timer: S1735584395.642446,VS0,VE1
via: 1.1 varnish
accept-ranges: bytes
access-control-allow-origin: *
x-cache: HIT
content-length: 309192
date: Mon, 30 Dec 2024 18:46:34 GMT
content-type: application/font-woff
last-modified: Fri, 05 Jan 2024 19:09:54 GMT
server: nginx
x-cache-hits: 0
x-served-by: cache-ams21047-AMS

GET
H3 200 fa-solid-900.woff2
hax.apiku.workers.dev/dist/fonts/ 49 KB
50 KB 737ms
737ms Font
application/octet-stream 188.114.96.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://hax.apiku.workers.dev/dist/fonts/fa-solid-900.woff2
Requested by: Host: hax.apiku.workers.dev
URL: https://hax.apiku.workers.dev/dist/css/robust.css
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e23fe6a6a5d9998a759442e8e5c716797a32282f8de163fce97c656408682bef

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin: https://hax.apiku.workers.dev
Referer: https://hax.apiku.workers.dev/dist/css/robust.css

Response headers

content-encoding: gzip
cf-cache-status: BYPASS
etag: "c4d4-6041fa3828080-gzip"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=o69HAZm%2BYTKhQ0mULJfQwYZqbloZwkSjF56%2BtAXNd5KXagVa5U85HC8hrrW59Swd3pr7lwi7s4Ktg4qco0Vzrzutab9MxAAu9GHVlZRVvuMIFU7wYu4LiEemPREzG7enaLmoukB7anc%3D"}],"group":"cf-nel","max_age":604800}
expires: 0
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=26573&min_rtt=14832&rtt_var=4518&sent=167&recv=78&lost=7&retrans=9&sent_bytes=164144&recv_bytes=17366&delivery_rate=86139&cwnd=12000&unsent_bytes=0&cid=a81b0095f350f621&ts=3130&x=1", cfExtPri, cfHdrFlush;dur=0
date: Mon, 30 Dec 2024 18:46:35 GMT
last-modified: Wed, 30 Aug 2023 08:23:14 GMT
vary: Accept-Encoding,User-Agent
priority: u=0,i=?0
cache-control: no-store
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
pragma: no-cache
access-control-allow-credentials: true
cf-ray: 8fa43180bcf0b987-AMS
accept-ranges: bytes
access-control-allow-origin: *
content-length: 50355
server: cloudflare

GET
H3 404 main.js
hax.apiku.workers.dev/cdn-cgi/challenge-platform/scripts/jsd/ Frame B7F9 0
0 33ms
30ms Script
text/html 188.114.96.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://hax.apiku.workers.dev/cdn-cgi/challenge-platform/scripts/jsd/main.js

Requested by

Host: hax.apiku.workers.dev
URL: https://hax.apiku.workers.dev/

Protocol

Security

QUIC, , AES_128_GCM

Server

188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer

Response headers

cache-control: private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding: zstd
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=FyEiMe8rzb%2Bl%2BmYAX%2F6Zka7AU%2B16WgIx6ptMUQAYJv7FeFDBqNmGHrixsQ4KDjI8eVj2UTrl1IrzVr3%2FOsvjn%2BdZiZqUSjqTDj%2FOHokEO1hY04aHxMEXrLseftPnDCfnYZuojuHAr94%3D"}],"group":"cf-nel","max_age":604800}
referrer-policy: same-origin
cf-ray: 8fa43180ed29b987-AMS
expires: Thu, 01 Jan 1970 00:00:01 GMT
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=26474&min_rtt=14832&rtt_var=5759&sent=161&recv=77&lost=7&retrans=9&sent_bytes=158403&recv_bytes=17321&delivery_rate=155502&cwnd=12000&unsent_bytes=0&cid=a81b0095f350f621&ts=2491&x=1", cfExtPri, cfHdrFlush;dur=0
date: Mon, 30 Dec 2024 18:46:34 GMT
content-type: text/html; charset=UTF-8
vary: Accept-Encoding
server: cloudflare
priority: u=3,i=?0
x-frame-options: SAMEORIGIN

GET
H3 200 show_ads_impl_with_ama_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202412090101/ 435 KB
145 KB 74ms
73ms Script
text/javascript 216.58.212.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202412090101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-7588871336474804&plah=hax.apiku.workers.dev

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-1105901122891748

Protocol

Security

QUIC, , AES_128_GCM

Server

216.58.212.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

ams15s21-in-f130.1e100.net

Software

cafe /

Resource Hash

393ae4264dc23bb0c2c4fb5dda0df3c6c72e6df08f928d6975fef44ce82aaac7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://hax.apiku.workers.dev/

Response headers

content-encoding: br
etag: 14899769081775907150
x-content-type-options: nosniff
expires: Mon, 30 Dec 2024 18:46:34 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
date: Mon, 30 Dec 2024 18:46:34 GMT
content-type: text/javascript; charset=UTF-8
vary: Accept-Encoding
content-disposition: attachment; filename="f.txt"
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-length: 147910
x-xss-protection: 0
server: cafe

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 274 KB
96 KB 58ms
49ms Script
application/javascript 2a00:1450:4001:812::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-MK6PLQ755F&l=dataLayer&cx=c&gtm=457e4cc1za200

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-179253361-1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

468bf162f8f42b13097b9d51f96d3e501f6d3ca5a28d1e56d7649f81806fb27b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://hax.apiku.workers.dev/

Response headers

content-encoding: br
report-to: {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcycc:838:0"}],}
expires: Mon, 30 Dec 2024 18:46:34 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Mon, 30 Dec 2024 18:46:34 GMT
content-type: application/javascript; charset=UTF-8
vary: Accept-Encoding
access-control-allow-headers: Cache-Control
strict-transport-security: max-age=31536000; includeSubDomains
cache-control: private, max-age=900
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcycc:838:0
access-control-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to=coop_reporting
content-length: 98296
x-xss-protection: 0
server: Google Tag Manager

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 52 KB
21 KB 135ms
43ms Script
text/javascript 2a00:1450:4001:808::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-179253361-1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://hax.apiku.workers.dev/

Response headers

content-encoding: gzip
age: 309
report-to: {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsgac:225:0"}],}
x-content-type-options: nosniff
expires: Mon, 30 Dec 2024 20:41:25 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Mon, 30 Dec 2024 18:41:25 GMT
last-modified: Tue, 12 Dec 2023 18:09:08 GMT
content-type: text/javascript
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains; preload
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsgac:225:0
cross-origin-opener-policy-report-only: same-origin; report-to=coop_reporting
content-length: 20994
server: Golfe2

GET
H3 200 zrt_lookup_fy2021.html
pagead2.googlesyndication.com/pagead/html/r20241212/r20190131/ Frame A016 0
0 162ms
26ms Document
text/html 216.58.212.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/html/r20241212/r20190131/zrt_lookup_fy2021.html

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202412090101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-7588871336474804&plah=hax.apiku.workers.dev

Protocol

Security

QUIC, , AES_128_GCM

Server

216.58.212.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

ams15s21-in-f130.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://hax.apiku.workers.dev/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

age: 29796
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4128
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 30 Dec 2024 10:29:58 GMT
etag: 17661348622971093804
expires: Mon, 13 Jan 2025 10:29:58 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 403 ads
pagead2.googlesyndication.com/pagead/ Frame 8213 0
0 295ms
181ms Document
text/html 216.58.212.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/ads?client=ca-pub-7588871336474804&output=html&adk=1812271804&adf=3025194257&abgtt=6&lmt=1735584394&plat=3%3A16%2C9%3A134250504%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&plas=212x945_r&format=0x0&url=https%3A%2F%2Fhax.apiku.workers.dev%2F&pra=5&wgl=1&aihb=0&aiof=3&asro=0&ailel=1~2~4~6~7~8~9~10~11~12~13~14~15~16~17~18~19~20~21~24~29~30~34&aiael=1~2~3~4~6~7~8~9~10~11~12~13~14~15~16~17~18~19~20~21~24~29~30~34&aicel=33~38&aifxl=29_18~30_19&aiixl=29_5~30_6&aiict=1&itsi=-1&aiapm=0.3221&aiapmi=0.33938&aiombap=1&aief=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1735584394517&bpp=5&bdt=1487&idt=164&shv=r20241212&mjsv=m202412090101&ptt=9&saldr=aa&abxe=1&eoidce=1&nras=1&correlator=2993077790484&frm=20&pv=2&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31088670%2C31089326%2C31089329%2C95330279%2C95345966&oid=2&pvsid=1327727649578173&tmod=1929989347&uas=0&nvt=1&fsapi=1&fc=1920&brdim=20%2C20%2C20%2C20%2C1600%2C0%2C1600%2C1285%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&bz=1&td=1&tdf=2&nt=1&ifi=1&uci=a!1&fsb=1&dtd=193

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

216.58.212.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

ams15s21-in-f130.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://hax.apiku.workers.dev/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding: br
content-length: 46
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 30 Dec 2024 18:46:34 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 403 ads
pagead2.googlesyndication.com/pagead/ Frame 3855 0
0 180ms
173ms Document
text/html 216.58.212.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/ads?client=ca-pub-8979619446781272&output=html&h=90&slotname=8981212333&adk=385455928&adf=854766408&pi=t.ma~as.8981212333&w=728&abgtt=6&lmt=1735584394&format=728x90&url=https%3A%2F%2Fhax.apiku.workers.dev%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1735584394522&bpp=1&bdt=1492&idt=211&shv=r20241212&mjsv=m202412090101&ptt=9&saldr=aa&abxe=1&eoidce=1&prev_fmts=0x0&nras=1&correlator=2993077790484&frm=20&pv=2&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=245&ady=57&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31088670%2C31089326%2C31089329%2C95330279%2C95345966&oid=2&pvsid=1327727649578173&tmod=1929989347&uas=0&nvt=1&fc=1920&brdim=20%2C20%2C20%2C20%2C1600%2C0%2C1600%2C1285%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&bz=1&td=1&tdf=2&nt=1&ifi=2&uci=a!2&fsb=1&dtd=224

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

216.58.212.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

ams15s21-in-f130.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://hax.apiku.workers.dev/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding: br
content-length: 46
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 30 Dec 2024 18:46:34 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 403 ads
pagead2.googlesyndication.com/pagead/ Frame 4A3F 0
0 167ms
158ms Document
text/html 216.58.212.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/ads?client=ca-pub-7588871336474804&output=html&h=280&slotname=9881264767&adk=2255045046&adf=3610118697&pi=t.ma~as.9881264767&w=1110&abgtt=6&fwrn=4&fwrnh=100&lmt=1735584394&rafmt=1&format=1110x280&url=https%3A%2F%2Fhax.apiku.workers.dev%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1735584394523&bpp=1&bdt=1494&idt=238&shv=r20241212&mjsv=m202412090101&ptt=9&saldr=aa&abxe=1&eoidce=1&prev_fmts=0x0%2C728x90&nras=1&correlator=2993077790484&frm=20&pv=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=245&ady=286&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31088670%2C31089326%2C31089329%2C95330279%2C95345966&oid=2&pvsid=1327727649578173&tmod=1929989347&uas=0&nvt=1&fc=1920&brdim=20%2C20%2C20%2C20%2C1600%2C0%2C1600%2C1285%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&bz=1&td=1&tdf=2&nt=1&ifi=3&uci=a!3&fsb=1&dtd=241

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

216.58.212.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

ams15s21-in-f130.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://hax.apiku.workers.dev/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding: br
content-length: 46
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 30 Dec 2024 18:46:34 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

POST
H2 204 collect
region1.google-analytics.com/g/ 0
0 213ms
131ms Fetch
text/plain 2001:4860:4802:32::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.google-analytics.com/g/collect?v=2&tid=G-MK6PLQ755F&gtm=45je4cc1v9111543236za200&_p=1735584394303&gcd=13l3l3l2l1l1&npa=1&dma_cps=syphamo&dma=1&tag_exp=101925629~102067555~102067808~102081485~102198178&cid=1503937076.1735584395&ul=nl-nl&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&are=1&frm=0&pscdl=noapi&_eu=AAAI&_s=1&sid=1735584394&sct=1&seg=0&dl=https%3A%2F%2Fhax.apiku.workers.dev%2F&dt=IPv6%20VPS%20-%20Linux%20VM%20for%20Everyone%20-%20Hax.co.id&en=page_view&_fv=1&_nsi=1&_ss=1&tfd=2940
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-MK6PLQ755F&l=dataLayer&cx=c&gtm=457e4cc1za200
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://hax.apiku.workers.dev/

Response headers

cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsggc:86:0
report-to: {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsggc:86:0"}],}
expires: Fri, 01 Jan 1990 00:00:00 GMT
access-control-allow-origin: https://hax.apiku.workers.dev
cross-origin-opener-policy-report-only: same-origin; report-to=coop_reporting
content-length: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Mon, 30 Dec 2024 18:46:34 GMT
content-type: text/plain
server: Golfe2

POST
H2 200 collect Show response
www.google-analytics.com/j/ 1 B
424 B 89ms
85ms XHR
text/plain 2a00:1450:4001:808::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j101&a=1964310593&t=pageview&_s=1&dl=https%3A%2F%2Fhax.apiku.workers.dev%2F&ul=nl-nl&de=UTF-8&dt=IPv6%20VPS%20-%20Linux%20VM%20for%20Everyone%20-%20Hax.co.id&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YADAAUABAAAAACAAI~&jid=968097409&gjid=913615605&cid=1503937076.1735584395&tid=UA-179253361-1&_gid=246157.1735584395&_r=1&gtm=457e4cc1za200&gcd=13l3l3l2l1l1&dma_cps=syphamo&dma=1&tag_exp=101925629~102067555~102067808~102081485~102198178&jsscut=1&npa=1&z=116249078

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Content-Type: text/plain
Referer: https://hax.apiku.workers.dev/

Response headers

report-to: {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsgac:175:0"}],}
x-content-type-options: nosniff
expires: Fri, 01 Jan 1990 00:00:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Mon, 30 Dec 2024 18:46:34 GMT
last-modified: Sun, 17 May 1998 03:00:00 GMT
content-type: text/plain
cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsgac:175:0
access-control-allow-origin: https://hax.apiku.workers.dev
cross-origin-opener-policy-report-only: same-origin; report-to=coop_reporting
content-length: 1
server: Golfe2

GET
H3 200 sodar Show response
ep1.adtrafficquality.google/getconfig/ 17 KB
13 KB 160ms
37ms XHR
application/json 216.58.206.34
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ep1.adtrafficquality.google/getconfig/sodar?sv=200&tid=gda&tv=r20241212&st=env

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

216.58.206.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

mil07s07-in-f2.1e100.net

Software

cafe /

Resource Hash

2ffc4a82a453d4157d3f9bc1104ace2a9c6ba1adad2f60c3f572e1deb8f95b7f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://hax.apiku.workers.dev/

Response headers

timing-allow-origin: *
content-encoding: br
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
access-control-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-length: 13237
date: Mon, 30 Dec 2024 18:46:35 GMT
x-xss-protection: 0
content-type: application/json; charset=UTF-8
content-disposition: attachment; filename="f.txt"
server: cafe

GET
H3 403 favicon.png
hax.apiku.workers.dev/img/ 4 KB
2 KB 45ms
45ms Other
text/html 188.114.96.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://hax.apiku.workers.dev/img/favicon.png

Protocol

Security

QUIC, , AES_128_GCM

Server

188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

fdd09accf24f22c2e89352bcf3aeea346050c30ca85633dbf033494e20e06d13

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://hax.apiku.workers.dev/

Response headers

content-encoding: zstd
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=xiPu%2FtwDPiRhqRAKX%2BI2OHctK0GMY2hRJoN0u%2F1aZAwV3r8fMkVyzDg8WdwSO3i%2BsPWnxupSJIug9AlsDJ%2BerrzFEm1DYGkpfzJ4CYFn5e9Vscm9kkd6kJIg%2BCVkr9zR1wI%2BZv4ODHI%3D"}],"group":"cf-nel","max_age":604800}
expires: Thu, 01 Jan 1970 00:00:01 GMT
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=40644&min_rtt=14832&rtt_var=27458&sent=213&recv=86&lost=7&retrans=9&sent_bytes=216390&recv_bytes=18179&delivery_rate=227131&cwnd=15600&unsent_bytes=0&cid=a81b0095f350f621&ts=3662&x=1", cfExtPri, cfHdrFlush;dur=0
date: Mon, 30 Dec 2024 18:46:35 GMT
content-type: text/html; charset=UTF-8
vary: Referer, Accept-Encoding
priority: u=1,i
x-frame-options: SAMEORIGIN
cache-control: no-store
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
access-control-allow-credentials: true
referrer-policy: same-origin
cf-ray: 8fa431882ac5b987-AMS
access-control-allow-origin: *
server: cloudflare

GET
H2 200 sodar2.js Show response
ep2.adtrafficquality.google/sodar/ 18 KB
7 KB 103ms
36ms Script
text/javascript 2a00:1450:4001:830::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ep2.adtrafficquality.google/sodar/sodar2.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ff3de130872fe0fb5b770dfa2bc9f0daf8ab320403a34a60d089436f08d24f99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://hax.apiku.workers.dev/

Response headers

content-encoding: gzip
etag: "1727224258380615"
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
x-content-type-options: nosniff
expires: Mon, 30 Dec 2024 18:46:35 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Mon, 30 Dec 2024 18:46:35 GMT
content-type: text/javascript
vary: Accept-Encoding
cache-control: private, max-age=3000
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
content-length: 6445
x-xss-protection: 0
server: sffe

HEAD
H2

200

/
marketingplatform.google.com/about/enterprise/
Redirect Chain

https://www3.doubleclick.net/
https://marketingplatform.google.com/about/enterprise/

0
0

185ms
72ms

Fetch
text/html

2a00:1450:4001:810::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://marketingplatform.google.com/about/enterprise/
Protocol: H2
Server: 2a00:1450:4001:810::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://hax.apiku.workers.dev/

Response headers

Redirect headers

cache-control: public, max-age=1800
location: https://marketingplatform.google.com/about/enterprise/
age: 493
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
expires: Mon, 30 Dec 2024 19:08:22 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 251
x-xss-protection: 0
date: Mon, 30 Dec 2024 18:38:22 GMT
content-type: text/html; charset=UTF-8
server: sffe

GET
H2 200 runner.html
ep2.adtrafficquality.google/sodar/sodar2/232/ Frame 2F21 0
0 182ms
81ms Document
text/html 2a00:1450:4001:830::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ep2.adtrafficquality.google/sodar/sodar2/232/runner.html

Requested by

Host: ep2.adtrafficquality.google
URL: https://ep2.adtrafficquality.google/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://hax.apiku.workers.dev/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

accept-ranges: bytes
age: 801
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=3000
content-encoding: gzip
content-length: 5005
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Mon, 30 Dec 2024 18:33:14 GMT
expires: Mon, 30 Dec 2024 19:23:14 GMT
last-modified: Mon, 23 Sep 2024 18:12:21 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET sodar
ep1.adtrafficquality.google/pagead/ 0
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: ep1.adtrafficquality.google
URL: https://ep1.adtrafficquality.google/pagead/sodar?id=sodar2&v=232&t=2&li=gda_r20241212&jk=1327727649578173&bg=!qqmlqebNAAbtGp3CzRo7ADQBe5WfON-VLHEgp5tSZ4-2o6slKDhLO2hpGw6rCbKI4aUFfmUSuMVF2Sru0DLs-xg9UrDAAgAAADhSAAAAA2gBB34ANj2m-SExse69Mpsd-cFDQKFw33bxsHyfLJMgfcHgiGsuk55y5NLhgUp2xRQBdKNleoe4Jy4RzwoAeLxl7mMzFgaguTcRV-LOwhn4qr3OMRRCRsATQ4HWbIRXZcs-hARwa1irVWaeGjYTS1QiUPJfAzQE9wMyydQp91uHSl3NJ59ec2vlk96XJI6a7PFb4oECpdK29KEDJeSsvFlZ1hE-Lq4FsD7LinSb0I0gbKxkfMQ5M5kClbHyZIRPjN9r8c-qYi8MyAV3DirP2fCElvD20H9LPr92aZ7eB9u43FToQ2-JrpMIoywSx4yggeQ2QL_dIplYRXAyZoGG5JeZy4_NfneIVOXe9Rq4YHYDGwVjLZ7EvmnVkikSksoUd_oGatM6OjqZ-iZIYkQwhww4CTqSktNrKsrduIBYhGTDHdGe5a2w_4HH8K45KO51w8modsW6u5ARYR9ZmNt5ZjC0gwc2osGrqYXoIW0fHrF7uU7QLNWqrbUCcBITN84ZK1J_GA9LxvffzcK1aLTUuaKYxUjSU2LR2Yw63-cQZ_uAaj0FYIT9AcwrgfhoAtlSBNn96OINner4H89U2uhTPUlNWgbONb58uQ1_KJFYmUDjIJLOMlqV2CPnfCKpsXwuIVTjtksAMHcMyd1K1Z5ugiUFJsKLigN9drCGbXFI4IwW3HMSCgp8i4MJsa9ydr7QkslDN1ovEZrkeWpmrvpS9OaRkQ1oeYKyZqrvy9PCdPRjYphQkOkbLf22NjQnvSRSPuMBAUhpOzQS7RHDfRfpmhyftKicCUaLE4mlyu23ZHRHdDqNCyaSTWv5GqLVPcsBzfZNfkyLLD-O3QsA8KZyJoibLL72HOgSb7W6SyMv-DL3f6Hg3i3-BUgrtWYoFAnGH7qhCWFAjEEOpcAetR_qmQWDDGrs7PA8hUf_3OKguZsRv1UmgFIGRThRq7_caKIvpefVQfvEN4gG9dBZS8gOlEdtczN0T_H0U2Wc5Lf-VnL_MLBF8VWDCn4wIVHXm-MBkAiH8eROKQ-uNa3tPYCRrm2nvZWcjr-b83ZJAeomjq4gGrlk7tz1zCp4XIzQPXQrhxKfmNUDkoxwZGPiYhMaMX7gXHj7svCC9QXx78t_HIE

Verdicts & Comments Add Verdict or Comment

52 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

5 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
hax.apiku.workers.dev/	1970-01-21 02:50:12	Name: PHPSESSID Value: b4a3cde90ae60d33575e4b56e84029c7
.apiku.workers.dev/	1970-01-21 11:42:24	Name: _ga_MK6PLQ755F Value: GS1.1.1735584394.1.0.1735584394.0.0.0
.apiku.workers.dev/	1970-01-21 11:42:24	Name: _ga Value: GA1.3.1503937076.1735584395
.apiku.workers.dev/	1970-01-21 02:07:50	Name: _gid Value: GA1.3.246157.1735584395
.apiku.workers.dev/	1970-01-21 02:06:24	Name: _gat_gtag_UA_179253361_1 Value: 1

5 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://hax.apiku.workers.dev/dist/js/api.js Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://hax.apiku.workers.dev/dist/js/ajax.js Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://hax.apiku.workers.dev/dist/js/vpn.js Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://hax.apiku.workers.dev/cdn-cgi/challenge-platform/scripts/jsd/main.js Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://hax.apiku.workers.dev/img/favicon.png Message: Failed to load resource: the server responded with a status of 403 ()

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

brick.freetls.fastly.net
ep1.adtrafficquality.google
ep2.adtrafficquality.google
fundingchoicesmessages.google.com
hax.apiku.workers.dev
marketingplatform.google.com
pagead2.googlesyndication.com
region1.google-analytics.com
www.google-analytics.com
www.googletagmanager.com
www3.doubleclick.net
ep1.adtrafficquality.google
188.114.96.3
2001:4860:4802:32::36
216.58.206.34
216.58.212.130
2a00:1450:4001:808::200e
2a00:1450:4001:80b::200e
2a00:1450:4001:810::200e
2a00:1450:4001:812::2008
2a00:1450:4001:81c::200e
2a00:1450:4001:830::2001
2a04:4e42:200::591
2a06:98c1:3121::3
0e56b17d142eb366c8007031d14e34da48c70b4a9d9a0ca492e696a7bae45e1e
11c31679277bcb5aace1417f25154c058549adda0dde4c18152775a2b8199f2a
1fb123edfe4ebe8d57f2384ac69a82fbdc90a9c1c1cda81542ce5dbf87fd1c83
2ffc4a82a453d4157d3f9bc1104ace2a9c6ba1adad2f60c3f572e1deb8f95b7f
393ae4264dc23bb0c2c4fb5dda0df3c6c72e6df08f928d6975fef44ce82aaac7
468bf162f8f42b13097b9d51f96d3e501f6d3ca5a28d1e56d7649f81806fb27b
5b9025dda4d7688e3311b0c17eddc501133b807def33effaef6593843cf5416e
61e7ec4484d4ed6f7a3082b5005879f1ba40aaf51c4b8ab9397c5600519e66d7
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
79801117094eeec683e204468af1f99b2c91e30701f5bba6b9b3adb8e250d119
7b7c0266cccbba878a00db276b63d911e7ca1f1ad8b824fbe0d37470ed2ce4e4
806736d569e3354c45151d27b588be848df00d57a55ec1a8488b2bc04d7d2111
88fce4bfa19cea2addfa7febfb18efd8a50cdf08a4216bf08f2ec947bf0c3ea0
b26812fac290a6b49f850e4a0e6b468aab81d8f9c10f3c49c0c93f121438af05
b44d95b13bf8e6e633af3fb722c59812addd561a8fde958e5a1f433dd253b92d
d7f55025515d895ef01eb2460692f639faa94fe87a70f59bd194165479635084
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
e23fe6a6a5d9998a759442e8e5c716797a32282f8de163fce97c656408682bef
e3d622190c469b5540a56cb63f7758c322e0627f7de7f7b74d8e107ae9fb7e5d
f7f6a5894f1d19ddad6fa392b2ece2c5e578cbf7da4ea805b6885eb6985b6e3d
f95980d70b0539b4cbc5a4518e2e1c26f0cd879d975b6d7a1b8d6645f5747288
fdd09accf24f22c2e89352bcf3aeea346050c30ca85633dbf033494e20e06d13
ff3de130872fe0fb5b770dfa2bc9f0daf8ab320403a34a60d089436f08d24f99

hax.apiku.workers.dev Open in urlscan Pro 2a06:98c1:3121::3 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

37 Requests

95 %HTTPS

75 %IPv6

8 Domains

11 Subdomains

12 IPs

3 Countries

1399 kBTransfer

3237 kBSize

5 Cookies

11 Outgoing links

Redirected requests

37 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

hax.apiku.workers.dev Open in urlscan Pro
2a06:98c1:3121::3 Public Scan

Screenshot
Live screenshot

Full Image

37
Requests

95 %
HTTPS

75 %
IPv6

8
Domains

11
Subdomains

12
IPs

3
Countries

1399 kB
Transfer

3237 kB
Size

5
Cookies

37 HTTP transactions
0 data transactions