m.ojdrw.com Open in urlscan Pro
2606:4700:3032::6815:2d2e Public Scan

Go To Rescan
Add Verdict Report

URL:
https://m.ojdrw.com/list_xpt4sa5dqys.html
Submission: On September 01 via api (September 1st 2023, 1:21:52 pm UTC) from US — Scanned from DE

Summary HTTP 48 Redirects Links 1 Behaviour Indicators

Summary

This website contacted 8 IPs in 2 countries across 7 domains to perform 48 HTTP transactions. The main IP is 2606:4700:3032::6815:2d2e, located in United States and belongs to CLOUDFLARENET, US. The main domain is m.ojdrw.com.
TLS certificate: Issued by GTS CA 1P5 on July 30th 2023. Valid for: 3 months.

This is the only time m.ojdrw.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
2	2606:4700:303... 2606:4700:3032::6815:2d2e	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2606:4700::68... 2606:4700::6811:616c	13335 (CLOUDFLAR...) (CLOUDFLARENET)
12	2a00:1450:400... 2a00:1450:4001:810::2008	15169 (GOOGLE) (GOOGLE)
1	2600:9000:223... 2600:9000:223f:3c00:c:7d55:b3c0:93a1	16509 (AMAZON-02) (AMAZON-02)
6	2a06:98c1:312... 2a06:98c1:3121::3	13335 (CLOUDFLAR...) (CLOUDFLARENET)
5	2a00:1450:400... 2a00:1450:4001:80b::200e	15169 (GOOGLE) (GOOGLE)
5	2001:4860:480... 2001:4860:4802:34::36	15169 (GOOGLE) (GOOGLE)
15	2606:4700:10:... 2606:4700:10::6816:1c9d	13335 (CLOUDFLAR...) (CLOUDFLARENET)
48	8

2 2606:4700:3032::6815:2d2e (United States)

ASN13335 (CLOUDFLARENET, US)

m.ojdrw.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700::6811:616c (United States)

ASN13335 (CLOUDFLARENET, US)

static.getclicky.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
in.getclicky.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

12 2a00:1450:4001:810::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:223f:3c00:c:7d55:b3c0:93a1 (United States)

ASN16509 (AMAZON-02, US)

cdn.matomo.cloud	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a06:98c1:3121::3 (United States)

ASN13335 (CLOUDFLARENET, US)

www.haha888.xyz	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:80b::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2001:4860:4802:34::36 (United States)

ASN15169 (GOOGLE, US)

region1.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

15 2606:4700:10::6816:1c9d (United States)

ASN13335 (CLOUDFLARENET, US)

ljcdn.pic-726-baidu.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
15	pic-726-baidu.com ljcdn.pic-726-baidu.com — Cisco Umbrella Rank: 513162	2 MB
12	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 47	855 KB
10	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 35 region1.google-analytics.com — Cisco Umbrella Rank: 2547	42 KB
6	haha888.xyz www.haha888.xyz	212 KB
2	getclicky.com static.getclicky.com — Cisco Umbrella Rank: 10892 in.getclicky.com — Cisco Umbrella Rank: 9292	6 KB
2	ojdrw.com m.ojdrw.com	2 KB
1	matomo.cloud cdn.matomo.cloud — Cisco Umbrella Rank: 17596
48	7

	Domain	Requested by
15	ljcdn.pic-726-baidu.com	www.haha888.xyz
12	www.googletagmanager.com	m.ojdrw.com www.googletagmanager.com www.haha888.xyz
6	www.haha888.xyz	m.ojdrw.com www.haha888.xyz
5	region1.google-analytics.com	www.googletagmanager.com
5	www.google-analytics.com	www.googletagmanager.com www.google-analytics.com
2	m.ojdrw.com	m.ojdrw.com
1	in.getclicky.com	static.getclicky.com
1	cdn.matomo.cloud	m.ojdrw.com
1	static.getclicky.com	m.ojdrw.com
48	9

This site contains links to these domains. Also see Links.

Domain
wwv.nji20.xyz

Subject Issuer	Validity	Valid
ojdrw.com GTS CA 1P5	`2023-07-30` - `2023-10-28`	3 months	crt.sh
*.getclicky.com E1	`2023-08-07` - `2023-11-05`	3 months	crt.sh
*.google-analytics.com GTS CA 1C3	`2023-08-07` - `2023-10-30`	3 months	crt.sh
cdn.matomo.cloud Amazon RSA 2048 M01	`2023-02-24` - `2023-12-25`	10 months	crt.sh
haha888.xyz GTS CA 1P5	`2023-08-30` - `2023-11-28`	3 months	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2023-01-27` - `2024-01-26`	a year	crt.sh

This page contains 2 frames:

Primary Page: https://m.ojdrw.com/list_xpt4sa5dqys.html
Frame ID: 2CA86D8E67D7D909A057C923AE2C2CF3
Requests: 24 HTTP requests in this frame

Frame: https://www.haha888.xyz/
Frame ID: C52BBC328B9B4ADF8146627002E3549D
Requests: 24 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

m.ojdrw.com

Detected technologies

Clicky (Analytics) Expand

Overall confidence: 100%
Detected patterns

static\.getclicky\.com

Font Awesome (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtag/js

Page Statistics

48
Requests

100 %
HTTPS

100 %
IPv6

7
Domains

9
Subdomains

8
IPs

2
Countries

3045 kB
Transfer

5202 kB
Size

11
Cookies

1 Outgoing links

These are links going to different origins than the main page.

URL: https://wwv.nji20.xyz/bbs.php
Title: 地址一

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

48 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request list_xpt4sa5dqys.html Show response
m.ojdrw.com/ 3 KB
1 KB 587ms
395ms Document
text/html 2606:4700:3032::6815:2d2e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://m.ojdrw.com/list_xpt4sa5dqys.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3032::6815:2d2e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PHP/7.1.33
Resource Hash: 604c89f82e35a5ea7d9b78f9d0763335dcd85f8f72c77b1d455cf151555ec23d

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 7ffdd1702a061db0-FRA
content-encoding: br
content-type: text/html; charset=UTF-8
date: Fri, 01 Sep 2023 13:21:45 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=9hCQ3sGL7ojGPPci%2B2prPRYmf4PGZh7Otx43PX7gHuHHUrncXbQrLbppbkwYQTCrg%2FLSV0solEF755VFIpz1CQYjV7%2FiphAi5IxrTx1OU8RkOC8NKVX8SFPlMOHgUkCtPfIsU4hEtM34%2Fw%3D%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
x-powered-by: PHP/7.1.33

GET
H2 200 js Show response
static.getclicky.com/ 15 KB
5 KB 53ms
24ms Script
text/javascript 2606:4700::6811:616c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://static.getclicky.com/js
Requested by: Host: m.ojdrw.com
URL: https://m.ojdrw.com/list_xpt4sa5dqys.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6811:616c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d3847d6f53d97dd5ab54a4e0fef81f1c82bcd95df0621b6abe81a1942a7fa555

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

expires: Wed, 06 Sep 2023 00:52:48 GMT
date: Fri, 01 Sep 2023 13:21:45 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Wed, 30 Aug 2023 00:52:48 GMT
server: cloudflare
age: 217727
vary: Accept-Encoding, Accept-Encoding
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=604800
cf-ray: 7ffdd172dd545b44-FRA
alt-svc: h3=":443"; ma=86400
x-proxy-cache: EXPIRED

GET
H2 200 1.js Show response
m.ojdrw.com/1024/ 1 KB
831 B 395ms
394ms Script
application/javascript 2606:4700:3032::6815:2d2e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://m.ojdrw.com/1024/1.js?32223
Requested by: Host: m.ojdrw.com
URL: https://m.ojdrw.com/list_xpt4sa5dqys.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3032::6815:2d2e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7c617eeaa06f3e9fcdbcdbe6942c6a6c99e17ea867cbd8dc2ac10d5310f66a0d

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date: Fri, 01 Sep 2023 13:21:45 GMT
content-encoding: br
cf-cache-status: REVALIDATED
last-modified: Sat, 18 Feb 2023 03:46:35 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"63f04a1b-496"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=i2Udon1JTlS8OcmAQSk1%2B3%2Fsudg4njYNJYTt8I8CJvHG3ixonEL0Q6RgTzCf2aezaRYlZkbW1tTECQ8M6gNuf%2FTKAcXraqYo6Yyl9GUIGAUFKGsyIP5WOUagDDFAc4vudPmD2yXdJTGf3w%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=14400
cf-ray: 7ffdd172adbc1db0-FRA
alt-svc: h3=":443"; ma=86400

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 180 KB
65 KB 44ms
22ms Script
application/javascript 2a00:1450:4001:810::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=UA-122681550-4

Requested by

Host: m.ojdrw.com
URL: https://m.ojdrw.com/list_xpt4sa5dqys.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

35a1f7b7e40cce7e8ea9ab8caf17da5a31e577e85e2c403ace5bf6899ed4191b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date: Fri, 01 Sep 2023 13:21:45 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 66653
x-xss-protection: 0
last-modified: Fri, 01 Sep 2023 12:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Fri, 01 Sep 2023 13:21:45 GMT

GET
H2 403 matomo.js
cdn.matomo.cloud/ghuruii.matomo.cloud/ 0
0 56ms
29ms Script
application/xml 2600:9000:223f:3c00:c:7d55:b3c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.matomo.cloud/ghuruii.matomo.cloud/matomo.js
Requested by: Host: m.ojdrw.com
URL: https://m.ojdrw.com/list_xpt4sa5dqys.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:223f:3c00:c:7d55:b3c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

GET
H2 200 in.php Show response
in.getclicky.com/ 171 B
328 B 180ms
171ms Script
text/javascript 2606:4700::6811:616c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://in.getclicky.com/in.php?site_id=101417154&type=pageview&href=%2Flist_xpt4sa5dqys.html&title=m.ojdrw.com&res=1600x1200&lang=en-US&tz=Europe%2FBerlin&tc=&ck=1&mime=js&x=0.6779840153446679
Requested by: Host: static.getclicky.com
URL: https://static.getclicky.com/js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6811:616c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 716e2939c73a8654092168134806f535b0c1c7d53aa689c65519e7e032ab6eeb

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date: Fri, 01 Sep 2023 13:21:45 GMT
content-encoding: gzip
cf-cache-status: DYNAMIC
server: cloudflare
vary: Accept-Encoding, Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: no-cache, must-revalidate, post-check=0, pre-check=0
cf-ray: 7ffdd1746ea35b44-FRA
alt-svc: h3=":443"; ma=86400
expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 180 KB
65 KB 21ms
20ms Script
application/javascript 2a00:1450:4001:810::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=UA-122681550-11

Requested by

Host: m.ojdrw.com
URL: https://m.ojdrw.com/1024/1.js?32223

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

24479cb4446a3d0cffeb17b33ae39ec2dcc7578824c17f28148449d986ee649a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date: Fri, 01 Sep 2023 13:21:45 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 66573
x-xss-protection: 0
last-modified: Fri, 01 Sep 2023 12:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Fri, 01 Sep 2023 13:21:45 GMT

GET
H2 200 / Show response
www.haha888.xyz/ Frame C52B 45 KB
8 KB 89ms
42ms Document
text/html 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.haha888.xyz/
Requested by: Host: m.ojdrw.com
URL: https://m.ojdrw.com/1024/1.js?32223
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: dafcf31a3b5437a2cb6bd89f1b43d4aa97ccb241ba834a069bfeafdc3877915f

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: max-age=1200
cf-cache-status: DYNAMIC
cf-ray: 7ffdd1757ede1d94-FRA
content-encoding: br
content-type: text/html; charset=UTF-8
date: Fri, 01 Sep 2023 13:21:45 GMT
link: <https://fes.zyazu.xyz/wp-json/>; rel="https://api.w.org/"
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=udJgi80fXGieOCnd92IOzAzLR49jK5SNa0bhVrKJ4sEeiNdPEUNPKUBiIy9d1zB3yla00fWkiz6nGoVqmiS1QgJq8x7c4piHsUS1ALOoWDlwqorczSEksFoG4MNnRLt%2F5FIM8bgk023dfD8iXkw%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 218 KB
77 KB 25ms
25ms Script
application/javascript 2a00:1450:4001:810::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-K9S89HRFG3&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-122681550-4

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

68e2e24669f42a128af00d0442e556e19dbd4ef5163320ec003248cea50d0262

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date: Fri, 01 Sep 2023 13:21:45 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 79061
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Fri, 01 Sep 2023 13:21:45 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 180 KB
65 KB 27ms
26ms Script
application/javascript 2a00:1450:4001:810::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=UA-122681550-1&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-122681550-4

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

963da81bc186fc8608034e3f12acd689905172b241e697534a8097bb32e44a18

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date: Fri, 01 Sep 2023 13:21:45 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 66674
x-xss-protection: 0
last-modified: Fri, 01 Sep 2023 12:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Fri, 01 Sep 2023 13:21:45 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 180 KB
65 KB 23ms
22ms Script
application/javascript 2a00:1450:4001:810::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=UA-122681550-16&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-122681550-4

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

93c6700a81ba8ea5f99cabecf95eeb69158f49b62561a50a8a0301aa4b982663

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date: Fri, 01 Sep 2023 13:21:45 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 66659
x-xss-protection: 0
last-modified: Fri, 01 Sep 2023 12:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Fri, 01 Sep 2023 13:21:45 GMT

GET
H3 200 js Show response
www.googletagmanager.com/gtag/ 180 KB
65 KB 25ms
24ms Script
application/javascript 2a00:1450:4001:810::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=UA-122681550-42&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-122681550-4

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

5a3f0ecfaadd812a7ac72d1655c2788c9d77354245fa0616c1bb433bc466c105

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date: Fri, 01 Sep 2023 13:21:45 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 66684
x-xss-protection: 0
last-modified: Fri, 01 Sep 2023 12:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Fri, 01 Sep 2023 13:21:45 GMT

GET
H3 200 js Show response
www.googletagmanager.com/gtag/ 218 KB
77 KB 25ms
24ms Script
application/javascript 2a00:1450:4001:810::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-LHHF4LBPN5&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-122681550-11

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

4f90d9edfa6fa00ab4f0b70006097e3e4c29fb8a27a288f28bccc9ffe5be7760

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date: Fri, 01 Sep 2023 13:21:45 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 79041
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Fri, 01 Sep 2023 13:21:45 GMT

GET
H3 200 js Show response
www.googletagmanager.com/gtag/ 218 KB
77 KB 31ms
30ms Script
application/javascript 2a00:1450:4001:810::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-5XYY94FWR5&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-122681550-42&l=dataLayer&cx=c

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

36a4c8f80337fa6562a0b05a749bd60d951a0346b8d771355b1368b8f465cd85

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date: Fri, 01 Sep 2023 13:21:45 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 79059
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Fri, 01 Sep 2023 13:21:45 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 52 KB
21 KB 38ms
10ms Script
text/javascript 2a00:1450:4001:80b::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-122681550-42&l=dataLayer&cx=c

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Fri, 01 Sep 2023 11:49:43 GMT
last-modified: Mon, 12 Jun 2023 18:23:07 GMT
server: Golfe2
age: 5522
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20994
expires: Fri, 01 Sep 2023 13:49:43 GMT

GET
H3 200 js Show response
www.googletagmanager.com/gtag/ 218 KB
77 KB 24ms
23ms Script
application/javascript 2a00:1450:4001:810::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-W8XQKZC4SV&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-122681550-1&l=dataLayer&cx=c

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

1a35993d2a13fff01891b29dfec8adf21cdb09c8e4eebade7e3e3c1bb79b829c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date: Fri, 01 Sep 2023 13:21:45 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 79046
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Fri, 01 Sep 2023 13:21:45 GMT

GET
H3 200 js Show response
www.googletagmanager.com/gtag/ 218 KB
77 KB 29ms
28ms Script
application/javascript 2a00:1450:4001:810::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-RBFPM4HW11&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-122681550-16&l=dataLayer&cx=c

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

dc2446ba932dd6362370b2fa7f0dfcff7517562fe9d99eb48d0d2fc38ff6c393

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date: Fri, 01 Sep 2023 13:21:45 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 79066
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Fri, 01 Sep 2023 13:21:45 GMT

GET
H2 200 ChGLOWruHedobnum0rBvPw6VF9U.js Show response
www.haha888.xyz/cdn-cgi/apps/head/ Frame C52B 6 KB
2 KB 22ms
21ms Script
application/javascript 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.haha888.xyz/cdn-cgi/apps/head/ChGLOWruHedobnum0rBvPw6VF9U.js
Requested by: Host: www.haha888.xyz
URL: https://www.haha888.xyz/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: af890246a951ced9e14e0ab06ba3ef44bf2dc78d56f417b2fe4e8bb71fbd1fd0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.haha888.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date: Fri, 01 Sep 2023 13:21:45 GMT
x-amz-version-id: r0wmL7hRVLfMzKwRAQhTK7ywwESVn6dA
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id: 9PG46ZGQG903P603
age: 9844950
x-amz-id-2: bcqdoOJz/O3DcD71zfYtw0EmX+XigUH6ohmq1JAFxJPVU8dZbMIBXVDkXwDpTaBk03Mgxas7JwA=
last-modified: Fri, 06 Aug 2021 04:24:03 GMT
server: cloudflare
etag: W/"d0e8973508d4dacfbcea58d32133f18b"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=iW5ujNZjyTZLndqXA8B2ctx3bMHI3bpLtYBV3F02O13wo2DWLmP53TlG%2BXYpUN%2FRb21qI4JXv%2FrcQHC9yXwgKHrt4cwfC8YE%2BEtf1QkhwQQc0UvL2XCDrD9Bhw6SjiXumxTB2cFRvb7w%2F%2F51%2B78%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=31536000
cf-ray: 7ffdd1762fc11d94-FRA

GET
H2 200 autoptimize_bf392533809ef5ea2f122229456517e2.css
www.haha888.xyz/dedecms/cache/autoptimize/css/ Frame C52B 443 KB
61 KB 50ms
48ms Stylesheet
text/css 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.haha888.xyz/dedecms/cache/autoptimize/css/autoptimize_bf392533809ef5ea2f122229456517e2.css
Requested by: Host: www.haha888.xyz
URL: https://www.haha888.xyz/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 968ddf3d25e9175ae2b5655512b67fb60ccdb7efae52e2015450dcb1590f2c03

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.haha888.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date: Fri, 01 Sep 2023 13:21:45 GMT
content-encoding: br
cf-cache-status: REVALIDATED
last-modified: Wed, 26 Jul 2023 07:16:47 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"64c0c85f-6ee8c"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=sS9mn9wNRDf0nznfpR9%2BTfngQJ8O7%2FgqiEKsUO35sbkx%2BSjAkqXOqO1FkYUaNTK6WaMTiDj68%2B3pShPsZUIvf%2Fa%2FclT7KUXAUWl%2B8O7rn2C676%2BSSekM4ssmKTxPK99eF2Xq3BjEOxR8DXau2uw%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=14400
cf-ray: 7ffdd1762fbf1d94-FRA

GET
H2 200 autoptimize_single_7f9867eb2209f29394f8df4f990565d3.js Show response
www.haha888.xyz/dedecms/cache/autoptimize/js/ Frame C52B 505 B
597 B 42ms
41ms Script
application/javascript 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.haha888.xyz/dedecms/cache/autoptimize/js/autoptimize_single_7f9867eb2209f29394f8df4f990565d3.js
Requested by: Host: www.haha888.xyz
URL: https://www.haha888.xyz/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 89bf8178badeeb159dd309c838c8f05fd1a8ec919f1fc2aa812d47ae4e29568d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.haha888.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date: Fri, 01 Sep 2023 13:21:45 GMT
content-encoding: br
cf-cache-status: REVALIDATED
last-modified: Sat, 04 Feb 2023 14:30:56 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"63de6c20-1f9"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=yKmR5Zf1qMhQEALBfzUYAqdY2DeWLtp39f6xlf1mhDt1Xww0Cm4DIbPMEhtLojv6uYOF7KJrdpm9Aezt3zGZqldhIgw0Ep6%2FsNHr8oqA5Be1kHEHCd8P%2Bv8M8hweQzzOuIDxMCKghOqwo3drWXg%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=14400
cf-ray: 7ffdd1762fc21d94-FRA

GET
H2 200 autoptimize_cec152df2cc154c3e24d13f2898be5d7.js Show response
www.haha888.xyz/dedecms/cache/autoptimize/js/ Frame C52B 202 KB
64 KB 42ms
42ms Script
application/javascript 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.haha888.xyz/dedecms/cache/autoptimize/js/autoptimize_cec152df2cc154c3e24d13f2898be5d7.js
Requested by: Host: www.haha888.xyz
URL: https://www.haha888.xyz/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: cf2b88c8deda24769e8146f2f474289d372280b4cdd92e6dff2259a439fddcd8

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.haha888.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date: Fri, 01 Sep 2023 13:21:46 GMT
content-encoding: br
cf-cache-status: REVALIDATED
last-modified: Wed, 26 Jul 2023 07:18:15 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"64c0c8b7-329f2"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=I8J0dKQXZFNwRmRYK4brLZ7HRMyCQr21Qv49dShAwkzn%2FsMeSL%2FeTvBmFu6gm0au0Av1x4k76WpVmon3Ndts4AddTbfUovdeRnQjphHlTFyJJvRv%2FsEMWOtqDEkzL9GkCuabqj7D0QDVQIujdgw%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=14400
cf-ray: 7ffdd176c8e61d94-FRA

POST
H2 204 collect
region1.google-analytics.com/g/ 0
251 B 43ms
15ms Ping
text/plain 2001:4860:4802:34::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.google-analytics.com/g/collect?v=2&tid=G-K9S89HRFG3&gtm=45je38u0&_p=2133656293&cid=1071242264.1693574506&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_eu=AAAI&_s=1&sid=1693574505&sct=1&seg=0&dl=https%3A%2F%2Fm.ojdrw.com%2Flist_xpt4sa5dqys.html&dt=m.ojdrw.com&en=page_view&_fv=1&_nsi=1&_ss=1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-K9S89HRFG3&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 01 Sep 2023 13:21:46 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://m.ojdrw.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 collect
region1.google-analytics.com/g/ 0
54 B 16ms
16ms Ping
text/plain 2001:4860:4802:34::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.google-analytics.com/g/collect?v=2&tid=G-LHHF4LBPN5&gtm=45je38u0&_p=2133656293&cid=1071242264.1693574506&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_eu=AAAI&_s=1&sid=1693574505&sct=1&seg=0&dl=https%3A%2F%2Fm.ojdrw.com%2Flist_xpt4sa5dqys.html&dt=m.ojdrw.com&en=page_view&_fv=1&_ss=1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-LHHF4LBPN5&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 01 Sep 2023 13:21:46 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://m.ojdrw.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 collect
region1.google-analytics.com/g/ 0
54 B 16ms
15ms Ping
text/plain 2001:4860:4802:34::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.google-analytics.com/g/collect?v=2&tid=G-5XYY94FWR5&gtm=45je38u0&_p=2133656293&cid=1071242264.1693574506&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_eu=AAAI&_s=1&sid=1693574506&sct=1&seg=0&dl=https%3A%2F%2Fm.ojdrw.com%2Flist_xpt4sa5dqys.html&dt=m.ojdrw.com&en=page_view&_fv=1&_ss=1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-5XYY94FWR5&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 01 Sep 2023 13:21:46 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://m.ojdrw.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 collect Show response
www.google-analytics.com/j/ 1 B
203 B 15ms
14ms XHR
text/plain 2a00:1450:4001:80b::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j101&a=2133656293&t=pageview&_s=1&dl=https%3A%2F%2Fm.ojdrw.com%2Flist_xpt4sa5dqys.html&ul=en-us&de=UTF-8&dt=m.ojdrw.com&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YADAAUABAAAAACAAI~&jid=1720309520&gjid=1487465079&cid=1071242264.1693574506&tid=UA-122681550-42&_gid=22632981.1693574506&_r=1&gtm=457e38u0&jsscut=1&z=2062115274

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Fri, 01 Sep 2023 13:21:46 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://m.ojdrw.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 collect Show response
www.google-analytics.com/j/ 1 B
66 B 14ms
14ms XHR
text/plain 2a00:1450:4001:80b::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j101&a=2133656293&t=pageview&_s=1&dl=https%3A%2F%2Fm.ojdrw.com%2Flist_xpt4sa5dqys.html&ul=en-us&de=UTF-8&dt=m.ojdrw.com&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YADAAUABAAAAACAAI~&jid=1039926336&gjid=1418685001&cid=1071242264.1693574506&tid=UA-122681550-1&_gid=22632981.1693574506&_r=1&gtm=457e38u0&jsscut=1&z=1479560548

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Fri, 01 Sep 2023 13:21:46 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://m.ojdrw.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 collect Show response
www.google-analytics.com/j/ 1 B
66 B 16ms
16ms XHR
text/plain 2a00:1450:4001:80b::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j101&a=2133656293&t=pageview&_s=1&dl=https%3A%2F%2Fm.ojdrw.com%2Flist_xpt4sa5dqys.html&ul=en-us&de=UTF-8&dt=m.ojdrw.com&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YADAAUABAAAAACAAI~&jid=250591004&gjid=1379778496&cid=1071242264.1693574506&tid=UA-122681550-16&_gid=22632981.1693574506&_r=1&gtm=457e38u0&jsscut=1&z=264865015

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Fri, 01 Sep 2023 13:21:46 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://m.ojdrw.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 204 collect
region1.google-analytics.com/g/ 0
17 B 16ms
16ms Ping
text/plain 2001:4860:4802:34::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.google-analytics.com/g/collect?v=2&tid=G-RBFPM4HW11&gtm=45je38u0&_p=2133656293&cid=1071242264.1693574506&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_eu=AAAI&_s=1&sid=1693574506&sct=1&seg=0&dl=https%3A%2F%2Fm.ojdrw.com%2Flist_xpt4sa5dqys.html&dt=m.ojdrw.com&en=page_view&_fv=1&_ss=1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-RBFPM4HW11&l=dataLayer&cx=c
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 01 Sep 2023 13:21:46 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://m.ojdrw.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 204 collect
region1.google-analytics.com/g/ 0
17 B 14ms
14ms Ping
text/plain 2001:4860:4802:34::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.google-analytics.com/g/collect?v=2&tid=G-W8XQKZC4SV&gtm=45je38u0&_p=2133656293&cid=1071242264.1693574506&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_eu=AAAI&_s=1&sid=1693574506&sct=1&seg=0&dl=https%3A%2F%2Fm.ojdrw.com%2Flist_xpt4sa5dqys.html&dt=m.ojdrw.com&en=page_view&_fv=1&_ss=1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-W8XQKZC4SV&l=dataLayer&cx=c
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 01 Sep 2023 13:21:46 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://m.ojdrw.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 js Show response
www.googletagmanager.com/gtag/ Frame C52B 180 KB
65 KB 21ms
21ms Script
application/javascript 2a00:1450:4001:810::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=UA-174266101-5

Requested by

Host: www.haha888.xyz
URL: https://www.haha888.xyz/dedecms/cache/autoptimize/js/autoptimize_single_7f9867eb2209f29394f8df4f990565d3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

824fc66cc17e126cb1f447bef46e0c0721d8dabb51a69a46e56af1a921dc4835

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.haha888.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date: Fri, 01 Sep 2023 13:21:46 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 66745
x-xss-protection: 0
last-modified: Fri, 01 Sep 2023 12:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Fri, 01 Sep 2023 13:21:46 GMT

GET
H2 200 fontawesome-webfont.woff2
www.haha888.xyz/dedecms/themes/famoustube/fonts/ Frame C52B 75 KB
76 KB 38ms
37ms Font
font/woff2 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.haha888.xyz/dedecms/themes/famoustube/fonts/fontawesome-webfont.woff2?v=4.7.0
Requested by: Host: www.haha888.xyz
URL: https://www.haha888.xyz/dedecms/cache/autoptimize/css/autoptimize_bf392533809ef5ea2f122229456517e2.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe

Request headers

Referer: https://www.haha888.xyz/dedecms/cache/autoptimize/css/autoptimize_bf392533809ef5ea2f122229456517e2.css
Origin: https://www.haha888.xyz
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date: Fri, 01 Sep 2023 13:21:46 GMT
cf-cache-status: REVALIDATED
last-modified: Sat, 08 Aug 2020 04:54:10 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "5f2e2ff2-12d68"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=scqtAS3Xm%2FgrnN4%2Fw3IcNWoccIKxwoux4ZZYo9JxKopO%2BKSyAjlQ0JtbsgKjfmyqBeOvm1VHsGXPVnTs1mn0c9s24NUUHjFEQKZa%2Bk32K7Pbce6hMhnxvYc8FwSxCtt1tuxn3Hpl1c91HGi2mo8%3D"}],"group":"cf-nel","max_age":604800}
content-type: font/woff2
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 7ffdd177ba911d94-FRA
content-length: 77160

GET
H2 200 ddd0897e43b6c3629d3e781808db5891.jpg
ljcdn.pic-726-baidu.com/upload/vod/20230811-1/ Frame C52B 133 KB
133 KB 59ms
27ms Image
image/jpeg 2606:4700:10::6816:1c9d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ljcdn.pic-726-baidu.com/upload/vod/20230811-1/ddd0897e43b6c3629d3e781808db5891.jpg
Requested by: Host: www.haha888.xyz
URL: https://www.haha888.xyz/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:1c9d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 304a9ed9419f465a4653b55681ada15e50d9ff8e6317f3aad7512f0baeb0bd00

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.haha888.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date: Fri, 01 Sep 2023 13:21:46 GMT
cf-cache-status: HIT
age: 1839938
cf-polished: degrade=85, origSize=195053, status=webp_bigger
content-length: 135777
cf-bgj: imgq:85,h2pri
last-modified: Fri, 11 Aug 2023 01:41:20 GMT
server: cloudflare
etag: "64d591c0-2f9ed"
vary: Accept-Encoding
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=31536000
access-control-allow-credentials: : true
accept-ranges: bytes
cf-ray: 7ffdd17879fc1c11-FRA
expires: Sun, 10 Sep 2023 06:12:48 GMT

GET
H2 200 2288dcb2aa00c4adec86f4cde75229fd.jpg
ljcdn.pic-726-baidu.com/upload/vod/20230811-1/ Frame C52B 134 KB
134 KB 59ms
27ms Image
image/jpeg 2606:4700:10::6816:1c9d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ljcdn.pic-726-baidu.com/upload/vod/20230811-1/2288dcb2aa00c4adec86f4cde75229fd.jpg
Requested by: Host: www.haha888.xyz
URL: https://www.haha888.xyz/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:1c9d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7bcf87d742fbb25ae6b75baa77a889e29cd4d56154181cd51bc241bdd803c94b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.haha888.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date: Fri, 01 Sep 2023 13:21:46 GMT
cf-cache-status: HIT
age: 1853977
cf-polished: degrade=85, origSize=197400, status=webp_bigger
content-length: 137170
cf-bgj: imgq:85,h2pri
last-modified: Fri, 11 Aug 2023 01:41:21 GMT
server: cloudflare
etag: "64d591c1-30318"
vary: Accept-Encoding
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=31536000
access-control-allow-credentials: : true
accept-ranges: bytes
cf-ray: 7ffdd1787a021c11-FRA
expires: Sun, 10 Sep 2023 02:18:49 GMT

GET
H2 200 2d15c9b802eacf0062de246a451603ea.jpg
ljcdn.pic-726-baidu.com/upload/vod/20230811-1/ Frame C52B 130 KB
131 KB 49ms
17ms Image
image/jpeg 2606:4700:10::6816:1c9d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ljcdn.pic-726-baidu.com/upload/vod/20230811-1/2d15c9b802eacf0062de246a451603ea.jpg
Requested by: Host: www.haha888.xyz
URL: https://www.haha888.xyz/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:1c9d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 9d4361ecaf247d04109c343d0c33af3458e277808f170314a840e213267d9a99

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.haha888.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date: Fri, 01 Sep 2023 13:21:46 GMT
cf-cache-status: HIT
age: 1844121
cf-polished: degrade=85, origSize=192079, status=webp_bigger
content-length: 133369
cf-bgj: imgq:85,h2pri
last-modified: Fri, 11 Aug 2023 01:41:22 GMT
server: cloudflare
etag: "64d591c2-2ee4f"
vary: Accept-Encoding
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=31536000
access-control-allow-credentials: : true
accept-ranges: bytes
cf-ray: 7ffdd17879f61c11-FRA
expires: Sun, 10 Sep 2023 05:03:05 GMT

GET
H2 200 91236257fdf66c017a63200372be5d4a.jpg
ljcdn.pic-726-baidu.com/upload/vod/20230811-1/ Frame C52B 121 KB
121 KB 60ms
28ms Image
image/jpeg 2606:4700:10::6816:1c9d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ljcdn.pic-726-baidu.com/upload/vod/20230811-1/91236257fdf66c017a63200372be5d4a.jpg
Requested by: Host: www.haha888.xyz
URL: https://www.haha888.xyz/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:1c9d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5c26b4fcc1bbd4e57586ebfedecf3ca5f81bf476ba2e9da3b69ba3666d0220b4

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.haha888.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date: Fri, 01 Sep 2023 13:21:46 GMT
cf-cache-status: HIT
age: 1836711
cf-polished: degrade=85, origSize=178313, status=webp_bigger
content-length: 123590
cf-bgj: imgq:85,h2pri
last-modified: Fri, 11 Aug 2023 01:41:22 GMT
server: cloudflare
etag: "64d591c2-2b889"
vary: Accept-Encoding
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=31536000
access-control-allow-credentials: : true
accept-ranges: bytes
cf-ray: 7ffdd1787a031c11-FRA
expires: Sun, 10 Sep 2023 07:06:35 GMT

GET
H2 200 9a9eba0b337b89d6a9bb5232d4e619cd.jpg
ljcdn.pic-726-baidu.com/upload/vod/20230811-1/ Frame C52B 129 KB
129 KB 57ms
26ms Image
image/jpeg 2606:4700:10::6816:1c9d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ljcdn.pic-726-baidu.com/upload/vod/20230811-1/9a9eba0b337b89d6a9bb5232d4e619cd.jpg
Requested by: Host: www.haha888.xyz
URL: https://www.haha888.xyz/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:1c9d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 318f3741403fe564cd0a134e609aff737448d1ed9d4168dbc9f69ae1b98ba26e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.haha888.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date: Fri, 01 Sep 2023 13:21:46 GMT
cf-cache-status: HIT
age: 1850433
cf-polished: degrade=85, origSize=191082, status=webp_bigger
content-length: 131836
cf-bgj: imgq:85,h2pri
last-modified: Fri, 11 Aug 2023 01:41:23 GMT
server: cloudflare
etag: "64d591c3-2ea6a"
vary: Accept-Encoding
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=31536000
access-control-allow-credentials: : true
accept-ranges: bytes
cf-ray: 7ffdd17879f81c11-FRA
expires: Sun, 10 Sep 2023 03:17:53 GMT

GET
H2 200 6eb83bd0679b16b3108e8ecac6f75671.jpg
ljcdn.pic-726-baidu.com/upload/vod/20230811-1/ Frame C52B 107 KB
108 KB 59ms
28ms Image
image/webp 2606:4700:10::6816:1c9d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ljcdn.pic-726-baidu.com/upload/vod/20230811-1/6eb83bd0679b16b3108e8ecac6f75671.jpg
Requested by: Host: www.haha888.xyz
URL: https://www.haha888.xyz/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:1c9d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8412e756322c7d6ce2a56d946bcc1988a8e2d5f1b3c8dbb0e028d6446e5bea78

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.haha888.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date: Fri, 01 Sep 2023 13:21:46 GMT
cf-cache-status: HIT
age: 1841569
cf-polished: qual=85, origFmt=jpeg, origSize=162271
content-disposition: inline; filename="6eb83bd0679b16b3108e8ecac6f75671.webp"
content-length: 109898
cf-bgj: imgq:85,h2pri
last-modified: Fri, 11 Aug 2023 01:41:24 GMT
server: cloudflare
etag: "64d591c4-279df"
vary: Accept
content-type: image/webp
access-control-allow-origin: *
cache-control: max-age=31536000
access-control-allow-credentials: : true
accept-ranges: bytes
cf-ray: 7ffdd17879fd1c11-FRA
expires: Sun, 10 Sep 2023 05:45:37 GMT

GET
H2 200 54e07a74ab4d41ae6065cf88f82b88ad.jpg
ljcdn.pic-726-baidu.com/upload/vod/20230811-1/ Frame C52B 103 KB
104 KB 51ms
26ms Image
image/webp 2606:4700:10::6816:1c9d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ljcdn.pic-726-baidu.com/upload/vod/20230811-1/54e07a74ab4d41ae6065cf88f82b88ad.jpg
Requested by: Host: www.haha888.xyz
URL: https://www.haha888.xyz/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:1c9d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6a5cabf71a670c6ae8f4f29bf28f764b759c87f43a961ea81501e98d2d4ecf6d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.haha888.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date: Fri, 01 Sep 2023 13:21:46 GMT
cf-cache-status: HIT
age: 1832152
cf-polished: qual=85, origFmt=jpeg, origSize=170935
content-disposition: inline; filename="54e07a74ab4d41ae6065cf88f82b88ad.webp"
content-length: 105740
cf-bgj: imgq:85,h2pri
last-modified: Fri, 11 Aug 2023 01:41:24 GMT
server: cloudflare
etag: "64d591c4-29bb7"
vary: Accept
content-type: image/webp
access-control-allow-origin: *
cache-control: max-age=31536000
access-control-allow-credentials: : true
accept-ranges: bytes
cf-ray: 7ffdd17879f41c11-FRA
expires: Sun, 10 Sep 2023 08:22:34 GMT

GET
H2 200 0dccee65de8ea386642e687848e76887.jpg
ljcdn.pic-726-baidu.com/upload/vod/20230809-1/ Frame C52B 126 KB
127 KB 52ms
28ms Image
image/jpeg 2606:4700:10::6816:1c9d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ljcdn.pic-726-baidu.com/upload/vod/20230809-1/0dccee65de8ea386642e687848e76887.jpg
Requested by: Host: www.haha888.xyz
URL: https://www.haha888.xyz/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:1c9d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 79833fe04c679bbd4060472d13ae5c3707021fd3bb513ab53b42d619d13c4e3b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.haha888.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date: Fri, 01 Sep 2023 13:21:46 GMT
cf-cache-status: HIT
age: 2030481
cf-polished: degrade=85, origSize=187889, status=webp_bigger
content-length: 129356
cf-bgj: imgq:85,h2pri
last-modified: Wed, 09 Aug 2023 01:10:33 GMT
server: cloudflare
etag: "64d2e789-2ddf1"
vary: Accept-Encoding
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=31536000
access-control-allow-credentials: : true
accept-ranges: bytes
cf-ray: 7ffdd17879f21c11-FRA
expires: Fri, 08 Sep 2023 01:17:11 GMT

GET
H2 200 5c7d69ec2bffdc8b08548b9fbabf1b8a.jpg
ljcdn.pic-726-baidu.com/upload/vod/20230809-1/ Frame C52B 143 KB
143 KB 50ms
26ms Image
image/jpeg 2606:4700:10::6816:1c9d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ljcdn.pic-726-baidu.com/upload/vod/20230809-1/5c7d69ec2bffdc8b08548b9fbabf1b8a.jpg
Requested by: Host: www.haha888.xyz
URL: https://www.haha888.xyz/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:1c9d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2a9e9a9e40f94ea95e4938c12f32bf9eb82fed81bbf05b0db31d51dbb8cacc46

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.haha888.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date: Fri, 01 Sep 2023 13:21:46 GMT
cf-cache-status: HIT
age: 2026927
cf-polished: degrade=85, origSize=212678, status=webp_bigger
content-length: 146273
cf-bgj: imgq:85,h2pri
last-modified: Wed, 09 Aug 2023 01:10:34 GMT
server: cloudflare
etag: "64d2e78a-33ec6"
vary: Accept-Encoding
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=31536000
access-control-allow-credentials: : true
accept-ranges: bytes
cf-ray: 7ffdd17879f31c11-FRA
expires: Fri, 08 Sep 2023 02:16:25 GMT

GET
H2 200 5bf8232751c987d09f0ab5cf9f450d48.jpg
ljcdn.pic-726-baidu.com/upload/vod/20230809-1/ Frame C52B 128 KB
128 KB 52ms
28ms Image
image/jpeg 2606:4700:10::6816:1c9d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ljcdn.pic-726-baidu.com/upload/vod/20230809-1/5bf8232751c987d09f0ab5cf9f450d48.jpg
Requested by: Host: www.haha888.xyz
URL: https://www.haha888.xyz/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:1c9d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 456e262c4497158dcd56baff13a092f6ba6fdccfd4e9fd4a51d7646ced009d7b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.haha888.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date: Fri, 01 Sep 2023 13:21:46 GMT
cf-cache-status: HIT
age: 2026922
cf-polished: degrade=85, origSize=190463, status=webp_bigger
content-length: 131226
cf-bgj: imgq:85,h2pri
last-modified: Wed, 09 Aug 2023 01:10:34 GMT
server: cloudflare
etag: "64d2e78a-2e7ff"
vary: Accept-Encoding
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=31536000
access-control-allow-credentials: : true
accept-ranges: bytes
cf-ray: 7ffdd1787a041c11-FRA
expires: Fri, 08 Sep 2023 02:16:30 GMT

GET
H2 200 3331b684374f2409b916e65874c9a4a8.jpg
ljcdn.pic-726-baidu.com/upload/vod/20230809-1/ Frame C52B 129 KB
129 KB 53ms
28ms Image
image/jpeg 2606:4700:10::6816:1c9d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ljcdn.pic-726-baidu.com/upload/vod/20230809-1/3331b684374f2409b916e65874c9a4a8.jpg
Requested by: Host: www.haha888.xyz
URL: https://www.haha888.xyz/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:1c9d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 1cedc4e8eab0f1386d91ed934d90cd2b7f428d77c0f8695f9bde738a2e6274d9

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.haha888.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date: Fri, 01 Sep 2023 13:21:46 GMT
cf-cache-status: HIT
age: 2021019
cf-polished: degrade=85, origSize=190687, status=webp_bigger
content-length: 131830
cf-bgj: imgq:85,h2pri
last-modified: Wed, 09 Aug 2023 01:10:35 GMT
server: cloudflare
etag: "64d2e78b-2e8df"
vary: Accept-Encoding
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=31536000
access-control-allow-credentials: : true
accept-ranges: bytes
cf-ray: 7ffdd17879ef1c11-FRA
expires: Fri, 08 Sep 2023 03:54:52 GMT

GET
H2 200 7f3bbc47aa3b0535bb7e3df98b40a5c7.jpg
ljcdn.pic-726-baidu.com/upload/vod/20230811-1/ Frame C52B 132 KB
132 KB 53ms
28ms Image
image/jpeg 2606:4700:10::6816:1c9d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ljcdn.pic-726-baidu.com/upload/vod/20230811-1/7f3bbc47aa3b0535bb7e3df98b40a5c7.jpg
Requested by: Host: www.haha888.xyz
URL: https://www.haha888.xyz/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:1c9d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 908933ba6e549cf4eddc2671da7f9f503b6260aef93df886ecedd7ea2f29bf29

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.haha888.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date: Fri, 01 Sep 2023 13:21:46 GMT
cf-cache-status: HIT
age: 1842097
cf-polished: degrade=85, origSize=194070, status=webp_bigger
content-length: 135252
cf-bgj: imgq:85,h2pri
last-modified: Fri, 11 Aug 2023 01:41:18 GMT
server: cloudflare
etag: "64d591be-2f616"
vary: Accept-Encoding
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=31536000
access-control-allow-credentials: : true
accept-ranges: bytes
cf-ray: 7ffdd17879ff1c11-FRA
expires: Sun, 10 Sep 2023 05:36:49 GMT

GET
H2 200 821a33fc9de742026786b1fb46cb16a6.jpg
ljcdn.pic-726-baidu.com/upload/vod/20230811-1/ Frame C52B 133 KB
133 KB 51ms
27ms Image
image/jpeg 2606:4700:10::6816:1c9d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ljcdn.pic-726-baidu.com/upload/vod/20230811-1/821a33fc9de742026786b1fb46cb16a6.jpg
Requested by: Host: www.haha888.xyz
URL: https://www.haha888.xyz/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:1c9d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a6eaf6ff20a7b3d6729ae7715082d306688671003842026f2315c5f802920e86

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.haha888.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date: Fri, 01 Sep 2023 13:21:46 GMT
cf-cache-status: HIT
age: 1832535
cf-polished: degrade=85, origSize=195638, status=webp_bigger
content-length: 136345
cf-bgj: imgq:85,h2pri
last-modified: Fri, 11 Aug 2023 01:41:19 GMT
server: cloudflare
etag: "64d591bf-2fc36"
vary: Accept-Encoding
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=31536000
access-control-allow-credentials: : true
accept-ranges: bytes
cf-ray: 7ffdd17879f01c11-FRA
expires: Sun, 10 Sep 2023 08:16:10 GMT

GET
H2 200 637f2765e0dd0815d721b225637a2abd.jpg
ljcdn.pic-726-baidu.com/upload/vod/20230811-1/ Frame C52B 136 KB
137 KB 52ms
27ms Image
image/jpeg 2606:4700:10::6816:1c9d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ljcdn.pic-726-baidu.com/upload/vod/20230811-1/637f2765e0dd0815d721b225637a2abd.jpg
Requested by: Host: www.haha888.xyz
URL: https://www.haha888.xyz/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:1c9d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2c46a967442b0ff30ee8acfea0e74b1c33016f9a3df82f3ee336c36676c0369b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.haha888.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date: Fri, 01 Sep 2023 13:21:46 GMT
cf-cache-status: HIT
age: 1844122
cf-polished: degrade=85, origSize=200676, status=webp_bigger
content-length: 139604
cf-bgj: imgq:85,h2pri
last-modified: Fri, 11 Aug 2023 01:41:19 GMT
server: cloudflare
etag: "64d591bf-30fe4"
vary: Accept-Encoding
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=31536000
access-control-allow-credentials: : true
accept-ranges: bytes
cf-ray: 7ffdd17879fe1c11-FRA
expires: Sun, 10 Sep 2023 05:03:05 GMT

GET
H2 200 50440cd484efc737d98d082c8a5f90e8.jpg
ljcdn.pic-726-baidu.com/upload/vod/20230811-1/ Frame C52B 139 KB
139 KB 51ms
26ms Image
image/jpeg 2606:4700:10::6816:1c9d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ljcdn.pic-726-baidu.com/upload/vod/20230811-1/50440cd484efc737d98d082c8a5f90e8.jpg
Requested by: Host: www.haha888.xyz
URL: https://www.haha888.xyz/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:1c9d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5c879d473df7cc04b4d689001314b1c47fd48636cd237506b6a6dedc9bd4a5c3

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.haha888.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date: Fri, 01 Sep 2023 13:21:46 GMT
cf-cache-status: HIT
age: 1844746
cf-polished: degrade=85, origSize=204204, status=webp_bigger
content-length: 141936
cf-bgj: imgq:85,h2pri
last-modified: Fri, 11 Aug 2023 01:41:20 GMT
server: cloudflare
etag: "64d591c0-31dac"
vary: Accept-Encoding
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=31536000
access-control-allow-credentials: : true
accept-ranges: bytes
cf-ray: 7ffdd17879f71c11-FRA
expires: Sun, 10 Sep 2023 04:52:40 GMT

GET
H3 200 js Show response
www.googletagmanager.com/gtag/ Frame C52B 218 KB
77 KB 27ms
27ms Script
application/javascript 2a00:1450:4001:810::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-WVT6P97QXW&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-174266101-5

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

ff4a548bf2e679427a530ce5ecbf398a0b3cea6cc67f968b93892229eb650a90

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.haha888.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date: Fri, 01 Sep 2023 13:21:46 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 79013
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Fri, 01 Sep 2023 13:21:46 GMT

GET
H3 200 analytics.js Show response
www.google-analytics.com/ Frame C52B 52 KB
21 KB 7ms
7ms Script
text/javascript 2a00:1450:4001:80b::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-174266101-5

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.haha888.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Fri, 01 Sep 2023 11:49:43 GMT
last-modified: Mon, 12 Jun 2023 18:23:07 GMT
server: Golfe2
age: 5523
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20994
expires: Fri, 01 Sep 2023 13:49:43 GMT

Verdicts & Comments Add Verdict or Comment

23 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

11 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.m.ojdrw.com/	1970-01-20 14:26:18	Name: _no_tracky_101417154 Value: 1
.ojdrw.com/	1970-01-21 00:02:14	Name: _ga_K9S89HRFG3 Value: GS1.1.1693574505.1.0.1693574505.0.0.0
.ojdrw.com/	1970-01-21 00:02:14	Name: _ga_LHHF4LBPN5 Value: GS1.1.1693574505.1.0.1693574505.0.0.0
.ojdrw.com/	1970-01-21 00:02:14	Name: _ga_5XYY94FWR5 Value: GS1.1.1693574506.1.0.1693574506.0.0.0
.ojdrw.com/	1970-01-20 14:27:40	Name: _gid Value: GA1.2.22632981.1693574506
.ojdrw.com/	1970-01-20 14:26:14	Name: _gat_gtag_UA_122681550_42 Value: 1
.ojdrw.com/	1970-01-20 14:26:14	Name: _gat_gtag_UA_122681550_1 Value: 1
.ojdrw.com/	1970-01-20 14:26:14	Name: _gat_gtag_UA_122681550_16 Value: 1
.ojdrw.com/	1970-01-21 00:02:14	Name: _ga_RBFPM4HW11 Value: GS1.1.1693574506.1.0.1693574506.0.0.0
.ojdrw.com/	1970-01-21 00:02:14	Name: _ga Value: GA1.1.1071242264.1693574506
.ojdrw.com/	1970-01-21 00:02:14	Name: _ga_W8XQKZC4SV Value: GS1.1.1693574506.1.0.1693574506.0.0.0

11 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://cdn.matomo.cloud/ghuruii.matomo.cloud/matomo.js Message: Failed to load resource: the server responded with a status of 403 ()
javascript	warning	URL: https://www.haha888.xyz/dedecms/cache/autoptimize/js/autoptimize_cec152df2cc154c3e24d13f2898be5d7.js(Line 5) Message: Failed to execute 'write' on 'Document': It isn't possible to write into a document from an asynchronously-loaded external script unless it is explicitly opened.
javascript	warning	URL: https://www.haha888.xyz/dedecms/cache/autoptimize/js/autoptimize_cec152df2cc154c3e24d13f2898be5d7.js(Line 5) Message: Failed to execute 'write' on 'Document': It isn't possible to write into a document from an asynchronously-loaded external script unless it is explicitly opened.
javascript	warning	URL: https://www.haha888.xyz/dedecms/cache/autoptimize/js/autoptimize_cec152df2cc154c3e24d13f2898be5d7.js(Line 5) Message: Failed to execute 'write' on 'Document': It isn't possible to write into a document from an asynchronously-loaded external script unless it is explicitly opened.
javascript	warning	URL: https://www.haha888.xyz/dedecms/cache/autoptimize/js/autoptimize_cec152df2cc154c3e24d13f2898be5d7.js(Line 5) Message: Failed to execute 'write' on 'Document': It isn't possible to write into a document from an asynchronously-loaded external script unless it is explicitly opened.
javascript	warning	URL: https://www.haha888.xyz/dedecms/cache/autoptimize/js/autoptimize_cec152df2cc154c3e24d13f2898be5d7.js(Line 5) Message: Failed to execute 'write' on 'Document': It isn't possible to write into a document from an asynchronously-loaded external script unless it is explicitly opened.
javascript	warning	URL: https://www.haha888.xyz/dedecms/cache/autoptimize/js/autoptimize_cec152df2cc154c3e24d13f2898be5d7.js(Line 5) Message: Failed to execute 'write' on 'Document': It isn't possible to write into a document from an asynchronously-loaded external script unless it is explicitly opened.
javascript	warning	URL: https://www.haha888.xyz/dedecms/cache/autoptimize/js/autoptimize_cec152df2cc154c3e24d13f2898be5d7.js(Line 5) Message: Failed to execute 'write' on 'Document': It isn't possible to write into a document from an asynchronously-loaded external script unless it is explicitly opened.
javascript	warning	URL: https://www.haha888.xyz/dedecms/cache/autoptimize/js/autoptimize_cec152df2cc154c3e24d13f2898be5d7.js(Line 5) Message: Failed to execute 'write' on 'Document': It isn't possible to write into a document from an asynchronously-loaded external script unless it is explicitly opened.
javascript	warning	URL: https://www.haha888.xyz/dedecms/cache/autoptimize/js/autoptimize_cec152df2cc154c3e24d13f2898be5d7.js(Line 5) Message: Failed to execute 'write' on 'Document': It isn't possible to write into a document from an asynchronously-loaded external script unless it is explicitly opened.
javascript	warning	URL: https://www.haha888.xyz/dedecms/cache/autoptimize/js/autoptimize_cec152df2cc154c3e24d13f2898be5d7.js(Line 5) Message: Failed to execute 'write' on 'Document': It isn't possible to write into a document from an asynchronously-loaded external script unless it is explicitly opened.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

cdn.matomo.cloud
in.getclicky.com
ljcdn.pic-726-baidu.com
m.ojdrw.com
region1.google-analytics.com
static.getclicky.com
www.google-analytics.com
www.googletagmanager.com
www.haha888.xyz
2001:4860:4802:34::36
2600:9000:223f:3c00:c:7d55:b3c0:93a1
2606:4700:10::6816:1c9d
2606:4700:3032::6815:2d2e
2606:4700::6811:616c
2a00:1450:4001:80b::200e
2a00:1450:4001:810::2008
2a06:98c1:3121::3
1a35993d2a13fff01891b29dfec8adf21cdb09c8e4eebade7e3e3c1bb79b829c
1cedc4e8eab0f1386d91ed934d90cd2b7f428d77c0f8695f9bde738a2e6274d9
24479cb4446a3d0cffeb17b33ae39ec2dcc7578824c17f28148449d986ee649a
2a9e9a9e40f94ea95e4938c12f32bf9eb82fed81bbf05b0db31d51dbb8cacc46
2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe
2c46a967442b0ff30ee8acfea0e74b1c33016f9a3df82f3ee336c36676c0369b
304a9ed9419f465a4653b55681ada15e50d9ff8e6317f3aad7512f0baeb0bd00
318f3741403fe564cd0a134e609aff737448d1ed9d4168dbc9f69ae1b98ba26e
35a1f7b7e40cce7e8ea9ab8caf17da5a31e577e85e2c403ace5bf6899ed4191b
36a4c8f80337fa6562a0b05a749bd60d951a0346b8d771355b1368b8f465cd85
456e262c4497158dcd56baff13a092f6ba6fdccfd4e9fd4a51d7646ced009d7b
4f90d9edfa6fa00ab4f0b70006097e3e4c29fb8a27a288f28bccc9ffe5be7760
5a3f0ecfaadd812a7ac72d1655c2788c9d77354245fa0616c1bb433bc466c105
5c26b4fcc1bbd4e57586ebfedecf3ca5f81bf476ba2e9da3b69ba3666d0220b4
5c879d473df7cc04b4d689001314b1c47fd48636cd237506b6a6dedc9bd4a5c3
604c89f82e35a5ea7d9b78f9d0763335dcd85f8f72c77b1d455cf151555ec23d
68e2e24669f42a128af00d0442e556e19dbd4ef5163320ec003248cea50d0262
6a5cabf71a670c6ae8f4f29bf28f764b759c87f43a961ea81501e98d2d4ecf6d
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
716e2939c73a8654092168134806f535b0c1c7d53aa689c65519e7e032ab6eeb
79833fe04c679bbd4060472d13ae5c3707021fd3bb513ab53b42d619d13c4e3b
7bcf87d742fbb25ae6b75baa77a889e29cd4d56154181cd51bc241bdd803c94b
7c617eeaa06f3e9fcdbcdbe6942c6a6c99e17ea867cbd8dc2ac10d5310f66a0d
824fc66cc17e126cb1f447bef46e0c0721d8dabb51a69a46e56af1a921dc4835
8412e756322c7d6ce2a56d946bcc1988a8e2d5f1b3c8dbb0e028d6446e5bea78
89bf8178badeeb159dd309c838c8f05fd1a8ec919f1fc2aa812d47ae4e29568d
908933ba6e549cf4eddc2671da7f9f503b6260aef93df886ecedd7ea2f29bf29
93c6700a81ba8ea5f99cabecf95eeb69158f49b62561a50a8a0301aa4b982663
963da81bc186fc8608034e3f12acd689905172b241e697534a8097bb32e44a18
968ddf3d25e9175ae2b5655512b67fb60ccdb7efae52e2015450dcb1590f2c03
9d4361ecaf247d04109c343d0c33af3458e277808f170314a840e213267d9a99
a6eaf6ff20a7b3d6729ae7715082d306688671003842026f2315c5f802920e86
af890246a951ced9e14e0ab06ba3ef44bf2dc78d56f417b2fe4e8bb71fbd1fd0
cf2b88c8deda24769e8146f2f474289d372280b4cdd92e6dff2259a439fddcd8
d3847d6f53d97dd5ab54a4e0fef81f1c82bcd95df0621b6abe81a1942a7fa555
dafcf31a3b5437a2cb6bd89f1b43d4aa97ccb241ba834a069bfeafdc3877915f
dc2446ba932dd6362370b2fa7f0dfcff7517562fe9d99eb48d0d2fc38ff6c393
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
ff4a548bf2e679427a530ce5ecbf398a0b3cea6cc67f968b93892229eb650a90

m.ojdrw.com Open in urlscan Pro 2606:4700:3032::6815:2d2e Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

48 Requests

100 %HTTPS

100 %IPv6

7 Domains

9 Subdomains

8 IPs

2 Countries

3045 kBTransfer

5202 kBSize

11 Cookies

1 Outgoing links

Redirected requests

48 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

m.ojdrw.com Open in urlscan Pro
2606:4700:3032::6815:2d2e Public Scan

Screenshot
Live screenshot

Full Image

48
Requests

100 %
HTTPS

100 %
IPv6

7
Domains

9
Subdomains

8
IPs

2
Countries

3045 kB
Transfer

5202 kB
Size

11
Cookies

48 HTTP transactions
0 data transactions