maxwell.faotas.info Open in urlscan Pro
2606:4700:3030::ac43:b1d0  Public Scan

0 Outgoing links

These are links going to different origins than the main page.

Redirected requests

There were HTTP redirect chains for the following requests:

27 HTTP transactions Everything HTML Script AJAX CSS Image Expand all
0 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H2	200	Primary Request ami-presco-435-manual-arts.html Show response maxwell.faotas.info/	15 KB 6 KB	368ms 295ms	Document text/html	2606:4700:3030::ac43:b1d0 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://maxwell.faotas.info/ami-presco-435-manual-arts.html Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3030::ac43:b1d0 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash e554fd561ef4cf53da23e6b44d7a417ee464b8f2fd87ca7b60a621e10ad825f3 Request headers :method GET :authority maxwell.faotas.info :scheme https :path /ami-presco-435-manual-arts.html pragma no-cache cache-control no-cache upgrade-insecure-requests 1 user-agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 accept-language de-DE,de;q=0.9 accept text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9 sec-fetch-site none sec-fetch-mode navigate sec-fetch-user ?1 sec-fetch-dest document accept-encoding gzip, deflate, br Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Accept-Language de-DE,de;q=0.9 Response headers date Mon, 18 Oct 2021 07:33:49 GMT content-type text/html last-modified Sat, 07 Mar 2020 15:18:10 GMT vary Accept-Encoding cf-cache-status DYNAMIC expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=HDa5pq8FW3wBjeY%2BOz5KH74Xd2uFaPvf2m8G1AtyW%2BWqcTWYQbEG3%2B%2BAfQDSrhwU8O%2FCup103JqYmXxyMQuLZcmSUWupgfIWLjRAQgGu3Q0ywGvRBRBs7bYLw%2FNYdgyMrsnYQ8%2BlPC%2F%2Fu0KL9aloxXxi"}],"group":"cf-nel","max_age":604800} nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare cf-ray 6a0014a49dee05b7-FRA content-encoding br alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
GET H2	200	styles.css maxwell.faotas.info/	19 KB 5 KB	18ms 18ms	Stylesheet text/css	2606:4700:3030::ac43:b1d0 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://maxwell.faotas.info/styles.css Requested by Host: maxwell.faotas.info URL: https://maxwell.faotas.info/ami-presco-435-manual-arts.html Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3030::ac43:b1d0 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash db02f208aa5848e1a588cd76bfb180c92314bfbfb2ca5878ab003f6264de3a10 Request headers :path /styles.css pragma no-cache accept-encoding gzip, deflate, br accept-language de-DE,de;q=0.9 user-agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 sec-fetch-mode no-cors accept text/css,*/*;q=0.1 cache-control no-cache sec-fetch-dest style :authority maxwell.faotas.info referer https://maxwell.faotas.info/ami-presco-435-manual-arts.html :scheme https sec-fetch-site same-origin :method GET Accept-Language de-DE,de;q=0.9 Referer https://maxwell.faotas.info/ami-presco-435-manual-arts.html User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Response headers date Mon, 18 Oct 2021 07:33:49 GMT content-encoding br cf-cache-status HIT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} age 3038667 alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400 last-modified Tue, 17 Mar 2020 14:09:14 GMT server cloudflare etag W/"5e70da0a-4d42" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=MUrQ3WmA7EPqZl1UUf88RBKokD%2FICBARD6HYmoc99S1eVHys1eS1YnzifOQmjL4pvv0yjpV1xdgDYWfCfwgtFygnbgeTuKlMnFOYibcS1t7a4eksy9Hw%2BLM3pqwwgxht2bNM75aGdjXAR84k2T0eSMhg"}],"group":"cf-nel","max_age":604800} content-type text/css cache-control max-age=315360000 cf-ray 6a0014a688c805b7-FRA expires Thu, 31 Dec 2037 23:55:55 GMT
GET		XYjOlg-9s0001t-m3200c-bac_ba_safc_e-manual-by-download-mau.jpg cdn.iofferphoto.com/t/1zwpS502lv0aMXJ5_ZlbJqEqkXo=/adaptive-fit-in/232x232/filters:fill(transparent)/img/item/569/382/318/	0 0
GET H2	200	/ maxwell.faotas.info/	0 5 KB	160ms 160ms	Other text/html	2606:4700:3030::ac43:b1d0 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://maxwell.faotas.info/ Requested by Host: maxwell.faotas.info URL: https://maxwell.faotas.info/ami-presco-435-manual-arts.html Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3030::ac43:b1d0 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers :path / pragma no-cache purpose prefetch accept-encoding gzip, deflate, br accept-language de-DE,de;q=0.9 user-agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 sec-fetch-mode no-cors accept application/signed-exchange;v=b3;q=0.9,*/*;q=0.8 cache-control no-cache sec-fetch-dest empty :authority maxwell.faotas.info referer https://maxwell.faotas.info/ami-presco-435-manual-arts.html :scheme https sec-fetch-site same-origin :method GET Accept-Language de-DE,de;q=0.9 Referer https://maxwell.faotas.info/ami-presco-435-manual-arts.html User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Response headers date Mon, 18 Oct 2021 07:33:49 GMT content-encoding br cf-cache-status DYNAMIC nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=9koKN0g%2F1ODaVMVkwO%2BKCwCEwgR3HhReqpoYfMEHyEXfT%2BoBnBLQF0WP2c7W7mAQ9G%2BqRMBTA%2Bji1y6vFOzOHgQaMdJD00lje5fq7EY%2FKltr4dkEVO6ms0Qx%2FX2x%2BkOpnYTS6ozeZ%2B18Hcsk0t4wcWIA"}],"group":"cf-nel","max_age":604800} content-type text/html last-modified Sat, 07 Mar 2020 15:19:00 GMT cf-ray 6a0014a688c905b7-FRA alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
GET H2	404	fontawesome-webfont.woff2@v=4.6.3 maxwell.faotas.info/	0 0	294ms 294ms	Font text/html	2606:4700:3030::ac43:b1d0 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://maxwell.faotas.info/fontawesome-webfont.woff2@v=4.6.3 Requested by Host: maxwell.faotas.info URL: https://maxwell.faotas.info/styles.css Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3030::ac43:b1d0 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash Request headers :path /fontawesome-webfont.woff2@v=4.6.3 pragma no-cache origin https://maxwell.faotas.info accept-encoding gzip, deflate, br accept-language de-DE,de;q=0.9 user-agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 sec-fetch-mode cors accept */* cache-control no-cache sec-fetch-dest font :authority maxwell.faotas.info referer https://maxwell.faotas.info/styles.css :scheme https sec-fetch-site same-origin :method GET Referer https://maxwell.faotas.info/styles.css Origin https://maxwell.faotas.info Accept-Language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Response headers date Mon, 18 Oct 2021 07:33:49 GMT content-encoding br cf-cache-status DYNAMIC nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Gnl6%2Bolap9iSctDs2jr3%2BHGPb54w8GEK7B9uktbZl7T81gldlvvxXH3OPkJJwWt4DMunufIQJDU6AkVFPV71L25mL6aMPrVMaCD7UIslUf69KYotYP%2FLXLk15SceYEV0AKbGKpYttVazwbXn33XIQclr"}],"group":"cf-nel","max_age":604800} content-type text/html cf-ray 6a0014a6a91905b7-FRA alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
GET H2	200	/ Show response euletep.top/	1 KB 1 KB	156ms 30ms	XHR text/javascript	2606:4700:3033::6815:15bb CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://euletep.top/?oBJGxNn=C0MSWEYbDgJYHE4VUgJVCQZZAwVKUlQLSUgXUhcHWBlQClEfWwILEwAJHwNGRxBPUwRXTlYfC1MHVkkbV0oFAlYJSAYaUUkDD0hhMRgfTxcHTBIRQwBYR1FZJBxJT0NXHE0XEQUCQFUANg== Requested by Host: maxwell.faotas.info URL: https://maxwell.faotas.info/ami-presco-435-manual-arts.html Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3033::6815:15bb , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 3ef1c4471cc3e44eee09ee6e04cf925b89fab68958cc2c154023d3133d7e21e6 Request headers Accept-Language de-DE,de;q=0.9 Referer https://maxwell.faotas.info/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Response headers date Mon, 18 Oct 2021 07:33:49 GMT content-encoding br cf-cache-status DYNAMIC nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" access-control-max-age 86400 access-control-allow-methods GET, POST, OPTIONS content-type text/javascript;charset=UTF-8 access-control-allow-origin https://maxwell.faotas.info report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=PhwWxxSJILQjR7zCcvml%2FIO3AVQFA0gwmmsUcclV%2BorQesbq9YMi01NAd%2F99GwS8FO6CmUIyHwoajLbLedl7%2BLKEZ0vI8H2Cm%2BSEAAHkZr2lSBVJtzZob4BVAY4RUs0Ktx%2FD%2BV%2BiV%2BkYWQ%3D%3D"}],"group":"cf-nel","max_age":604800} access-control-allow-credentials true cf-ray 6a0014a78ec568ec-FRA access-control-allow-headers X-Requested-With alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
GET H2	200	/ Show response euletep.top/	3 KB 3 KB	135ms 117ms	XHR text/javascript	2606:4700:3033::6815:15bb CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://euletep.top/?ZjuKDmzrVw_thAXy=WBhCWUVODlIISR9EUwcCDwFcB1NOVg0NDUhSVgoOWwJZDB9TVFUAVF5fDhhTRF0AC1VJWQNHEQcRTwgJV04GT1gQUwwZGlEYAwBXAxkDGFdJVAwZN2RNBAIQS1QDGgFVD0xDUFBUCU8fUwpeGRpAAB1FERFRVkRRAjA=&ref= Requested by Host: maxwell.faotas.info URL: https://maxwell.faotas.info/ami-presco-435-manual-arts.html Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3033::6815:15bb , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 0e2c2450b5f9637bac865777034058c4973f1ab2f7744d3ec416a8cd5f9371fd Request headers Accept-Language de-DE,de;q=0.9 Referer https://maxwell.faotas.info/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Response headers date Mon, 18 Oct 2021 07:33:49 GMT content-encoding br cf-cache-status DYNAMIC nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" access-control-max-age 86400 access-control-allow-methods GET, POST, OPTIONS content-type text/javascript;charset=UTF-8 access-control-allow-origin https://maxwell.faotas.info report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=RJ9V%2BNzNz5fSPA%2FajoyS75TopKcH%2F2XhYXv4av%2BcgfqK48YcRlpT%2BTBNZZNgvW0U3q65b4kQ0bTyYk6tmqBuvIBFQeVsGsLGUcQDU2qe11c1yoYnGz6690F20MhKDa0qSTXgjZEYWzBc%2FA%3D%3D"}],"group":"cf-nel","max_age":604800} access-control-allow-credentials true cf-ray 6a0014a7db937033-FRA access-control-allow-headers X-Requested-With alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
GET H2	404	fontawesome-webfont.woff@v=4.6.3 maxwell.faotas.info/	0 0	155ms 154ms	Font text/html	2606:4700:3030::ac43:b1d0 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://maxwell.faotas.info/fontawesome-webfont.woff@v=4.6.3 Requested by Host: maxwell.faotas.info URL: https://maxwell.faotas.info/styles.css Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3030::ac43:b1d0 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash Request headers :path /fontawesome-webfont.woff@v=4.6.3 pragma no-cache origin https://maxwell.faotas.info accept-encoding gzip, deflate, br accept-language de-DE,de;q=0.9 user-agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 sec-fetch-mode cors accept */* cache-control no-cache sec-fetch-dest font :authority maxwell.faotas.info referer https://maxwell.faotas.info/styles.css :scheme https sec-fetch-site same-origin :method GET Referer https://maxwell.faotas.info/styles.css Origin https://maxwell.faotas.info Accept-Language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Response headers date Mon, 18 Oct 2021 07:33:49 GMT content-encoding br cf-cache-status DYNAMIC nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=VEpZV0wf0%2F4HxpS1Em5RhV4ytkwkBpNjqbj910mk198glTd6RQoJYHu4z3nzZIEWiuLKHh5T9XVyb18bme3j%2BbaEdQSGHZsdQh%2BgwGLF5jytGkEyRyqIT3vIywG9mDRGKpto%2FeUxeFsvxqnDH%2BG2xbKp"}],"group":"cf-nel","max_age":604800} content-type text/html cf-ray 6a0014a88be105b7-FRA alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
GET H2	200	/ Show response heidaliy.us/	20 KB 6 KB	122ms 82ms	XHR text/html	2606:4700:3031::ac43:826a CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://heidaliy.us/?p=101&q=alon+kollmann+facebook+friend+mapper&land_id=500&tid=2&t=cudorew.info&s=euletep.top&banners=1&device=Windows&country=DE&lpkey=1606345e5498274b29&banners=1&lang=de-DE&uclick=d5q5a4kt&uclickhash=d5q5a4kt-d5q5a4kt-h90-0-j6qq-gmus0-gmusvr-195a11&offer_url=https%3A%2F%2Fdownlosaly.info%2F%3Fcid%3Dd0b22d5q5a4ktf64%26u%3D6vl82k7%26t%3D101%26o%3Duwdw1nh Requested by Host: maxwell.faotas.info URL: https://maxwell.faotas.info/ami-presco-435-manual-arts.html Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3031::ac43:826a , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash d994b7eaddc25e7c79eaad66768646fe3c236894ddb89b15ac1c3b5bf36d0c7a Request headers Accept-Language de-DE,de;q=0.9 Referer https://maxwell.faotas.info/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Response headers date Mon, 18 Oct 2021 07:33:49 GMT content-encoding br cf-cache-status DYNAMIC nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} access-control-allow-methods GET, POST, OPTIONS alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400 referrer-policy no-referrer server cloudflare expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" access-control-max-age 86400 report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ycGavkGWmBYDanlRNc%2BtrT3zn%2BQzV5lIH5h3EtH4PXBnql%2FRf30vG8Fl9x0d1lYkS0M%2BpfWkDNaleGPOGiQpeOgichLS4oX4WQ8%2BvLwjoXpSnZWdyGAQE33yqa11NRN%2BxTwzDeHSlk5zBg%3D%3D"}],"group":"cf-nel","max_age":604800} content-type text/html; charset=UTF-8 access-control-allow-origin https://maxwell.faotas.info access-control-allow-credentials true cf-ray 6a0014a8da555c02-FRA access-control-allow-headers X-Requested-With
GET		XYjOlg-9s0001t-m3200c-bac_ba_safc_e-manual-by-download-mau.jpg cdn.iofferphoto.com/t/1zwpS502lv0aMXJ5_ZlbJqEqkXo=/adaptive-fit-in/232x232/filters:fill(transparent)/img/item/569/382/318/	0 0
GET H2	404	fontawesome-webfont.ttf@v=4.6.3 maxwell.faotas.info/	0 0	172ms 172ms	Font text/html	2606:4700:3030::ac43:b1d0 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://maxwell.faotas.info/fontawesome-webfont.ttf@v=4.6.3 Requested by Host: maxwell.faotas.info URL: https://maxwell.faotas.info/styles.css Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3030::ac43:b1d0 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash Request headers :path /fontawesome-webfont.ttf@v=4.6.3 pragma no-cache origin https://maxwell.faotas.info accept-encoding gzip, deflate, br accept-language de-DE,de;q=0.9 user-agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 sec-fetch-mode cors accept */* cache-control no-cache sec-fetch-dest font :authority maxwell.faotas.info referer https://maxwell.faotas.info/styles.css :scheme https sec-fetch-site same-origin :method GET Referer https://maxwell.faotas.info/styles.css Origin https://maxwell.faotas.info Accept-Language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Response headers date Mon, 18 Oct 2021 07:33:49 GMT content-encoding br cf-cache-status DYNAMIC nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=1N7ZkfTgczhitRRJFzxq3iKBqHeC11EKTyEwnjeOe19OknWyqJ2n69XLN39XLLGYcsY9ecXTk%2FYods%2F%2BG6LXw1HtJC9CER6yqtgjv%2FT8kOhFkUcfTxBDFb342GaKqc1YGww07nY8CScPZJIvZd6VtHDx"}],"group":"cf-nel","max_age":604800} content-type text/html cf-ray 6a0014a99e0805b7-FRA alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
GET H2	200	mfv4_119975.css heidaliy.us/landings/500/ Frame BD3B	320 KB 55 KB	69ms 67ms	Stylesheet text/css	2606:4700:3031::ac43:826a CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://heidaliy.us/landings/500/mfv4_119975.css Requested by Host: srcdoc URL: about:srcdoc Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3031::ac43:826a , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash e221e4c8bc3380b0d4e4eb468cf8c54371252009f2e1c7f977ba906d9982c311 Request headers Accept-Language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Response headers date Mon, 18 Oct 2021 07:33:49 GMT content-encoding br cf-cache-status HIT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} age 180313 alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400 last-modified Sat, 20 Feb 2021 11:15:53 GMT server cloudflare etag W/"6030ef69-4ff17" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=HewfkTtNq2yD5e3TnUx2BO0X4vRjTwEbylV0oAvLiaYE%2BoCIB2rZYTYXE%2F%2BToMelrzwou4E4MUTwM4s9ByMTlXNxJKoXHX6IqGxjKa2PcCl4n3SHyOYUT75WC%2B3rerHe%2FIR0cffB7dISlQ%3D%3D"}],"group":"cf-nel","max_age":604800} content-type text/css cache-control max-age=315360000 access-control-allow-credentials true cf-ray 6a0014a99bc05c02-FRA expires Thu, 31 Dec 2037 23:55:55 GMT
GET H2	200	mfv3_119975.css heidaliy.us/landings/500/ Frame BD3B	300 KB 52 KB	33ms 32ms	Stylesheet text/css	2606:4700:3031::ac43:826a CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://heidaliy.us/landings/500/mfv3_119975.css Requested by Host: srcdoc URL: about:srcdoc Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3031::ac43:826a , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 0443b37f37ad1d2d404999762a5499b1b6b4a464cf62eccd196719315098e63f Request headers Accept-Language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Response headers date Mon, 18 Oct 2021 07:33:49 GMT content-encoding br cf-cache-status HIT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} age 180313 alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400 last-modified Sat, 20 Feb 2021 11:15:53 GMT server cloudflare etag W/"6030ef69-4b1a2" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=OGvZBZ9nib8wkkVqchTBpze0vbxJ42pW%2BR5dhznT1ys4kyCP0M7l5C8Du5TkGdHoy4OIO%2F%2BWwABqmKKciRPjG3XAkz16CkY39JSo6znhcFnGY2eJYbzGRIpXHRAJtchzv2RsP%2F%2FEwWnQ1g%3D%3D"}],"group":"cf-nel","max_age":604800} content-type text/css cache-control max-age=315360000 access-control-allow-credentials true cf-ray 6a0014a99bc55c02-FRA expires Thu, 31 Dec 2037 23:55:55 GMT
GET H2	200	download.css_119975.css heidaliy.us/landings/500/ Frame BD3B	40 KB 8 KB	67ms 66ms	Stylesheet text/css	2606:4700:3031::ac43:826a CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://heidaliy.us/landings/500/download.css_119975.css Requested by Host: srcdoc URL: about:srcdoc Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3031::ac43:826a , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 65cb6c5ea87309911d570c1a71b7d45e8755c7433962b1be62f16c3960b79555 Request headers Accept-Language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Response headers date Mon, 18 Oct 2021 07:33:49 GMT content-encoding br cf-cache-status HIT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} age 180313 alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400 last-modified Sat, 20 Feb 2021 11:15:53 GMT server cloudflare etag W/"6030ef69-9f5a" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=NxXuZD1M5Bi1fzEYSv3vESKuP%2BgWoqRJFGm0mZdVpyw3k4nmgWNM4qzaee6wXgxmY1oGQhV1SmYOvsD1kuVFpv9ADVfBOyFKl73eOqs5lI77cwBb1%2FANDF49Jyx2x4qi%2F8UWJKauK41sIw%3D%3D"}],"group":"cf-nel","max_age":604800} content-type text/css cache-control max-age=315360000 access-control-allow-credentials true cf-ray 6a0014a99bc95c02-FRA expires Thu, 31 Dec 2037 23:55:55 GMT
GET H2	200	fonts.css heidaliy.us/landings/500/ Frame BD3B	9 KB 1 KB	58ms 57ms	Stylesheet text/css	2606:4700:3031::ac43:826a CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://heidaliy.us/landings/500/fonts.css Requested by Host: srcdoc URL: about:srcdoc Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3031::ac43:826a , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash ff7fb9570cbb7fc297da98e568cacd66dd4cc498340b5b59232af1fa1af80662 Request headers Accept-Language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Response headers date Mon, 18 Oct 2021 07:33:49 GMT content-encoding br cf-cache-status HIT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} age 180313 alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400 last-modified Sat, 20 Feb 2021 11:15:53 GMT server cloudflare etag W/"6030ef69-25f2" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=QYJ8uosuhhZ6Z16HyiwzNyquh%2BoPCMur3uSiFK3IKgjm4mt1WWJdofO9XKccsw1t%2BFo2lyFYuar7gPnkSJfXNWZfKBcNDioOsKPTi9gBrhwm3kH4kCkRq%2Fmu8OPSBzgOvY9Z9CbMMFWMrA%3D%3D"}],"group":"cf-nel","max_age":604800} content-type text/css cache-control max-age=315360000 access-control-allow-credentials true cf-ray 6a0014a99bcb5c02-FRA expires Thu, 31 Dec 2037 23:55:55 GMT
GET H2	200	jquery.min.js Show response ajax.googleapis.com/ajax/libs/jquery/3.3.1/ Frame BD3B	85 KB 30 KB	85ms 24ms	Script text/javascript	2a00:1450:4001:812::200a GOOGLE
General Check archive.org Show headers Download Go to Full URL https://ajax.googleapis.com/ajax/libs/jquery/3.3.1/jquery.min.js Requested by Host: srcdoc URL: about:srcdoc Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:812::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 160a426ff2894252cd7cebbdd6d6b7da8fcd319c65b70468f10b6690c45d02ef Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Response headers date Mon, 18 Oct 2021 06:16:18 GMT content-encoding gzip x-content-type-options nosniff age 4651 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 30399 x-xss-protection 0 last-modified Tue, 03 Mar 2020 19:15:00 GMT server sffe vary Accept-Encoding report-to {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]} content-type text/javascript; charset=UTF-8 access-control-allow-origin * cache-control public, max-age=31536000, stale-while-revalidate=2592000 accept-ranges bytes timing-allow-origin * cross-origin-opener-policy-report-only same-origin; report-to="hosted-libraries-pushers" expires Tue, 18 Oct 2022 06:16:18 GMT
GET H2	200	style.css heidaliy.us/landings/500/ Frame BD3B	24 KB 6 KB	30ms 29ms	Stylesheet text/css	2606:4700:3031::ac43:826a CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://heidaliy.us/landings/500/style.css Requested by Host: srcdoc URL: about:srcdoc Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3031::ac43:826a , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 1cc66b801814a3a3eacabf8647f16acde420f644d5f20681093925e534fa54f0 Request headers Accept-Language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Response headers date Mon, 18 Oct 2021 07:33:49 GMT content-encoding br cf-cache-status HIT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} age 180313 alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400 last-modified Sat, 20 Feb 2021 11:15:53 GMT server cloudflare etag W/"6030ef69-6137" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=mbqJRFcS8uUiB0TbF6qVdYCH1GilB%2B7vxe74%2BQ8C5goNpxObrDvrvFC4XsZulAEEuPH1Z%2FbR%2BQUFV7Ya1bAsrgx7MJAI0NVCdCo9%2BreWom5%2BbuKt3g1lucBeD5W7qVDSRNkujUJ%2B6XaJlQ%3D%3D"}],"group":"cf-nel","max_age":604800} content-type text/css cache-control max-age=315360000 access-control-allow-credentials true cf-ray 6a0014a99bcc5c02-FRA expires Thu, 31 Dec 2037 23:55:55 GMT
GET H2	200	jquery-3.2.1.min.js Show response heidaliy.us/landings/500/ Frame BD3B	85 KB 31 KB	67ms 67ms	Script application/javascript	2606:4700:3031::ac43:826a CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://heidaliy.us/landings/500/jquery-3.2.1.min.js Requested by Host: srcdoc URL: about:srcdoc Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3031::ac43:826a , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 87083882cc6015984eb0411a99d3981817f5dc5c90ba24f0940420c5548d82de Request headers Accept-Language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Response headers date Mon, 18 Oct 2021 07:33:49 GMT content-encoding br cf-cache-status DYNAMIC last-modified Sat, 20 Feb 2021 11:15:53 GMT server cloudflare etag W/"6030ef69-15283" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=xpBCiAa%2FNEHiPlhOoemMPb5RftyfMcIKBNQ%2BpodqffcZLiBWvtm4zEAn5mCjAwjVlOaS0cah1CrewA%2Bz1IgJYIIpTlfyO%2F3sivZeAeO2hOdDNqlK9NCPHkfI5BtxwflEuxbHnqHlYFzYVQ%3D%3D"}],"group":"cf-nel","max_age":604800} content-type application/javascript cache-control max-age=315360000 access-control-allow-credentials true cf-ray 6a0014a99bcf5c02-FRA alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400 expires Thu, 31 Dec 2037 23:55:55 GMT
GET H2	200	mf_logo_full_color.svg static.mediafire.com/images/backgrounds/header/ Frame BD3B	3 KB 2 KB	113ms 40ms	Image image/svg+xml	104.16.202.237 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://static.mediafire.com/images/backgrounds/header/mf_logo_full_color.svg Requested by Host: heidaliy.us URL: https://heidaliy.us/landings/500/mfv4_119975.css Protocol H2 Security TLS 1.3, , AES_128_GCM Server 104.16.202.237 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 8539c91ae0a82f8cab27d481ea38ac4e66d1e5b36701fe295bcba4399b9255bd Request headers Accept-Language de-DE,de;q=0.9 Referer https://heidaliy.us/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Response headers date Mon, 18 Oct 2021 07:33:49 GMT content-encoding gzip cf-cache-status HIT last-modified Fri, 28 Oct 2016 22:22:42 GMT server cloudflare age 5551 etag W/"5813cfb2-d1d" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding report-to {"group": "mediafirenel", "max_age": 86400, "include_subdomains": true, "endpoints": [{"url": "https://browser-reports.mediafire.dev/network-error"}]} content-type image/svg+xml access-control-allow-origin * nel {"report_to": "mediafirenel", "max_age": 86400, "include_subdomains": true, "failure_fraction": 0.01} cf-ray 6a0014aada712b71-FRA
GET H2	200	dl_promo_logo.png heidaliy.us/landings/500/ Frame BD3B	967 B 1 KB	31ms 30ms	Image image/png	2606:4700:3031::ac43:826a CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://heidaliy.us/landings/500/dl_promo_logo.png Requested by Host: heidaliy.us URL: https://heidaliy.us/landings/500/style.css Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3031::ac43:826a , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 867d30c31dbe68312db58a4e3a2353563eeb8fe6b8c784b200447f8858d05360 Request headers Accept-Language de-DE,de;q=0.9 Referer https://heidaliy.us/landings/500/style.css User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Response headers date Mon, 18 Oct 2021 07:33:49 GMT cf-cache-status HIT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} age 180313 alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400 content-length 967 last-modified Sat, 20 Feb 2021 11:15:53 GMT server cloudflare etag "6030ef69-3c7" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=OTsz%2BjLXWb74VVJTS2Ef90HqBMg0XMLJUSJWdWOaOlqQNV84o%2BTBA5gnTcNyiOxzTMDhgednVPJYZIHM5vR2w7H%2BVnLr45p819fv%2FOpVZHi6dt8WRFJHwR8fzXUVXAKlyiH8t3oSm6TqAA%3D%3D"}],"group":"cf-nel","max_age":604800} content-type image/png cache-control max-age=315360000 access-control-allow-credentials true accept-ranges bytes cf-ray 6a0014aa5d405c02-FRA expires Thu, 31 Dec 2037 23:55:55 GMT
GET H2	200	file-zip-v3.png static.mediafire.com/images/filetype/ Frame BD3B	2 KB 2 KB	109ms 36ms	Image image/png	104.16.202.237 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://static.mediafire.com/images/filetype/file-zip-v3.png Requested by Host: heidaliy.us URL: https://heidaliy.us/landings/500/download.css_119975.css Protocol H2 Security TLS 1.3, , AES_128_GCM Server 104.16.202.237 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 4448e430d3c53bad548a5d135e1c7e2f9593e806ba47892640d430ea752e979e Request headers Accept-Language de-DE,de;q=0.9 Referer https://heidaliy.us/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Response headers date Mon, 18 Oct 2021 07:33:49 GMT cf-cache-status HIT nel {"report_to": "mediafirenel", "max_age": 86400, "include_subdomains": true, "failure_fraction": 0.01} age 401673 content-length 1872 last-modified Fri, 11 Mar 2016 23:22:56 GMT server cloudflare etag "56e35350-750" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding report-to {"group": "mediafirenel", "max_age": 86400, "include_subdomains": true, "endpoints": [{"url": "https://browser-reports.mediafire.dev/network-error"}]} content-type image/png access-control-allow-origin * cache-control max-age=2592000 accept-ranges bytes cf-ray 6a0014aada722b71-FRA expires Fri, 12 Nov 2021 15:59:16 GMT
GET H2	200	apps_list_sprite-v3.png heidaliy.us/landings/500/ Frame BD3B	7 KB 8 KB	36ms 36ms	Image image/png	2606:4700:3031::ac43:826a CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://heidaliy.us/landings/500/apps_list_sprite-v3.png Requested by Host: heidaliy.us URL: https://heidaliy.us/landings/500/style.css Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3031::ac43:826a , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash cd65e38bb5b9e67ba3bf31761aa16143aad40c4427b42d8700d98db449e7a140 Request headers Accept-Language de-DE,de;q=0.9 Referer https://heidaliy.us/landings/500/style.css User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Response headers date Mon, 18 Oct 2021 07:33:49 GMT cf-cache-status HIT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} age 180313 alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400 content-length 7536 last-modified Sat, 20 Feb 2021 11:15:53 GMT server cloudflare etag "6030ef69-1d70" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ncwfW55BZ%2BIsbZfxcZM9IsITpft53fnZhMm0njQOzcr6YBLBtiqGBevNePXF5ilMzysq5Mxj%2FN%2F3fTiAkehhLsCW5ZC%2B8%2FPG2PJZE8zciJgK2nJaN%2F5PdLQjHBMaIkuGRnyWU%2BgGNS3tqQ%3D%3D"}],"group":"cf-nel","max_age":604800} content-type image/png cache-control max-age=315360000 access-control-allow-credentials true accept-ranges bytes cf-ray 6a0014aa5d445c02-FRA expires Thu, 31 Dec 2037 23:55:55 GMT
GET H2	200	ico30_reversed-v9.png static.mediafire.com/images/icons/ico30/ Frame BD3B	10 KB 10 KB	126ms 53ms	Image image/png	104.16.202.237 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://static.mediafire.com/images/icons/ico30/ico30_reversed-v9.png Requested by Host: heidaliy.us URL: https://heidaliy.us/landings/500/mfv4_119975.css Protocol H2 Security TLS 1.3, , AES_128_GCM Server 104.16.202.237 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash b631408bea7aff541f7bd43245ad71f824c539efe5675ef0573299b61575694d Request headers Accept-Language de-DE,de;q=0.9 Referer https://heidaliy.us/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Response headers date Mon, 18 Oct 2021 07:33:49 GMT cf-cache-status HIT nel {"report_to": "mediafirenel", "max_age": 86400, "include_subdomains": true, "failure_fraction": 0.01} age 401668 content-length 9897 last-modified Fri, 11 Mar 2016 23:22:56 GMT server cloudflare etag "56e35350-26a9" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding report-to {"group": "mediafirenel", "max_age": 86400, "include_subdomains": true, "endpoints": [{"url": "https://browser-reports.mediafire.dev/network-error"}]} content-type image/png access-control-allow-origin * cache-control max-age=2592000 accept-ranges bytes cf-ray 6a0014aada742b71-FRA expires Fri, 12 Nov 2021 15:59:21 GMT
GET H2	200	footerIcons.png static.mediafire.com/images/backgrounds/footer/social/ Frame BD3B	583 B 1 KB	100ms 28ms	Image image/png	104.16.202.237 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://static.mediafire.com/images/backgrounds/footer/social/footerIcons.png Requested by Host: heidaliy.us URL: https://heidaliy.us/landings/500/mfv4_119975.css Protocol H2 Security TLS 1.3, , AES_128_GCM Server 104.16.202.237 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash f917a9105c311331b1d40f4d2bdbf11233c1c465616c1a9c46232f451463b061 Request headers Accept-Language de-DE,de;q=0.9 Referer https://heidaliy.us/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Response headers date Mon, 18 Oct 2021 07:33:49 GMT cf-cache-status HIT nel {"report_to": "mediafirenel", "max_age": 86400, "include_subdomains": true, "failure_fraction": 0.01} age 401673 content-length 583 last-modified Fri, 11 Mar 2016 23:22:56 GMT server cloudflare etag "56e35350-247" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding report-to {"group": "mediafirenel", "max_age": 86400, "include_subdomains": true, "endpoints": [{"url": "https://browser-reports.mediafire.dev/network-error"}]} content-type image/png access-control-allow-origin * cache-control max-age=2592000 accept-ranges bytes cf-ray 6a0014aada752b71-FRA expires Fri, 12 Nov 2021 15:59:16 GMT
GET H2	200	mem5YaGs126MiZpBA-UN7rgOUuhpKKSTjw.woff2 fonts.gstatic.com/s/opensans/v15/ Frame BD3B	9 KB 9 KB	71ms 17ms	Font font/woff2	2a00:1450:4001:82b::2003 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.gstatic.com/s/opensans/v15/mem5YaGs126MiZpBA-UN7rgOUuhpKKSTjw.woff2 Requested by Host: heidaliy.us URL: https://heidaliy.us/landings/500/fonts.css Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash fe32c9921874b35b87acb0a3b558784ca7b9fed91ed34c1d2a68b6566c9d09be Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://heidaliy.us/ Origin https://maxwell.faotas.info Accept-Language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Response headers date Sun, 17 Oct 2021 12:09:31 GMT x-content-type-options nosniff age 69858 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 8800 x-xss-protection 0 last-modified Wed, 11 Oct 2017 21:49:39 GMT server sffe report-to {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]} content-type font/woff2 access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * cross-origin-opener-policy-report-only same-origin; report-to="apps-themes" expires Mon, 17 Oct 2022 12:09:31 GMT
GET H2	200	mem8YaGs126MiZpBA-UFVZ0bf8pkAg.woff2 fonts.gstatic.com/s/opensans/v15/ Frame BD3B	9 KB 9 KB	78ms 25ms	Font font/woff2	2a00:1450:4001:82b::2003 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.gstatic.com/s/opensans/v15/mem8YaGs126MiZpBA-UFVZ0bf8pkAg.woff2 Requested by Host: heidaliy.us URL: https://heidaliy.us/landings/500/fonts.css Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 8868d2a2f803ea6802d54a11564b5b96c7d8be56117a328c8f605539d6dee167 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://heidaliy.us/ Origin https://maxwell.faotas.info Accept-Language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Response headers date Sun, 17 Oct 2021 12:11:22 GMT x-content-type-options nosniff age 69747 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 8892 x-xss-protection 0 last-modified Wed, 11 Oct 2017 21:49:46 GMT server sffe report-to {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]} content-type font/woff2 access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * cross-origin-opener-policy-report-only same-origin; report-to="apps-themes" expires Mon, 17 Oct 2022 12:11:22 GMT
GET H2	200	mem5YaGs126MiZpBA-UN_r8OUuhpKKSTjw.woff2 fonts.gstatic.com/s/opensans/v15/ Frame BD3B	9 KB 9 KB	69ms 17ms	Font font/woff2	2a00:1450:4001:82b::2003 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.gstatic.com/s/opensans/v15/mem5YaGs126MiZpBA-UN_r8OUuhpKKSTjw.woff2 Requested by Host: heidaliy.us URL: https://heidaliy.us/landings/500/fonts.css Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 35a21333c81302e934ee42b7b85b2c6a731bfffb418fe52fe795cb1974186976 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://heidaliy.us/ Origin https://maxwell.faotas.info Accept-Language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Response headers date Sun, 17 Oct 2021 14:12:54 GMT x-content-type-options nosniff age 62455 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 8732 x-xss-protection 0 last-modified Wed, 11 Oct 2017 21:49:38 GMT server sffe content-type font/woff2 access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * expires Mon, 17 Oct 2022 14:12:54 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain

cdn.iofferphoto.com

URL

https://cdn.iofferphoto.com/t/1zwpS502lv0aMXJ5_ZlbJqEqkXo=/adaptive-fit-in/232x232/filters:fill(transparent)/img/item/569/382/318/XYjOlg-9s0001t-m3200c-bac_ba_safc_e-manual-by-download-mau.jpg

Domain

cdn.iofferphoto.com

URL

https://cdn.iofferphoto.com/t/1zwpS502lv0aMXJ5_ZlbJqEqkXo=/adaptive-fit-in/232x232/filters:fill(transparent)/img/item/569/382/318/XYjOlg-9s0001t-m3200c-bac_ba_safc_e-manual-by-download-mau.jpg

8 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| onbeforexrselect boolean| originAgentCluster string| q string| aXbq string| F number| a object| xhr

1 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			.mediafire.com/	1970-01-19 22:02:24	Name: __cf_bm Value: xSzEFO19fT1XyfLPyO8pnMPYQn5rcs5oAgMOpDMLvhs-1634542429-0-AR99c2dmDvNp/npbqO09upnu4Vl8ZESx2pOvWfAw2OOcumZ2MBRNEgemlXt0wqlMk6pXefWIaC/ij5SHKQCEoSs=

5 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://cdn.iofferphoto.com/t/1zwpS502lv0aMXJ5_ZlbJqEqkXo=/adaptive-fit-in/232x232/filters:fill(transparent)/img/item/569/382/318/XYjOlg-9s0001t-m3200c-bac_ba_safc_e-manual-by-download-mau.jpg Message: Failed to load resource: net::ERR_NAME_NOT_RESOLVED
network	error	URL: https://maxwell.faotas.info/fontawesome-webfont.woff2@v=4.6.3 Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://cdn.iofferphoto.com/t/1zwpS502lv0aMXJ5_ZlbJqEqkXo=/adaptive-fit-in/232x232/filters:fill(transparent)/img/item/569/382/318/XYjOlg-9s0001t-m3200c-bac_ba_safc_e-manual-by-download-mau.jpg Message: Failed to load resource: net::ERR_NAME_NOT_RESOLVED
network	error	URL: https://maxwell.faotas.info/fontawesome-webfont.woff@v=4.6.3 Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://maxwell.faotas.info/fontawesome-webfont.ttf@v=4.6.3 Message: Failed to load resource: the server responded with a status of 404 ()

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ajax.googleapis.com
cdn.iofferphoto.com
euletep.top
fonts.gstatic.com
heidaliy.us
maxwell.faotas.info
static.mediafire.com
cdn.iofferphoto.com
104.16.202.237
2606:4700:3030::ac43:b1d0
2606:4700:3031::ac43:826a
2606:4700:3033::6815:15bb
2a00:1450:4001:812::200a
2a00:1450:4001:82b::2003
0443b37f37ad1d2d404999762a5499b1b6b4a464cf62eccd196719315098e63f
0e2c2450b5f9637bac865777034058c4973f1ab2f7744d3ec416a8cd5f9371fd
160a426ff2894252cd7cebbdd6d6b7da8fcd319c65b70468f10b6690c45d02ef
1cc66b801814a3a3eacabf8647f16acde420f644d5f20681093925e534fa54f0
35a21333c81302e934ee42b7b85b2c6a731bfffb418fe52fe795cb1974186976
3ef1c4471cc3e44eee09ee6e04cf925b89fab68958cc2c154023d3133d7e21e6
4448e430d3c53bad548a5d135e1c7e2f9593e806ba47892640d430ea752e979e
65cb6c5ea87309911d570c1a71b7d45e8755c7433962b1be62f16c3960b79555
8539c91ae0a82f8cab27d481ea38ac4e66d1e5b36701fe295bcba4399b9255bd
867d30c31dbe68312db58a4e3a2353563eeb8fe6b8c784b200447f8858d05360
87083882cc6015984eb0411a99d3981817f5dc5c90ba24f0940420c5548d82de
8868d2a2f803ea6802d54a11564b5b96c7d8be56117a328c8f605539d6dee167
b631408bea7aff541f7bd43245ad71f824c539efe5675ef0573299b61575694d
cd65e38bb5b9e67ba3bf31761aa16143aad40c4427b42d8700d98db449e7a140
d994b7eaddc25e7c79eaad66768646fe3c236894ddb89b15ac1c3b5bf36d0c7a
db02f208aa5848e1a588cd76bfb180c92314bfbfb2ca5878ab003f6264de3a10
e221e4c8bc3380b0d4e4eb468cf8c54371252009f2e1c7f977ba906d9982c311
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e554fd561ef4cf53da23e6b44d7a417ee464b8f2fd87ca7b60a621e10ad825f3
f917a9105c311331b1d40f4d2bdbf11233c1c465616c1a9c46232f451463b061
fe32c9921874b35b87acb0a3b558784ca7b9fed91ed34c1d2a68b6566c9d09be
ff7fb9570cbb7fc297da98e568cacd66dd4cc498340b5b59232af1fa1af80662