urlscan.io logo urlscan.io
SecurityTrails logo

18qcq1.buzz Open in urlscan Pro
2606:4700:3031::ac43:bdec  Public Scan

Go To Rescan Add Verdict Report
URL: https://18qcq1.buzz/
Submission: On November 07 via api from US — Scanned from US
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 30 IPs in 4 countries across 33 domains to perform 142 HTTP transactions. The main IP is 2606:4700:3031::ac43:bdec, located in United States and belongs to CLOUDFLARENET, US. The main domain is 18qcq1.buzz.
TLS certificate: Issued by GTS CA 1P5 on November 7th 2023. Valid for: 3 months.
This is the only time 18qcq1.buzz was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
17 2606:4700:303... 13335 (CLOUDFLAR...)
1 2606:4700:303... 13335 (CLOUDFLAR...)
40 2606:4700:10:... 13335 (CLOUDFLAR...)
2 2606:4700:303... 13335 (CLOUDFLAR...)
1 2606:4700:10:... 13335 (CLOUDFLAR...)
4 149.56.240.131 16276 (OVH)
6 2606:4700:21:... 13335 (CLOUDFLAR...)
1 18.67.76.48 16509 (AMAZON-02)
6 3.16.223.148 16509 (AMAZON-02)
1 172.64.153.173 13335 (CLOUDFLAR...)
4 18.160.10.41 16509 (AMAZON-02)
5 67.202.105.33 32748 (STEADFAST)
1 2606:4700:20:... 13335 (CLOUDFLAR...)
2 34.239.38.30 14618 (AMAZON-AES)
1 1 141.94.171.212 16276 (OVH)
4 52.223.40.198 16509 (AMAZON-02)
16 23.12.145.135 20940 (AKAMAI-ASN1)
5 3.230.62.22 14618 (AMAZON-AES)
1 2 2620:1ec:21::14 8068 (MICROSOFT...)
2 2 44.197.9.244 14618 (AMAZON-AES)
5 6 68.67.179.87 29990 (ASN-APPNEX)
6 6 52.85.151.7 16509 (AMAZON-02)
3 3 199.38.167.130 54312 (ROCKETFUEL)
6 11 35.190.60.146 15169 (GOOGLE)
6 6 142.251.16.156 15169 (GOOGLE)
2 2 34.111.113.62 396982 (GOOGLE-CL...)
2 2 67.202.105.22 32748 (STEADFAST)
1 1 67.202.105.24 32748 (STEADFAST)
10 16 23.219.12.236 16625 (AKAMAI-AS)
1 104.18.35.167 13335 (CLOUDFLAR...)
3 3 13.249.39.110 16509 (AMAZON-02)
3 2600:9000:24f... 16509 (AMAZON-02)
2 34.86.70.109 396982 (GOOGLE-CL...)
1 2606:4700:440... 13335 (CLOUDFLAR...)
4 4 54.36.150.182 16276 (OVH)
1 2 34.117.77.79 396982 (GOOGLE-CL...)
1 18.220.85.235 16509 (AMAZON-02)
1 18.160.46.85 16509 (AMAZON-02)
1 23.54.217.184 16625 (AKAMAI-AS)
142 30
17    2606:4700:3031::ac43:bdec (United States)

ASN13335 (CLOUDFLARENET, US)
18qcq1.buzz
1    2606:4700:3033::6815:4264 (United States)

ASN13335 (CLOUDFLARENET, US)
www.wjnyapp.skin
40    2606:4700:10::ac43:8ab (United States)

ASN13335 (CLOUDFLARENET, US)
feimian.slsltutu.com
2    2606:4700:3036::ac43:a2f1 (United States)

ASN13335 (CLOUDFLARENET, US)
fnsn79.top
1    2606:4700:10::6814:81f (United States)

ASN13335 (CLOUDFLARENET, US)
s10.histats.com
4    149.56.240.131 (Montreal, Canada)

ASN16276 (OVH, FR)
PTR: ns534299.ip-149-56-240.net
s4.histats.com
6    2606:4700:21::8d65:780b (United States)

ASN13335 (CLOUDFLARENET, US)
e.dtscout.com
t.dtscout.com
1    18.67.76.48 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-67-76-48.iad89.r.cloudfront.net
get.s-onetag.com
6    3.16.223.148 (Columbus, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-16-223-148.us-east-2.compute.amazonaws.com
pd.sharethis.com
1    172.64.153.173 (United States)

ASN13335 (CLOUDFLARENET, US)
cdn.tynt.com
4    18.160.10.41 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-160-10-41.iad12.r.cloudfront.net
onetag-geo.s-onetag.com
5    67.202.105.33 (United States)

ASN32748 (STEADFAST, US)
PTR: ip33.67-202-105.static.steadfastdns.net
ic.tynt.com
de.tynt.com
1    2606:4700:20::681a:d3c (United States)

ASN13335 (CLOUDFLARENET, US)
t.dtscdn.com
2    34.239.38.30 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-239-38-30.compute-1.amazonaws.com
bcp.crwdcntrl.net
1    141.94.171.212 (France)

ASN16276 (OVH, FR)
PTR: pikafka-eu-4.cloudy.ovh
pixel.onaudience.com
4    52.223.40.198 (United States)

ASN16509 (AMAZON-02, US)
PTR: a6370ebea231e0c9a.awsglobalaccelerator.com
match.adsrvr.org
16    23.12.145.135 (Ashburn, United States)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a23-12-145-135.deploy.static.akamaitechnologies.com
t.sharethis.com
5    3.230.62.22 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-230-62-22.compute-1.amazonaws.com
ps.eyeota.net
2    2620:1ec:21::14 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
px.ads.linkedin.com
2    44.197.9.244 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-44-197-9-244.compute-1.amazonaws.com
map.go.affec.tv
6    68.67.179.87 (North Bergen, United States)

ASN29990 (ASN-APPNEX, US)
PTR: 585.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net
secure.adnxs.com
ib.adnxs.com
6    52.85.151.7 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-52-85-151-7.iad89.r.cloudfront.net
live.rezync.com
3    199.38.167.130 (United States)

ASN54312 (ROCKETFUEL, US)
p.rfihub.com
11    35.190.60.146 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 146.60.190.35.bc.googleusercontent.com
idsync.rlcdn.com
6    142.251.16.156 (United States)

ASN15169 (GOOGLE, US)
PTR: bl-in-f156.1e100.net
cm.g.doubleclick.net
2    34.111.113.62 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 62.113.111.34.bc.googleusercontent.com
pixel.tapad.com
2    67.202.105.22 (United States)

ASN32748 (STEADFAST, US)
PTR: ip22.67-202-105.static.steadfastdns.net
dp2.33across.com
1    67.202.105.24 (United States)

ASN32748 (STEADFAST, US)
PTR: ip24.67-202-105.static.steadfastdns.net
dp1.33across.com
16    23.219.12.236 (Ashburn, United States)

ASN16625 (AKAMAI-AS, US)
PTR: a23-219-12-236.deploy.static.akamaitechnologies.com
tags.bluekai.com
e.dlx.addthis.com
stags.bluekai.com
x.dlx.addthis.com
1    104.18.35.167 (None, )

ASN13335 (CLOUDFLARENET, US)
cdn-tc.33across.com
3    13.249.39.110 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-249-39-110.iad89.r.cloudfront.net
aa.agkn.com
3    2600:9000:24f3:8200:19:fc2c:a140:93a1 (United States)

ASN16509 (AMAZON-02, US)
d.agkn.com
2    34.86.70.109 (Washington, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 109.70.86.34.bc.googleusercontent.com
i.simpli.fi
1    2606:4700:4400::ac40:97ee (United States)

ASN13335 (CLOUDFLARENET, US)
idpix.media6degrees.com
4    54.36.150.182 (France)

ASN16276 (OVH, FR)
PTR: ip182.ip-54-36-150.eu
cookie-matching.mediarithmics.com
2    34.117.77.79 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 79.77.117.34.bc.googleusercontent.com
ml314.com
1    18.220.85.235 (Columbus, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-220-85-235.us-east-2.compute.amazonaws.com
sync.sharethis.com
1    18.160.46.85 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-160-46-85.iad55.r.cloudfront.net
tags.crwdcntrl.net
1    23.54.217.184 (Edison, United States)

ASN16625 (AKAMAI-AS, US)
PTR: a23-54-217-184.deploy.static.akamaitechnologies.com
tags.bkrtx.com
Apex Domain
Subdomains		 Transfer
40 slsltutu.com
feimian.slsltutu.com — Cisco Umbrella Rank: 724337
7 MB
23 sharethis.com
pd.sharethis.com — Cisco Umbrella Rank: 13053
t.sharethis.com — Cisco Umbrella Rank: 6925
sync.sharethis.com — Cisco Umbrella Rank: 3042
54 KB
17 18qcq1.buzz
18qcq1.buzz
286 KB
11 rlcdn.com
idsync.rlcdn.com — Cisco Umbrella Rank: 415
1 KB
9 addthis.com
e.dlx.addthis.com — Cisco Umbrella Rank: 2101
x.dlx.addthis.com — Cisco Umbrella Rank: 1652
6 KB
7 bluekai.com
tags.bluekai.com — Cisco Umbrella Rank: 685
stags.bluekai.com — Cisco Umbrella Rank: 921
3 KB
6 agkn.com
aa.agkn.com — Cisco Umbrella Rank: 560
d.agkn.com — Cisco Umbrella Rank: 755
4 KB
6 doubleclick.net
cm.g.doubleclick.net — Cisco Umbrella Rank: 245
1 KB
6 rezync.com
live.rezync.com — Cisco Umbrella Rank: 1922
4 KB
6 adnxs.com
secure.adnxs.com — Cisco Umbrella Rank: 495
ib.adnxs.com — Cisco Umbrella Rank: 246
5 KB
6 tynt.com
cdn.tynt.com — Cisco Umbrella Rank: 12815
ic.tynt.com — Cisco Umbrella Rank: 5525
de.tynt.com — Cisco Umbrella Rank: 1605
16 KB
6 dtscout.com
e.dtscout.com — Cisco Umbrella Rank: 16443
t.dtscout.com — Cisco Umbrella Rank: 13562
7 KB
5 eyeota.net
ps.eyeota.net — Cisco Umbrella Rank: 1148
2 KB
5 s-onetag.com
get.s-onetag.com — Cisco Umbrella Rank: 4376
onetag-geo.s-onetag.com — Cisco Umbrella Rank: 5421
14 KB
5 histats.com
s10.histats.com — Cisco Umbrella Rank: 14333
s4.histats.com — Cisco Umbrella Rank: 14235
7 KB
4 mediarithmics.com
cookie-matching.mediarithmics.com — Cisco Umbrella Rank: 4023
1 KB
4 33across.com
dp2.33across.com — Cisco Umbrella Rank: 12902
dp1.33across.com — Cisco Umbrella Rank: 8156
cdn-tc.33across.com — Cisco Umbrella Rank: 25468
2 KB
4 adsrvr.org
match.adsrvr.org — Cisco Umbrella Rank: 353
593 B
3 rfihub.com
p.rfihub.com — Cisco Umbrella Rank: 868
3 KB
3 crwdcntrl.net
bcp.crwdcntrl.net — Cisco Umbrella Rank: 887
tags.crwdcntrl.net — Cisco Umbrella Rank: 976
12 KB
2 ml314.com
ml314.com — Cisco Umbrella Rank: 1908
556 B
2 simpli.fi
i.simpli.fi — Cisco Umbrella Rank: 3693
1 KB
2 tapad.com
pixel.tapad.com — Cisco Umbrella Rank: 487
1 KB
2 affec.tv
map.go.affec.tv — Cisco Umbrella Rank: 8594
1 KB
2 linkedin.com
px.ads.linkedin.com — Cisco Umbrella Rank: 377
868 B
2 fnsn79.top
fnsn79.top
22 KB
1 bkrtx.com
tags.bkrtx.com — Cisco Umbrella Rank: 5990
16 KB
1 media6degrees.com
idpix.media6degrees.com — Cisco Umbrella Rank: 1911
577 B
1 onaudience.com
pixel.onaudience.com — Cisco Umbrella Rank: 3239
417 B
1 dtscdn.com
t.dtscdn.com — Cisco Umbrella Rank: 14519
598 B
1 wjnyapp.skin
www.wjnyapp.skin
511 KB
0 weborama.fr Failed
wam.solution.weborama.fr — Cisco Umbrella Rank: 28765 Failed
0 xn--15q617acha879f.com Failed
appsdk.xn--15q617acha879f.com Failed
142 33
Domain Requested by
40 feimian.slsltutu.com 18qcq1.buzz
17 18qcq1.buzz 18qcq1.buzz
16 t.sharethis.com pd.sharethis.com
t.sharethis.com
18qcq1.buzz
11 idsync.rlcdn.com 6 redirects 18qcq1.buzz
6 cm.g.doubleclick.net 6 redirects
6 live.rezync.com 6 redirects
6 pd.sharethis.com e.dtscout.com
18qcq1.buzz
t.sharethis.com
5 e.dlx.addthis.com 5 redirects
5 ps.eyeota.net 18qcq1.buzz
5 t.dtscout.com e.dtscout.com
4 cookie-matching.mediarithmics.com 4 redirects
4 x.dlx.addthis.com 18qcq1.buzz
4 stags.bluekai.com 4 redirects
4 secure.adnxs.com 3 redirects 18qcq1.buzz
4 de.tynt.com cdn.tynt.com
4 match.adsrvr.org 18qcq1.buzz
4 onetag-geo.s-onetag.com get.s-onetag.com
4 s4.histats.com s10.histats.com
3 d.agkn.com 18qcq1.buzz
3 aa.agkn.com 3 redirects
3 tags.bluekai.com 1 redirects de.tynt.com
tags.bkrtx.com
3 p.rfihub.com 3 redirects
2 ml314.com 1 redirects 18qcq1.buzz
2 ib.adnxs.com 2 redirects
2 i.simpli.fi 18qcq1.buzz
2 dp2.33across.com 2 redirects
2 pixel.tapad.com 2 redirects
2 map.go.affec.tv 2 redirects
2 px.ads.linkedin.com 1 redirects 18qcq1.buzz
2 bcp.crwdcntrl.net 18qcq1.buzz
tags.crwdcntrl.net
2 fnsn79.top 18qcq1.buzz
fnsn79.top
1 tags.bkrtx.com pd.sharethis.com
1 tags.crwdcntrl.net cdn-tc.33across.com
1 sync.sharethis.com 18qcq1.buzz
1 idpix.media6degrees.com 18qcq1.buzz
1 cdn-tc.33across.com de.tynt.com
1 dp1.33across.com 1 redirects
1 pixel.onaudience.com 1 redirects
1 t.dtscdn.com e.dtscout.com
1 ic.tynt.com 18qcq1.buzz
1 cdn.tynt.com e.dtscout.com
1 get.s-onetag.com e.dtscout.com
1 e.dtscout.com s4.histats.com
1 s10.histats.com 18qcq1.buzz
1 www.wjnyapp.skin 18qcq1.buzz
0 wam.solution.weborama.fr Failed 18qcq1.buzz
0 appsdk.xn--15q617acha879f.com Failed 18qcq1.buzz
142 47
Subject Issuer Validity Valid
18qcq1.buzz
GTS CA 1P5		 2023-11-07 -
2024-02-05		 3 months crt.sh
*.wjnyapp.skin
E1		 2023-09-29 -
2023-12-28		 3 months crt.sh
slsltutu.com
GTS CA 1P5		 2023-10-22 -
2024-01-20		 3 months crt.sh
*.fnsn79.top
GTS CA 1P5		 2023-09-11 -
2023-12-10		 3 months crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2023-05-13 -
2024-05-11		 a year crt.sh
histats.com
R3		 2023-08-29 -
2023-11-27		 3 months crt.sh
dtscout.com
GTS CA 1P5		 2023-09-22 -
2023-12-21		 3 months crt.sh
*.s-onetag.com
Amazon RSA 2048 M03		 2023-11-04 -
2024-12-01		 a year crt.sh
sharethis.com
Amazon RSA 2048 M02		 2023-05-22 -
2024-06-19		 a year crt.sh
*.tynt.com
Sectigo RSA Domain Validation Secure Server CA		 2023-09-05 -
2024-09-30		 a year crt.sh
dtscdn.com
GTS CA 1P5		 2023-09-17 -
2023-12-16		 3 months crt.sh
*.crwdcntrl.net
Amazon RSA 2048 M01		 2023-10-08 -
2024-11-05		 a year crt.sh
cert1-prod.aut.a24365.net
R3		 2023-11-07 -
2024-02-05		 3 months crt.sh
eyeota.net
GoGetSSL RSA DV CA		 2023-03-08 -
2024-04-07		 a year crt.sh
odc-pixel-prod-01.oracle.com
DigiCert TLS RSA SHA256 2020 CA1		 2023-02-07 -
2024-02-08		 a year crt.sh
*.33across.com
Sectigo RSA Domain Validation Secure Server CA		 2023-09-06 -
2024-09-30		 a year crt.sh
*.simpli.fi
DigiCert TLS RSA SHA256 2020 CA1		 2022-11-07 -
2023-12-08		 a year crt.sh
dstillery.com
Sectigo RSA Domain Validation Secure Server CA		 2023-04-21 -
2024-05-21		 a year crt.sh
*.adsrvr.org
GlobalSign GCC R3 DV TLS CA 2020		 2023-04-12 -
2024-05-13		 a year crt.sh
*.bkrtx.com
DigiCert TLS RSA SHA256 2020 CA1		 2023-01-18 -
2024-01-17		 a year crt.sh

This page contains 17 frames:

Primary Page: https://18qcq1.buzz/
Frame ID: 4B7AA9028DBE3EC1051E136886C6BDDD
Requests: 115 HTTP requests in this frame

Frame: https://t.dtscout.com/idg/?su=51A01699353661C9CDCDC5F7CD95A335
Frame ID: 4639D97B8798F234B5C0124C56A07F2B
Requests: 1 HTTP requests in this frame

Frame: https://t.dtscout.com/idg/?su=51A01699353661C9CDCDC5F7CD95A335
Frame ID: 5C7F7E6FF1F1CD7B90E8A73F54375245
Requests: 1 HTTP requests in this frame

Frame: https://t.dtscout.com/idg/?su=51A01699353661C9CDCDC5F7CD95A335
Frame ID: 3886ADD45185C9BA69930EAA4AAE62EA
Requests: 1 HTTP requests in this frame

Frame: https://t.dtscout.com/idg/?su=51A01699353661C9CDCDC5F7CD95A335
Frame ID: C2242540B3D1808FC9851C5530DE908A
Requests: 1 HTTP requests in this frame

Frame: https://t.sharethis.com/a/t_.htm?ver=1.1258.23363&cid=c010&cls=C
Frame ID: D757F94222CD0FDDF91ABF52D4FF1EC4
Requests: 1 HTTP requests in this frame

Frame: https://t.sharethis.com/a/t_.htm?ver=1.1258.23363&cid=c010&cls=C
Frame ID: 400950F3A963243B35232EDC9E66D990
Requests: 1 HTTP requests in this frame

Frame: https://t.sharethis.com/a/t_.htm?ver=1.1258.23363&cid=c010&cls=C
Frame ID: E86391C894BC516FFB20414A4C0582FF
Requests: 1 HTTP requests in this frame

Frame: https://tags.bluekai.com/site/27519?id=212335593757218&ret=html&random=1699353663
Frame ID: 5C4346272D3EBD2185563060085D1153
Requests: 1 HTTP requests in this frame

Frame: https://cdn-tc.33across.com/lotame-sync.html
Frame ID: E56734136D61862A09420A43BFB84FB1
Requests: 3 HTTP requests in this frame

Frame: https://t.sharethis.com/a/t_.htm?ver=1.1258.23363&cid=c010&cls=C
Frame ID: 595CEE2479503006A8965DB72B98C059
Requests: 1 HTTP requests in this frame

Frame: https://t.sharethis.com/1.1258.23363/a/US/t_.js?cid=c010&cls=C
Frame ID: C2BF944238406BFDB103E44EAC86C5C8
Requests: 7 HTTP requests in this frame

Frame: https://t.sharethis.com/1.1258.23363/a/US/t_.js?cid=c010&cls=C
Frame ID: D7A6287051DE225B8D6B3B5ACB20011A
Requests: 2 HTTP requests in this frame

Frame: https://t.sharethis.com/1.1258.23363/a/US/t_.js?cid=c010&cls=C
Frame ID: 56DC3765C4D6199C3A5DDB6A76B13431
Requests: 2 HTTP requests in this frame

Frame: https://pd.sharethis.com/pd/test_oracle
Frame ID: 3FEEDC94A3BF2B9AB821BB5D2C7F9ABC
Requests: 2 HTTP requests in this frame

Frame: https://t.sharethis.com/1.1258.23363/a/US/t_.js?cid=c010&cls=C
Frame ID: F6C97DAE200BE78986718BE70195F92B
Requests: 2 HTTP requests in this frame

Frame: https://tags.bluekai.com/site/2981?id=&google_gid=CAESEHIzjB2Q9OQJCDGnbvQimsk&google_cver=1
Frame ID: CDCDDECBE61EE7593FF0F9BFE37140E6
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

免费短视频分享大全 - 大中国-www.18qcq.top

Detected technologies

Overall confidence: 100%
Detected patterns
  • adnxs\.(?:net|com)
Overall confidence: 100%
Detected patterns
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

142
Requests

85 %
HTTPS

26 %
IPv6

33
Domains

47
Subdomains

30
IPs

4
Countries

7847 kB
Transfer

8597 kB
Size

70
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 82
  • https://pixel.onaudience.com/?partner=137085098&mapped=51A01699353661C9CDCDC5F7CD95A335 HTTP 302
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=xksw9la&ttd_tpi=1&gdpr=0
Request Chain 96
  • https://px.ads.linkedin.com/db_sync?pid=15927&puuid=CoIKSWVKFD4gTd3IBYgaAg%3D%3D&us_privacy=&_rand=1699353662561.2 HTTP 302
  • https://px.ads.linkedin.com/db_sync?pid=15927&puuid=CoIKSWVKFD4gTd3IBYgaAg%3D%3D&us_privacy=&_rand=1699353662561.2&expected_cookie=f256ea2a-2433-4b08-88d0-cad74856f201
Request Chain 97
  • https://map.go.affec.tv/map/3a/?pid=CoIKSWVKFD4gTd3IBYgaAg%3D%3D&us_privacy=&ts=1699353662561.3 HTTP 303
  • https://secure.adnxs.com/getuid?https%3A%2F%2Fmap.go.affec.tv%2Fmap%2Fan%2F%24UID%3Fch%3D654a143f78685e0001979941%26chc%3Dtt%26redirect_url%3D%26gdpr%3D%26gdpr_consent%3D&gdpr=&gdpr_consent= HTTP 307
  • https://secure.adnxs.com/bounce?%2Fgetuid%3Fhttps%253A%252F%252Fmap.go.affec.tv%252Fmap%252Fan%252F%2524UID%253Fch%253D654a143f78685e0001979941%2526chc%253Dtt%2526redirect_url%253D%2526gdpr%253D%2526gdpr_consent%253D%26gdpr%3D%26gdpr_consent%3D HTTP 302
  • https://map.go.affec.tv/map/an/4398132518819044083?ch=654a143f78685e0001979941&chc=tt&redirect_url=&gdpr=&gdpr_consent=&gdpr=&gdpr_consent= HTTP 303
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=mssm115&ttd_tpi=1&gdpr=&gdpr_consent=
Request Chain 98
  • https://live.rezync.com/sync/?c=4656c20ee35215f78e9273796625d90b&p=cab5a4722e64fa65aba8e60b6da5d556&pid=CoIKSWVKFD4gTd3IBYgaAg%3D%3D&pcat=&pdev=&pctry=US&referrer=https%3A%2F%2F18qcq1.buzz%2F&us_privacy=&cache_buster=1699353662561.4 HTTP 302
  • https://p.rfihub.com/cm?pub=39342&in=1&userid=fc8b7c5f-6c1e-4c1d-a7bc-a9d3271eb084%3A1699353663.7694445&forward=https%3A//idsync.rlcdn.com/501709.gif%3Fpartner_uid%3Dfc8b7c5f-6c1e-4c1d-a7bc-a9d3271eb084%253A1699353663.7694445%26_%3D1699353663.773328&cb=1699353663.773363 HTTP 302
  • https://live.rezync.com/pixel?c=bd8618c307ae9885a12561b7191e2cea&cid=968907271881008915&referrer={encSite}&forward=https%3A%2F%2Fidsync.rlcdn.com%2F501709.gif%3Fpartner_uid%3Dfc8b7c5f-6c1e-4c1d-a7bc-a9d3271eb084%253A1699353663.7694445%26_%3D1699353663.773328 HTTP 302
  • https://idsync.rlcdn.com/501709.gif?partner_uid=fc8b7c5f-6c1e-4c1d-a7bc-a9d3271eb084%3A1699353663.7694445&_=1699353663.773328 HTTP 307
  • https://cm.g.doubleclick.net/pixel?google_nid=epsilon&google_cm HTTP 302
  • https://idsync.rlcdn.com/362358.gif?google_gid=CAESEKnWGm5xoj3rD7gVTQ7YyQM&google_cver=1
Request Chain 99
  • https://pixel.tapad.com/idsync/ex/receive?partner_id=1388&partner_device_id=CoIKSWVKFD4gTd3IBYgaAg%3D%3D&us_privacy=&random=1699353662561.5&redirect=https%3A%2F%2Fthinkcxad.azurewebsites.net%2Fapi%2Fpixel%3Fid%3D%24%7BTA_DEVICE_ID%7D%26partner%3DTAPAD HTTP 302
  • https://pixel.tapad.com/idsync/ex/receive/check?partner_id=1388&partner_device_id=CoIKSWVKFD4gTd3IBYgaAg%3D%3D&us_privacy=&random=1699353662561.5&redirect=https%3A%2F%2Fthinkcxad.azurewebsites.net%2Fapi%2Fpixel%3Fid%3D%24%7BTA_DEVICE_ID%7D%26partner%3DTAPAD HTTP 302
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=tapad&ttd_tpi=1&ttd_puid=ef1055ed-0087-4bb8-a2c8-43cff488ba67%252Chttps%25253A%25252F%25252Fusermatch.krxd.net%25252Fum%25252Fv2%25253Fpartner%25253Dtapad%252C&gdpr=0&gdpr_consent=
Request Chain 100
  • https://dp2.33across.com/ps/?pid=1205&rand=1699353662561.6 HTTP 302
  • https://idsync.rlcdn.com/405716.gif?partner_uid=212336650252233
Request Chain 101
  • https://dp1.33across.com/ps/?pid=669&uid=CoIKSWVKFD4gTd3IBYgaAg%3D%3D&us_privacy=&random=1699353662561.7&pu=https%3A%2F%2F18qcq1.buzz%2F HTTP 302
  • https://secure.adnxs.com/mapuid?t=2&member=1001&user=212336642437333&seg_code=33x&random=1699353663 HTTP 307
  • https://secure.adnxs.com/bounce?%2Fmapuid%3Ft%3D2%26member%3D1001%26user%3D212336642437333%26seg_code%3D33x%26random%3D1699353663
Request Chain 105
  • https://dp2.33across.com/ps/?tt=iframe&pid=1198&us_privacy=&random=1699353662590.1 HTTP 302
  • https://tags.bluekai.com/site/27519?id=212335593757218&ret=html&random=1699353663
Request Chain 107
  • https://e.dlx.addthis.com/e/a-1549/s-3261?guid=wu%21&33random=1699353662590.2 HTTP 302
  • https://e.dlx.addthis.com/e/a-1549/s-3261?guid=wu%21&33random=1699353662590.2&rd=Y HTTP 302
  • https://stags.bluekai.com/site/1407?partner=1&uhint=na_id=2023110710410300010809088645&redir=https%3A%2F%2Fx.dlx.addthis.com%2Fe%2Fbk_sync.xgi%3Fna_exid%3D%24_BK_UUID HTTP 302
  • https://x.dlx.addthis.com/e/bk_sync.xgi?na_exid=AK4mvQOr99O9WDok
Request Chain 108
  • https://aa.agkn.com/adscores/rem.pixel?sid=9112301738&us_privacy=&33random=1699353662590.3 HTTP 302
  • https://d.agkn.com/pixel/6644/?che=1699353663936&sk=214950604693005264532
Request Chain 112
  • https://live.rezync.com/sync/?c=4656c20ee35215f78e9273796625d90b&p=cab5a4722e64fa65aba8e60b6da5d556&pid=CoIKSWVKFD4gTd3IBYgaAg%3D%3D&pcat=&pdev=&pctry=US&referrer=https%3A%2F%2F18qcq1.buzz%2F&us_privacy=&cache_buster=1699353662599.2 HTTP 302
  • https://p.rfihub.com/cm?pub=39342&in=1&userid=fc8b7c5f-6c1e-4c1d-a7bc-a9d3271eb084%3A1699353663.7694445&forward=https%3A//idsync.rlcdn.com/501709.gif%3Fpartner_uid%3Dfc8b7c5f-6c1e-4c1d-a7bc-a9d3271eb084%253A1699353663.7694445%26_%3D1699353663.949641&cb=1699353663.9496853 HTTP 302
  • https://live.rezync.com/pixel?c=bd8618c307ae9885a12561b7191e2cea&cid=978477420440505134&referrer={encSite}&forward=https%3A%2F%2Fidsync.rlcdn.com%2F501709.gif%3Fpartner_uid%3Dfc8b7c5f-6c1e-4c1d-a7bc-a9d3271eb084%253A1699353663.7694445%26_%3D1699353663.949641 HTTP 302
  • https://idsync.rlcdn.com/501709.gif?partner_uid=fc8b7c5f-6c1e-4c1d-a7bc-a9d3271eb084%3A1699353663.7694445&_=1699353663.949641 HTTP 307
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fidsync.rlcdn.com%2F52154.gif%3Fserved_by%3Devergreen%26partner_uid%3D%24UID HTTP 302
  • https://idsync.rlcdn.com/52154.gif?served_by=evergreen&partner_uid=3119322924083082920
Request Chain 113
  • https://e.dlx.addthis.com/e/a-1549/s-3261?guid=wu%21&33random=1699353662599.3 HTTP 302
  • https://stags.bluekai.com/site/1407?partner=1&uhint=na_id=2023110710410300013526677156&redir=https%3A%2F%2Fx.dlx.addthis.com%2Fe%2Fbk_sync.xgi%3Fna_exid%3D%24_BK_UUID HTTP 302
  • https://x.dlx.addthis.com/e/bk_sync.xgi?na_exid=AK4mvQOr99O9WDok
Request Chain 114
  • https://aa.agkn.com/adscores/rem.pixel?sid=9112301738&us_privacy=&33random=1699353662599.4 HTTP 302
  • https://d.agkn.com/pixel/6644/?che=1699353663934&sk=212530604693005262141
Request Chain 117
  • https://live.rezync.com/sync/?c=4656c20ee35215f78e9273796625d90b&p=cab5a4722e64fa65aba8e60b6da5d556&pid=CoIKSWVKFD4gTd3IBYgaAg%3D%3D&pcat=&pdev=&pctry=US&referrer=https%3A%2F%2F18qcq1.buzz%2F&us_privacy=&cache_buster=1699353662618.1 HTTP 302
  • https://p.rfihub.com/cm?pub=39342&in=1&userid=fc8b7c5f-6c1e-4c1d-a7bc-a9d3271eb084%3A1699353663.7694445&forward=https%3A//idsync.rlcdn.com/501709.gif%3Fpartner_uid%3Dfc8b7c5f-6c1e-4c1d-a7bc-a9d3271eb084%253A1699353663.7694445%26_%3D1699353664.0634372&cb=1699353664.0634778 HTTP 302
  • https://live.rezync.com/pixel?c=bd8618c307ae9885a12561b7191e2cea&cid=978477420440505142&referrer={encSite}&forward=https%3A%2F%2Fidsync.rlcdn.com%2F501709.gif%3Fpartner_uid%3Dfc8b7c5f-6c1e-4c1d-a7bc-a9d3271eb084%253A1699353663.7694445%26_%3D1699353664.0634372 HTTP 302
  • https://idsync.rlcdn.com/501709.gif?partner_uid=fc8b7c5f-6c1e-4c1d-a7bc-a9d3271eb084%3A1699353663.7694445&_=1699353664.0634372 HTTP 307
  • https://cookie-matching.mediarithmics.com/v1/get_user_agent_id?dom_token=lvr18 HTTP 303
  • https://cookie-matching.mediarithmics.com/v1/get_or_create?domid=1052 HTTP 303
  • https://cm.g.doubleclick.net/pixel?google_nid=medr&google_cm&key=GOO&action=GET_ID&opid=goo&etid=&domid=1052&ops=apx HTTP 302
  • https://cookie-matching.mediarithmics.com/input?key=GOO&key=GOO&action=GET_ID&opid=goo&etid=&domid=1052&ops=apx&google_gid=CAESEI7G-JY_oi7V9kOrp3NH53w&google_cver=1 HTTP 303
  • https://ib.adnxs.com/getuid?https://cookie-matching.mediarithmics.com/input?key=APX&apx_uid=$UID&opid=apx&ops=&utidl=tech:goo:CAESEI7G-JY_oi7V9kOrp3NH53w&action=GET_ID&etid=&domid=1052 HTTP 302
  • https://cookie-matching.mediarithmics.com/input?key=APX&apx_uid=3119322924083082920&opid=apx&ops=&utidl=tech:goo:CAESEI7G-JY_oi7V9kOrp3NH53w&action=GET_ID&etid=&domid=1052 HTTP 303
  • https://idsync.rlcdn.com/480429.gif?partner_uid=vec%3A53045019378
Request Chain 118
  • https://e.dlx.addthis.com/e/a-1549/s-3261?guid=wu%21&33random=1699353662618.2 HTTP 302
  • https://stags.bluekai.com/site/1407?partner=1&uhint=na_id=2023110710410400017298794034&redir=https%3A%2F%2Fx.dlx.addthis.com%2Fe%2Fbk_sync.xgi%3Fna_exid%3D%24_BK_UUID HTTP 302
  • https://x.dlx.addthis.com/e/bk_sync.xgi?na_exid=AK4mvQOr99O9WDok
Request Chain 119
  • https://aa.agkn.com/adscores/rem.pixel?sid=9112301738&us_privacy=&33random=1699353662618.3 HTTP 302
  • https://d.agkn.com/pixel/6644/?che=1699353663971&sk=214340604693005261028
Request Chain 121
  • https://live.rezync.com/sync/?c=4656c20ee35215f78e9273796625d90b&p=cab5a4722e64fa65aba8e60b6da5d556&pid=CoIKSWVKFD4gTd3IBYgaAg%3D%3D&pcat=&pdev=&pctry=US&referrer=https%3A%2F%2F18qcq1.buzz%2F&us_privacy=&cache_buster=1699353662618.5 HTTP 302
  • https://p.rfihub.com/cm?pub=39342&in=1&userid=fc8b7c5f-6c1e-4c1d-a7bc-a9d3271eb084%3A1699353663.7694445&forward=https%3A//idsync.rlcdn.com/501709.gif%3Fpartner_uid%3Dfc8b7c5f-6c1e-4c1d-a7bc-a9d3271eb084%253A1699353663.7694445%26_%3D1699353664.0941865&cb=1699353664.0942218 HTTP 302
  • https://live.rezync.com/pixel?c=bd8618c307ae9885a12561b7191e2cea&cid=968907271881008915&referrer={encSite}&forward=https%3A%2F%2Fidsync.rlcdn.com%2F501709.gif%3Fpartner_uid%3Dfc8b7c5f-6c1e-4c1d-a7bc-a9d3271eb084%253A1699353663.7694445%26_%3D1699353664.0941865 HTTP 302
  • https://idsync.rlcdn.com/501709.gif?partner_uid=fc8b7c5f-6c1e-4c1d-a7bc-a9d3271eb084%3A1699353663.7694445&_=1699353664.0941865 HTTP 307
  • https://wam.solution.weborama.fr/fcgi-bin/dispatch.fcgi?d.A=rd&d.k=acxiom_id&d.u=https://idsync.rlcdn.com/401726.gif?partner_uid={WEBO_CID} HTTP 302
  • https://wam.solution.weborama.fr/fcgi-bin/dispatch.fcgi?g.bo=OK&g.rn=124835&d.A=rd&d.k=acxiom_id&d.u=https://idsync.rlcdn.com/401726.gif?partner_uid={WEBO_CID}
Request Chain 122
  • https://e.dlx.addthis.com/e/a-1549/s-3261?guid=wu%21&33random=1699353662618.6 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=datalogix_dmp&google_cm&google_hm=MjAyMzExMDcxMDQxMDMwMDAxMDgwOTA4ODY0NQ%3D%3D HTTP 302
  • https://x.dlx.addthis.com/e/googlegdn_sync?na_exid=CAESEBus7u6uXOn78HIWFxz4qWs&google_cver=1
Request Chain 129
  • https://idsync.rlcdn.com/386076.gif?partner_uid=ZHEAA2VKFD4AAAAIIkdgAw%3D%3D&gdpr=0&gdpr_consent= HTTP 307
  • https://idsync.rlcdn.com/1000.gif?memo=CJzIFxIjCh8IARCAVxoYWkhFQUEyVktGRDRBQUFBSUlrZGdBdz09EAAaDQi_qKiqBhIFCOgHEABCAEoA HTTP 307
  • https://cm.g.doubleclick.net/pixel?google_nid=epsilon&google_cm HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=epsilon&google_cm=&google_tc= HTTP 302
  • https://idsync.rlcdn.com/362358.gif?google_gid=CAESEJtJESRm7czpmFTnAVuQRE8&google_cver=1
Request Chain 131
  • https://ml314.com/utsync.ashx?eid=50131&et=13&cid=lr&fp=ZHEAA2VKFD4AAAAIIkdgAw%3D%3D&gdpr=0&gdpr_consent=&return=https%3A%2F%2Fidsync.rlcdn.com%2F395886.gif%3Fpartner_uid%3D%5BPersonID%5D HTTP 302
  • https://idsync.rlcdn.com/395886.gif?partner_uid=3639766616102142000 HTTP 307
  • https://ml314.com/csync.ashx?fp=2832b07c13c254e7f8d5bde206528b3db137ebdc15f203bcc1b46a4c6b658054f4cb09cee1a4f8eb&person_id=3639766616102142000&eid=50082
Request Chain 132
  • https://tags.bluekai.com/site/59574?id=ZHEAA2VKFD4AAAAIIkdgAw%3D%3D&redir=https%3A%2F%2Fsync.sharethis.com%2Foracle%3Fuid%3D%24_BK_UUID%26BK_SWAP_DEST%3D5957 HTTP 302
  • https://sync.sharethis.com/oracle?uid=$_BK_UUID&BK_SWAP_DEST=5957
Request Chain 140
  • https://stags.bluekai.com/site/59574?ret=html&phint=id%3DZHEAA2VKFD4AAAAIIkdgAw%3D%3D&phint=__bk_k%3D&phint=__bk_pr%3Dhttps%3A%2F%2Ft.sharethis.com%2Fa%2Ft_.htm%3Fver%3D1.1258.23363%26cid%3Dc010%26cls%3DC&phint=__bk_l%3Dhttps%3A%2F%2Ft.sharethis.com%2Fa%2Ft_.htm%3Fver%3D1.1258.23363%26cid%3Dc010%26cls%3DC&phint=__bk_v%3D3.1.10&limit=5&r=9019348 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=bluekai&google_cm&google_sc&google_hm=dUk3bXYrb1E5OVlTYzZvaw%3D%3D HTTP 302
  • https://tags.bluekai.com/site/2981?id=&google_gid=CAESEHIzjB2Q9OQJCDGnbvQimsk&google_cver=1

142 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
18qcq1.buzz/ 		77 KB
14 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://18qcq1.buzz/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3031::ac43:bdec , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9caa30c9589ed1cc882ecd3964831e22607ddba966a795de1c53c0e66f45aba0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
8224f610eaf15c71-MIA
content-encoding
br
content-type
text/html; charset=utf-8
date
Tue, 07 Nov 2023 10:40:59 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=aitQwlicEIvjMTu7nWiJRW%2FCJp4l7%2F%2F%2FXptd%2FkI8CgTaQAjD%2F8LEoRVGjtfqTklcrsd1YmQMDbF45jS%2BecbZsAZc0Gy4Tjouqfa%2Ft3oQnrY2ldxDLrs1a74nuP56w6yuOg4Ph8hrAYkncA%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
home.css
18qcq1.buzz/static/css/ 		21 KB
5 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://18qcq1.buzz/static/css/home.css
Requested by
Host: 18qcq1.buzz
URL: https://18qcq1.buzz/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3031::ac43:bdec , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
14176ccce205f8d93c4e4a5ac9d5616eb7e7e98db90168b69854e4494946ed7c

Request headers

accept-language
en-US,en;q=0.9
Referer
https://18qcq1.buzz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Tue, 07 Nov 2023 10:41:00 GMT
content-encoding
br
cf-cache-status
MISS
last-modified
Tue, 24 Aug 2021 06:28:18 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
W/"61249182-5337"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=PyqJrI3y7tNa5WEtdR%2FX6%2FZfBzzkCbk06ZdcbaZO17MlMciT85WK71sQX5TYMuNTpSW5GsKcV2JApSnzkgzbGKizHLy%2FTKEKlOaGOUmPySvCMuvmGuvU4BxbRb0sfa0RTPsOxD7mBkV9Eg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=43200
cf-ray
8224f6155fbc5c71-MIA
alt-svc
h3=":443"; ma=86400
expires
Tue, 07 Nov 2023 22:41:00 GMT
jquery.js
18qcq1.buzz/template/peachb-zi/js/ 		82 KB
30 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://18qcq1.buzz/template/peachb-zi/js/jquery.js
Requested by
Host: 18qcq1.buzz
URL: https://18qcq1.buzz/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3031::ac43:bdec , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0108cf57a5359cdecc80699650b912a11731d0aeaec300d884a9d658ed96b295

Request headers

accept-language
en-US,en;q=0.9
Referer
https://18qcq1.buzz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Tue, 07 Nov 2023 10:41:00 GMT
content-encoding
br
cf-cache-status
MISS
last-modified
Wed, 18 May 2022 08:59:28 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
W/"6284b570-1497b"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Dsz0zvRJVYGa2rwOHyXby7432RnFtIf0hnYfreNk6NA5zHFqVRYG%2FCHxd9LiZaMyygz2cv6UCjLAuM1JLdSe2ozGqsxw%2FI4nEWqjkvAb51m1DUKRMhRzWhEPGkJA6%2FJic10i6dhLlGHSaQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=43200
cf-ray
8224f6155fc45c71-MIA
alt-svc
h3=":443"; ma=86400
expires
Tue, 07 Nov 2023 22:41:00 GMT
jquery.lazyload.js
18qcq1.buzz/template/peachb-zi/js/ 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://18qcq1.buzz/template/peachb-zi/js/jquery.lazyload.js
Requested by
Host: 18qcq1.buzz
URL: https://18qcq1.buzz/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3031::ac43:bdec , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
41d7c3cabe9d67ea1f1b53ae72629e9dbfae2c39042d6c1adc7a56a125190c5b

Request headers

accept-language
en-US,en;q=0.9
Referer
https://18qcq1.buzz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Tue, 07 Nov 2023 10:41:00 GMT
content-encoding
br
cf-cache-status
MISS
last-modified
Wed, 18 May 2022 08:59:28 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
W/"6284b570-11dc"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Rl6OnjxBJLCZIavGZNvieb483WHBNDFQ6habv3qA%2BluNwfFVaoRDX1IYw3wH01XDeowq5Wdo35MGX3eIbDXX5dS7kFT4XZtRu8Z9uuAslkUg2%2BgtItqf60ak1IgkeNqpVpj9R1H0cAtbRQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=43200
cf-ray
8224f6155fc75c71-MIA
alt-svc
h3=":443"; ma=86400
expires
Tue, 07 Nov 2023 22:41:00 GMT
jquery.autocomplete.js
18qcq1.buzz/static/js/ 		25 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://18qcq1.buzz/static/js/jquery.autocomplete.js
Requested by
Host: 18qcq1.buzz
URL: https://18qcq1.buzz/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3031::ac43:bdec , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0c4348f9abb00683f322c8eebea774789dc5baa6f83706f19e269149f03699e1

Request headers

accept-language
en-US,en;q=0.9
Referer
https://18qcq1.buzz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Tue, 07 Nov 2023 10:41:00 GMT
content-encoding
br
cf-cache-status
MISS
last-modified
Sun, 01 Jan 2023 15:45:14 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
W/"63b1aa8a-6215"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=5HtEq%2BgRzukZZCs9shKrqjSX64uGB56e5YKc%2FrLCTdJj4n8b8nqEM5cLSKVy%2FQk5VvP2Um5BlABiM%2BD3m3nVBhjBMKs0ZDKFmKf4qSeGBV6cUKdtxEp8jN2EDp0dSnJedaxIyDAuydr79Q%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=43200
cf-ray
8224f6155fc95c71-MIA
alt-svc
h3=":443"; ma=86400
expires
Tue, 07 Nov 2023 22:41:00 GMT
home.js
18qcq1.buzz/static/js/ 		37 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://18qcq1.buzz/static/js/home.js
Requested by
Host: 18qcq1.buzz
URL: https://18qcq1.buzz/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3031::ac43:bdec , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1a52c16e5a7fc905630d52185ca457108cb0a65a4567cf6157709c1c5eceb311

Request headers

accept-language
en-US,en;q=0.9
Referer
https://18qcq1.buzz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Tue, 07 Nov 2023 10:41:00 GMT
content-encoding
br
cf-cache-status
MISS
last-modified
Tue, 24 Aug 2021 06:28:32 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
W/"61249190-95a5"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=pXH6lfP4a2twlysJS0eP0QYxJdZ7W6h95Y1JEpZpZ3ZBUhZAMBs34f1BdYIjv0WWP0eoxRNDczRk5ACacOXasBbE3XJnDghQeBWzUWdmkrZN%2BmYW6CNRlrkK4r1w%2BocJT3c4TTYvbhYo8A%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=43200
cf-ray
8224f6155fcc5c71-MIA
alt-svc
h3=":443"; ma=86400
expires
Tue, 07 Nov 2023 22:41:00 GMT
all-responsive-metal.css
18qcq1.buzz/template/peachb-zi/css/ 		154 KB
25 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://18qcq1.buzz/template/peachb-zi/css/all-responsive-metal.css
Requested by
Host: 18qcq1.buzz
URL: https://18qcq1.buzz/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3031::ac43:bdec , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
cd92e580d9592eb65f558bf8429921296ae44d40abcad3766144c14a8638bd53

Request headers

accept-language
en-US,en;q=0.9
Referer
https://18qcq1.buzz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Tue, 07 Nov 2023 10:41:00 GMT
content-encoding
br
cf-cache-status
MISS
last-modified
Thu, 06 Jul 2023 08:37:23 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
W/"64a67d43-267ac"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=yTciWv%2FfH7g8XpjvPjcgYyaFMX08%2FV90fFyP0Ut45pSWeLH%2FFf3yfHZFQOKNjvqlOSUpi8gFI4zeW3kVLei%2B4yXC9wZxS4Z8VJVPs5opX3ZPwURc0nphz2%2B1CG554e8TA8juKmdLvqL2Aw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=43200
cf-ray
8224f6155fc15c71-MIA
alt-svc
h3=":443"; ma=86400
expires
Tue, 07 Nov 2023 22:41:00 GMT
jquery.fancybox-metal.css
18qcq1.buzz/template/peachb-zi/css/ 		5 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://18qcq1.buzz/template/peachb-zi/css/jquery.fancybox-metal.css
Requested by
Host: 18qcq1.buzz
URL: https://18qcq1.buzz/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3031::ac43:bdec , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7c2d66cf9c0890fb658c33803d422bed108a5437e9a7491a265efdfb3da1caaa

Request headers

accept-language
en-US,en;q=0.9
Referer
https://18qcq1.buzz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Tue, 07 Nov 2023 10:41:00 GMT
content-encoding
br
cf-cache-status
MISS
last-modified
Wed, 18 May 2022 08:59:28 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
W/"6284b570-14e6"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=GaaXCfdcCp00y4dWYP3VsLPhtZxO0go%2BJS%2FxH%2FwZy%2B%2BgSJBi2rpYnJvn798hgGeltIf5T48NezXxMjDxI3M6jHLIoToxXty8%2F2EFUMdqFy351tAMZVvoN3lwVZz6UZnAemKfjwi3ZW6RpA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=43200
cf-ray
8224f6155fce5c71-MIA
alt-svc
h3=":443"; ma=86400
expires
Tue, 07 Nov 2023 22:41:00 GMT
d5943860ed1143b6b08163bf61a7c323.png
18qcq1.buzz/upload/site/20231005-1/ 		7 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://18qcq1.buzz/upload/site/20231005-1/d5943860ed1143b6b08163bf61a7c323.png
Requested by
Host: 18qcq1.buzz
URL: https://18qcq1.buzz/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3031::ac43:bdec , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
86e22c4cc5ac7a4fbd60bc46a29f1ca9d2d0fda5674a888e4ff0861481bc809c

Request headers

accept-language
en-US,en;q=0.9
Referer
https://18qcq1.buzz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Tue, 07 Nov 2023 10:41:00 GMT
cf-cache-status
MISS
last-modified
Thu, 05 Oct 2023 12:44:10 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
"651eaf9a-1bd5"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=GsOdpUR2y1MXghgWI75gI5dS51Cn6qgJPqSsyrCYtgmEHAwm7PB3X1axJQgPZvrdKyJzfNWpF%2FGxQbqYLeG0eEi1K6BavQy39%2FxVX6G5HYfvG0d%2B8Az5dPRwlAJZxSujOlqycgJ3LRR4Pg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=2592000
accept-ranges
bytes
cf-ray
8224f6155fcf5c71-MIA
alt-svc
h3=":443"; ma=86400
content-length
7125
expires
Thu, 07 Dec 2023 10:41:00 GMT
4.png
www.wjnyapp.skin/template/cg/img/ 		510 KB
511 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.wjnyapp.skin/template/cg/img/4.png
Requested by
Host: 18qcq1.buzz
URL: https://18qcq1.buzz/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3033::6815:4264 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
295af394fac5c65a74597ce333328a2f8e4a20069d49b037ef74c4000f0874d2

Request headers

accept-language
en-US,en;q=0.9
Referer
https://18qcq1.buzz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Tue, 07 Nov 2023 10:40:59 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
456273
alt-svc
h3=":443"; ma=86400
content-length
522121
last-modified
Tue, 11 Jul 2023 21:35:46 GMT
server
cloudflare
etag
"64adcb32-7f789"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=nxZY9FAaWW5lQbFfq3oj5sb%2BWJWuRkyVRZWv8VsFKe51YwL8mO%2Fm7bSMcRy0GtzPjFfJM5P2EjA7uqD570%2F6RA0ajzaYgC8%2BSgkJfPIltAtMPRx9asNocVuQtWSsQcRCQ3789nlsEWFEzrQGAvMz"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=2592000
accept-ranges
bytes
cf-ray
8224f615d99731dd-MIA
expires
Sat, 02 Dec 2023 03:56:26 GMT
2dcfb91065b8766728c8eda0c2407314.jpg
feimian.slsltutu.com/upload/vod/20231006-1/ 		22 KB
23 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://feimian.slsltutu.com/upload/vod/20231006-1/2dcfb91065b8766728c8eda0c2407314.jpg
Requested by
Host: 18qcq1.buzz
URL: https://18qcq1.buzz/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:8ab , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
75e8c4ad40475521846faeaa9ce2da84a2d701629035237c611ee389e5e92787

Request headers

accept-language
en-US,en;q=0.9
Referer
https://18qcq1.buzz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Tue, 07 Nov 2023 10:41:00 GMT
cf-cache-status
HIT
age
3561
cf-polished
origSize=24391, status=webp_bigger
content-length
22730
cf-bgj
imgq:85,h2pri
last-modified
Fri, 06 Oct 2023 09:06:37 GMT
server
cloudflare
etag
"651fce1d-5f47"
vary
Accept-Encoding
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=31536000
access-control-allow-credentials
true
accept-ranges
bytes
cf-ray
8224f6173d1a2239-MIA
4572d2ab5d22facc1d661b093e548d28.jpg
feimian.slsltutu.com/upload/vod/20230501-39/ 		90 KB
90 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://feimian.slsltutu.com/upload/vod/20230501-39/4572d2ab5d22facc1d661b093e548d28.jpg
Requested by
Host: 18qcq1.buzz
URL: https://18qcq1.buzz/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:8ab , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
91f06f35f299c18e63feb7f48a8a15187a6a046aa9c0c7990263812d92c8acb1

Request headers

accept-language
en-US,en;q=0.9
Referer
https://18qcq1.buzz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Tue, 07 Nov 2023 10:41:00 GMT
cf-cache-status
MISS
last-modified
Mon, 01 May 2023 05:46:21 GMT
server
cloudflare
etag
"644f522d-16879"
vary
Accept-Encoding
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=31536000
access-control-allow-credentials
true
accept-ranges
bytes
cf-ray
8224f6176d492239-MIA
content-length
92281
134c1edf084dc01c95d2cfd605556af5.jpg
feimian.slsltutu.com/upload/vod/20230321-1/ 		39 KB
39 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://feimian.slsltutu.com/upload/vod/20230321-1/134c1edf084dc01c95d2cfd605556af5.jpg
Requested by
Host: 18qcq1.buzz
URL: https://18qcq1.buzz/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:8ab , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
14c8220302933a43fb19a6f06bfa57f3db6cbfa1eee6ec90ef85f2958c45aacd

Request headers

accept-language
en-US,en;q=0.9
Referer
https://18qcq1.buzz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Tue, 07 Nov 2023 10:41:00 GMT
cf-cache-status
HIT
age
499
cf-polished
qual=85, origFmt=jpeg, origSize=45280
content-disposition
inline; filename="134c1edf084dc01c95d2cfd605556af5.webp"
content-length
40188
cf-bgj
imgq:85,h2pri
last-modified
Tue, 21 Mar 2023 12:27:36 GMT
server
cloudflare
etag
"6419a2b8-b0e0"
vary
Accept
content-type
image/webp
access-control-allow-origin
*
cache-control
max-age=31536000
access-control-allow-credentials
true
accept-ranges
bytes
cf-ray
8224f6184dc72239-MIA
c317fcda0066c160629a302734a27db9.jpg
feimian.slsltutu.com/upload/vod/20230909-1/ 		8 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://feimian.slsltutu.com/upload/vod/20230909-1/c317fcda0066c160629a302734a27db9.jpg
Requested by
Host: 18qcq1.buzz
URL: https://18qcq1.buzz/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:8ab , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c9798c13bc762bfe6296f63f29eeb874fe4433467317af715a89362a8aa6fd8d

Request headers

accept-language
en-US,en;q=0.9
Referer
https://18qcq1.buzz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Tue, 07 Nov 2023 10:41:00 GMT
cf-cache-status
MISS
last-modified
Sat, 09 Sep 2023 05:34:10 GMT
server
cloudflare
etag
"64fc03d2-1e6d"
vary
Accept-Encoding
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=31536000
access-control-allow-credentials
true
accept-ranges
bytes
cf-ray
8224f619bf3e2239-MIA
content-length
7789
deb48c3211f469dcc70069cfbe891c38.jpg
feimian.slsltutu.com/upload/vod/20230427-40/ 		59 KB
59 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://feimian.slsltutu.com/upload/vod/20230427-40/deb48c3211f469dcc70069cfbe891c38.jpg
Requested by
Host: 18qcq1.buzz
URL: https://18qcq1.buzz/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:8ab , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
037ac84f6ab866c163970940e4937114926275b0717de5cb0343eee2ec0a8875

Request headers

accept-language
en-US,en;q=0.9
Referer
https://18qcq1.buzz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Tue, 07 Nov 2023 10:41:00 GMT
cf-cache-status
MISS
last-modified
Thu, 27 Apr 2023 06:09:28 GMT
server
cloudflare
etag
"644a1198-eaec"
vary
Accept-Encoding
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=31536000
access-control-allow-credentials
true
accept-ranges
bytes
cf-ray
8224f619bf3f2239-MIA
content-length
60140
e3fade088102e4c5d324042ac0f759da.jpg
feimian.slsltutu.com/upload/vod/20230328-36/ 		55 KB
55 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://feimian.slsltutu.com/upload/vod/20230328-36/e3fade088102e4c5d324042ac0f759da.jpg
Requested by
Host: 18qcq1.buzz
URL: https://18qcq1.buzz/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:8ab , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
daf6ba41eb48c2968f3467e6ac8015034400f26e25b55290e93274931e41dbb7

Request headers

accept-language
en-US,en;q=0.9
Referer
https://18qcq1.buzz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Tue, 07 Nov 2023 10:41:00 GMT
cf-cache-status
MISS
last-modified
Tue, 28 Mar 2023 04:06:08 GMT
server
cloudflare
etag
"642267b0-db47"
vary
Accept-Encoding
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=31536000
access-control-allow-credentials
true
accept-ranges
bytes
cf-ray
8224f619bf402239-MIA
content-length
56135
9a26d54c1a3a33c7f9f65b7f0df4efb9.jpg
feimian.slsltutu.com/upload/vod/20230720-1/ 		14 KB
14 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://feimian.slsltutu.com/upload/vod/20230720-1/9a26d54c1a3a33c7f9f65b7f0df4efb9.jpg
Requested by
Host: 18qcq1.buzz
URL: https://18qcq1.buzz/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:8ab , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5e2da28b8cbf66dd24da22088c217e3eca6c1c9aa3df24860f08486423eab008

Request headers

accept-language
en-US,en;q=0.9
Referer
https://18qcq1.buzz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Tue, 07 Nov 2023 10:41:00 GMT
cf-cache-status
MISS
last-modified
Thu, 20 Jul 2023 09:56:57 GMT
server
cloudflare
etag
"64b904e9-36db"
vary
Accept-Encoding
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=31536000
access-control-allow-credentials
true
accept-ranges
bytes
cf-ray
8224f619bf422239-MIA
content-length
14043
be40dab4ad7fd6680159bfb6bee532ee.jpg
feimian.slsltutu.com/upload/vod/20221124-1/ 		7 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://feimian.slsltutu.com/upload/vod/20221124-1/be40dab4ad7fd6680159bfb6bee532ee.jpg
Requested by
Host: 18qcq1.buzz
URL: https://18qcq1.buzz/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:8ab , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a4873887b3cf5fd4ef2d607a69de5288252384047e97cbb69bcd83876041d40a

Request headers

accept-language
en-US,en;q=0.9
Referer
https://18qcq1.buzz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Tue, 07 Nov 2023 10:41:00 GMT
cf-cache-status
MISS
last-modified
Thu, 24 Nov 2022 12:02:34 GMT
server
cloudflare
etag
"637f5d5a-1b6e"
vary
Accept-Encoding
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=31536000
access-control-allow-credentials
true
accept-ranges
bytes
cf-ray
8224f619bf432239-MIA
content-length
7022
68a7de9fc28876cfaa717b62a85818ec.jpg
feimian.slsltutu.com/upload/vod/20231105-1/ 		5 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://feimian.slsltutu.com/upload/vod/20231105-1/68a7de9fc28876cfaa717b62a85818ec.jpg
Requested by
Host: 18qcq1.buzz
URL: https://18qcq1.buzz/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:8ab , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b9a79b10778abea396c4c8641cf8a7f8d1ad4e2dee3060a487abce6be9469313

Request headers

accept-language
en-US,en;q=0.9
Referer
https://18qcq1.buzz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Tue, 07 Nov 2023 10:41:00 GMT
cf-cache-status
REVALIDATED
cf-polished
qual=85, origFmt=jpeg, origSize=6522
content-disposition
inline; filename="68a7de9fc28876cfaa717b62a85818ec.webp"
content-length
5412
cf-bgj
imgq:85,h2pri
last-modified
Sun, 05 Nov 2023 04:05:49 GMT
server
cloudflare
etag
"6547149d-197a"
vary
Accept
content-type
image/webp
access-control-allow-origin
*
cache-control
max-age=31536000
access-control-allow-credentials
true
accept-ranges
bytes
cf-ray
8224f619bf442239-MIA
ad537e0b161eef018f1d26d7f6fe2fcf.jpg
feimian.slsltutu.com/upload/vod/20231105-1/ 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://feimian.slsltutu.com/upload/vod/20231105-1/ad537e0b161eef018f1d26d7f6fe2fcf.jpg
Requested by
Host: 18qcq1.buzz
URL: https://18qcq1.buzz/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:8ab , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d1125d968e40b5a16077801d01a714da16bef37b38097239672d1f3dc4ab94a2

Request headers

accept-language
en-US,en;q=0.9
Referer
https://18qcq1.buzz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Tue, 07 Nov 2023 10:41:00 GMT
cf-cache-status
HIT
age
3088
cf-polished
qual=85, origFmt=jpeg, origSize=6602
content-disposition
inline; filename="ad537e0b161eef018f1d26d7f6fe2fcf.webp"
content-length
4330
cf-bgj
imgq:85,h2pri
last-modified
Sun, 05 Nov 2023 04:05:49 GMT
server
cloudflare
etag
"6547149d-19ca"
vary
Accept
content-type
image/webp
access-control-allow-origin
*
cache-control
max-age=31536000
access-control-allow-credentials
true
accept-ranges
bytes
cf-ray
8224f619bf452239-MIA
93db2f00e18408fd1f1a1d915fb8ed55.jpg
feimian.slsltutu.com/upload/vod/20231105-1/ 		8 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://feimian.slsltutu.com/upload/vod/20231105-1/93db2f00e18408fd1f1a1d915fb8ed55.jpg
Requested by
Host: 18qcq1.buzz
URL: https://18qcq1.buzz/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:8ab , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9d966ef9f526d6c3ffc9f8ea780fb2c83b48f5d867ef1c544b8aa18e3638a6ef

Request headers

accept-language
en-US,en;q=0.9
Referer
https://18qcq1.buzz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Tue, 07 Nov 2023 10:41:00 GMT
cf-cache-status
REVALIDATED
cf-polished
qual=85, origFmt=jpeg, origSize=9447
content-disposition
inline; filename="93db2f00e18408fd1f1a1d915fb8ed55.webp"
content-length
8450
cf-bgj
imgq:85,h2pri
last-modified
Sun, 05 Nov 2023 04:05:49 GMT
server
cloudflare
etag
"6547149d-24e7"
vary
Accept
content-type
image/webp
access-control-allow-origin
*
cache-control
max-age=31536000
access-control-allow-credentials
true
accept-ranges
bytes
cf-ray
8224f619bf462239-MIA
49f65352810b5384ed8838cc6a52c0a6.jpg
feimian.slsltutu.com/upload/vod/20231105-1/ 		6 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://feimian.slsltutu.com/upload/vod/20231105-1/49f65352810b5384ed8838cc6a52c0a6.jpg
Requested by
Host: 18qcq1.buzz
URL: https://18qcq1.buzz/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:8ab , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
58da8aba46f35759ce60d691deeebfab532f42c93c3f9c67c062afc371319c3e

Request headers

accept-language
en-US,en;q=0.9
Referer
https://18qcq1.buzz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Tue, 07 Nov 2023 10:41:00 GMT
cf-cache-status
REVALIDATED
cf-polished
qual=85, origFmt=jpeg, origSize=6824
content-disposition
inline; filename="49f65352810b5384ed8838cc6a52c0a6.webp"
content-length
5864
cf-bgj
imgq:85,h2pri
last-modified
Sun, 05 Nov 2023 04:05:53 GMT
server
cloudflare
etag
"654714a1-1aa8"
vary
Accept
content-type
image/webp
access-control-allow-origin
*
cache-control
max-age=31536000
access-control-allow-credentials
true
accept-ranges
bytes
cf-ray
8224f619bf472239-MIA
23d9f94c97deb81d160912e94e27d57d.jpg
feimian.slsltutu.com/upload/vod/20231105-1/ 		9 KB
9 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://feimian.slsltutu.com/upload/vod/20231105-1/23d9f94c97deb81d160912e94e27d57d.jpg
Requested by
Host: 18qcq1.buzz
URL: https://18qcq1.buzz/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:8ab , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a540f482305b2196f6e0a0e77a35bd19cd33b5d049c104ee34531e8ec4394896

Request headers

accept-language
en-US,en;q=0.9
Referer
https://18qcq1.buzz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Tue, 07 Nov 2023 10:41:00 GMT
cf-cache-status
HIT
age
3088
cf-polished
qual=85, origFmt=jpeg, origSize=9765
content-disposition
inline; filename="23d9f94c97deb81d160912e94e27d57d.webp"
content-length
8922
cf-bgj
imgq:85,h2pri
last-modified
Sun, 05 Nov 2023 04:05:57 GMT
server
cloudflare
etag
"654714a5-2625"
vary
Accept
content-type
image/webp
access-control-allow-origin
*
cache-control
max-age=31536000
access-control-allow-credentials
true
accept-ranges
bytes
cf-ray
8224f619bf482239-MIA
91b7c52d5fcbf2e34fec99036eb9803c.jpg
feimian.slsltutu.com/upload/vod/20231105-1/ 		10 KB
10 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://feimian.slsltutu.com/upload/vod/20231105-1/91b7c52d5fcbf2e34fec99036eb9803c.jpg
Requested by
Host: 18qcq1.buzz
URL: https://18qcq1.buzz/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:8ab , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
13f0dcd080e53f24dd41db407b725e87d936da21ef2babd0fd4b546b6abe8bf2

Request headers

accept-language
en-US,en;q=0.9
Referer
https://18qcq1.buzz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Tue, 07 Nov 2023 10:41:00 GMT
cf-cache-status
REVALIDATED
cf-polished
qual=85, origFmt=jpeg, origSize=10760
content-disposition
inline; filename="91b7c52d5fcbf2e34fec99036eb9803c.webp"
content-length
9958
cf-bgj
imgq:85,h2pri
last-modified
Sun, 05 Nov 2023 04:05:57 GMT
server
cloudflare
etag
"654714a5-2a08"
vary
Accept
content-type
image/webp
access-control-allow-origin
*
cache-control
max-age=31536000
access-control-allow-credentials
true
accept-ranges
bytes
cf-ray
8224f619ef562239-MIA
f09e4788095a0563997f54460044624d.jpg
feimian.slsltutu.com/upload/vod/20231105-1/ 		6 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://feimian.slsltutu.com/upload/vod/20231105-1/f09e4788095a0563997f54460044624d.jpg
Requested by
Host: 18qcq1.buzz
URL: https://18qcq1.buzz/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:8ab , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
00487734495dbe4b2ba7320ce49183e8581d1c3729aa08c9a1daa1adc394b05f

Request headers

accept-language
en-US,en;q=0.9
Referer
https://18qcq1.buzz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Tue, 07 Nov 2023 10:41:00 GMT
cf-cache-status
HIT
age
3088
cf-polished
qual=85, origFmt=jpeg, origSize=7407
content-disposition
inline; filename="f09e4788095a0563997f54460044624d.webp"
content-length
6034
cf-bgj
imgq:85,h2pri
last-modified
Sun, 05 Nov 2023 04:05:57 GMT
server
cloudflare
etag
"654714a5-1cef"
vary
Accept
content-type
image/webp
access-control-allow-origin
*
cache-control
max-age=31536000
access-control-allow-credentials
true
accept-ranges
bytes
cf-ray
8224f619ef572239-MIA
e3db68d4b1309f569d449c099204f54a.jpg
feimian.slsltutu.com/upload/vod/20231105-1/ 		10 KB
10 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://feimian.slsltutu.com/upload/vod/20231105-1/e3db68d4b1309f569d449c099204f54a.jpg
Requested by
Host: 18qcq1.buzz
URL: https://18qcq1.buzz/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:8ab , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
98a982ac738d440fab44db00a9ec58128dbc54cf068812751044085abb78e53c

Request headers

accept-language
en-US,en;q=0.9
Referer
https://18qcq1.buzz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Tue, 07 Nov 2023 10:41:00 GMT
cf-cache-status
REVALIDATED
cf-bgj
imgq:85,h2pri
last-modified
Sun, 05 Nov 2023 04:05:57 GMT
server
cloudflare
cf-polished
origSize=10805, status=webp_bigger
etag
"654714a5-2a35"
vary
Accept-Encoding
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=31536000
access-control-allow-credentials
true
accept-ranges
bytes
cf-ray
8224f619ef582239-MIA
content-length
10256
ec9c63fe04903716a4dc3509f2f263bf.jpg
feimian.slsltutu.com/upload/vod/20231105-1/ 		426 KB
427 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://feimian.slsltutu.com/upload/vod/20231105-1/ec9c63fe04903716a4dc3509f2f263bf.jpg
Requested by
Host: 18qcq1.buzz
URL: https://18qcq1.buzz/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:8ab , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7451bcb85fe350b4af3a5a5587e53a14fe6cef9f9739a16fb53ee8d22e8fe1c2

Request headers

accept-language
en-US,en;q=0.9
Referer
https://18qcq1.buzz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Tue, 07 Nov 2023 10:41:00 GMT
cf-cache-status
REVALIDATED
cf-polished
qual=85, origFmt=jpeg, origSize=697333
content-disposition
inline; filename="ec9c63fe04903716a4dc3509f2f263bf.webp"
content-length
436214
cf-bgj
imgq:85,h2pri
last-modified
Sun, 05 Nov 2023 04:06:18 GMT
server
cloudflare
etag
"654714ba-aa3f5"
vary
Accept
content-type
image/webp
access-control-allow-origin
*
cache-control
max-age=31536000
access-control-allow-credentials
true
accept-ranges
bytes
cf-ray
8224f619ef5a2239-MIA
00a2bbe51de44c2f297bda0c75d7f0a6.jpg
feimian.slsltutu.com/upload/vod/20231105-1/ 		953 KB
954 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://feimian.slsltutu.com/upload/vod/20231105-1/00a2bbe51de44c2f297bda0c75d7f0a6.jpg
Requested by
Host: 18qcq1.buzz
URL: https://18qcq1.buzz/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:8ab , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
bc8e75f01fc474f00e295dfca534f09a305ad3ac1a27b28378bcff8fd735db94

Request headers

accept-language
en-US,en;q=0.9
Referer
https://18qcq1.buzz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Tue, 07 Nov 2023 10:41:00 GMT
cf-cache-status
HIT
age
6077
cf-polished
qual=85, origFmt=jpeg, origSize=1170521
content-disposition
inline; filename="00a2bbe51de44c2f297bda0c75d7f0a6.webp"
content-length
975678
cf-bgj
imgq:85,h2pri
last-modified
Sun, 05 Nov 2023 04:06:18 GMT
server
cloudflare
etag
"654714ba-11dc59"
vary
Accept
content-type
image/webp
access-control-allow-origin
*
cache-control
max-age=31536000
access-control-allow-credentials
true
accept-ranges
bytes
cf-ray
8224f619ef5b2239-MIA
338f356e1ceaad26762f7e0087725150.jpg
feimian.slsltutu.com/upload/vod/20231105-1/ 		2 MB
2 MB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://feimian.slsltutu.com/upload/vod/20231105-1/338f356e1ceaad26762f7e0087725150.jpg
Requested by
Host: 18qcq1.buzz
URL: https://18qcq1.buzz/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:8ab , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8cf4354910cdf4ec054ff186fa1450cc062d72d3232cc847b8702083953a4b32

Request headers

accept-language
en-US,en;q=0.9
Referer
https://18qcq1.buzz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Tue, 07 Nov 2023 10:41:00 GMT
cf-cache-status
HIT
age
5929
cf-polished
qual=85, origFmt=jpeg, origSize=2332191
content-disposition
inline; filename="338f356e1ceaad26762f7e0087725150.webp"
content-length
2120042
cf-bgj
imgq:85,h2pri
last-modified
Sun, 05 Nov 2023 04:06:18 GMT
server
cloudflare
etag
"654714ba-23961f"
vary
Accept
content-type
image/webp
access-control-allow-origin
*
cache-control
max-age=31536000
access-control-allow-credentials
true
accept-ranges
bytes
cf-ray
8224f619ef5c2239-MIA
3df4629d91f00b1501e9e9d3adbf8c5a.jpg
feimian.slsltutu.com/upload/vod/20231105-1/ 		436 KB
437 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://feimian.slsltutu.com/upload/vod/20231105-1/3df4629d91f00b1501e9e9d3adbf8c5a.jpg
Requested by
Host: 18qcq1.buzz
URL: https://18qcq1.buzz/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:8ab , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1b9137651eb025430c3507564ab18d199e1df704a123f673579a7795cbc19a50

Request headers

accept-language
en-US,en;q=0.9
Referer
https://18qcq1.buzz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Tue, 07 Nov 2023 10:41:00 GMT
cf-cache-status
REVALIDATED
cf-polished
qual=85, origFmt=jpeg, origSize=3891663
content-disposition
inline; filename="3df4629d91f00b1501e9e9d3adbf8c5a.webp"
content-length
446814
cf-bgj
imgq:85,h2pri
last-modified
Sun, 05 Nov 2023 04:06:18 GMT
server
cloudflare
etag
"654714ba-3b61cf"
vary
Accept
content-type
image/webp
access-control-allow-origin
*
cache-control
max-age=31536000
access-control-allow-credentials
true
accept-ranges
bytes
cf-ray
8224f619ef5d2239-MIA
bec268706b7ff4c7217710c6bee59d34.jpg
feimian.slsltutu.com/upload/vod/20231105-1/ 		1 MB
1 MB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://feimian.slsltutu.com/upload/vod/20231105-1/bec268706b7ff4c7217710c6bee59d34.jpg
Requested by
Host: 18qcq1.buzz
URL: https://18qcq1.buzz/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:8ab , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6b442892c5b94c6abfbbad22dd3a5a44bb2695b96fb7559de75e6cdf501cf32e

Request headers

accept-language
en-US,en;q=0.9
Referer
https://18qcq1.buzz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Tue, 07 Nov 2023 10:41:00 GMT
cf-cache-status
HIT
age
5425
cf-polished
origSize=1361133, status=webp_bigger
content-length
1284619
cf-bgj
imgq:85,h2pri
last-modified
Sun, 05 Nov 2023 04:06:18 GMT
server
cloudflare
etag
"654714ba-14c4ed"
vary
Accept-Encoding
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=31536000
access-control-allow-credentials
true
accept-ranges
bytes
cf-ray
8224f619ef5e2239-MIA
2ebb5139c71a61573ed7cbab642d5285.jpg
feimian.slsltutu.com/upload/vod/20231105-1/ 		123 KB
124 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://feimian.slsltutu.com/upload/vod/20231105-1/2ebb5139c71a61573ed7cbab642d5285.jpg
Requested by
Host: 18qcq1.buzz
URL: https://18qcq1.buzz/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:8ab , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
587a21383e237984e2eafb93c3db42e9bdaff178b16987dcb2205dbc6e60c814

Request headers

accept-language
en-US,en;q=0.9
Referer
https://18qcq1.buzz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Tue, 07 Nov 2023 10:41:00 GMT
cf-cache-status
REVALIDATED
cf-polished
qual=85, origFmt=jpeg, origSize=174572
content-disposition
inline; filename="2ebb5139c71a61573ed7cbab642d5285.webp"
content-length
126398
cf-bgj
imgq:85,h2pri
last-modified
Sun, 05 Nov 2023 04:05:23 GMT
server
cloudflare
etag
"65471483-2a9ec"
vary
Accept
content-type
image/webp
access-control-allow-origin
*
cache-control
max-age=31536000
access-control-allow-credentials
true
accept-ranges
bytes
cf-ray
8224f619ef5f2239-MIA
25660b1d277f1bfccae306e0454fdb15.jpg
feimian.slsltutu.com/upload/vod/20231105-1/ 		551 KB
552 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://feimian.slsltutu.com/upload/vod/20231105-1/25660b1d277f1bfccae306e0454fdb15.jpg
Requested by
Host: 18qcq1.buzz
URL: https://18qcq1.buzz/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:8ab , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
38c951ad388a453b12540db7ad8b18fc3b2046a08b66df2b34165e20775d3be4

Request headers

accept-language
en-US,en;q=0.9
Referer
https://18qcq1.buzz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Tue, 07 Nov 2023 10:41:00 GMT
cf-cache-status
REVALIDATED
cf-polished
qual=85, origFmt=jpeg, origSize=990828
content-disposition
inline; filename="25660b1d277f1bfccae306e0454fdb15.webp"
content-length
564252
cf-bgj
imgq:85,h2pri
last-modified
Sun, 05 Nov 2023 04:05:28 GMT
server
cloudflare
etag
"65471488-f1e6c"
vary
Accept
content-type
image/webp
access-control-allow-origin
*
cache-control
max-age=31536000
access-control-allow-credentials
true
accept-ranges
bytes
cf-ray
8224f619ef612239-MIA
c2b611b5817cfd086e9344db9212f5e3.jpg
feimian.slsltutu.com/upload/vod/20231105-1/ 		154 KB
154 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://feimian.slsltutu.com/upload/vod/20231105-1/c2b611b5817cfd086e9344db9212f5e3.jpg
Requested by
Host: 18qcq1.buzz
URL: https://18qcq1.buzz/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:8ab , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c520a5a400b6b68f5760b98d480e9468a52969423e64157d83f8f87a48f6fe75

Request headers

accept-language
en-US,en;q=0.9
Referer
https://18qcq1.buzz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Tue, 07 Nov 2023 10:41:00 GMT
cf-cache-status
MISS
last-modified
Sun, 05 Nov 2023 04:05:33 GMT
server
cloudflare
etag
"6547148d-26835"
vary
Accept-Encoding
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=31536000
access-control-allow-credentials
true
accept-ranges
bytes
cf-ray
8224f619ef622239-MIA
content-length
157749
56b3ec70cb2b14023f466fe3ca0d07de.jpg
feimian.slsltutu.com/upload/vod/20231105-1/ 		15 KB
16 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://feimian.slsltutu.com/upload/vod/20231105-1/56b3ec70cb2b14023f466fe3ca0d07de.jpg
Requested by
Host: 18qcq1.buzz
URL: https://18qcq1.buzz/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:8ab , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
91bc429d2263c6eee103a022eafb547295f08b9c7bafdbd20769c65246a7e1b7

Request headers

accept-language
en-US,en;q=0.9
Referer
https://18qcq1.buzz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Tue, 07 Nov 2023 10:41:00 GMT
cf-cache-status
REVALIDATED
cf-bgj
imgq:85,h2pri
last-modified
Sun, 05 Nov 2023 04:05:23 GMT
server
cloudflare
cf-polished
origSize=16634, status=webp_bigger
etag
"65471483-40fa"
vary
Accept-Encoding
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=31536000
access-control-allow-credentials
true
accept-ranges
bytes
cf-ray
8224f619ef642239-MIA
content-length
15816
a7d079774a7e7ac2928a643008c5ee55.jpg
feimian.slsltutu.com/upload/vod/20231105-1/ 		5 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://feimian.slsltutu.com/upload/vod/20231105-1/a7d079774a7e7ac2928a643008c5ee55.jpg
Requested by
Host: 18qcq1.buzz
URL: https://18qcq1.buzz/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:8ab , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5c556509f6fe7cbd41467c8f401ca3607725815aa0fbda4a966104242ab7dfbf

Request headers

accept-language
en-US,en;q=0.9
Referer
https://18qcq1.buzz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Tue, 07 Nov 2023 10:41:00 GMT
cf-cache-status
REVALIDATED
cf-polished
qual=85, origFmt=jpeg, origSize=7653
content-disposition
inline; filename="a7d079774a7e7ac2928a643008c5ee55.webp"
content-length
4984
cf-bgj
imgq:85,h2pri
last-modified
Sun, 05 Nov 2023 04:05:23 GMT
server
cloudflare
etag
"65471483-1de5"
vary
Accept
content-type
image/webp
access-control-allow-origin
*
cache-control
max-age=31536000
access-control-allow-credentials
true
accept-ranges
bytes
cf-ray
8224f619ef652239-MIA
3d83f0e5b959beb682029c22ddb0675c.jpg
feimian.slsltutu.com/upload/vod/20231105-1/ 		124 KB
125 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://feimian.slsltutu.com/upload/vod/20231105-1/3d83f0e5b959beb682029c22ddb0675c.jpg
Requested by
Host: 18qcq1.buzz
URL: https://18qcq1.buzz/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:8ab , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
655d19500ac8384ab21e0eadcfb2510efa791a1e26f96b74044e0155c7fcdc36

Request headers

accept-language
en-US,en;q=0.9
Referer
https://18qcq1.buzz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Tue, 07 Nov 2023 10:41:00 GMT
cf-cache-status
REVALIDATED
cf-polished
qual=85, origFmt=jpeg, origSize=178749
content-disposition
inline; filename="3d83f0e5b959beb682029c22ddb0675c.webp"
content-length
127414
cf-bgj
imgq:85,h2pri
last-modified
Sun, 05 Nov 2023 04:05:23 GMT
server
cloudflare
etag
"65471483-2ba3d"
vary
Accept
content-type
image/webp
access-control-allow-origin
*
cache-control
max-age=31536000
access-control-allow-credentials
true
accept-ranges
bytes
cf-ray
8224f619ef662239-MIA
e02c3e54771bb095cf9ec74b42377a23.jpg
feimian.slsltutu.com/upload/vod/20231105-1/ 		11 KB
11 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://feimian.slsltutu.com/upload/vod/20231105-1/e02c3e54771bb095cf9ec74b42377a23.jpg
Requested by
Host: 18qcq1.buzz
URL: https://18qcq1.buzz/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:8ab , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9f81074a4204b7d7b208fa45a4354d0af713ad783e5c9607fc254da54ff6d14d

Request headers

accept-language
en-US,en;q=0.9
Referer
https://18qcq1.buzz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Tue, 07 Nov 2023 10:41:00 GMT
cf-cache-status
REVALIDATED
cf-polished
qual=85, origFmt=jpeg, origSize=12859
content-disposition
inline; filename="e02c3e54771bb095cf9ec74b42377a23.webp"
content-length
11230
cf-bgj
imgq:85,h2pri
last-modified
Sun, 05 Nov 2023 04:05:23 GMT
server
cloudflare
etag
"65471483-323b"
vary
Accept
content-type
image/webp
access-control-allow-origin
*
cache-control
max-age=31536000
access-control-allow-credentials
true
accept-ranges
bytes
cf-ray
8224f619ef672239-MIA
e5ad00b001b339f0ae6646a9b8ebfa9e.jpg
feimian.slsltutu.com/upload/vod/20231105-1/ 		109 KB
109 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://feimian.slsltutu.com/upload/vod/20231105-1/e5ad00b001b339f0ae6646a9b8ebfa9e.jpg
Requested by
Host: 18qcq1.buzz
URL: https://18qcq1.buzz/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:8ab , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
14ab1ca7dbc14f62d3e649fd7e39589d8834ffee956a7f3d9de2d054846de9ea

Request headers

accept-language
en-US,en;q=0.9
Referer
https://18qcq1.buzz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Tue, 07 Nov 2023 10:41:00 GMT
cf-cache-status
REVALIDATED
cf-polished
qual=85, origFmt=jpeg, origSize=159266
content-disposition
inline; filename="e5ad00b001b339f0ae6646a9b8ebfa9e.webp"
content-length
111540
cf-bgj
imgq:85,h2pri
last-modified
Sun, 05 Nov 2023 04:05:23 GMT
server
cloudflare
etag
"65471483-26e22"
vary
Accept
content-type
image/webp
access-control-allow-origin
*
cache-control
max-age=31536000
access-control-allow-credentials
true
accept-ranges
bytes
cf-ray
8224f619ef682239-MIA
f34292562e8b32a76e08f85787099873.jpg
feimian.slsltutu.com/upload/vod/20231105-1/ 		5 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://feimian.slsltutu.com/upload/vod/20231105-1/f34292562e8b32a76e08f85787099873.jpg
Requested by
Host: 18qcq1.buzz
URL: https://18qcq1.buzz/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:8ab , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f0dc02f222d776ef6bb9c8e214f3aaa63c33518d85737f00257f91b00da5f43f

Request headers

accept-language
en-US,en;q=0.9
Referer
https://18qcq1.buzz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Tue, 07 Nov 2023 10:41:00 GMT
cf-cache-status
REVALIDATED
cf-polished
qual=85, origFmt=jpeg, origSize=8085
content-disposition
inline; filename="f34292562e8b32a76e08f85787099873.webp"
content-length
5130
cf-bgj
imgq:85,h2pri
last-modified
Sun, 05 Nov 2023 04:05:27 GMT
server
cloudflare
etag
"65471487-1f95"
vary
Accept
content-type
image/webp
access-control-allow-origin
*
cache-control
max-age=31536000
access-control-allow-credentials
true
accept-ranges
bytes
cf-ray
8224f619ef692239-MIA
afd2fca29945c05b6d370375c3476924.jpg
feimian.slsltutu.com/upload/vod/20231105-1/ 		5 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://feimian.slsltutu.com/upload/vod/20231105-1/afd2fca29945c05b6d370375c3476924.jpg
Requested by
Host: 18qcq1.buzz
URL: https://18qcq1.buzz/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:8ab , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
425d372553715d4670dcbb59674b4a09a56c61b5f5071ec189f21f284875fbd1

Request headers

accept-language
en-US,en;q=0.9
Referer
https://18qcq1.buzz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Tue, 07 Nov 2023 10:41:00 GMT
cf-cache-status
REVALIDATED
cf-polished
qual=85, origFmt=jpeg, origSize=6986
content-disposition
inline; filename="afd2fca29945c05b6d370375c3476924.webp"
content-length
4858
cf-bgj
imgq:85,h2pri
last-modified
Sun, 05 Nov 2023 04:05:27 GMT
server
cloudflare
etag
"65471487-1b4a"
vary
Accept
content-type
image/webp
access-control-allow-origin
*
cache-control
max-age=31536000
access-control-allow-credentials
true
accept-ranges
bytes
cf-ray
8224f619ef6b2239-MIA
f7845c9a626574777f0878c12cad9f84.jpg
feimian.slsltutu.com/upload/vod/20231105-1/ 		7 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://feimian.slsltutu.com/upload/vod/20231105-1/f7845c9a626574777f0878c12cad9f84.jpg
Requested by
Host: 18qcq1.buzz
URL: https://18qcq1.buzz/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:8ab , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
338d7f35ac3e99b9fae6f1bda878ea46d02ac89d90c110889181cf413231bb5c

Request headers

accept-language
en-US,en;q=0.9
Referer
https://18qcq1.buzz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Tue, 07 Nov 2023 10:41:00 GMT
cf-cache-status
MISS
last-modified
Sun, 05 Nov 2023 04:05:27 GMT
server
cloudflare
etag
"65471487-1c4e"
vary
Accept-Encoding
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=31536000
access-control-allow-credentials
true
accept-ranges
bytes
cf-ray
8224f619ef6c2239-MIA
content-length
7246
email-decode.min.js
18qcq1.buzz/cdn-cgi/scripts/5c5dd728/cloudflare-static/ 		1 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://18qcq1.buzz/cdn-cgi/scripts/5c5dd728/cloudflare-static/email-decode.min.js
Requested by
Host: 18qcq1.buzz
URL: https://18qcq1.buzz/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3031::ac43:bdec , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2595496fe48df6fcf9b1bc57c29a744c121eb4dd11566466bc13d2e52e6bbcc8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

accept-language
en-US,en;q=0.9
Referer
https://18qcq1.buzz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Tue, 07 Nov 2023 10:41:00 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Fri, 27 Oct 2023 14:30:26 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
W/"653bc982-4d7"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=OKoHqKwa8cBcdPSr11rH6LEUFsLb%2FyOvGYlYbyo1q0IYcougq9hfOLZmAmpzauiP8iNTxHNbYrG8LqiNb00TFrF15QeZtwXK7Qs7MAtsA8hWoF48pSfPwulHKHld7AHo%2BNUplIE7ivMnoA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
x-frame-options
DENY
cache-control
max-age=172800, public
cf-ray
8224f618889e0345-MIA
expires
Thu, 09 Nov 2023 10:41:00 GMT
main.min.js
18qcq1.buzz/template/peachb-zi/js/ 		356 KB
96 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://18qcq1.buzz/template/peachb-zi/js/main.min.js
Requested by
Host: 18qcq1.buzz
URL: https://18qcq1.buzz/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3031::ac43:bdec , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1c40e8031b58141018538a222c3e39399e78b2bc66d2a8be23b9ecd4f527f3e8

Request headers

accept-language
en-US,en;q=0.9
Referer
https://18qcq1.buzz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Tue, 07 Nov 2023 10:41:01 GMT
content-encoding
br
cf-cache-status
MISS
last-modified
Wed, 18 May 2022 08:59:28 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
W/"6284b570-59120"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=3rv%2FgYhyWy0nDMwNWVsOgQMcWBE9dXXccctCYllxLczPbPTOf6sqE7WU0YBi4wJ9hKnyHQ0cqhQNVE60cWB6SN13%2B10oY%2FYmXF3wA9wbXCqoZTKhJcwUJRgNIoFdy2DFnVszAbjjhQxwIQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=43200
cf-ray
8224f618b8b70345-MIA
alt-svc
h3=":443"; ma=86400
expires
Tue, 07 Nov 2023 22:41:00 GMT
arrow-right.png
18qcq1.buzz/template/peachb-zi/images/ 		4 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://18qcq1.buzz/template/peachb-zi/images/arrow-right.png
Requested by
Host: 18qcq1.buzz
URL: https://18qcq1.buzz/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3031::ac43:bdec , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c0879ba25f70e7b929cdfadc5143b23ede486ebc83951af1ea81c3ffa34ff080

Request headers

accept-language
en-US,en;q=0.9
Referer
https://18qcq1.buzz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Tue, 07 Nov 2023 10:41:00 GMT
cf-cache-status
MISS
last-modified
Wed, 18 May 2022 08:59:28 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
"6284b570-1191"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=wqzMiDFCZKjrSFaRO1IgWIVGgKVVJPet04OODrdgQYDtSUHVadBWmOOUa3%2BBNcPB8zh1Oq9HSoA90Wj7qWULOolsNR1EkIMzuxvIU%2BoKrVzHYR473xQWzt5COeXGG2J7TSLaEky6EG4Ytg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=2592000
accept-ranges
bytes
cf-ray
8224f619b99a0345-MIA
alt-svc
h3=":443"; ma=86400
content-length
4497
expires
Thu, 07 Dec 2023 10:41:00 GMT
layer.js
18qcq1.buzz/template/peachb-zi/js/ 		22 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://18qcq1.buzz/template/peachb-zi/js/layer.js
Requested by
Host: 18qcq1.buzz
URL: https://18qcq1.buzz/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3031::ac43:bdec , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1ce6649d82d2db0f8e4823f701ddfcfd9c7f107cb446c907e46ec7e57171a2a3

Request headers

accept-language
en-US,en;q=0.9
Referer
https://18qcq1.buzz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Tue, 07 Nov 2023 10:41:00 GMT
content-encoding
br
cf-cache-status
MISS
last-modified
Wed, 18 May 2022 08:59:28 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
W/"6284b570-5664"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=9hlR2etQBAkg%2FtkKfddWgU85wzo4g1nIFhRzSiM%2Bs%2B676xul%2BzBeAb8e%2BOA72Egd8fnBfH0FBiY9vVFIDfEN%2BOF138T5v9uAcndoKnkXM5v4yE94RyJ8eVBzz%2F7AyHkPLrbaYMUupjClww%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=43200
cf-ray
8224f619a9900345-MIA
alt-svc
h3=":443"; ma=86400
expires
Tue, 07 Nov 2023 22:41:00 GMT
search.svg
18qcq1.buzz/template/peachb-zi/images/ 		3 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://18qcq1.buzz/template/peachb-zi/images/search.svg
Requested by
Host: 18qcq1.buzz
URL: https://18qcq1.buzz/template/peachb-zi/css/all-responsive-metal.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3031::ac43:bdec , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
69d77c01823b80be5ef5e5ac9a74cf0fcd2ebfe33f70be009e3ed22393c39899

Request headers

accept-language
en-US,en;q=0.9
Referer
https://18qcq1.buzz/template/peachb-zi/css/all-responsive-metal.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Tue, 07 Nov 2023 10:41:00 GMT
content-encoding
br
cf-cache-status
MISS
last-modified
Wed, 18 May 2022 08:58:44 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
W/"6284b544-c43"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=mcZQXLMl8K7bPZ2ilhQskIaHFJuFF6p5KyfE7VltLTtM1R4bdJvyIWvk4SqI5Yx%2BwH7DtaXYil6RZEdf2sQnpvcX9sXJAlRMo3tYNbCuWAUQGh1vve9jtq1gmH48J1rQDRZe0%2BvvYUiKVw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/svg+xml
cache-control
max-age=14400
cf-ray
8224f619c99f0345-MIA
alt-svc
h3=":443"; ma=86400
icomoon.ttf
18qcq1.buzz/template/peachb-zi/fonts/ 		9 KB
10 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://18qcq1.buzz/template/peachb-zi/fonts/icomoon.ttf
Requested by
Host: 18qcq1.buzz
URL: https://18qcq1.buzz/template/peachb-zi/css/all-responsive-metal.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3031::ac43:bdec , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2674595ece6d29bba3197719873b35d8e2893e9eb3a0271bad0ea717e9b3d405

Request headers

Referer
https://18qcq1.buzz/template/peachb-zi/css/all-responsive-metal.css
Origin
https://18qcq1.buzz
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Tue, 07 Nov 2023 10:41:00 GMT
cf-cache-status
MISS
last-modified
Thu, 19 May 2022 15:00:48 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
"62865ba0-2560"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=DpFZ9aDCxDKNhSw8BVPyiZ2JGE%2Ft4EAZFh8Kgqmk%2FCKbseIzWxVHzm6nihMKSm8J%2BJt73t1ZhOD846tl5OnPk3a07iJ51TfnlFbPdr1E1Dul2YBGgTyYyE2%2BEvK6COiI9f%2FQAI6Ic5tyag%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/octet-stream
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
8224f61a09e20345-MIA
alt-svc
h3=":443"; ma=86400
content-length
9568
layer.css
18qcq1.buzz/template/peachb-zi/js/theme/default/ 		0
473 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://18qcq1.buzz/template/peachb-zi/js/theme/default/layer.css?v=3.1.1
Requested by
Host: 18qcq1.buzz
URL: https://18qcq1.buzz/template/peachb-zi/js/layer.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3031::ac43:bdec , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://18qcq1.buzz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Tue, 07 Nov 2023 10:41:01 GMT
cf-cache-status
MISS
last-modified
Thu, 19 May 2022 14:46:50 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
"6286585a-0"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=iTqFSlax2XiB2yDItnBelXYeIGSOup5RyVRfHcEaFIJ1ddcZVHSzRNmmBLmiHQ5INbui8eH9BtgKAWJGYM2ZCLEaiYuNIXtH3eoUyyG5LgIRFb1BhtVCbUQs38AMYr2MX8nQT09lCZxpbQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=43200
accept-ranges
bytes
cf-ray
8224f61fff270345-MIA
alt-svc
h3=":443"; ma=86400
content-length
0
expires
Tue, 07 Nov 2023 22:41:01 GMT
matomo.js
fnsn79.top/ 		64 KB
22 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://fnsn79.top/matomo.js
Requested by
Host: 18qcq1.buzz
URL: https://18qcq1.buzz/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3036::ac43:a2f1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
78c25da6082dd620e0fe7f12d7ef6e3c6015304575d9ced465b4e84e15a7d82a

Request headers

accept-language
en-US,en;q=0.9
Referer
https://18qcq1.buzz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Tue, 07 Nov 2023 10:41:01 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
41224
cf-polished
origSize=65842
alt-svc
h3=":443"; ma=86400
cf-bgj
minify
last-modified
Sun, 02 Jul 2023 13:59:18 GMT
server
cloudflare
etag
W/"64a182b6-10132"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=SWiBnFXE3EVhjQ9ZBD2KHbnNWFEbrOQNK8RaONNpkoEJfcslfJ5r8LesF%2BoFyo6p6rAjX9RHHRkctXh798Kn32GzSzhi9ozOrm1f%2BHwUT7h1medKZj7GiWy7AgYxhTZ%2BfIGfCQ9%2Bom3g"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=43200
cf-ray
8224f6208e86029b-MIA
expires
Tue, 07 Nov 2023 11:13:57 GMT
js15_as.js
s10.histats.com/ 		11 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s10.histats.com/js15_as.js
Requested by
Host: 18qcq1.buzz
URL: https://18qcq1.buzz/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6814:81f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2defe59e357a7d0683c8283ac42841db404a0884cae2eaecebf4b676e559dede

Request headers

accept-language
en-US,en;q=0.9
Referer
https://18qcq1.buzz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Tue, 07 Nov 2023 10:41:01 GMT
content-encoding
gzip
cf-cache-status
HIT
last-modified
Thu, 16 Apr 2020 10:44:16 GMT
server
cloudflare
age
42057
etag
"-375139978"
vary
Accept-Encoding
content-type
text/javascript
cache-control
max-age=28800
accept-ranges
bytes
cf-ray
8224f620593ada6b-MIA
content-length
4547
o.js
appsdk.xn--15q617acha879f.com/ 		0
0
truncated
/ 		66 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
b71c20271d9c80d1a71aa0ab9935281c4fa8ac404533f1a0747d7fb03fc68e79

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

Content-Type
image/webp
/
18qcq1.buzz/ 		64 KB
64 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://18qcq1.buzz/?mode=async&action=js_stats&rand=1699353661433
Requested by
Host: 18qcq1.buzz
URL: https://18qcq1.buzz/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3031::ac43:bdec , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://18qcq1.buzz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Tue, 07 Nov 2023 10:41:02 GMT
content-encoding
br
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=CtOAEUsNwq3dTh8E9VacqDgS6KNaZL1kPut3UQos0jUWGlqaDXlKyu6wfGmtxb0z%2Bdwg7fqyFoj3CawQRGoRgQ%2Bqa8x4kW5Hfm4uxsAFaLKasyKGR31YuMD%2Fe1LSi%2BaQA7DYSiEgqkAUDA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/html; charset=utf-8
cf-ray
8224f6201f3f0345-MIA
alt-svc
h3=":443"; ma=86400
2dcfb91065b8766728c8eda0c2407314.jpg
feimian.slsltutu.com/upload/vod/20231006-1/ 		22 KB
22 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://feimian.slsltutu.com/upload/vod/20231006-1/2dcfb91065b8766728c8eda0c2407314.jpg
Requested by
Host: 18qcq1.buzz
URL: https://18qcq1.buzz/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:8ab , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
75e8c4ad40475521846faeaa9ce2da84a2d701629035237c611ee389e5e92787

Request headers

accept-language
en-US,en;q=0.9
Referer
https://18qcq1.buzz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Tue, 07 Nov 2023 10:41:01 GMT
cf-cache-status
HIT
age
3562
cf-polished
origSize=24391, status=webp_bigger
content-length
22730
cf-bgj
imgq:85,h2pri
last-modified
Fri, 06 Oct 2023 09:06:37 GMT
server
cloudflare
etag
"651fce1d-5f47"
vary
Accept-Encoding
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=31536000
access-control-allow-credentials
true
accept-ranges
bytes
cf-ray
8224f6202c8d2239-MIA
4572d2ab5d22facc1d661b093e548d28.jpg
feimian.slsltutu.com/upload/vod/20230501-39/ 		90 KB
90 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://feimian.slsltutu.com/upload/vod/20230501-39/4572d2ab5d22facc1d661b093e548d28.jpg
Requested by
Host: 18qcq1.buzz
URL: https://18qcq1.buzz/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:8ab , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
91f06f35f299c18e63feb7f48a8a15187a6a046aa9c0c7990263812d92c8acb1

Request headers

accept-language
en-US,en;q=0.9
Referer
https://18qcq1.buzz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Tue, 07 Nov 2023 10:41:01 GMT
cf-cache-status
HIT
age
1
cf-polished
status=not_needed
content-length
92281
cf-bgj
imgq:85,h2pri
last-modified
Mon, 01 May 2023 05:46:21 GMT
server
cloudflare
etag
"644f522d-16879"
vary
Accept-Encoding
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=31536000
access-control-allow-credentials
true
accept-ranges
bytes
cf-ray
8224f6202c8e2239-MIA
134c1edf084dc01c95d2cfd605556af5.jpg
feimian.slsltutu.com/upload/vod/20230321-1/ 		39 KB
40 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://feimian.slsltutu.com/upload/vod/20230321-1/134c1edf084dc01c95d2cfd605556af5.jpg
Requested by
Host: 18qcq1.buzz
URL: https://18qcq1.buzz/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:8ab , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
14c8220302933a43fb19a6f06bfa57f3db6cbfa1eee6ec90ef85f2958c45aacd

Request headers

accept-language
en-US,en;q=0.9
Referer
https://18qcq1.buzz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Tue, 07 Nov 2023 10:41:01 GMT
cf-cache-status
HIT
age
500
cf-polished
qual=85, origFmt=jpeg, origSize=45280
content-disposition
inline; filename="134c1edf084dc01c95d2cfd605556af5.webp"
content-length
40188
cf-bgj
imgq:85,h2pri
last-modified
Tue, 21 Mar 2023 12:27:36 GMT
server
cloudflare
etag
"6419a2b8-b0e0"
vary
Accept
content-type
image/webp
access-control-allow-origin
*
cache-control
max-age=31536000
access-control-allow-credentials
true
accept-ranges
bytes
cf-ray
8224f6202c8f2239-MIA
c317fcda0066c160629a302734a27db9.jpg
feimian.slsltutu.com/upload/vod/20230909-1/ 		6 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://feimian.slsltutu.com/upload/vod/20230909-1/c317fcda0066c160629a302734a27db9.jpg
Requested by
Host: 18qcq1.buzz
URL: https://18qcq1.buzz/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:8ab , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4e0776611e254bbf56cb7b3a235766af24dd8ba596976a3ccfa12764b8ea690b

Request headers

accept-language
en-US,en;q=0.9
Referer
https://18qcq1.buzz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Tue, 07 Nov 2023 10:41:01 GMT
cf-cache-status
HIT
age
1
cf-polished
qual=85, origFmt=jpeg, origSize=7789
content-disposition
inline; filename="c317fcda0066c160629a302734a27db9.webp"
content-length
6190
cf-bgj
imgq:85,h2pri
last-modified
Sat, 09 Sep 2023 05:34:10 GMT
server
cloudflare
etag
"64fc03d2-1e6d"
vary
Accept
content-type
image/webp
access-control-allow-origin
*
cache-control
max-age=31536000
access-control-allow-credentials
true
accept-ranges
bytes
cf-ray
8224f6202c902239-MIA
deb48c3211f469dcc70069cfbe891c38.jpg
feimian.slsltutu.com/upload/vod/20230427-40/ 		56 KB
56 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://feimian.slsltutu.com/upload/vod/20230427-40/deb48c3211f469dcc70069cfbe891c38.jpg
Requested by
Host: 18qcq1.buzz
URL: https://18qcq1.buzz/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:8ab , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d61c443d8cefb71d153719a196a00e783ababfdfbf9cf2311305efd2a77fc459

Request headers

accept-language
en-US,en;q=0.9
Referer
https://18qcq1.buzz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Tue, 07 Nov 2023 10:41:01 GMT
cf-cache-status
HIT
age
1
cf-polished
qual=85, origFmt=jpeg, origSize=60140
content-disposition
inline; filename="deb48c3211f469dcc70069cfbe891c38.webp"
content-length
57230
cf-bgj
imgq:85,h2pri
last-modified
Thu, 27 Apr 2023 06:09:28 GMT
server
cloudflare
etag
"644a1198-eaec"
vary
Accept
content-type
image/webp
access-control-allow-origin
*
cache-control
max-age=31536000
access-control-allow-credentials
true
accept-ranges
bytes
cf-ray
8224f6202c912239-MIA
e3fade088102e4c5d324042ac0f759da.jpg
feimian.slsltutu.com/upload/vod/20230328-36/ 		46 KB
46 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://feimian.slsltutu.com/upload/vod/20230328-36/e3fade088102e4c5d324042ac0f759da.jpg
Requested by
Host: 18qcq1.buzz
URL: https://18qcq1.buzz/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:8ab , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
21d2d99a8ec9a0fee6465377b1b3d92b598c22d3cf57f43ac6d7fbba50d8d656

Request headers

accept-language
en-US,en;q=0.9
Referer
https://18qcq1.buzz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Tue, 07 Nov 2023 10:41:01 GMT
cf-cache-status
HIT
age
1
cf-polished
qual=85, origFmt=jpeg, origSize=56135
content-disposition
inline; filename="e3fade088102e4c5d324042ac0f759da.webp"
content-length
46942
cf-bgj
imgq:85,h2pri
last-modified
Tue, 28 Mar 2023 04:06:08 GMT
server
cloudflare
etag
"642267b0-db47"
vary
Accept
content-type
image/webp
access-control-allow-origin
*
cache-control
max-age=31536000
access-control-allow-credentials
true
accept-ranges
bytes
cf-ray
8224f6202c922239-MIA
9a26d54c1a3a33c7f9f65b7f0df4efb9.jpg
feimian.slsltutu.com/upload/vod/20230720-1/ 		12 KB
12 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://feimian.slsltutu.com/upload/vod/20230720-1/9a26d54c1a3a33c7f9f65b7f0df4efb9.jpg
Requested by
Host: 18qcq1.buzz
URL: https://18qcq1.buzz/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:8ab , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ff87e5b79f44ef4e2fabd85150bd57c11afeed2a21ea0950158eca768587efe4

Request headers

accept-language
en-US,en;q=0.9
Referer
https://18qcq1.buzz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Tue, 07 Nov 2023 10:41:01 GMT
cf-cache-status
HIT
age
1
cf-polished
qual=85, origFmt=jpeg, origSize=14043
content-disposition
inline; filename="9a26d54c1a3a33c7f9f65b7f0df4efb9.webp"
content-length
12572
cf-bgj
imgq:85,h2pri
last-modified
Thu, 20 Jul 2023 09:56:57 GMT
server
cloudflare
etag
"64b904e9-36db"
vary
Accept
content-type
image/webp
access-control-allow-origin
*
cache-control
max-age=31536000
access-control-allow-credentials
true
accept-ranges
bytes
cf-ray
8224f6202c942239-MIA
be40dab4ad7fd6680159bfb6bee532ee.jpg
feimian.slsltutu.com/upload/vod/20221124-1/ 		5 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://feimian.slsltutu.com/upload/vod/20221124-1/be40dab4ad7fd6680159bfb6bee532ee.jpg
Requested by
Host: 18qcq1.buzz
URL: https://18qcq1.buzz/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:8ab , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
02a6999b33a9d28c8392563189d88ea962899cdd09caa78896df298c4598ab05

Request headers

accept-language
en-US,en;q=0.9
Referer
https://18qcq1.buzz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Tue, 07 Nov 2023 10:41:01 GMT
cf-cache-status
HIT
age
1
cf-polished
qual=85, origFmt=jpeg, origSize=7022
content-disposition
inline; filename="be40dab4ad7fd6680159bfb6bee532ee.webp"
content-length
5278
cf-bgj
imgq:85,h2pri
last-modified
Thu, 24 Nov 2022 12:02:34 GMT
server
cloudflare
etag
"637f5d5a-1b6e"
vary
Accept
content-type
image/webp
access-control-allow-origin
*
cache-control
max-age=31536000
access-control-allow-credentials
true
accept-ranges
bytes
cf-ray
8224f6202c952239-MIA
0.php
s4.histats.com/stats/ 		381 B
516 B 		Script
General
Check archive.org
Download Go to
Full URL
https://s4.histats.com/stats/0.php?4776751&@f16&@g1&@h1&@i1&@j1699353661525&@k0&@l1&@m%E5%85%8D%E8%B4%B9%E7%9F%AD%E8%A7%86%E9%A2%91%E5%88%86%E4%BA%AB%E5%A4%A7%E5%85%A8%20-%20%E5%A4%A7%E4%B8%AD%E5%9B%BD-www.18qcq.top&@n0&@o1000&@q0&@r0&@s0&@ten-US&@u1600&@b1:-87036764&@b3:1699353662&@b4:js15_as.js&@b5:-600&@a-_0.2.1&@vhttps%3A%2F%2F18qcq1.buzz%2F&@w
Requested by
Host: s10.histats.com
URL: https://s10.histats.com/js15_as.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
149.56.240.131 Montreal, Canada, ASN16276 (OVH, FR),
Reverse DNS
ns534299.ip-149-56-240.net
Software
/
Resource Hash
6b48ec47c2c0cd7aea1f6aee26b9b72268a4f0ac49dfb986a5f363876bc8ff31

Request headers

accept-language
en-US,en;q=0.9
Referer
https://18qcq1.buzz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

Date
Tue, 07 Nov 2023 10:41:01 GMT
Connection
close
Content-Length
381
Content-Type
text/html;charset=UTF-8
0.php
s4.histats.com/stats/ 		379 B
514 B 		Script
General
Check archive.org
Download Go to
Full URL
https://s4.histats.com/stats/0.php?4805701&@f16&@g1&@h1&@i1&@j1699353661525&@k0&@l1&@m%E5%85%8D%E8%B4%B9%E7%9F%AD%E8%A7%86%E9%A2%91%E5%88%86%E4%BA%AB%E5%A4%A7%E5%85%A8%20-%20%E5%A4%A7%E4%B8%AD%E5%9B%BD-www.18qcq.top&@n0&@o1000&@q0&@r0&@s0&@ten-US&@u1600&@b1:35317754&@b3:1699353662&@b4:js15_as.js&@b5:-600&@a-_0.2.1&@vhttps%3A%2F%2F18qcq1.buzz%2F&@w
Requested by
Host: s10.histats.com
URL: https://s10.histats.com/js15_as.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
149.56.240.131 Montreal, Canada, ASN16276 (OVH, FR),
Reverse DNS
ns534299.ip-149-56-240.net
Software
/
Resource Hash
86cf087398dd3b828fb6e85704678f25b4fe90279b86f92d24c1affab71aca84

Request headers

accept-language
en-US,en;q=0.9
Referer
https://18qcq1.buzz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

Date
Tue, 07 Nov 2023 10:41:01 GMT
Connection
close
Content-Length
379
Content-Type
text/html;charset=UTF-8
0.php
s4.histats.com/stats/ 		381 B
516 B 		Script
General
Check archive.org
Download Go to
Full URL
https://s4.histats.com/stats/0.php?4776751&@f16&@g0&@h2&@i1&@j1699353661528&@k3&@l2&@m%E5%85%8D%E8%B4%B9%E7%9F%AD%E8%A7%86%E9%A2%91%E5%88%86%E4%BA%AB%E5%A4%A7%E5%85%A8%20-%20%E5%A4%A7%E4%B8%AD%E5%9B%BD-www.18qcq.top&@n0&@o1000&@q0&@r0&@s0&@ten-US&@u1600&@b1:123078509&@b3:1699353662&@b4:js15_as.js&@b5:-600&@a-_0.2.1&@vhttps%3A%2F%2F18qcq1.buzz%2F&@w
Requested by
Host: s10.histats.com
URL: https://s10.histats.com/js15_as.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
149.56.240.131 Montreal, Canada, ASN16276 (OVH, FR),
Reverse DNS
ns534299.ip-149-56-240.net
Software
/
Resource Hash
6b48ec47c2c0cd7aea1f6aee26b9b72268a4f0ac49dfb986a5f363876bc8ff31

Request headers

accept-language
en-US,en;q=0.9
Referer
https://18qcq1.buzz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

Date
Tue, 07 Nov 2023 10:41:01 GMT
Connection
close
Content-Length
381
Content-Type
text/html;charset=UTF-8
0.php
s4.histats.com/stats/ 		379 B
514 B 		Script
General
Check archive.org
Download Go to
Full URL
https://s4.histats.com/stats/0.php?4805701&@f16&@g0&@h2&@i1&@j1699353661528&@k3&@l2&@m%E5%85%8D%E8%B4%B9%E7%9F%AD%E8%A7%86%E9%A2%91%E5%88%86%E4%BA%AB%E5%A4%A7%E5%85%A8%20-%20%E5%A4%A7%E4%B8%AD%E5%9B%BD-www.18qcq.top&@n0&@o1000&@q0&@r0&@s0&@ten-US&@u1600&@b1:-99252785&@b3:1699353662&@b4:js15_as.js&@b5:-600&@a-_0.2.1&@vhttps%3A%2F%2F18qcq1.buzz%2F&@w
Requested by
Host: s10.histats.com
URL: https://s10.histats.com/js15_as.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
149.56.240.131 Montreal, Canada, ASN16276 (OVH, FR),
Reverse DNS
ns534299.ip-149-56-240.net
Software
/
Resource Hash
86cf087398dd3b828fb6e85704678f25b4fe90279b86f92d24c1affab71aca84

Request headers

accept-language
en-US,en;q=0.9
Referer
https://18qcq1.buzz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

Date
Tue, 07 Nov 2023 10:41:01 GMT
Connection
close
Content-Length
379
Content-Type
text/html;charset=UTF-8
matomo.php
fnsn79.top/ 		0
346 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://fnsn79.top/matomo.php?action_name=%E5%85%8D%E8%B4%B9%E7%9F%AD%E8%A7%86%E9%A2%91%E5%88%86%E4%BA%AB%E5%A4%A7%E5%85%A8%20-%20%E5%A4%A7%E4%B8%AD%E5%9B%BD-www.18qcq.top&idsite=22&rec=1&r=946619&h=0&m=41&s=1&url=https%3A%2F%2F18qcq1.buzz%2F&_id=f3fd156b684b5633&_idn=1&send_image=0&_refts=0&pdf=1&qt=0&realp=0&wma=0&fla=0&java=0&ag=0&cookie=1&res=1600x1200&pv_id=hQecsn&pf_net=82&pf_srv=701&pf_tfr=196&pf_dm1=1705&uadata=%7B%22fullVersionList%22%3A%5B%5D%2C%22mobile%22%3Afalse%2C%22model%22%3A%22%22%2C%22platform%22%3A%22%22%2C%22platformVersion%22%3A%22%22%7D
Requested by
Host: fnsn79.top
URL: https://fnsn79.top/matomo.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3036::ac43:a2f1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://18qcq1.buzz/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36
Content-Type
application/x-www-form-urlencoded; charset=utf-8

Response headers

date
Tue, 07 Nov 2023 10:41:02 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=y75bEbSnhLk4CZ60rG0gGdPYtrSxVUhhbqJGR4kIUrDo%2BG5zAqdxa8HuS0Q1a%2F55lFq7KoaVTCTJBxSUU5PxxJTHd8Mo5P3%2B4UQO1yXjP48oK2FOG3MPzOPDK0FukdCwzhsRRytflun2"}],"group":"cf-nel","max_age":604800}
content-type
text/html; charset=UTF-8
access-control-allow-origin
https://18qcq1.buzz
access-control-allow-credentials
true
cf-ray
8224f620deb8029b-MIA
alt-svc
h3=":443"; ma=86400
/
e.dtscout.com/e/ 		7 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://e.dtscout.com/e/?v=1a&pid=5200&site=1&l=https%3A%2F%2F18qcq1.buzz%2F&j=
Requested by
Host: s4.histats.com
URL: https://s4.histats.com/stats/0.php?4776751&@f16&@g1&@h1&@i1&@j1699353661525&@k0&@l1&@m%E5%85%8D%E8%B4%B9%E7%9F%AD%E8%A7%86%E9%A2%91%E5%88%86%E4%BA%AB%E5%A4%A7%E5%85%A8%20-%20%E5%A4%A7%E4%B8%AD%E5%9B%BD-www.18qcq.top&@n0&@o1000&@q0&@r0&@s0&@ten-US&@u1600&@b1:-87036764&@b3:1699353662&@b4:js15_as.js&@b5:-600&@a-_0.2.1&@vhttps%3A%2F%2F18qcq1.buzz%2F&@w
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:21::8d65:780b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
58048e62ca1e49fbdca38e0367564f701a807b8e26e88cd7414b0f8840bdd773

Request headers

accept-language
en-US,en;q=0.9
Referer
https://18qcq1.buzz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Tue, 07 Nov 2023 10:41:02 GMT
x-t
0.274
content-encoding
br
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=UH3hv9nfY9lL3gy3B%2B9fC63b8W64Ayd%2FR5WwtcbPouYA1PNMEVfV1igZfr64PF4dDFAqDuUa0r4YzoqVfLMw4xkcNkYVOPbbykvJYvVtybjwzvfbO1kEQVHeUIpbD8wK2TkUn8RPDkGQIbE%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
no-cache
x-s
ger1
cf-ray
8224f6223e9f3347-MIA
expires
Tue, 07 Nov 2023 10:41:00 GMT
/
t.dtscout.com/idg/ Frame 4639 		1 KB
740 B 		Document
General
Check archive.org
Download Go to
Full URL
https://t.dtscout.com/idg/?su=51A01699353661C9CDCDC5F7CD95A335
Requested by
Host: e.dtscout.com
URL: https://e.dtscout.com/e/?v=1a&pid=5200&site=1&l=https%3A%2F%2F18qcq1.buzz%2F&j=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:21::8d65:780b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4c719f88b144ed9489dd30ffcde5c7543b8a49026a87bd7bb5e4cdd9ecd9b244

Request headers

Referer
https://18qcq1.buzz/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

cache-control
no-cache
cf-cache-status
DYNAMIC
cf-ray
8224f623f8703347-MIA
content-encoding
br
content-type
text/html; charset=UTF-8
date
Tue, 07 Nov 2023 10:41:02 GMT
expires
Tue, 07 Nov 2023 10:41:01 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=8R%2BZvZTNPqI55usjkUcuKLy1Qs6ZQ6NhvcIONw4yq0QxdZtYIr00v8Uhh6%2FMbu19JobWCaX1iDjQNPC8Vw%2FLocHk1WBBiuH3TwZcF%2B9iK6SUIMcdEWx4CrF8oZchXcKmIdMzHVecctELO2g%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
tag.min.js
get.s-onetag.com/f0c84061-4182-4398-8e37-5ff5b5698a6f/ 		33 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://get.s-onetag.com/f0c84061-4182-4398-8e37-5ff5b5698a6f/tag.min.js
Requested by
Host: e.dtscout.com
URL: https://e.dtscout.com/e/?v=1a&pid=5200&site=1&l=https%3A%2F%2F18qcq1.buzz%2F&j=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.67.76.48 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-67-76-48.iad89.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
2be5bc681ba2488b5b366e183923c008835985f5cd45b5f3be3075d6454366d2

Request headers

accept-language
en-US,en;q=0.9
Referer
https://18qcq1.buzz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

x-amz-version-id
qTL9I3PoQ0vLKAyf8R1sGpcCe8sbM7th
content-encoding
gzip
via
1.1 6aa8d2883437a2897f326bfc58beed3c.cloudfront.net (CloudFront)
date
Mon, 06 Nov 2023 11:24:26 GMT
last-modified
Thu, 01 Jun 2023 19:57:33 GMT
server
AmazonS3
x-amz-cf-pop
IAD89-P2
age
86123
x-amz-server-side-encryption
AES256
etag
W/"b338879bf41a826d9e1b316528a8409d"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
text/javascript
cache-control
max-age=86400
x-amz-cf-id
ZabDZbWyAUBY2-now-WBu5y0kNqdpom2Iy5CWZ-PvLYU54w3jFYcxg==
dtscout
pd.sharethis.com/pd/ 		2 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pd.sharethis.com/pd/dtscout
Requested by
Host: e.dtscout.com
URL: https://e.dtscout.com/e/?v=1a&pid=5200&site=1&l=https%3A%2F%2F18qcq1.buzz%2F&j=
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.16.223.148 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-16-223-148.us-east-2.compute.amazonaws.com
Software
/
Resource Hash
c2b12d47bf680cedd373721c518f0f5380e5e32c414d7138fc55b5bf5d488d8b
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains;

Request headers

accept-language
en-US,en;q=0.9
Referer
https://18qcq1.buzz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

Date
Tue, 07 Nov 2023 10:41:02 GMT
Strict-Transport-Security
max-age=63072000; includeSubDomains;
Connection
keep-alive
X-Robots-Tag
noindex, nofollow
Content-Length
2273
Content-Type
application/javascript
afwu.js
cdn.tynt.com/ 		19 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.tynt.com/afwu.js
Requested by
Host: e.dtscout.com
URL: https://e.dtscout.com/e/?v=1a&pid=5200&site=1&l=https%3A%2F%2F18qcq1.buzz%2F&j=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.64.153.173 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3db5fc063868d3ca5fc3cc2695f483266cffea00bef68dffd7e4944b947aacc8

Request headers

accept-language
en-US,en;q=0.9
Referer
https://18qcq1.buzz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Tue, 07 Nov 2023 10:41:02 GMT
content-encoding
gzip
cf-cache-status
HIT
last-modified
Thu, 05 Oct 2023 15:08:56 GMT
server
cloudflare
age
243100
etag
W/"651ed188-4c00"
vary
Accept-Encoding
content-type
application/javascript
cache-control
public, max-age=259200
cf-ray
8224f6248d6b2576-MIA
expires
Fri, 10 Nov 2023 10:41:02 GMT
/
t.dtscout.com/pv/ 		51 B
336 B 		Script
General
Check archive.org
Download Go to
Full URL
https://t.dtscout.com/pv/?_a=v&_h=18qcq1.buzz&_ss=43zeoxifsy&_pv=1&_ls=0&_u1=1&_u3=1&_cc=us&_pl=d&_cbid=5vcf&_cb=_dtspv.c
Requested by
Host: e.dtscout.com
URL: https://e.dtscout.com/e/?v=1a&pid=5200&site=1&l=https%3A%2F%2F18qcq1.buzz%2F&j=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:21::8d65:780b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
276dd1cdfa3ddb0e93ea65e4de37dc26e4133797fb14fa78849ca70d68f3e1df

Request headers

accept-language
en-US,en;q=0.9
Referer
https://18qcq1.buzz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Tue, 07 Nov 2023 10:41:02 GMT
x-t
0.15
content-encoding
br
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=lAMlV05yyp0xsT5yOZH30nP2MfyXQ2S7tMkDNgSYIqA87Qygo4eO8C%2BJjgdWk1p1lG5moZ6N8CIrXxeuHQPz0fCzrNdFulEIuekY9iOiW2TiCIEs4fcmyky3fdfdMcCNs5lzRjGb9tMtpd4%3D"}],"group":"cf-nel","max_age":604800}
x-c
0
content-type
application/javascript
cache-control
no-cache
cf-ray
8224f623f8773347-MIA
expires
Tue, 07 Nov 2023 10:41:01 GMT
/
t.dtscout.com/idg/ Frame 5C7F 		1 KB
790 B 		Document
General
Check archive.org
Download Go to
Full URL
https://t.dtscout.com/idg/?su=51A01699353661C9CDCDC5F7CD95A335
Requested by
Host: e.dtscout.com
URL: https://e.dtscout.com/e/?v=1a&pid=5200&site=1&l=https%3A%2F%2F18qcq1.buzz%2F&j=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:21::8d65:780b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1ddd91d2d8d2b28c38c1eee5dcac04119d41cbe8994b0c3d7665a2eb1c51fecb

Request headers

Referer
https://18qcq1.buzz/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

cache-control
no-cache
cf-cache-status
DYNAMIC
cf-ray
8224f623f8733347-MIA
content-encoding
br
content-type
text/html; charset=UTF-8
date
Tue, 07 Nov 2023 10:41:02 GMT
expires
Tue, 07 Nov 2023 10:41:01 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=q%2F%2BjNjImr5ysMBlkT%2BsxdMGOmnUNpDWds75rb9vH%2FmaNH45yeJyA5aAr5sDk%2FZz%2FiSvOaAKo%2FAz3FNaI8wsAcBHQ8sIFQLivdyXVoDNPwg6HutUMuil1OGDi7PYQlqJELNEhrbjE%2BC1PdN8%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
/
t.dtscout.com/idg/ Frame 3886 		1 KB
740 B 		Document
General
Check archive.org
Download Go to
Full URL
https://t.dtscout.com/idg/?su=51A01699353661C9CDCDC5F7CD95A335
Requested by
Host: e.dtscout.com
URL: https://e.dtscout.com/e/?v=1a&pid=5200&site=1&l=https%3A%2F%2F18qcq1.buzz%2F&j=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:21::8d65:780b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1f17039655bbf2a1d404a67c49127ae30756c179a7f411f12dca5a8e7ba7bd2e

Request headers

Referer
https://18qcq1.buzz/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

cache-control
no-cache
cf-cache-status
DYNAMIC
cf-ray
8224f623f8753347-MIA
content-encoding
br
content-type
text/html; charset=UTF-8
date
Tue, 07 Nov 2023 10:41:02 GMT
expires
Tue, 07 Nov 2023 10:41:01 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=9h03Otg24Na%2FfHyPT29G3s0ZqDnUzRKZ6wMss0dtjBVRO8rzUY54MZk1fHePUcotJJQ0nFOYVFgggSQ5aNVG%2Fm%2F2kUjI1c2StZDxcXvrR%2FfU2u0JToACmNyw7oERj7dYdzgnM%2BRBHWtZu0E%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
/
t.dtscout.com/idg/ Frame C224 		1 KB
737 B 		Document
General
Check archive.org
Download Go to
Full URL
https://t.dtscout.com/idg/?su=51A01699353661C9CDCDC5F7CD95A335
Requested by
Host: e.dtscout.com
URL: https://e.dtscout.com/e/?v=1a&pid=5200&site=1&l=https%3A%2F%2F18qcq1.buzz%2F&j=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:21::8d65:780b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0216418434db22f90d63f396fa935ca96cf63e081816c8920cab60005f06b950

Request headers

Referer
https://18qcq1.buzz/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

cache-control
no-cache
cf-cache-status
DYNAMIC
cf-ray
8224f623f8763347-MIA
content-encoding
br
content-type
text/html; charset=UTF-8
date
Tue, 07 Nov 2023 10:41:02 GMT
expires
Tue, 07 Nov 2023 10:41:01 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=wngMO42bVWzrQrRUKGhNQ6iuGfel9NjbXDnVRJ8iXmYwct%2FVcZDr6Y3rpiWrimhIxQIZFp13xB1Bi3cYE5DHUxshQHqwaZjNagO%2BGAra6VyfZEtyGD2oQBtQRBqKYzsIF9kCYflBEKOKhS0%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
/
onetag-geo.s-onetag.com/ 		555 B
961 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://onetag-geo.s-onetag.com/
Requested by
Host: get.s-onetag.com
URL: https://get.s-onetag.com/f0c84061-4182-4398-8e37-5ff5b5698a6f/tag.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.160.10.41 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-160-10-41.iad12.r.cloudfront.net
Software
/
Resource Hash
ff990708f1742064fb848a81f53edab5672739625bb6b0ebe08ceadd7f913c7d

Request headers

accept-language
en-US,en;q=0.9
Referer
https://18qcq1.buzz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Tue, 07 Nov 2023 10:41:02 GMT
via
1.1 dbd1543e724393accac6fa465477c430.cloudfront.net (CloudFront), 1.1 53b70ac9dc46d1c13992b291cf22a9aa.cloudfront.net (CloudFront)
x-amz-cf-pop
IAD12-P4, IAD12-P3
x-amzn-requestid
178baac1-a426-48c3-98ac-c9c33fcd250d
x-cache
Hit from cloudfront
content-type
application/json
access-control-allow-origin
*
cache-control
max-age=86400
x-amz-apigw-id
OBgZyFFhCYcEMKQ=
content-length
555
x-amz-cf-id
g-vQB2J4HVNF3wpMCIj2aFc9tOipNeVCvctVyDfU8FCFW5Lc7JTn2A==
/
onetag-geo.s-onetag.com/ 		555 B
963 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://onetag-geo.s-onetag.com/
Requested by
Host: get.s-onetag.com
URL: https://get.s-onetag.com/f0c84061-4182-4398-8e37-5ff5b5698a6f/tag.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.160.10.41 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-160-10-41.iad12.r.cloudfront.net
Software
/
Resource Hash
ff990708f1742064fb848a81f53edab5672739625bb6b0ebe08ceadd7f913c7d

Request headers

accept-language
en-US,en;q=0.9
Referer
https://18qcq1.buzz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Tue, 07 Nov 2023 10:41:02 GMT
via
1.1 dbd1543e724393accac6fa465477c430.cloudfront.net (CloudFront), 1.1 53b70ac9dc46d1c13992b291cf22a9aa.cloudfront.net (CloudFront)
x-amz-cf-pop
IAD12-P4, IAD12-P3
x-amzn-requestid
178baac1-a426-48c3-98ac-c9c33fcd250d
x-cache
Miss from cloudfront
content-type
application/json
access-control-allow-origin
*
cache-control
max-age=86400
x-amz-apigw-id
OBgZyFFhCYcEMKQ=
content-length
555
x-amz-cf-id
rCSB5Z0g70ZlvY0UTjyu2Amj71tEl3C20wsOMO0W5y_rn0VXYYQX8A==
/
onetag-geo.s-onetag.com/ 		555 B
961 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://onetag-geo.s-onetag.com/
Requested by
Host: get.s-onetag.com
URL: https://get.s-onetag.com/f0c84061-4182-4398-8e37-5ff5b5698a6f/tag.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.160.10.41 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-160-10-41.iad12.r.cloudfront.net
Software
/
Resource Hash
ff990708f1742064fb848a81f53edab5672739625bb6b0ebe08ceadd7f913c7d

Request headers

accept-language
en-US,en;q=0.9
Referer
https://18qcq1.buzz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Tue, 07 Nov 2023 10:41:02 GMT
via
1.1 dbd1543e724393accac6fa465477c430.cloudfront.net (CloudFront), 1.1 53b70ac9dc46d1c13992b291cf22a9aa.cloudfront.net (CloudFront)
x-amz-cf-pop
IAD12-P4, IAD12-P3
x-amzn-requestid
178baac1-a426-48c3-98ac-c9c33fcd250d
x-cache
Hit from cloudfront
content-type
application/json
access-control-allow-origin
*
cache-control
max-age=86400
x-amz-apigw-id
OBgZyFFhCYcEMKQ=
content-length
555
x-amz-cf-id
sEsrFTfHhfMdphH2gcCTwjri5JBRVku-8T7g-PcJeAMfO6UYJxkjwA==
/
onetag-geo.s-onetag.com/ 		555 B
961 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://onetag-geo.s-onetag.com/
Requested by
Host: get.s-onetag.com
URL: https://get.s-onetag.com/f0c84061-4182-4398-8e37-5ff5b5698a6f/tag.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.160.10.41 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-160-10-41.iad12.r.cloudfront.net
Software
/
Resource Hash
ff990708f1742064fb848a81f53edab5672739625bb6b0ebe08ceadd7f913c7d

Request headers

accept-language
en-US,en;q=0.9
Referer
https://18qcq1.buzz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Tue, 07 Nov 2023 10:41:02 GMT
via
1.1 dbd1543e724393accac6fa465477c430.cloudfront.net (CloudFront), 1.1 53b70ac9dc46d1c13992b291cf22a9aa.cloudfront.net (CloudFront)
x-amz-cf-pop
IAD12-P4, IAD12-P3
x-amzn-requestid
178baac1-a426-48c3-98ac-c9c33fcd250d
x-cache
Hit from cloudfront
content-type
application/json
access-control-allow-origin
*
cache-control
max-age=86400
x-amz-apigw-id
OBgZyFFhCYcEMKQ=
content-length
555
x-amz-cf-id
VWTmCZrT-f42OtHcHcvOTARbs1Xx08EBXwiUYjXpQlrugo2xqW2ZwA==
p
ic.tynt.com/b/ 		35 B
648 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ic.tynt.com/b/p?id=wu!&lm=0&ts=1699353662243&dn=AFWU&iso=0&pu=https%3A%2F%2F18qcq1.buzz%2F&ct=%E6%8F%90%E4%BE%9B%E6%9C%80%E6%96%B0%E6%9C%80%E5%BF%AB%E7%9A%84%E8%A7%86%E9%A2%91%E5%88%86%E4%BA%AB%E6%95%B0%E6%8D%AE&t=%E5%85%8D%E8%B4%B9%E7%9F%AD%E8%A7%86%E9%A2%91%E5%88%86%E4%BA%AB%E5%A4%A7%E5%85%A8%20-%20%E5%A4%A7%E4%B8%AD%E5%9B%BD-www.18qcq.top&chmob=0
Requested by
Host: 18qcq1.buzz
URL: https://18qcq1.buzz/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
67.202.105.33 , United States, ASN32748 (STEADFAST, US),
Reverse DNS
ip33.67-202-105.static.steadfastdns.net
Software
nginx/1.16.1 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Request headers

accept-language
en-US,en;q=0.9
Referer
https://18qcq1.buzz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Tue, 07 Nov 2023 10:41:02 GMT
last-modified
Fri, 16 Apr 2010 15:38:20 GMT
server
nginx/1.16.1
accept-ch
Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Model, Sec-CH-UA-Full-Version-List, Sec-CH-UA, Sec-CH-UA-Mobile
etag
"4bc8846c-23"
content-type
image/gif
p3p
policyref="/w3c/p3p.xml", CP="CUR ADM OUR NOR STA NID", CP="NOI DSP COR NID PSA PSD OUR IND UNI COM NAV INT DEM STA"
cache-control
"no-store, no-cache, must-revalidate, post-check=0, pre-check=0, false"
accept-ranges
bytes
content-length
35
expires
"Sat, 26 Jul 1997 05:00:00 GMT"
/
t.dtscdn.com/widget/ 		0
598 B 		Script
General
Check archive.org
Download Go to
Full URL
https://t.dtscdn.com/widget/?d=51A01699353661C9CDCDC5F7CD95A335&nid=300&p=836148727&t=600&s=1600x1200x24&u=https%3A%2F%2F18qcq1.buzz%2F&r=
Requested by
Host: e.dtscout.com
URL: https://e.dtscout.com/e/?v=1a&pid=5200&site=1&l=https%3A%2F%2F18qcq1.buzz%2F&j=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:d3c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://18qcq1.buzz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Tue, 07 Nov 2023 10:41:02 GMT
x-t
1.37
content-encoding
br
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=aotde2n1vaGzWkPX0qSwOP%2Be80KfQ7jDBiR4yg4atB3zmk9pJB4b4XiSQtJw%2BmkmnJaROoekEU%2F4cOZcIDWn6obLheXRJ1ANkewlAOwm9Xszgjk6ZShjOL783Sd9BC8vzXjXkvrmFeGvug%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=UTF-8
cache-control
no-cache
x-server
web15.ny1.dtscdn.com
cf-ray
8224f6264ddf9af1-MIA
expires
Tue, 07 Nov 2023 10:41:12 GMT
tpid=51A01699353661C9CDCDC5F7CD95A335
bcp.crwdcntrl.net/5/c=3825/tp=DTSC/ 		49 B
265 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://bcp.crwdcntrl.net/5/c=3825/tp=DTSC/tpid=51A01699353661C9CDCDC5F7CD95A335
Requested by
Host: 18qcq1.buzz
URL: https://18qcq1.buzz/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.239.38.30 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-239-38-30.compute-1.amazonaws.com
Software
Jetty(9.4.38.v20210224) /
Resource Hash
2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef

Request headers

accept-language
en-US,en;q=0.9
Referer
https://18qcq1.buzz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 07 Nov 2023 10:41:02 GMT
server
Jetty(9.4.38.v20210224)
content-type
image/gif
p3p
CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin
*
cache-control
no-cache
x-server
10.40.63.49
content-length
49
expires
0
generic
match.adsrvr.org/track/cmf/
Redirect Chain
  • https://pixel.onaudience.com/?partner=137085098&mapped=51A01699353661C9CDCDC5F7CD95A335
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=xksw9la&ttd_tpi=1&gdpr=0
70 B
148 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/generic?ttd_pid=xksw9la&ttd_tpi=1&gdpr=0
Requested by
Host: 18qcq1.buzz
URL: https://18qcq1.buzz/
Protocol
H2
Server
52.223.40.198 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a6370ebea231e0c9a.awsglobalaccelerator.com
Software
Kestrel /
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://18qcq1.buzz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Tue, 07 Nov 2023 10:41:03 GMT
server
Kestrel
content-length
70
content-type
image/gif

Redirect headers

location
https://match.adsrvr.org/track/cmf/generic?ttd_pid=xksw9la&ttd_tpi=1&gdpr=0
content-length
0
t.dhj
t.sharethis.com/1/d/ 		2 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://t.sharethis.com/1/d/t.dhj?cid=c010&cls=C&rnd=0.027554700072220495&stid=ZHEAA2VKFD4AAAAIIkdgAw%3D%3D
Requested by
Host: pd.sharethis.com
URL: https://pd.sharethis.com/pd/dtscout
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.12.145.135 Ashburn, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a23-12-145-135.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
cd2835bec13ba8e1426bbf51d0f23c56cd1b1ed9ebf4345895c4698a038a320c
Security Headers
Name Value
Strict-Transport-Security max-age=2628000 ; includeSubDomains
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
https://18qcq1.buzz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

Date
Tue, 07 Nov 2023 10:41:02 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Strict-Transport-Security
max-age=2628000 ; includeSubDomains
Content-Type
application/javascript
Cache-Control
private, max-age=3600
Connection
keep-alive
X-Robots-Tag
noindex, nofollow
Content-Length
1364
Expires
Tue, 07 Nov 2023 11:41:02 GMT
dtscout
pd.sharethis.com/pd/ 		42 B
265 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pd.sharethis.com/pd/dtscout?_t_=px&url=https%3A%2F%2F18qcq1.buzz%2F&event_source=dtscout&rnd=0.027554700072220495&exptid=ZHEAA2VKFD4AAAAIIkdgAw%3D%3D&fcmp=false
Requested by
Host: 18qcq1.buzz
URL: https://18qcq1.buzz/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.16.223.148 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-16-223-148.us-east-2.compute.amazonaws.com
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains;

Request headers

accept-language
en-US,en;q=0.9
Referer
https://18qcq1.buzz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

Date
Tue, 07 Nov 2023 10:41:02 GMT
Strict-Transport-Security
max-age=63072000; includeSubDomains;
Connection
keep-alive
X-Robots-Tag
noindex, nofollow
Content-Length
42
Content-Type
image/gif
t.dhj
t.sharethis.com/1/d/ 		2 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://t.sharethis.com/1/d/t.dhj?cid=c010&cls=C&rnd=0.6444427966063944&stid=ZHEAA2VKFD4AAAAIIkdgAw%3D%3D
Requested by
Host: pd.sharethis.com
URL: https://pd.sharethis.com/pd/dtscout
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.12.145.135 Ashburn, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a23-12-145-135.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
cd2835bec13ba8e1426bbf51d0f23c56cd1b1ed9ebf4345895c4698a038a320c
Security Headers
Name Value
Strict-Transport-Security max-age=2628000 ; includeSubDomains
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
https://18qcq1.buzz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

Date
Tue, 07 Nov 2023 10:41:02 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Strict-Transport-Security
max-age=2628000 ; includeSubDomains
Content-Type
application/javascript
Cache-Control
private, max-age=3600
Connection
keep-alive
X-Robots-Tag
noindex, nofollow
Content-Length
1364
Expires
Tue, 07 Nov 2023 11:41:02 GMT
dtscout
pd.sharethis.com/pd/ 		42 B
265 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pd.sharethis.com/pd/dtscout?_t_=px&url=https%3A%2F%2F18qcq1.buzz%2F&event_source=dtscout&rnd=0.6444427966063944&exptid=ZHEAA2VKFD4AAAAIIkdgAw%3D%3D&fcmp=false
Requested by
Host: 18qcq1.buzz
URL: https://18qcq1.buzz/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.16.223.148 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-16-223-148.us-east-2.compute.amazonaws.com
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains;

Request headers

accept-language
en-US,en;q=0.9
Referer
https://18qcq1.buzz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

Date
Tue, 07 Nov 2023 10:41:02 GMT
Strict-Transport-Security
max-age=63072000; includeSubDomains;
Connection
keep-alive
X-Robots-Tag
noindex, nofollow
Content-Length
42
Content-Type
image/gif
t.dhj
t.sharethis.com/1/d/ 		2 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://t.sharethis.com/1/d/t.dhj?cid=c010&cls=C&rnd=0.6369978193651706&stid=ZHEAA2VKFD4AAAAIIkdgAw%3D%3D
Requested by
Host: pd.sharethis.com
URL: https://pd.sharethis.com/pd/dtscout
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.12.145.135 Ashburn, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a23-12-145-135.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
cd2835bec13ba8e1426bbf51d0f23c56cd1b1ed9ebf4345895c4698a038a320c
Security Headers
Name Value
Strict-Transport-Security max-age=2628000 ; includeSubDomains
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
https://18qcq1.buzz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

Date
Tue, 07 Nov 2023 10:41:02 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Strict-Transport-Security
max-age=2628000 ; includeSubDomains
Content-Type
application/javascript
Cache-Control
private, max-age=3600
Connection
keep-alive
X-Robots-Tag
noindex, nofollow
Content-Length
1364
Expires
Tue, 07 Nov 2023 11:41:02 GMT
dtscout
pd.sharethis.com/pd/ 		42 B
265 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pd.sharethis.com/pd/dtscout?_t_=px&url=https%3A%2F%2F18qcq1.buzz%2F&event_source=dtscout&rnd=0.6369978193651706&exptid=ZHEAA2VKFD4AAAAIIkdgAw%3D%3D&fcmp=false
Requested by
Host: 18qcq1.buzz
URL: https://18qcq1.buzz/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.16.223.148 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-16-223-148.us-east-2.compute.amazonaws.com
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains;

Request headers

accept-language
en-US,en;q=0.9
Referer
https://18qcq1.buzz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

Date
Tue, 07 Nov 2023 10:41:02 GMT
Strict-Transport-Security
max-age=63072000; includeSubDomains;
Connection
keep-alive
X-Robots-Tag
noindex, nofollow
Content-Length
42
Content-Type
image/gif
t.dhj
t.sharethis.com/1/d/ 		2 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://t.sharethis.com/1/d/t.dhj?cid=c010&cls=C&rnd=0.872590761883441&stid=ZHEAA2VKFD4AAAAIIkdgAw%3D%3D
Requested by
Host: pd.sharethis.com
URL: https://pd.sharethis.com/pd/dtscout
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.12.145.135 Ashburn, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a23-12-145-135.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
cd2835bec13ba8e1426bbf51d0f23c56cd1b1ed9ebf4345895c4698a038a320c
Security Headers
Name Value
Strict-Transport-Security max-age=2628000 ; includeSubDomains
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
https://18qcq1.buzz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

Date
Tue, 07 Nov 2023 10:41:02 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Strict-Transport-Security
max-age=2628000 ; includeSubDomains
Content-Type
application/javascript
Cache-Control
private, max-age=3600
Connection
keep-alive
X-Robots-Tag
noindex, nofollow
Content-Length
1364
Expires
Tue, 07 Nov 2023 11:41:02 GMT
dtscout
pd.sharethis.com/pd/ 		42 B
265 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pd.sharethis.com/pd/dtscout?_t_=px&url=https%3A%2F%2F18qcq1.buzz%2F&event_source=dtscout&rnd=0.872590761883441&exptid=ZHEAA2VKFD4AAAAIIkdgAw%3D%3D&fcmp=false
Requested by
Host: 18qcq1.buzz
URL: https://18qcq1.buzz/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.16.223.148 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-16-223-148.us-east-2.compute.amazonaws.com
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains;

Request headers

accept-language
en-US,en;q=0.9
Referer
https://18qcq1.buzz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

Date
Tue, 07 Nov 2023 10:41:02 GMT
Strict-Transport-Security
max-age=63072000; includeSubDomains;
Connection
keep-alive
X-Robots-Tag
noindex, nofollow
Content-Length
42
Content-Type
image/gif
v2
de.tynt.com/deb/ 		1 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://de.tynt.com/deb/v2?id=wu!&dn=AFWU&cc=1&chmob=0&r=&pu=https%3A%2F%2F18qcq1.buzz%2F
Requested by
Host: cdn.tynt.com
URL: https://cdn.tynt.com/afwu.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
67.202.105.33 , United States, ASN32748 (STEADFAST, US),
Reverse DNS
ip33.67-202-105.static.steadfastdns.net
Software
/
Resource Hash
61195f31f47c25797905f46e03f14da7372ec71141fdfd18974c2526ffee77be

Request headers

accept-language
en-US,en;q=0.9
Referer
https://18qcq1.buzz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

p3p
CP="NOI DSP COR NID PSA PSD OUR IND UNI COM NAV INT DEM STA"
date
Tue, 07 Nov 2023 10:41:02 GMT
cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0, false
content-type
application/javascript
accept-ch
Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Model, Sec-CH-UA-Full-Version-List, Sec-CH-UA, Sec-CH-UA-Mobile
content-length
1493
expires
Sat, 26 Jul 1997 05:00:00 GMT
v2
de.tynt.com/deb/ 		1014 B
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://de.tynt.com/deb/v2?id=wu!&dn=AFWU&cc=2&chmob=0&r=&pu=https%3A%2F%2F18qcq1.buzz%2F
Requested by
Host: cdn.tynt.com
URL: https://cdn.tynt.com/afwu.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
67.202.105.33 , United States, ASN32748 (STEADFAST, US),
Reverse DNS
ip33.67-202-105.static.steadfastdns.net
Software
/
Resource Hash
93b1ad51b407f3b6f7a2e6e11b2eaa439e8d97e1f5b636242ff0f0ef0d21e27f

Request headers

accept-language
en-US,en;q=0.9
Referer
https://18qcq1.buzz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

p3p
CP="NOI DSP COR NID PSA PSD OUR IND UNI COM NAV INT DEM STA"
date
Tue, 07 Nov 2023 10:41:02 GMT
cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0, false
content-type
application/javascript
accept-ch
Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Model, Sec-CH-UA-Full-Version-List, Sec-CH-UA, Sec-CH-UA-Mobile
content-length
1014
expires
Sat, 26 Jul 1997 05:00:00 GMT
v2
de.tynt.com/deb/ 		1 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://de.tynt.com/deb/v2?id=wu!&dn=AFWU&cc=3&chmob=0&r=&pu=https%3A%2F%2F18qcq1.buzz%2F
Requested by
Host: cdn.tynt.com
URL: https://cdn.tynt.com/afwu.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
67.202.105.33 , United States, ASN32748 (STEADFAST, US),
Reverse DNS
ip33.67-202-105.static.steadfastdns.net
Software
/
Resource Hash
be8c1048d5d0d5f6fe7f0074298cad44b028d8f4a805109fe4927c11cb2cc86f

Request headers

accept-language
en-US,en;q=0.9
Referer
https://18qcq1.buzz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

p3p
CP="NOI DSP COR NID PSA PSD OUR IND UNI COM NAV INT DEM STA"
date
Tue, 07 Nov 2023 10:41:02 GMT
cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0, false
content-type
application/javascript
accept-ch
Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Model, Sec-CH-UA-Full-Version-List, Sec-CH-UA, Sec-CH-UA-Mobile
content-length
1163
expires
Sat, 26 Jul 1997 05:00:00 GMT
v2
de.tynt.com/deb/ 		1 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://de.tynt.com/deb/v2?id=wu!&dn=AFWU&cc=4&chmob=0&r=&pu=https%3A%2F%2F18qcq1.buzz%2F
Requested by
Host: cdn.tynt.com
URL: https://cdn.tynt.com/afwu.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
67.202.105.33 , United States, ASN32748 (STEADFAST, US),
Reverse DNS
ip33.67-202-105.static.steadfastdns.net
Software
/
Resource Hash
b4f943ec6d6456f73b0d90bfb85382ec02bc7922eb048127027eb0c828f24136

Request headers

accept-language
en-US,en;q=0.9
Referer
https://18qcq1.buzz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

p3p
CP="NOI DSP COR NID PSA PSD OUR IND UNI COM NAV INT DEM STA"
date
Tue, 07 Nov 2023 10:41:02 GMT
cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0, false
content-type
application/javascript
accept-ch
Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Model, Sec-CH-UA-Full-Version-List, Sec-CH-UA, Sec-CH-UA-Mobile
content-length
1312
expires
Sat, 26 Jul 1997 05:00:00 GMT
pixel
ps.eyeota.net/ 		0
344 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ps.eyeota.net/pixel?pid=gdomg51&t=gif&cat=&us_privacy=&random=1699353662561.1
Requested by
Host: 18qcq1.buzz
URL: https://18qcq1.buzz/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
3.230.62.22 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-230-62-22.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://18qcq1.buzz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

Date
Tue, 07 Nov 2023 10:41:03 GMT
Content-Length
0
P3P
CP="CURa ADMa DEVa TAIo PSAo PSDo OUR SAMo BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR", policyref="http://ps.eyeota.net/w3c/p3p.xml"
db_sync
px.ads.linkedin.com/
Redirect Chain
  • https://px.ads.linkedin.com/db_sync?pid=15927&puuid=CoIKSWVKFD4gTd3IBYgaAg%3D%3D&us_privacy=&_rand=1699353662561.2
  • https://px.ads.linkedin.com/db_sync?pid=15927&puuid=CoIKSWVKFD4gTd3IBYgaAg%3D%3D&us_privacy=&_rand=1699353662561.2&expected_cookie=f256ea2a-2433-4b08-88d0-cad74856f201
0
142 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://px.ads.linkedin.com/db_sync?pid=15927&puuid=CoIKSWVKFD4gTd3IBYgaAg%3D%3D&us_privacy=&_rand=1699353662561.2&expected_cookie=f256ea2a-2433-4b08-88d0-cad74856f201
Requested by
Host: 18qcq1.buzz
URL: https://18qcq1.buzz/
Protocol
H2
Server
2620:1ec:21::14 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://18qcq1.buzz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Tue, 07 Nov 2023 10:41:03 GMT
x-li-pop
afd-prod-lva1-x
x-msedge-ref
Ref A: EF6FF971FE714BB3BD1EF033C4D8E13A Ref B: MIAEDGE2119 Ref C: 2023-11-07T10:41:03Z
linkedin-action
1
x-cache
CONFIG_NOCACHE
x-li-fabric
prod-lva1
x-li-proto
http/2
content-length
0
x-li-uuid
AAYJjZt50mKm8LwB1TlrUA==

Redirect headers

date
Tue, 07 Nov 2023 10:41:02 GMT
x-li-pop
afd-prod-lva1-x
x-msedge-ref
Ref A: A29AE43C02D24EE894D6F18D9113E755 Ref B: MIAEDGE2119 Ref C: 2023-11-07T10:41:02Z
linkedin-action
1
x-cache
CONFIG_NOCACHE
x-li-fabric
prod-lva1
location
/db_sync?pid=15927&puuid=CoIKSWVKFD4gTd3IBYgaAg%3D%3D&us_privacy=&_rand=1699353662561.2&expected_cookie=f256ea2a-2433-4b08-88d0-cad74856f201
x-li-proto
http/2
content-length
0
x-li-uuid
AAYJjZtp1C9/r4WI5IvxMA==
generic
match.adsrvr.org/track/cmf/
Redirect Chain
  • https://map.go.affec.tv/map/3a/?pid=CoIKSWVKFD4gTd3IBYgaAg%3D%3D&us_privacy=&ts=1699353662561.3
  • https://secure.adnxs.com/getuid?https%3A%2F%2Fmap.go.affec.tv%2Fmap%2Fan%2F%24UID%3Fch%3D654a143f78685e0001979941%26chc%3Dtt%26redirect_url%3D%26gdpr%3D%26gdpr_consent%3D&gdpr=&gdpr_consent=
  • https://secure.adnxs.com/bounce?%2Fgetuid%3Fhttps%253A%252F%252Fmap.go.affec.tv%252Fmap%252Fan%252F%2524UID%253Fch%253D654a143f78685e0001979941%2526chc%253Dtt%2526redirect_url%253D%2526gdpr%253D%25...
  • https://map.go.affec.tv/map/an/4398132518819044083?ch=654a143f78685e0001979941&chc=tt&redirect_url=&gdpr=&gdpr_consent=&gdpr=&gdpr_consent=
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=mssm115&ttd_tpi=1&gdpr=&gdpr_consent=
70 B
148 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/generic?ttd_pid=mssm115&ttd_tpi=1&gdpr=&gdpr_consent=
Requested by
Host: 18qcq1.buzz
URL: https://18qcq1.buzz/
Protocol
H2
Server
52.223.40.198 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a6370ebea231e0c9a.awsglobalaccelerator.com
Software
Kestrel /
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://18qcq1.buzz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Tue, 07 Nov 2023 10:41:04 GMT
server
Kestrel
content-length
70
content-type
image/gif

Redirect headers

location
https://match.adsrvr.org/track/cmf/generic?ttd_pid=mssm115&ttd_tpi=1&gdpr=&gdpr_consent=
date
Tue, 07 Nov 2023 10:41:04 GMT
content-encoding
gzip
content-length
134
vary
Accept-Encoding
content-type
text/html; charset=utf-8
362358.gif
idsync.rlcdn.com/
Redirect Chain
  • https://live.rezync.com/sync/?c=4656c20ee35215f78e9273796625d90b&p=cab5a4722e64fa65aba8e60b6da5d556&pid=CoIKSWVKFD4gTd3IBYgaAg%3D%3D&pcat=&pdev=&pctry=US&referrer=https%3A%2F%2F18qcq1.buzz%2F&us_pr...
  • https://p.rfihub.com/cm?pub=39342&in=1&userid=fc8b7c5f-6c1e-4c1d-a7bc-a9d3271eb084%3A1699353663.7694445&forward=https%3A//idsync.rlcdn.com/501709.gif%3Fpartner_uid%3Dfc8b7c5f-6c1e-4c1d-a7bc-a9d3271...
  • https://live.rezync.com/pixel?c=bd8618c307ae9885a12561b7191e2cea&cid=968907271881008915&referrer={encSite}&forward=https%3A%2F%2Fidsync.rlcdn.com%2F501709.gif%3Fpartner_uid%3Dfc8b7c5f-6c1e-4c1d-a7b...
  • https://idsync.rlcdn.com/501709.gif?partner_uid=fc8b7c5f-6c1e-4c1d-a7bc-a9d3271eb084%3A1699353663.7694445&_=1699353663.773328
  • https://cm.g.doubleclick.net/pixel?google_nid=epsilon&google_cm
  • https://idsync.rlcdn.com/362358.gif?google_gid=CAESEKnWGm5xoj3rD7gVTQ7YyQM&google_cver=1
42 B
60 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://idsync.rlcdn.com/362358.gif?google_gid=CAESEKnWGm5xoj3rD7gVTQ7YyQM&google_cver=1
Requested by
Host: 18qcq1.buzz
URL: https://18qcq1.buzz/
Protocol
H3
Server
35.190.60.146 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
146.60.190.35.bc.googleusercontent.com
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-US,en;q=0.9
Referer
https://18qcq1.buzz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Tue, 07 Nov 2023 10:41:04 GMT
via
1.1 google
content-type
image/gif
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
cache-control
no-cache, no-store
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42

Redirect headers

pragma
no-cache
date
Tue, 07 Nov 2023 10:41:04 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://idsync.rlcdn.com/362358.gif?google_gid=CAESEKnWGm5xoj3rD7gVTQ7YyQM&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
289
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
generic
match.adsrvr.org/track/cmf/
Redirect Chain
  • https://pixel.tapad.com/idsync/ex/receive?partner_id=1388&partner_device_id=CoIKSWVKFD4gTd3IBYgaAg%3D%3D&us_privacy=&random=1699353662561.5&redirect=https%3A%2F%2Fthinkcxad.azurewebsites.net%2Fapi%...
  • https://pixel.tapad.com/idsync/ex/receive/check?partner_id=1388&partner_device_id=CoIKSWVKFD4gTd3IBYgaAg%3D%3D&us_privacy=&random=1699353662561.5&redirect=https%3A%2F%2Fthinkcxad.azurewebsites.net%...
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=tapad&ttd_tpi=1&ttd_puid=ef1055ed-0087-4bb8-a2c8-43cff488ba67%252Chttps%25253A%25252F%25252Fusermatch.krxd.net%25252Fum%25252Fv2%25253Fpartner%252...
70 B
148 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/generic?ttd_pid=tapad&ttd_tpi=1&ttd_puid=ef1055ed-0087-4bb8-a2c8-43cff488ba67%252Chttps%25253A%25252F%25252Fusermatch.krxd.net%25252Fum%25252Fv2%25253Fpartner%25253Dtapad%252C&gdpr=0&gdpr_consent=
Requested by
Host: 18qcq1.buzz
URL: https://18qcq1.buzz/
Protocol
H2
Server
52.223.40.198 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a6370ebea231e0c9a.awsglobalaccelerator.com
Software
Kestrel /
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://18qcq1.buzz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Tue, 07 Nov 2023 10:41:03 GMT
server
Kestrel
content-length
70
content-type
image/gif

Redirect headers

date
Tue, 07 Nov 2023 10:41:02 GMT
strict-transport-security
max-age=31536000
via
1.1 google
accept-ch
Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
Jetty(11.0.13)
p3p
policyref="http://tapad-taptags.s3.amazonaws.com/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
access-control-allow-origin
*
location
https://match.adsrvr.org/track/cmf/generic?ttd_pid=tapad&ttd_tpi=1&ttd_puid=ef1055ed-0087-4bb8-a2c8-43cff488ba67%252Chttps%25253A%25252F%25252Fusermatch.krxd.net%25252Fum%25252Fv2%25253Fpartner%25253Dtapad%252C&gdpr=0&gdpr_consent=
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
405716.gif
idsync.rlcdn.com/
Redirect Chain
  • https://dp2.33across.com/ps/?pid=1205&rand=1699353662561.6
  • https://idsync.rlcdn.com/405716.gif?partner_uid=212336650252233
0
42 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://idsync.rlcdn.com/405716.gif?partner_uid=212336650252233
Requested by
Host: 18qcq1.buzz
URL: https://18qcq1.buzz/
Protocol
H2
Server
35.190.60.146 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
146.60.190.35.bc.googleusercontent.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://18qcq1.buzz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Tue, 07 Nov 2023 10:41:03 GMT
via
1.1 google
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0

Redirect headers

pragma
no-cache
date
Tue, 07 Nov 2023 10:41:02 GMT
referrer-policy
unsafe-url
server
33XP010
x-33x-status
4000000000004000C
p3p
CP="NOI DSP COR NID PSA PSD OUR IND UNI COM NAV INT DEM STA"
location
https://idsync.rlcdn.com/405716.gif?partner_uid=212336650252233
cache-control
no-store, no-cache, must-revalidate
content-length
0
expires
Thu, 01-Jan-70 00:00:01 GMT
bounce
secure.adnxs.com/
Redirect Chain
  • https://dp1.33across.com/ps/?pid=669&uid=CoIKSWVKFD4gTd3IBYgaAg%3D%3D&us_privacy=&random=1699353662561.7&pu=https%3A%2F%2F18qcq1.buzz%2F
  • https://secure.adnxs.com/mapuid?t=2&member=1001&user=212336642437333&seg_code=33x&random=1699353663
  • https://secure.adnxs.com/bounce?%2Fmapuid%3Ft%3D2%26member%3D1001%26user%3D212336642437333%26seg_code%3D33x%26random%3D1699353663
43 B
840 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://secure.adnxs.com/bounce?%2Fmapuid%3Ft%3D2%26member%3D1001%26user%3D212336642437333%26seg_code%3D33x%26random%3D1699353663
Requested by
Host: 18qcq1.buzz
URL: https://18qcq1.buzz/
Protocol
H2
Server
68.67.179.87 North Bergen, United States, ASN29990 (ASN-APPNEX, US),
Reverse DNS
585.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://18qcq1.buzz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 07 Nov 2023 10:41:04 GMT
an-x-request-uuid
10341de9-9727-4385-891f-6dd4ba97e98e
server
nginx/1.21.3
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
image/gif
access-control-allow-origin
*
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
x-proxy-origin
38.132.118.74; 38.132.118.74; 585.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
content-length
43
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

pragma
no-cache
date
Tue, 07 Nov 2023 10:41:04 GMT
an-x-request-uuid
453654d1-540c-4186-bd7b-8be1c621e274
server
nginx/1.21.3
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
text/html; charset=utf-8
location
https://secure.adnxs.com/bounce?%2Fmapuid%3Ft%3D2%26member%3D1001%26user%3D212336642437333%26seg_code%3D33x%26random%3D1699353663
cache-control
no-store, no-cache, private
x-proxy-origin
38.132.118.74; 38.132.118.74; 585.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
content-length
0
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
t_.htm
t.sharethis.com/a/ Frame D757 		2 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://t.sharethis.com/a/t_.htm?ver=1.1258.23363&cid=c010&cls=C
Requested by
Host: t.sharethis.com
URL: https://t.sharethis.com/1/d/t.dhj?cid=c010&cls=C&rnd=0.027554700072220495&stid=ZHEAA2VKFD4AAAAIIkdgAw%3D%3D
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.12.145.135 Ashburn, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a23-12-145-135.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
ec73870a124df2d105249652c84da8f949bf73bcd5ca8ad6deca84b4fbd2e9d0
Security Headers
Name Value
Strict-Transport-Security max-age=2628000 ; includeSubDomains

Request headers

Referer
https://18qcq1.buzz/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

Cache-Control
max-age=604800
Connection
keep-alive
Content-Encoding
gzip
Content-Length
1160
Content-Type
text/html
Date
Tue, 07 Nov 2023 10:41:02 GMT
Expires
Tue, 14 Nov 2023 10:41:02 GMT
Strict-Transport-Security
max-age=2628000 ; includeSubDomains
X-Robots-Tag
noindex, nofollow
t_.htm
t.sharethis.com/a/ Frame 4009 		2 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://t.sharethis.com/a/t_.htm?ver=1.1258.23363&cid=c010&cls=C
Requested by
Host: t.sharethis.com
URL: https://t.sharethis.com/1/d/t.dhj?cid=c010&cls=C&rnd=0.6444427966063944&stid=ZHEAA2VKFD4AAAAIIkdgAw%3D%3D
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.12.145.135 Ashburn, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a23-12-145-135.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
ec73870a124df2d105249652c84da8f949bf73bcd5ca8ad6deca84b4fbd2e9d0
Security Headers
Name Value
Strict-Transport-Security max-age=2628000 ; includeSubDomains

Request headers

Referer
https://18qcq1.buzz/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

Cache-Control
max-age=604800
Connection
keep-alive
Content-Encoding
gzip
Content-Length
1160
Content-Type
text/html
Date
Tue, 07 Nov 2023 10:41:02 GMT
Expires
Tue, 14 Nov 2023 10:41:02 GMT
Strict-Transport-Security
max-age=2628000 ; includeSubDomains
X-Robots-Tag
noindex, nofollow
t_.htm
t.sharethis.com/a/ Frame E863 		2 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://t.sharethis.com/a/t_.htm?ver=1.1258.23363&cid=c010&cls=C
Requested by
Host: t.sharethis.com
URL: https://t.sharethis.com/1/d/t.dhj?cid=c010&cls=C&rnd=0.6369978193651706&stid=ZHEAA2VKFD4AAAAIIkdgAw%3D%3D
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.12.145.135 Ashburn, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a23-12-145-135.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
ec73870a124df2d105249652c84da8f949bf73bcd5ca8ad6deca84b4fbd2e9d0
Security Headers
Name Value
Strict-Transport-Security max-age=2628000 ; includeSubDomains

Request headers

Referer
https://18qcq1.buzz/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

Cache-Control
max-age=604800
Connection
keep-alive
Content-Encoding
gzip
Content-Length
1160
Content-Type
text/html
Date
Tue, 07 Nov 2023 10:41:02 GMT
Expires
Tue, 14 Nov 2023 10:41:02 GMT
Strict-Transport-Security
max-age=2628000 ; includeSubDomains
X-Robots-Tag
noindex, nofollow
27519
tags.bluekai.com/site/ Frame 5C43
Redirect Chain
  • https://dp2.33across.com/ps/?tt=iframe&pid=1198&us_privacy=&random=1699353662590.1
  • https://tags.bluekai.com/site/27519?id=212335593757218&ret=html&random=1699353663
71 B
553 B 		Document
General
Check archive.org
Download Go to
Full URL
https://tags.bluekai.com/site/27519?id=212335593757218&ret=html&random=1699353663
Requested by
Host: de.tynt.com
URL: https://de.tynt.com/deb/v2?id=wu!&dn=AFWU&cc=2&chmob=0&r=&pu=https%3A%2F%2F18qcq1.buzz%2F
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.219.12.236 Ashburn, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-219-12-236.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
53350525edba0b889e87ea52a16ed843a928a2557e9f8d6747acd7ff991c95c3

Request headers

Referer
https://18qcq1.buzz/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

bk-server
41a8
content-length
71
content-type
text/html
date
Tue, 07 Nov 2023 10:41:03 GMT
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV", policyref="http://tags.bluekai.com/w3c/p3p.xml"

Redirect headers

cache-control
no-store, no-cache, must-revalidate
content-length
0
date
Tue, 07 Nov 2023 10:41:03 GMT
expires
Thu, 01-Jan-70 00:00:01 GMT
location
https://tags.bluekai.com/site/27519?id=212335593757218&ret=html&random=1699353663
p3p
CP="NOI DSP COR NID PSA PSD OUR IND UNI COM NAV INT DEM STA"
pragma
no-cache
referrer-policy
unsafe-url
server
33XP013
x-33x-status
400000000040080C
lotame-sync.html
cdn-tc.33across.com/ Frame E567 		343 B
459 B 		Document
General
Check archive.org
Download Go to
Full URL
https://cdn-tc.33across.com/lotame-sync.html
Requested by
Host: de.tynt.com
URL: https://de.tynt.com/deb/v2?id=wu!&dn=AFWU&cc=2&chmob=0&r=&pu=https%3A%2F%2F18qcq1.buzz%2F
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.35.167 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
70170e469d8d05527acab7e3335c6fe91e2966ddbb6e9ea6211260b8f717d120

Request headers

Referer
https://18qcq1.buzz/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

age
174599
cache-control
public, max-age=259200
cf-cache-status
HIT
cf-ray
8224f627f865da77-MIA
content-encoding
gzip
content-type
text/html
date
Tue, 07 Nov 2023 10:41:02 GMT
etag
W/"651ed192-157"
expires
Fri, 10 Nov 2023 10:41:02 GMT
last-modified
Thu, 05 Oct 2023 15:09:06 GMT
server
cloudflare
vary
Accept-Encoding
bk_sync.xgi
x.dlx.addthis.com/e/
Redirect Chain
  • https://e.dlx.addthis.com/e/a-1549/s-3261?guid=wu%21&33random=1699353662590.2
  • https://e.dlx.addthis.com/e/a-1549/s-3261?guid=wu%21&33random=1699353662590.2&rd=Y
  • https://stags.bluekai.com/site/1407?partner=1&uhint=na_id=2023110710410300010809088645&redir=https%3A%2F%2Fx.dlx.addthis.com%2Fe%2Fbk_sync.xgi%3Fna_exid%3D%24_BK_UUID
  • https://x.dlx.addthis.com/e/bk_sync.xgi?na_exid=AK4mvQOr99O9WDok
43 B
595 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://x.dlx.addthis.com/e/bk_sync.xgi?na_exid=AK4mvQOr99O9WDok
Requested by
Host: 18qcq1.buzz
URL: https://18qcq1.buzz/
Protocol
H2
Server
23.219.12.236 Ashburn, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-219-12-236.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
Security Headers
Name Value
Strict-Transport-Security max-age=2628000

Request headers

accept-language
en-US,en;q=0.9
Referer
https://18qcq1.buzz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

expires
Tue, 07 Nov 2023 10:41:04 GMT
pragma
no-cache
date
Tue, 07 Nov 2023 10:41:04 GMT
cache-control
max-age=0, no-cache, no-store
strict-transport-security
max-age=2628000
content-length
43
content-type
image/gif

Redirect headers

location
https://x.dlx.addthis.com/e/bk_sync.xgi?na_exid=AK4mvQOr99O9WDok
date
Tue, 07 Nov 2023 10:41:04 GMT
content-length
0
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV", policyref="http://tags.bluekai.com/w3c/p3p.xml"
/
d.agkn.com/pixel/6644/
Redirect Chain
  • https://aa.agkn.com/adscores/rem.pixel?sid=9112301738&us_privacy=&33random=1699353662590.3
  • https://d.agkn.com/pixel/6644/?che=1699353663936&sk=214950604693005264532
43 B
570 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d.agkn.com/pixel/6644/?che=1699353663936&sk=214950604693005264532
Requested by
Host: 18qcq1.buzz
URL: https://18qcq1.buzz/
Protocol
H2
Server
2600:9000:24f3:8200:19:fc2c:a140:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language
en-US,en;q=0.9
Referer
https://18qcq1.buzz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 07 Nov 2023 10:41:03 GMT
via
1.1 e14296585c8339d0a32f7c1d34fc00f2.cloudfront.net (CloudFront)
x-amz-cf-pop
IAD55-P2
x-cache
Miss from cloudfront
p3p
CP="NOI DSP COR CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
content-type
image/gif
cache-control
no-cache, must-revalidate
content-length
43
x-amz-cf-id
3Sj3WO00-kl89sBybDurhiR8P_CFy10Sjd6LUlvLPNoJLa906Sl2WA==
expires
Sat, 01 Jan 2000 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Tue, 07 Nov 2023 10:41:03 GMT
via
1.1 6b8cdd1ce925ccd88cc918dd35811d06.cloudfront.net (CloudFront)
server
AAWebServer
x-amz-cf-pop
IAD89-C1
access-control-allow-methods
GET, POST, OPTIONS
p3p
policyref="https://www.agkn.com/p3p/p3p.xml",CP="NOI NID"
location
https://d.agkn.com/pixel/6644/?che=1699353663936&sk=214950604693005264532
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
x-cache
Miss from cloudfront
access-control-allow-headers
accept, cache-control, origin, x-requested-with, x-file-name, content-type
x-amz-cf-id
oRIRoaqUL2jIraST7KsX107AwnqsQaUDi-jQOEhBiWUi1vJXXGb6pQ==
expires
0
dpx
i.simpli.fi/ 		95 B
555 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i.simpli.fi/dpx?cid=11411&us_privacy=&33random=1699353662590.4&ref=
Requested by
Host: 18qcq1.buzz
URL: https://18qcq1.buzz/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
34.86.70.109 Washington, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
109.70.86.34.bc.googleusercontent.com
Software
openresty /
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

accept-language
en-US,en;q=0.9
Referer
https://18qcq1.buzz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 07 Nov 2023 10:41:03 GMT
server
openresty
content-type
image/png; charset=utf-8
cache-control
max-age=0, private, must-revalidate, max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-length
95
x-request-id
F5VRJ190USBJSTXB-kyH
expires
Thu, 01 Jan 1970 00:00:00 GMT
hbpix
idpix.media6degrees.com/orbserv/ 		43 B
577 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://idpix.media6degrees.com/orbserv/hbpix?pixId=46305&pcv=58&ptid=96&tpuv=01&tpu=CoIKSWVKFD4gTd3IBYgaAg%3D%3D&us_privacy=
Requested by
Host: 18qcq1.buzz
URL: https://18qcq1.buzz/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2606:4700:4400::ac40:97ee , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-US,en;q=0.9
Referer
https://18qcq1.buzz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 07 Nov 2023 10:41:04 GMT
cf-cache-status
DYNAMIC
server
cloudflare
content-type
image/gif
p3p
CP="COM NAV INT STA NID OUR IND NOI"
cache-control
no-cache
cf-ray
8224f62fb9d45c5f-MIA
content-length
43
pixel
ps.eyeota.net/ 		0
344 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ps.eyeota.net/pixel?pid=gdomg51&t=gif&cat=&us_privacy=&random=1699353662599.1
Requested by
Host: 18qcq1.buzz
URL: https://18qcq1.buzz/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
3.230.62.22 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-230-62-22.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://18qcq1.buzz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

Date
Tue, 07 Nov 2023 10:41:03 GMT
Content-Length
0
P3P
CP="CURa ADMa DEVa TAIo PSAo PSDo OUR SAMo BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR", policyref="http://ps.eyeota.net/w3c/p3p.xml"
52154.gif
idsync.rlcdn.com/
Redirect Chain
  • https://live.rezync.com/sync/?c=4656c20ee35215f78e9273796625d90b&p=cab5a4722e64fa65aba8e60b6da5d556&pid=CoIKSWVKFD4gTd3IBYgaAg%3D%3D&pcat=&pdev=&pctry=US&referrer=https%3A%2F%2F18qcq1.buzz%2F&us_pr...
  • https://p.rfihub.com/cm?pub=39342&in=1&userid=fc8b7c5f-6c1e-4c1d-a7bc-a9d3271eb084%3A1699353663.7694445&forward=https%3A//idsync.rlcdn.com/501709.gif%3Fpartner_uid%3Dfc8b7c5f-6c1e-4c1d-a7bc-a9d3271...
  • https://live.rezync.com/pixel?c=bd8618c307ae9885a12561b7191e2cea&cid=978477420440505134&referrer={encSite}&forward=https%3A%2F%2Fidsync.rlcdn.com%2F501709.gif%3Fpartner_uid%3Dfc8b7c5f-6c1e-4c1d-a7b...
  • https://idsync.rlcdn.com/501709.gif?partner_uid=fc8b7c5f-6c1e-4c1d-a7bc-a9d3271eb084%3A1699353663.7694445&_=1699353663.949641
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fidsync.rlcdn.com%2F52154.gif%3Fserved_by%3Devergreen%26partner_uid%3D%24UID
  • https://idsync.rlcdn.com/52154.gif?served_by=evergreen&partner_uid=3119322924083082920
42 B
60 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://idsync.rlcdn.com/52154.gif?served_by=evergreen&partner_uid=3119322924083082920
Requested by
Host: 18qcq1.buzz
URL: https://18qcq1.buzz/
Protocol
H3
Server
35.190.60.146 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
146.60.190.35.bc.googleusercontent.com
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-US,en;q=0.9
Referer
https://18qcq1.buzz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Tue, 07 Nov 2023 10:41:04 GMT
via
1.1 google
content-type
image/gif
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
cache-control
no-cache, no-store
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42

Redirect headers

pragma
no-cache
date
Tue, 07 Nov 2023 10:41:04 GMT
an-x-request-uuid
051a6def-3ebb-4dc3-9af8-95001c5fca9e
server
nginx/1.21.3
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
text/html; charset=utf-8
access-control-allow-origin
*
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
location
https://idsync.rlcdn.com/52154.gif?served_by=evergreen&partner_uid=3119322924083082920
x-proxy-origin
38.132.118.74; 38.132.118.74; 585.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
content-length
0
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
bk_sync.xgi
x.dlx.addthis.com/e/
Redirect Chain
  • https://e.dlx.addthis.com/e/a-1549/s-3261?guid=wu%21&33random=1699353662599.3
  • https://stags.bluekai.com/site/1407?partner=1&uhint=na_id=2023110710410300013526677156&redir=https%3A%2F%2Fx.dlx.addthis.com%2Fe%2Fbk_sync.xgi%3Fna_exid%3D%24_BK_UUID
  • https://x.dlx.addthis.com/e/bk_sync.xgi?na_exid=AK4mvQOr99O9WDok
43 B
595 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://x.dlx.addthis.com/e/bk_sync.xgi?na_exid=AK4mvQOr99O9WDok
Requested by
Host: 18qcq1.buzz
URL: https://18qcq1.buzz/
Protocol
H2
Server
23.219.12.236 Ashburn, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-219-12-236.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
Security Headers
Name Value
Strict-Transport-Security max-age=2628000

Request headers

accept-language
en-US,en;q=0.9
Referer
https://18qcq1.buzz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

expires
Tue, 07 Nov 2023 10:41:04 GMT
pragma
no-cache
date
Tue, 07 Nov 2023 10:41:04 GMT
cache-control
max-age=0, no-cache, no-store
strict-transport-security
max-age=2628000
content-length
43
content-type
image/gif

Redirect headers

location
https://x.dlx.addthis.com/e/bk_sync.xgi?na_exid=AK4mvQOr99O9WDok
date
Tue, 07 Nov 2023 10:41:04 GMT
content-length
0
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV", policyref="http://tags.bluekai.com/w3c/p3p.xml"
/
d.agkn.com/pixel/6644/
Redirect Chain
  • https://aa.agkn.com/adscores/rem.pixel?sid=9112301738&us_privacy=&33random=1699353662599.4
  • https://d.agkn.com/pixel/6644/?che=1699353663934&sk=212530604693005262141
43 B
570 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d.agkn.com/pixel/6644/?che=1699353663934&sk=212530604693005262141
Requested by
Host: 18qcq1.buzz
URL: https://18qcq1.buzz/
Protocol
H2
Server
2600:9000:24f3:8200:19:fc2c:a140:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language
en-US,en;q=0.9
Referer
https://18qcq1.buzz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 07 Nov 2023 10:41:04 GMT
via
1.1 e14296585c8339d0a32f7c1d34fc00f2.cloudfront.net (CloudFront)
x-amz-cf-pop
IAD55-P2
x-cache
Miss from cloudfront
p3p
CP="NOI DSP COR CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
content-type
image/gif
cache-control
no-cache, must-revalidate
content-length
43
x-amz-cf-id
S4JBknUVtr41CIS2wsXeVfcJ7-g-WN04JC-2QnvEhPomczidhu_R7Q==
expires
Sat, 01 Jan 2000 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Tue, 07 Nov 2023 10:41:03 GMT
via
1.1 6b8cdd1ce925ccd88cc918dd35811d06.cloudfront.net (CloudFront)
server
AAWebServer
x-amz-cf-pop
IAD89-C1
access-control-allow-methods
GET, POST, OPTIONS
p3p
policyref="https://www.agkn.com/p3p/p3p.xml",CP="NOI NID"
location
https://d.agkn.com/pixel/6644/?che=1699353663934&sk=212530604693005262141
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
x-cache
Miss from cloudfront
access-control-allow-headers
accept, cache-control, origin, x-requested-with, x-file-name, content-type
x-amz-cf-id
3LdBaBCqXXRMlrXyjlBiLMsm7ueFRiug5FeUwtekicoaSgMgFfw3_Q==
expires
0
dpx
i.simpli.fi/ 		95 B
552 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i.simpli.fi/dpx?cid=11411&us_privacy=&33random=1699353662599.5&ref=
Requested by
Host: 18qcq1.buzz
URL: https://18qcq1.buzz/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
34.86.70.109 Washington, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
109.70.86.34.bc.googleusercontent.com
Software
openresty /
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

accept-language
en-US,en;q=0.9
Referer
https://18qcq1.buzz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 07 Nov 2023 10:41:03 GMT
server
openresty
content-type
image/png; charset=utf-8
cache-control
max-age=0, private, must-revalidate, max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-length
95
x-request-id
F5VRJ2CzGrSLfhvnlYLB
expires
Thu, 01 Jan 1970 00:00:00 GMT
pixel
ps.eyeota.net/ 		0
344 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ps.eyeota.net/pixel?pid=gdomg51&t=gif&cat=&us_privacy=&random=1699353662599.6
Requested by
Host: 18qcq1.buzz
URL: https://18qcq1.buzz/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
3.230.62.22 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-230-62-22.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://18qcq1.buzz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

Date
Tue, 07 Nov 2023 10:41:03 GMT
Content-Length
0
P3P
CP="CURa ADMa DEVa TAIo PSAo PSDo OUR SAMo BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR", policyref="http://ps.eyeota.net/w3c/p3p.xml"
480429.gif
idsync.rlcdn.com/
Redirect Chain
  • https://live.rezync.com/sync/?c=4656c20ee35215f78e9273796625d90b&p=cab5a4722e64fa65aba8e60b6da5d556&pid=CoIKSWVKFD4gTd3IBYgaAg%3D%3D&pcat=&pdev=&pctry=US&referrer=https%3A%2F%2F18qcq1.buzz%2F&us_pr...
  • https://p.rfihub.com/cm?pub=39342&in=1&userid=fc8b7c5f-6c1e-4c1d-a7bc-a9d3271eb084%3A1699353663.7694445&forward=https%3A//idsync.rlcdn.com/501709.gif%3Fpartner_uid%3Dfc8b7c5f-6c1e-4c1d-a7bc-a9d3271...
  • https://live.rezync.com/pixel?c=bd8618c307ae9885a12561b7191e2cea&cid=978477420440505142&referrer={encSite}&forward=https%3A%2F%2Fidsync.rlcdn.com%2F501709.gif%3Fpartner_uid%3Dfc8b7c5f-6c1e-4c1d-a7b...
  • https://idsync.rlcdn.com/501709.gif?partner_uid=fc8b7c5f-6c1e-4c1d-a7bc-a9d3271eb084%3A1699353663.7694445&_=1699353664.0634372
  • https://cookie-matching.mediarithmics.com/v1/get_user_agent_id?dom_token=lvr18
  • https://cookie-matching.mediarithmics.com/v1/get_or_create?domid=1052
  • https://cm.g.doubleclick.net/pixel?google_nid=medr&google_cm&key=GOO&action=GET_ID&opid=goo&etid=&domid=1052&ops=apx
  • https://cookie-matching.mediarithmics.com/input?key=GOO&key=GOO&action=GET_ID&opid=goo&etid=&domid=1052&ops=apx&google_gid=CAESEI7G-JY_oi7V9kOrp3NH53w&google_cver=1
  • https://ib.adnxs.com/getuid?https://cookie-matching.mediarithmics.com/input?key=APX&apx_uid=$UID&opid=apx&ops=&utidl=tech:goo:CAESEI7G-JY_oi7V9kOrp3NH53w&action=GET_ID&etid=&domid=1052
  • https://cookie-matching.mediarithmics.com/input?key=APX&apx_uid=3119322924083082920&opid=apx&ops=&utidl=tech:goo:CAESEI7G-JY_oi7V9kOrp3NH53w&action=GET_ID&etid=&domid=1052
  • https://idsync.rlcdn.com/480429.gif?partner_uid=vec%3A53045019378
42 B
60 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://idsync.rlcdn.com/480429.gif?partner_uid=vec%3A53045019378
Requested by
Host: 18qcq1.buzz
URL: https://18qcq1.buzz/
Protocol
H3
Server
35.190.60.146 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
146.60.190.35.bc.googleusercontent.com
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-US,en;q=0.9
Referer
https://18qcq1.buzz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Tue, 07 Nov 2023 10:41:05 GMT
via
1.1 google
content-type
image/gif
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
cache-control
no-cache, no-store
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42

Redirect headers

location
https://idsync.rlcdn.com/480429.gif?partner_uid=vec%3A53045019378
date
Tue, 07 Nov 2023 10:41:05 GMT
strict-transport-security
max-age=63072000;includeSubDomains;preload
content-length
0
bk_sync.xgi
x.dlx.addthis.com/e/
Redirect Chain
  • https://e.dlx.addthis.com/e/a-1549/s-3261?guid=wu%21&33random=1699353662618.2
  • https://stags.bluekai.com/site/1407?partner=1&uhint=na_id=2023110710410400017298794034&redir=https%3A%2F%2Fx.dlx.addthis.com%2Fe%2Fbk_sync.xgi%3Fna_exid%3D%24_BK_UUID
  • https://x.dlx.addthis.com/e/bk_sync.xgi?na_exid=AK4mvQOr99O9WDok
43 B
595 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://x.dlx.addthis.com/e/bk_sync.xgi?na_exid=AK4mvQOr99O9WDok
Requested by
Host: 18qcq1.buzz
URL: https://18qcq1.buzz/
Protocol
H2
Server
23.219.12.236 Ashburn, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-219-12-236.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
Security Headers
Name Value
Strict-Transport-Security max-age=2628000

Request headers

accept-language
en-US,en;q=0.9
Referer
https://18qcq1.buzz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

expires
Tue, 07 Nov 2023 10:41:04 GMT
pragma
no-cache
date
Tue, 07 Nov 2023 10:41:04 GMT
cache-control
max-age=0, no-cache, no-store
strict-transport-security
max-age=2628000
content-length
43
content-type
image/gif

Redirect headers

location
https://x.dlx.addthis.com/e/bk_sync.xgi?na_exid=AK4mvQOr99O9WDok
date
Tue, 07 Nov 2023 10:41:04 GMT
content-length
0
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV", policyref="http://tags.bluekai.com/w3c/p3p.xml"
/
d.agkn.com/pixel/6644/
Redirect Chain
  • https://aa.agkn.com/adscores/rem.pixel?sid=9112301738&us_privacy=&33random=1699353662618.3
  • https://d.agkn.com/pixel/6644/?che=1699353663971&sk=214340604693005261028
43 B
570 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d.agkn.com/pixel/6644/?che=1699353663971&sk=214340604693005261028
Requested by
Host: 18qcq1.buzz
URL: https://18qcq1.buzz/
Protocol
H2
Server
2600:9000:24f3:8200:19:fc2c:a140:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language
en-US,en;q=0.9
Referer
https://18qcq1.buzz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 07 Nov 2023 10:41:03 GMT
via
1.1 e14296585c8339d0a32f7c1d34fc00f2.cloudfront.net (CloudFront)
x-amz-cf-pop
IAD55-P2
x-cache
Miss from cloudfront
p3p
CP="NOI DSP COR CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
content-type
image/gif
cache-control
no-cache, must-revalidate
content-length
43
x-amz-cf-id
r22p5bAIsQC41ZKsrhWHeEx0bKjRH5A5D27JVhFtWpuj_t8tBaqQ9A==
expires
Sat, 01 Jan 2000 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Tue, 07 Nov 2023 10:41:03 GMT
via
1.1 6b8cdd1ce925ccd88cc918dd35811d06.cloudfront.net (CloudFront)
server
AAWebServer
x-amz-cf-pop
IAD89-C1
access-control-allow-methods
GET, POST, OPTIONS
p3p
policyref="https://www.agkn.com/p3p/p3p.xml",CP="NOI NID"
location
https://d.agkn.com/pixel/6644/?che=1699353663971&sk=214340604693005261028
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
x-cache
Miss from cloudfront
access-control-allow-headers
accept, cache-control, origin, x-requested-with, x-file-name, content-type
x-amz-cf-id
jElI_yrW-i-YV_NrAdOLkM8vQs3PTQMvqorM0St1p9d9wqk9WI1ObA==
expires
0
pixel
ps.eyeota.net/ 		0
344 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ps.eyeota.net/pixel?pid=gdomg51&t=gif&cat=&us_privacy=&random=1699353662618.4
Requested by
Host: 18qcq1.buzz
URL: https://18qcq1.buzz/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
3.230.62.22 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-230-62-22.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://18qcq1.buzz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

Date
Tue, 07 Nov 2023 10:41:04 GMT
Content-Length
0
P3P
CP="CURa ADMa DEVa TAIo PSAo PSDo OUR SAMo BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR", policyref="http://ps.eyeota.net/w3c/p3p.xml"
dispatch.fcgi
wam.solution.weborama.fr/fcgi-bin/
Redirect Chain
  • https://live.rezync.com/sync/?c=4656c20ee35215f78e9273796625d90b&p=cab5a4722e64fa65aba8e60b6da5d556&pid=CoIKSWVKFD4gTd3IBYgaAg%3D%3D&pcat=&pdev=&pctry=US&referrer=https%3A%2F%2F18qcq1.buzz%2F&us_pr...
  • https://p.rfihub.com/cm?pub=39342&in=1&userid=fc8b7c5f-6c1e-4c1d-a7bc-a9d3271eb084%3A1699353663.7694445&forward=https%3A//idsync.rlcdn.com/501709.gif%3Fpartner_uid%3Dfc8b7c5f-6c1e-4c1d-a7bc-a9d3271...
  • https://live.rezync.com/pixel?c=bd8618c307ae9885a12561b7191e2cea&cid=968907271881008915&referrer={encSite}&forward=https%3A%2F%2Fidsync.rlcdn.com%2F501709.gif%3Fpartner_uid%3Dfc8b7c5f-6c1e-4c1d-a7b...
  • https://idsync.rlcdn.com/501709.gif?partner_uid=fc8b7c5f-6c1e-4c1d-a7bc-a9d3271eb084%3A1699353663.7694445&_=1699353664.0941865
  • https://wam.solution.weborama.fr/fcgi-bin/dispatch.fcgi?d.A=rd&d.k=acxiom_id&d.u=https://idsync.rlcdn.com/401726.gif?partner_uid={WEBO_CID}
  • https://wam.solution.weborama.fr/fcgi-bin/dispatch.fcgi?g.bo=OK&g.rn=124835&d.A=rd&d.k=acxiom_id&d.u=https://idsync.rlcdn.com/401726.gif?partner_uid={WEBO_CID}
0
0
googlegdn_sync
x.dlx.addthis.com/e/
Redirect Chain
  • https://e.dlx.addthis.com/e/a-1549/s-3261?guid=wu%21&33random=1699353662618.6
  • https://cm.g.doubleclick.net/pixel?google_nid=datalogix_dmp&google_cm&google_hm=MjAyMzExMDcxMDQxMDMwMDAxMDgwOTA4ODY0NQ%3D%3D
  • https://x.dlx.addthis.com/e/googlegdn_sync?na_exid=CAESEBus7u6uXOn78HIWFxz4qWs&google_cver=1
43 B
182 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://x.dlx.addthis.com/e/googlegdn_sync?na_exid=CAESEBus7u6uXOn78HIWFxz4qWs&google_cver=1
Requested by
Host: 18qcq1.buzz
URL: https://18qcq1.buzz/
Protocol
H2
Server
23.219.12.236 Ashburn, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-219-12-236.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
Security Headers
Name Value
Strict-Transport-Security max-age=2628000

Request headers

accept-language
en-US,en;q=0.9
Referer
https://18qcq1.buzz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

expires
Tue, 07 Nov 2023 10:41:04 GMT
pragma
no-cache
date
Tue, 07 Nov 2023 10:41:04 GMT
cache-control
max-age=0, no-cache, no-store
strict-transport-security
max-age=2628000
content-length
43
content-type
image/gif

Redirect headers

pragma
no-cache
date
Tue, 07 Nov 2023 10:41:04 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://x.dlx.addthis.com/e/googlegdn_sync?na_exid=CAESEBus7u6uXOn78HIWFxz4qWs&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
293
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
t_.htm
t.sharethis.com/a/ Frame 595C 		2 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://t.sharethis.com/a/t_.htm?ver=1.1258.23363&cid=c010&cls=C
Requested by
Host: t.sharethis.com
URL: https://t.sharethis.com/1/d/t.dhj?cid=c010&cls=C&rnd=0.872590761883441&stid=ZHEAA2VKFD4AAAAIIkdgAw%3D%3D
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.12.145.135 Ashburn, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a23-12-145-135.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
ec73870a124df2d105249652c84da8f949bf73bcd5ca8ad6deca84b4fbd2e9d0
Security Headers
Name Value
Strict-Transport-Security max-age=2628000 ; includeSubDomains

Request headers

Referer
https://18qcq1.buzz/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

Cache-Control
max-age=604800
Connection
keep-alive
Content-Encoding
gzip
Content-Length
1160
Content-Type
text/html
Date
Tue, 07 Nov 2023 10:41:02 GMT
Expires
Tue, 14 Nov 2023 10:41:02 GMT
Strict-Transport-Security
max-age=2628000 ; includeSubDomains
X-Robots-Tag
noindex, nofollow
t_.js
t.sharethis.com/1.1258.23363/a/US/ Frame C2BF 		19 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://t.sharethis.com/1.1258.23363/a/US/t_.js?cid=c010&cls=C
Requested by
Host: t.sharethis.com
URL: https://t.sharethis.com/a/t_.htm?ver=1.1258.23363&cid=c010&cls=C
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.12.145.135 Ashburn, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a23-12-145-135.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
8ff9e191df831efb966ff2d3cee87f2a51f1256c9bf0eeb0ef8b52262532f36d
Security Headers
Name Value
Strict-Transport-Security max-age=2628000 ; includeSubDomains

Request headers

accept-language
en-US,en;q=0.9
Referer
https://t.sharethis.com/a/t_.htm?ver=1.1258.23363&cid=c010&cls=C
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

Date
Tue, 07 Nov 2023 10:41:02 GMT
Content-Encoding
gzip
Strict-Transport-Security
max-age=2628000 ; includeSubDomains
Content-Type
text/javascript
Cache-Control
max-age=604800
Connection
keep-alive
X-Robots-Tag
noindex, nofollow
Content-Length
8732
Expires
Tue, 14 Nov 2023 10:41:02 GMT
t_.js
t.sharethis.com/1.1258.23363/a/US/ Frame D7A6 		19 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://t.sharethis.com/1.1258.23363/a/US/t_.js?cid=c010&cls=C
Requested by
Host: t.sharethis.com
URL: https://t.sharethis.com/a/t_.htm?ver=1.1258.23363&cid=c010&cls=C
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.12.145.135 Ashburn, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a23-12-145-135.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
8ff9e191df831efb966ff2d3cee87f2a51f1256c9bf0eeb0ef8b52262532f36d
Security Headers
Name Value
Strict-Transport-Security max-age=2628000 ; includeSubDomains

Request headers

accept-language
en-US,en;q=0.9
Referer
https://t.sharethis.com/a/t_.htm?ver=1.1258.23363&cid=c010&cls=C
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

Date
Tue, 07 Nov 2023 10:41:02 GMT
Content-Encoding
gzip
Strict-Transport-Security
max-age=2628000 ; includeSubDomains
Content-Type
text/javascript
Cache-Control
max-age=604800
Connection
keep-alive
X-Robots-Tag
noindex, nofollow
Content-Length
8732
Expires
Tue, 14 Nov 2023 10:41:02 GMT
t_.js
t.sharethis.com/1.1258.23363/a/US/ Frame 56DC 		19 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://t.sharethis.com/1.1258.23363/a/US/t_.js?cid=c010&cls=C
Requested by
Host: t.sharethis.com
URL: https://t.sharethis.com/a/t_.htm?ver=1.1258.23363&cid=c010&cls=C
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.12.145.135 Ashburn, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a23-12-145-135.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
8ff9e191df831efb966ff2d3cee87f2a51f1256c9bf0eeb0ef8b52262532f36d
Security Headers
Name Value
Strict-Transport-Security max-age=2628000 ; includeSubDomains

Request headers

accept-language
en-US,en;q=0.9
Referer
https://t.sharethis.com/a/t_.htm?ver=1.1258.23363&cid=c010&cls=C
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

Date
Tue, 07 Nov 2023 10:41:02 GMT
Content-Encoding
gzip
Strict-Transport-Security
max-age=2628000 ; includeSubDomains
Content-Type
text/javascript
Cache-Control
max-age=604800
Connection
keep-alive
X-Robots-Tag
noindex, nofollow
Content-Length
8732
Expires
Tue, 14 Nov 2023 10:41:02 GMT
test_oracle
pd.sharethis.com/pd/ Frame 3FEE 		438 B
675 B 		Script
General
Check archive.org
Download Go to
Full URL
https://pd.sharethis.com/pd/test_oracle
Requested by
Host: t.sharethis.com
URL: https://t.sharethis.com/a/t_.htm?ver=1.1258.23363&cid=c010&cls=C
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.16.223.148 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-16-223-148.us-east-2.compute.amazonaws.com
Software
/
Resource Hash
9f173cbb2ce5c8b3ca86cf7e7d26e28ca5c968e8a01e1f68eff2b4709580f346
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains;

Request headers

accept-language
en-US,en;q=0.9
Referer
https://t.sharethis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

Date
Tue, 07 Nov 2023 10:41:03 GMT
Strict-Transport-Security
max-age=63072000; includeSubDomains;
Connection
keep-alive
X-Robots-Tag
noindex, nofollow
Content-Length
438
Content-Type
application/javascript
generic
match.adsrvr.org/track/cmf/ Frame C2BF 		70 B
149 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/generic?ttd_pid=1h1y1a7&ttd_tpi=1&gdpr=0&gdpr_consent=
Requested by
Host: 18qcq1.buzz
URL: https://18qcq1.buzz/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.223.40.198 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a6370ebea231e0c9a.awsglobalaccelerator.com
Software
Kestrel /
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://t.sharethis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Tue, 07 Nov 2023 10:41:03 GMT
server
Kestrel
content-length
70
content-type
image/gif
362358.gif
idsync.rlcdn.com/ Frame C2BF
Redirect Chain
  • https://idsync.rlcdn.com/386076.gif?partner_uid=ZHEAA2VKFD4AAAAIIkdgAw%3D%3D&gdpr=0&gdpr_consent=
  • https://idsync.rlcdn.com/1000.gif?memo=CJzIFxIjCh8IARCAVxoYWkhFQUEyVktGRDRBQUFBSUlrZGdBdz09EAAaDQi_qKiqBhIFCOgHEABCAEoA
  • https://cm.g.doubleclick.net/pixel?google_nid=epsilon&google_cm
  • https://cm.g.doubleclick.net/pixel?google_nid=epsilon&google_cm=&google_tc=
  • https://idsync.rlcdn.com/362358.gif?google_gid=CAESEJtJESRm7czpmFTnAVuQRE8&google_cver=1
42 B
60 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://idsync.rlcdn.com/362358.gif?google_gid=CAESEJtJESRm7czpmFTnAVuQRE8&google_cver=1
Requested by
Host: 18qcq1.buzz
URL: https://18qcq1.buzz/
Protocol
H3
Server
35.190.60.146 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
146.60.190.35.bc.googleusercontent.com
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-US,en;q=0.9
Referer
https://t.sharethis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Tue, 07 Nov 2023 10:41:04 GMT
via
1.1 google
content-type
image/gif
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
cache-control
no-cache, no-store
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42

Redirect headers

pragma
no-cache
date
Tue, 07 Nov 2023 10:41:04 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://idsync.rlcdn.com/362358.gif?google_gid=CAESEJtJESRm7czpmFTnAVuQRE8&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
289
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel
ps.eyeota.net/ Frame C2BF 		0
344 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ps.eyeota.net/pixel?pid=1mpb5m0&t=gif&gdpr=0&gdpr_consent=
Requested by
Host: 18qcq1.buzz
URL: https://18qcq1.buzz/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
3.230.62.22 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-230-62-22.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://t.sharethis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

Date
Tue, 07 Nov 2023 10:41:03 GMT
Content-Length
0
P3P
CP="CURa ADMa DEVa TAIo PSAo PSDo OUR SAMo BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR", policyref="http://ps.eyeota.net/w3c/p3p.xml"
csync.ashx
ml314.com/ Frame C2BF
Redirect Chain
  • https://ml314.com/utsync.ashx?eid=50131&et=13&cid=lr&fp=ZHEAA2VKFD4AAAAIIkdgAw%3D%3D&gdpr=0&gdpr_consent=&return=https%3A%2F%2Fidsync.rlcdn.com%2F395886.gif%3Fpartner_uid%3D%5BPersonID%5D
  • https://idsync.rlcdn.com/395886.gif?partner_uid=3639766616102142000
  • https://ml314.com/csync.ashx?fp=2832b07c13c254e7f8d5bde206528b3db137ebdc15f203bcc1b46a4c6b658054f4cb09cee1a4f8eb&person_id=3639766616102142000&eid=50082
43 B
124 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ml314.com/csync.ashx?fp=2832b07c13c254e7f8d5bde206528b3db137ebdc15f203bcc1b46a4c6b658054f4cb09cee1a4f8eb&person_id=3639766616102142000&eid=50082
Requested by
Host: 18qcq1.buzz
URL: https://18qcq1.buzz/
Protocol
H2
Server
34.117.77.79 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
79.77.117.34.bc.googleusercontent.com
Software
Google Frontend /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-US,en;q=0.9
Referer
https://t.sharethis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

expires
Wed, 08 Nov 2023 10:41:03 GMT
date
Tue, 07 Nov 2023 10:41:03 GMT
via
1.1 google, 1.1 google
server
Google Frontend
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-type
image/gif

Redirect headers

date
Tue, 07 Nov 2023 10:41:03 GMT
via
1.1 google
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location
https://ml314.com/csync.ashx?fp=2832b07c13c254e7f8d5bde206528b3db137ebdc15f203bcc1b46a4c6b658054f4cb09cee1a4f8eb&person_id=3639766616102142000&eid=50082
cache-control
no-cache, no-store
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
oracle
sync.sharethis.com/ Frame C2BF
Redirect Chain
  • https://tags.bluekai.com/site/59574?id=ZHEAA2VKFD4AAAAIIkdgAw%3D%3D&redir=https%3A%2F%2Fsync.sharethis.com%2Foracle%3Fuid%3D%24_BK_UUID%26BK_SWAP_DEST%3D5957
  • https://sync.sharethis.com/oracle?uid=$_BK_UUID&BK_SWAP_DEST=5957
42 B
297 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.sharethis.com/oracle?uid=$_BK_UUID&BK_SWAP_DEST=5957
Requested by
Host: 18qcq1.buzz
URL: https://18qcq1.buzz/
Protocol
HTTP/1.1
Server
18.220.85.235 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-220-85-235.us-east-2.compute.amazonaws.com
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains;

Request headers

accept-language
en-US,en;q=0.9
Referer
https://t.sharethis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

Date
Tue, 07 Nov 2023 10:41:04 GMT
Strict-Transport-Security
max-age=63072000; includeSubDomains;
Connection
keep-alive
Stid
ZHEAA2VKFD4AAAAIIkdgAw==
X-Robots-Tag
noindex, nofollow
Content-Length
42
Content-Type
image/gif

Redirect headers

location
https://sync.sharethis.com/oracle?uid=$_BK_UUID&BK_SWAP_DEST=5957
date
Tue, 07 Nov 2023 10:41:03 GMT
content-length
0
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV", policyref="http://tags.bluekai.com/w3c/p3p.xml"
sync.min.js
tags.crwdcntrl.net/lt/c/16311/ Frame E567 		39 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tags.crwdcntrl.net/lt/c/16311/sync.min.js
Requested by
Host: cdn-tc.33across.com
URL: https://cdn-tc.33across.com/lotame-sync.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.160.46.85 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-160-46-85.iad55.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
9ac1ba0fd033fdc1ac6df78af8d9e9fff9430881024ca2d53430467d1c256a01

Request headers

accept-language
en-US,en;q=0.9
Referer
https://cdn-tc.33across.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Mon, 06 Nov 2023 19:10:11 GMT
content-encoding
gzip
via
1.1 9b00405a1ff669043791884b75822050.cloudfront.net (CloudFront)
last-modified
Wed, 06 Sep 2023 15:51:51 GMT
server
AmazonS3
x-amz-cf-pop
IAD55-P2
age
55853
etag
W/"b054dbc49b30695b40107158fb25e846"
x-amz-server-side-encryption
AES256
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
text/javascript
cache-control
public, max-age=86400
x-amz-cf-id
YBBUn8Fh5idMNWQUHQHd835H9guOEL7wWp29cpa8vT3q2AguQaYBpQ==
t_.js
t.sharethis.com/1.1258.23363/a/US/ Frame F6C9 		19 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://t.sharethis.com/1.1258.23363/a/US/t_.js?cid=c010&cls=C
Requested by
Host: t.sharethis.com
URL: https://t.sharethis.com/a/t_.htm?ver=1.1258.23363&cid=c010&cls=C
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.12.145.135 Ashburn, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a23-12-145-135.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
8ff9e191df831efb966ff2d3cee87f2a51f1256c9bf0eeb0ef8b52262532f36d
Security Headers
Name Value
Strict-Transport-Security max-age=2628000 ; includeSubDomains

Request headers

accept-language
en-US,en;q=0.9
Referer
https://t.sharethis.com/a/t_.htm?ver=1.1258.23363&cid=c010&cls=C
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

Date
Tue, 07 Nov 2023 10:41:03 GMT
Content-Encoding
gzip
Strict-Transport-Security
max-age=2628000 ; includeSubDomains
Content-Type
text/javascript
Cache-Control
max-age=604800
Connection
keep-alive
X-Robots-Tag
noindex, nofollow
Content-Length
8732
Expires
Tue, 14 Nov 2023 10:41:03 GMT
a.gif
t.sharethis.com/d/ Frame D7A6 		0
289 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://t.sharethis.com/d/a.gif?cid=c010&cls=C&stid=ZHEAA2VKFD4AAAAIIkdgAw%253D%253D&tt=t.dhj&dhjLcy=1699353662618&lbl=pxcel&flbl=pxcel&ll=d&ver=1.1258.23363&ell=d&cck=__stid&dmn=18qcq1.buzz&pn=%2F&qs=na&rdn=18qcq1.buzz&rpn=%2F&rqs=na&cc=US&cont=NA&evid=OkxXpuYA9feLUKNwwoCc&urls=&rnd=1699353663760&cid=c010&version=1.1258.23363&cc=US&cont=NA&cls=C&repeat=0&htmLcy=1032
Requested by
Host: 18qcq1.buzz
URL: https://18qcq1.buzz/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.12.145.135 Ashburn, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a23-12-145-135.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=2628000 ; includeSubDomains

Request headers

accept-language
en-US,en;q=0.9
Referer
https://t.sharethis.com/a/t_.htm?ver=1.1258.23363&cid=c010&cls=C
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 07 Nov 2023 10:41:03 GMT
Cache-Control
max-age=0, no-cache, no-store
Strict-Transport-Security
max-age=2628000 ; includeSubDomains
Connection
keep-alive
X-Robots-Tag
noindex, nofollow
Expires
Tue, 07 Nov 2023 10:41:03 GMT
a.gif
t.sharethis.com/d/ Frame 56DC 		0
289 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://t.sharethis.com/d/a.gif?cid=c010&cls=C&stid=ZHEAA2VKFD4AAAAIIkdgAw%253D%253D&tt=t.dhj&dhjLcy=1699353662616&lbl=pxcel&flbl=pxcel&ll=d&ver=1.1258.23363&ell=d&cck=__stid&dmn=18qcq1.buzz&pn=%2F&qs=na&rdn=18qcq1.buzz&rpn=%2F&rqs=na&cc=US&cont=NA&evid=SkxXpuYAgNNqOOm0RMtm&urls=&rnd=1699353663763&cid=c010&version=1.1258.23363&cc=US&cont=NA&cls=C&repeat=0&htmLcy=1026
Requested by
Host: 18qcq1.buzz
URL: https://18qcq1.buzz/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.12.145.135 Ashburn, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a23-12-145-135.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=2628000 ; includeSubDomains

Request headers

accept-language
en-US,en;q=0.9
Referer
https://t.sharethis.com/a/t_.htm?ver=1.1258.23363&cid=c010&cls=C
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 07 Nov 2023 10:41:03 GMT
Cache-Control
max-age=0, no-cache, no-store
Strict-Transport-Security
max-age=2628000 ; includeSubDomains
Connection
keep-alive
X-Robots-Tag
noindex, nofollow
Expires
Tue, 07 Nov 2023 10:41:03 GMT
bk-coretag.js
tags.bkrtx.com/js/ Frame 3FEE 		51 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tags.bkrtx.com/js/bk-coretag.js
Requested by
Host: pd.sharethis.com
URL: https://pd.sharethis.com/pd/test_oracle
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.54.217.184 Edison, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-54-217-184.deploy.static.akamaitechnologies.com
Software
nginx/1.15.8 /
Resource Hash
88cd43c3f5453f7b4db2cbe884b47db3c8317860a2ce6e9b2bc934ff4b8e32eb
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains

Request headers

accept-language
en-US,en;q=0.9
Referer
https://t.sharethis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

strict-transport-security
max-age=15724800; includeSubDomains
content-encoding
gzip
date
Tue, 07 Nov 2023 10:41:03 GMT
last-modified
Fri, 21 May 2021 19:14:21 GMT
server
nginx/1.15.8
etag
W/"60a8068d-cbc2"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=604800
content-length
16078
expires
Tue, 14 Nov 2023 10:41:03 GMT
a.gif
t.sharethis.com/d/ Frame F6C9 		0
289 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://t.sharethis.com/d/a.gif?cid=c010&cls=C&stid=ZHEAA2VKFD4AAAAIIkdgAw%253D%253D&tt=t.dhj&dhjLcy=1699353662656&lbl=pxcel&flbl=pxcel&ll=d&ver=1.1258.23363&ell=d&cck=__stid&dmn=18qcq1.buzz&pn=%2F&qs=na&rdn=18qcq1.buzz&rpn=%2F&rqs=na&cc=US&cont=NA&evid=ilxXpuYAyyI3KG-blOdC&urls=&rnd=1699353663844&cid=c010&version=1.1258.23363&cc=US&cont=NA&cls=C&repeat=0&htmLcy=88&bcnLcy=55
Requested by
Host: 18qcq1.buzz
URL: https://18qcq1.buzz/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.12.145.135 Ashburn, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a23-12-145-135.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=2628000 ; includeSubDomains

Request headers

accept-language
en-US,en;q=0.9
Referer
https://t.sharethis.com/a/t_.htm?ver=1.1258.23363&cid=c010&cls=C
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 07 Nov 2023 10:41:03 GMT
Cache-Control
max-age=0, no-cache, no-store
Strict-Transport-Security
max-age=2628000 ; includeSubDomains
Connection
keep-alive
X-Robots-Tag
noindex, nofollow
Expires
Tue, 07 Nov 2023 10:41:03 GMT
map
bcp.crwdcntrl.net/6/ Frame E567 		60 B
335 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://bcp.crwdcntrl.net/6/map
Requested by
Host: tags.crwdcntrl.net
URL: https://tags.crwdcntrl.net/lt/c/16311/sync.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.239.38.30 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-239-38-30.compute-1.amazonaws.com
Software
Jetty(9.4.38.v20210224) /
Resource Hash
cae7d261e0a8ed323ae1e37496163314d95021976be1165ac9ddb63cb2bc41f2

Request headers

Referer
https://cdn-tc.33across.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

pragma
no-cache
date
Tue, 07 Nov 2023 10:41:03 GMT
server
Jetty(9.4.38.v20210224)
content-type
application/json;charset=utf-8
p3p
CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin
https://cdn-tc.33across.com
cache-control
no-cache
x-server
10.40.11.79
access-control-allow-credentials
true
content-length
60
expires
0
2981
tags.bluekai.com/site/ Frame CDCD
Redirect Chain
  • https://stags.bluekai.com/site/59574?ret=html&phint=id%3DZHEAA2VKFD4AAAAIIkdgAw%3D%3D&phint=__bk_k%3D&phint=__bk_pr%3Dhttps%3A%2F%2Ft.sharethis.com%2Fa%2Ft_.htm%3Fver%3D1.1258.23363%26cid%3Dc010%26...
  • https://cm.g.doubleclick.net/pixel?google_nid=bluekai&google_cm&google_sc&google_hm=dUk3bXYrb1E5OVlTYzZvaw%3D%3D
  • https://tags.bluekai.com/site/2981?id=&google_gid=CAESEHIzjB2Q9OQJCDGnbvQimsk&google_cver=1
62 B
305 B 		Document
General
Check archive.org
Download Go to
Full URL
https://tags.bluekai.com/site/2981?id=&google_gid=CAESEHIzjB2Q9OQJCDGnbvQimsk&google_cver=1
Requested by
Host: tags.bkrtx.com
URL: https://tags.bkrtx.com/js/bk-coretag.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.219.12.236 Ashburn, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-219-12-236.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
0af3aae90b7de9fdceee2ab421378ea2f54c74be81ef43fc6c1790a032755d80

Request headers

Referer
https://t.sharethis.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

content-length
62
content-type
image/gif
date
Tue, 07 Nov 2023 10:41:04 GMT
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV", policyref="http://tags.bluekai.com/w3c/p3p.xml"

Redirect headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
no-cache, must-revalidate
content-length
296
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Tue, 07 Nov 2023 10:41:04 GMT
expires
Fri, 01 Jan 1990 00:00:00 GMT
location
https://tags.bluekai.com/site/2981?id=&google_gid=CAESEHIzjB2Q9OQJCDGnbvQimsk&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
pragma
no-cache
server
HTTP server (unknown)
x-xss-protection
0
a.gif
t.sharethis.com/d/ Frame C2BF 		0
289 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://t.sharethis.com/d/a.gif?cid=c010&cls=C&stid=ZHEAA2VKFD4AAAAIIkdgAw%253D%253D&tt=t.dhj&dhjLcy=1699353662611&lbl=pxcel&flbl=pxcel&ll=d&ver=1.1258.23363&ell=d&cck=__stid&dmn=18qcq1.buzz&pn=%2F&qs=na&rdn=18qcq1.buzz&rpn=%2F&rqs=na&cc=US&cont=NA&evid=ejxXpuYA7QIpjQSW9GRC&urls=!1!177!b-13j,!1!499!b-13l,!0!156!b-14s,!1!0!b-14t,!1!277!b-150,!1!403!b-16f&rnd=1699353666725&cid=c010&version=1.1258.23363&cc=US&cont=NA&cls=C&repeat=0&htmLcy=72&bcnLcy=58
Requested by
Host: 18qcq1.buzz
URL: https://18qcq1.buzz/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.12.145.135 Ashburn, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a23-12-145-135.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=2628000 ; includeSubDomains

Request headers

accept-language
en-US,en;q=0.9
Referer
https://t.sharethis.com/a/t_.htm?ver=1.1258.23363&cid=c010&cls=C
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 07 Nov 2023 10:41:06 GMT
Cache-Control
max-age=0, no-cache, no-store
Strict-Transport-Security
max-age=2628000 ; includeSubDomains
Connection
keep-alive
X-Robots-Tag
noindex, nofollow
Expires
Tue, 07 Nov 2023 10:41:06 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
appsdk.xn--15q617acha879f.com
URL
https://appsdk.xn--15q617acha879f.com/o.js
Domain
wam.solution.weborama.fr
URL
https://wam.solution.weborama.fr/fcgi-bin/dispatch.fcgi?g.bo=OK&g.rn=124835&d.A=rd&d.k=acxiom_id&d.u=https://idsync.rlcdn.com/401726.gif?partner_uid={WEBO_CID}

Verdicts & Comments Add Verdict or Comment

51 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| 4 object| 5 object| 6 object| 7 object| 8 object| 9 object| documentPictureInPicture function| $ function| jQuery object| maccms string| base64EncodeChars object| base64DecodeChars function| base64encode function| base64decode function| utf16to8 function| utf8to16 object| MAC string| percent number| linkCount string| linkStr object| linkStrArray object| jQuery19104949536282071747 object| layer function| favs function| artfavs function| actorfavs function| topicfavs object| _paq object| _Hasync object| adbyunion function| chfh function| chfh2 string| _HST_cntval object| Histats object| Piwik object| Matomo object| AnalyticsTracker function| piwik_log object| _HistatsCounterGraphics_0_setValues object| a object| cv object| Tynt object| _dtspv object| _33Across function| __uspapi object| __connect number| char

70 Cookies

Domain/Path Name / Value
map.go.affec.tv/map/an Name: oo
Value: 1
18qcq1.buzz/ Name: kt_tcookie
Value: 1
18qcq1.buzz/ Name: HstCfa4776751
Value: 1699353661525
18qcq1.buzz/ Name: HstCmu4776751
Value: 1699353661525
18qcq1.buzz/ Name: HstCnv4776751
Value: 1
18qcq1.buzz/ Name: HstCns4776751
Value: 1
18qcq1.buzz/ Name: HstCla4776751
Value: 1699353661528
18qcq1.buzz/ Name: HstPn4776751
Value: 2
18qcq1.buzz/ Name: HstPt4776751
Value: 2
18qcq1.buzz/ Name: _pk_id.22.51f3
Value: f3fd156b684b5633.1699353662.
18qcq1.buzz/ Name: _pk_ses.22.51f3
Value: 1
.dtscout.com/ Name: m
Value: 1
.dtscout.com/ Name: st
Value: 1
.dtscout.com/ Name: oa
Value: 1
.dtscout.com/ Name: df
Value: 1699353661
.dtscout.com/ Name: l
Value: 51A01699353661C9CDCDC5F7CD95A335
.sharethis.com/ Name: __stid
Value: ZHEAA2VKFD4AAAAIIkdgAw==
.sharethis.com/ Name: __stidv
Value: 2
.18qcq1.buzz/ Name: __dtsu
Value: 51A01699353661C9CDCDC5F7CD95A335
.tynt.com/ Name: uid
Value: CoIKSWVKFD4gTd3IBYgaAg==
.tynt.com/ Name: pids
Value: %5B%7B%22p%22%3A%22fcb82aaae3%22%2C%22f%22%3A1%2C%22ts%22%3A1699353662561%7D%2C%7B%22p%22%3A%22607295b4a4%22%2C%22f%22%3A1%2C%22ts%22%3A1699353662561%7D%2C%7B%22p%22%3A%2204b37b1668%22%2C%22f%22%3A2%2C%22ts%22%3A1699353662618%7D%2C%7B%22p%22%3A%22b32ef6f991%22%2C%22f%22%3A2%2C%22ts%22%3A1699353662618%7D%2C%7B%22p%22%3A%22002f98d420%22%2C%22f%22%3A1%2C%22ts%22%3A1699353662561%7D%2C%7B%22p%22%3A%22cb5617b0e3%22%2C%22f%22%3A1%2C%22ts%22%3A1699353662618%7D%2C%7B%22p%22%3A%22d9fe068602%22%2C%22f%22%3A1%2C%22ts%22%3A1699353662561%7D%2C%7B%22p%22%3A%22179d15a463%22%2C%22f%22%3A3%2C%22ts%22%3A1699353662618%7D%2C%7B%22p%22%3A%22e32a9fc66e%22%2C%22f%22%3A1%2C%22ts%22%3A1699353662561%7D%5D
.tapad.com/ Name: TapAd_TS
Value: 1699353662714
.tapad.com/ Name: TapAd_DID
Value: ef1055ed-0087-4bb8-a2c8-43cff488ba67
.onaudience.com/ Name: cookie
Value: 5d6b09f04200079c
.onaudience.com/ Name: done_redirects147
Value: 1
.tapad.com/ Name: TapAd_3WAY_SYNCS
Value:
.linkedin.com/ Name: li_sugr
Value: f256ea2a-2433-4b08-88d0-cad74856f201
.linkedin.com/ Name: bcookie
Value: "v=2&0b45f01c-0c6b-4633-85e0-7d7dab0a482b"
.linkedin.com/ Name: lidc
Value: "b=VGST02:s=V:r=V:a=V:p=V:g=3038:u=1:x=1:i=1699353662:t=1699440062:v=2:sig=AQHIklFd44A_jCefQHPEchm1sNd3hwth"
.dtscdn.com/ Name: uid
Value: 51A01699353661C9CDCDC5F7CD95A335
.go.affec.tv/ Name: ck
Value: 654a143f78685e0001979940
.go.affec.tv/ Name: oo
Value: 1
.33across.com/ Name: 33x_ps
Value: u%3D212335593757218%3As1%3D1699353663744%3Ats%3D1699353663744
.rezync.com/ Name: zync-uuid
Value: fc8b7c5f-6c1e-4c1d-a7bc-a9d3271eb084:1699353663.7694445
.e.dlx.addthis.com/ Name: na_tc
Value: Y
.t.sharethis.com/ Name: pxcelPage_default_c010_C
Value: 4_0_1699353663724
.ml314.com/ Name: pi
Value: 3639766616102142000
.eyeota.net/ Name: SERVERID
Value: 22263~DM
.bluekai.com/ Name: bkdc
Value: phx
.bluekai.com/ Name: bku
Value: 4tL99eXDuZUrTLT3
.addthis.com/ Name: na_tc
Value: Y
.dlx.addthis.com/ Name: na_sr
Value: 20231107
.dlx.addthis.com/ Name: na_srp
Value: 3261
.simpli.fi/ Name: suid
Value: 48B30E302C8E42A79D88293FA58276D2
.media6degrees.com/ Name: clid
Value: 2s3r1of011705q52f0c1wna2000000018n011901b01
.media6degrees.com/ Name: acs
Value: 012020k1s3r1ofxzt10
.go.affec.tv/ Name: pt
Value: eyJhbiI6eyJkdCI6MTY5OTM1MzY2NCwiaWQiOiI0Mzk4MTMyNTE4ODE5MDQ0MDgzIiwibHMiOjE2OTkzNTM2NjR9LCJ0dCI6eyJkdCI6MTY5OTM1MzY2MywiaWQiOiJDb0lLU1dWS0ZENGdUZDNJQllnYUFnPT0iLCJscyI6MTY5OTM1MzY2M30sInYiOjB9|1699353664|4ae7b989cd9134b7073c19462d197ea986965e05
.adnxs.com/ Name: uuid2
Value: 3119322924083082920
.rfihub.com/ Name: euds
Value: H4sIAAAAAAAA_wXByRXAIAgFwEvaIU9kE7uRrxaSyjPzPXExKmCXHHxIwZtWFGjllh58qg2d7Jli4i5veKqq_WL1joA6AAAA
.doubleclick.net/ Name: IDE
Value: AHWqTUkhdpWmRVJqE07_umrotee3nBR-5yljALVRo6OW4Phube9PxXdEO3_51l_yD9c
.adnxs.com/ Name: anj
Value: dTM7k!M4/8CxrEQF']wIg2HaLsaU#c!@wnf-Te9(>wL5L!!'O]$iSJ4
.dlx.addthis.com/ Name: na_rn
Value: 0
.dlx.addthis.com/ Name: na_sc_e
Value: 0
.agkn.com/ Name: u
Value: C|0CAAAAAAALNzQwAAAAAAAAQEWAAAAAA
.agkn.com/ Name: ab
Value: 0001%3AE8XKtnaP2Z3iInv%2BAqLm11bU6Ga%2BG23d
.rfihub.com/ Name: ruds
Value: H4sIAAAAAAAA_-MSsjSzsDQwNzI3tLAwNDCwsDQ0FeIz1HUxcAv1Ky9wTM8MygcAWWhd9yQAAAA
.rfihub.com/ Name: eud
Value: H4sIAAAAAAAA_13IuxWAIAwAwAmsmCM8Y37EbUiAgSwtndTOwvLuKrayhaUs0MQJnDigWyR0H3QYztgbn6juJKRK1dSZWe6yfcno9vz8AmMPCTZaAAAA
.rfihub.com/ Name: rud
Value: H4sIAAAAAAAA_-MSsjSzsDQwNzI3tLAwNDCwsDQ0FeIz1HUxcAv1Ky9wTM8MygcAWWhd9yQAAAA
.addthis.com/ Name: na_id
Value: 2023110710410300010809088645
.addthis.com/ Name: uid
Value: 654a143f9696e642
.addthis.com/ Name: ouid
Value: 654a143f00019c68091f8cfd53d69d2bbd879874404e77e66840
live.rezync.com/ Name: sd-session-id
Value: .eJwNjEkOwjAMAP_ic4Nistn5TJXFlSJoQE25UPF3chxpZi5Y33LsqUs_IZ7HRxYozzZpQLxgtO8uD4jAnliHe0Ai1JoYHfwWGDJGe_W11alshXIoblO-oChbsKoUclGJq5mhZE02omc2znhvbsGztXZ-_rqYJkQ.ZUoUQA.TMEK-hr8CEpJCI-7HwPiQ0Vyywo
.dlx.addthis.com/ Name: na_sc_x
Value: 2
.rlcdn.com/ Name: pxrc
Value: CL+oqKoGEgUI204QABIGCLrqARABEgYIr+sBEAE=
.weborama.fr/ Name: AFFICHE_W
Value: 8VzETjYAh9jx59
.mediarithmics.com/ Name: mics_vid
Value: 53045019378
.mediarithmics.com/ Name: mics_uaid
Value: web:1:70c449a0-751f-42eb-a42c-3153f42d497b
.mediarithmics.com/ Name: mics_lts
Value: 1699353665229
.rlcdn.com/ Name: rlas3
Value: Zb0fpvss7x+ByJfCmPCigUh5ZAwibPrWnFOvwJffpTk=
.t.sharethis.com/ Name: pxcelBcnLcy
Value: 55

2 Console Messages

Source Level URL
Text
network error URL: https://bcp.crwdcntrl.net/5/c=3825/tp=DTSC/tpid=51A01699353661C9CDCDC5F7CD95A335
Message:
Failed to load resource: the server responded with a status of 404 ()
network error URL: https://idsync.rlcdn.com/405716.gif?partner_uid=212336650252233
Message:
Failed to load resource: the server responded with a status of 451 ()

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

18qcq1.buzz
aa.agkn.com
appsdk.xn--15q617acha879f.com
bcp.crwdcntrl.net
cdn-tc.33across.com
cdn.tynt.com
cm.g.doubleclick.net
cookie-matching.mediarithmics.com
d.agkn.com
de.tynt.com
dp1.33across.com
dp2.33across.com
e.dlx.addthis.com
e.dtscout.com
feimian.slsltutu.com
fnsn79.top
get.s-onetag.com
i.simpli.fi
ib.adnxs.com
ic.tynt.com
idpix.media6degrees.com
idsync.rlcdn.com
live.rezync.com
map.go.affec.tv
match.adsrvr.org
ml314.com
onetag-geo.s-onetag.com
p.rfihub.com
pd.sharethis.com
pixel.onaudience.com
pixel.tapad.com
ps.eyeota.net
px.ads.linkedin.com
s10.histats.com
s4.histats.com
secure.adnxs.com
stags.bluekai.com
sync.sharethis.com
t.dtscdn.com
t.dtscout.com
t.sharethis.com
tags.bkrtx.com
tags.bluekai.com
tags.crwdcntrl.net
wam.solution.weborama.fr
www.wjnyapp.skin
x.dlx.addthis.com
appsdk.xn--15q617acha879f.com
wam.solution.weborama.fr
104.18.35.167
13.249.39.110
141.94.171.212
142.251.16.156
149.56.240.131
172.64.153.173
18.160.10.41
18.160.46.85
18.220.85.235
18.67.76.48
199.38.167.130
23.12.145.135
23.219.12.236
23.54.217.184
2600:9000:24f3:8200:19:fc2c:a140:93a1
2606:4700:10::6814:81f
2606:4700:10::ac43:8ab
2606:4700:20::681a:d3c
2606:4700:21::8d65:780b
2606:4700:3031::ac43:bdec
2606:4700:3033::6815:4264
2606:4700:3036::ac43:a2f1
2606:4700:4400::ac40:97ee
2620:1ec:21::14
3.16.223.148
3.230.62.22
34.111.113.62
34.117.77.79
34.239.38.30
34.86.70.109
35.190.60.146
44.197.9.244
52.223.40.198
52.85.151.7
54.36.150.182
67.202.105.22
67.202.105.24
67.202.105.33
68.67.179.87
00487734495dbe4b2ba7320ce49183e8581d1c3729aa08c9a1daa1adc394b05f
0108cf57a5359cdecc80699650b912a11731d0aeaec300d884a9d658ed96b295
0216418434db22f90d63f396fa935ca96cf63e081816c8920cab60005f06b950
02a6999b33a9d28c8392563189d88ea962899cdd09caa78896df298c4598ab05
037ac84f6ab866c163970940e4937114926275b0717de5cb0343eee2ec0a8875
0af3aae90b7de9fdceee2ab421378ea2f54c74be81ef43fc6c1790a032755d80
0c4348f9abb00683f322c8eebea774789dc5baa6f83706f19e269149f03699e1
13f0dcd080e53f24dd41db407b725e87d936da21ef2babd0fd4b546b6abe8bf2
14176ccce205f8d93c4e4a5ac9d5616eb7e7e98db90168b69854e4494946ed7c
14ab1ca7dbc14f62d3e649fd7e39589d8834ffee956a7f3d9de2d054846de9ea
14c8220302933a43fb19a6f06bfa57f3db6cbfa1eee6ec90ef85f2958c45aacd
1a52c16e5a7fc905630d52185ca457108cb0a65a4567cf6157709c1c5eceb311
1b9137651eb025430c3507564ab18d199e1df704a123f673579a7795cbc19a50
1c40e8031b58141018538a222c3e39399e78b2bc66d2a8be23b9ecd4f527f3e8
1ce6649d82d2db0f8e4823f701ddfcfd9c7f107cb446c907e46ec7e57171a2a3
1ddd91d2d8d2b28c38c1eee5dcac04119d41cbe8994b0c3d7665a2eb1c51fecb
1f17039655bbf2a1d404a67c49127ae30756c179a7f411f12dca5a8e7ba7bd2e
21d2d99a8ec9a0fee6465377b1b3d92b598c22d3cf57f43ac6d7fbba50d8d656
2595496fe48df6fcf9b1bc57c29a744c121eb4dd11566466bc13d2e52e6bbcc8
2674595ece6d29bba3197719873b35d8e2893e9eb3a0271bad0ea717e9b3d405
276dd1cdfa3ddb0e93ea65e4de37dc26e4133797fb14fa78849ca70d68f3e1df
295af394fac5c65a74597ce333328a2f8e4a20069d49b037ef74c4000f0874d2
2be5bc681ba2488b5b366e183923c008835985f5cd45b5f3be3075d6454366d2
2defe59e357a7d0683c8283ac42841db404a0884cae2eaecebf4b676e559dede
2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef
338d7f35ac3e99b9fae6f1bda878ea46d02ac89d90c110889181cf413231bb5c
38c951ad388a453b12540db7ad8b18fc3b2046a08b66df2b34165e20775d3be4
3db5fc063868d3ca5fc3cc2695f483266cffea00bef68dffd7e4944b947aacc8
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517
41d7c3cabe9d67ea1f1b53ae72629e9dbfae2c39042d6c1adc7a56a125190c5b
425d372553715d4670dcbb59674b4a09a56c61b5f5071ec189f21f284875fbd1
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
4c719f88b144ed9489dd30ffcde5c7543b8a49026a87bd7bb5e4cdd9ecd9b244
4e0776611e254bbf56cb7b3a235766af24dd8ba596976a3ccfa12764b8ea690b
53350525edba0b889e87ea52a16ed843a928a2557e9f8d6747acd7ff991c95c3
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
58048e62ca1e49fbdca38e0367564f701a807b8e26e88cd7414b0f8840bdd773
587a21383e237984e2eafb93c3db42e9bdaff178b16987dcb2205dbc6e60c814
58da8aba46f35759ce60d691deeebfab532f42c93c3f9c67c062afc371319c3e
5c556509f6fe7cbd41467c8f401ca3607725815aa0fbda4a966104242ab7dfbf
5e2da28b8cbf66dd24da22088c217e3eca6c1c9aa3df24860f08486423eab008
61195f31f47c25797905f46e03f14da7372ec71141fdfd18974c2526ffee77be
655d19500ac8384ab21e0eadcfb2510efa791a1e26f96b74044e0155c7fcdc36
69d77c01823b80be5ef5e5ac9a74cf0fcd2ebfe33f70be009e3ed22393c39899
6b442892c5b94c6abfbbad22dd3a5a44bb2695b96fb7559de75e6cdf501cf32e
6b48ec47c2c0cd7aea1f6aee26b9b72268a4f0ac49dfb986a5f363876bc8ff31
70170e469d8d05527acab7e3335c6fe91e2966ddbb6e9ea6211260b8f717d120
7451bcb85fe350b4af3a5a5587e53a14fe6cef9f9739a16fb53ee8d22e8fe1c2
75e8c4ad40475521846faeaa9ce2da84a2d701629035237c611ee389e5e92787
78c25da6082dd620e0fe7f12d7ef6e3c6015304575d9ced465b4e84e15a7d82a
7c2d66cf9c0890fb658c33803d422bed108a5437e9a7491a265efdfb3da1caaa
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
86cf087398dd3b828fb6e85704678f25b4fe90279b86f92d24c1affab71aca84
86e22c4cc5ac7a4fbd60bc46a29f1ca9d2d0fda5674a888e4ff0861481bc809c
88cd43c3f5453f7b4db2cbe884b47db3c8317860a2ce6e9b2bc934ff4b8e32eb
8cf4354910cdf4ec054ff186fa1450cc062d72d3232cc847b8702083953a4b32
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0
8ff9e191df831efb966ff2d3cee87f2a51f1256c9bf0eeb0ef8b52262532f36d
91bc429d2263c6eee103a022eafb547295f08b9c7bafdbd20769c65246a7e1b7
91f06f35f299c18e63feb7f48a8a15187a6a046aa9c0c7990263812d92c8acb1
93b1ad51b407f3b6f7a2e6e11b2eaa439e8d97e1f5b636242ff0f0ef0d21e27f
98a982ac738d440fab44db00a9ec58128dbc54cf068812751044085abb78e53c
9ac1ba0fd033fdc1ac6df78af8d9e9fff9430881024ca2d53430467d1c256a01
9caa30c9589ed1cc882ecd3964831e22607ddba966a795de1c53c0e66f45aba0
9d966ef9f526d6c3ffc9f8ea780fb2c83b48f5d867ef1c544b8aa18e3638a6ef
9f173cbb2ce5c8b3ca86cf7e7d26e28ca5c968e8a01e1f68eff2b4709580f346
9f81074a4204b7d7b208fa45a4354d0af713ad783e5c9607fc254da54ff6d14d
a4873887b3cf5fd4ef2d607a69de5288252384047e97cbb69bcd83876041d40a
a540f482305b2196f6e0a0e77a35bd19cd33b5d049c104ee34531e8ec4394896
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b4f943ec6d6456f73b0d90bfb85382ec02bc7922eb048127027eb0c828f24136
b71c20271d9c80d1a71aa0ab9935281c4fa8ac404533f1a0747d7fb03fc68e79
b9a79b10778abea396c4c8641cf8a7f8d1ad4e2dee3060a487abce6be9469313
bc8e75f01fc474f00e295dfca534f09a305ad3ac1a27b28378bcff8fd735db94
be8c1048d5d0d5f6fe7f0074298cad44b028d8f4a805109fe4927c11cb2cc86f
c0879ba25f70e7b929cdfadc5143b23ede486ebc83951af1ea81c3ffa34ff080
c2b12d47bf680cedd373721c518f0f5380e5e32c414d7138fc55b5bf5d488d8b
c520a5a400b6b68f5760b98d480e9468a52969423e64157d83f8f87a48f6fe75
c9798c13bc762bfe6296f63f29eeb874fe4433467317af715a89362a8aa6fd8d
cae7d261e0a8ed323ae1e37496163314d95021976be1165ac9ddb63cb2bc41f2
cd2835bec13ba8e1426bbf51d0f23c56cd1b1ed9ebf4345895c4698a038a320c
cd92e580d9592eb65f558bf8429921296ae44d40abcad3766144c14a8638bd53
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
d1125d968e40b5a16077801d01a714da16bef37b38097239672d1f3dc4ab94a2
d61c443d8cefb71d153719a196a00e783ababfdfbf9cf2311305efd2a77fc459
daf6ba41eb48c2968f3467e6ac8015034400f26e25b55290e93274931e41dbb7
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
ec73870a124df2d105249652c84da8f949bf73bcd5ca8ad6deca84b4fbd2e9d0
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f0dc02f222d776ef6bb9c8e214f3aaa63c33518d85737f00257f91b00da5f43f
ff87e5b79f44ef4e2fabd85150bd57c11afeed2a21ea0950158eca768587efe4
ff990708f1742064fb848a81f53edab5672739625bb6b0ebe08ceadd7f913c7d