offer.kingarnerstore.com Open in urlscan Pro
104.21.87.163 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://ctiqedsyo0ubymaz58yl2egc.blob.core.windows.net/ctiqedsyo0ubymaz58yl2egc/1.html#qs=r-aggibafgffbifbgagibdfekacikbjjibagekkgagekkgababadgadhkacca...
Effective URL:
https://offer.kingarnerstore.com/skylink/get-skylink/?s=x&h=328074652&o=556&a=700005&t=IV&c1=53995_17908870_11_2397_25&c2=bpytFID...
Submission: On December 30 via api (December 30th 2024, 3:54:18 am UTC) from BE — Scanned from IL

Summary HTTP 58 Redirects Behaviour Indicators

Summary

This website contacted 10 IPs in 2 countries across 9 domains to perform 58 HTTP transactions. The main IP is 104.21.87.163, located in and belongs to CLOUDFLARENET, US. The main domain is offer.kingarnerstore.com.
TLS certificate: Issued by WE1 on November 15th 2024. Valid for: 3 months.

This is the only time offer.kingarnerstore.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1	20.209.227.97 20.209.227.97	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1 1	208.67.248.46 208.67.248.46	40395 (VIRTBIZ-D...) (VIRTBIZ-DALLAS)
1 2	172.232.11.9 172.232.11.9	63949 (AKAMAI-LI...) (AKAMAI-LINODE-AP Akamai Connected Cloud)
49	104.21.87.163 104.21.87.163	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	142.250.185.200 142.250.185.200	15169 (GOOGLE) (GOOGLE)
1	151.101.193.229 151.101.193.229	54113 (FASTLY) (FASTLY)
1	216.239.32.181 216.239.32.181	15169 (GOOGLE) (GOOGLE)
1	108.177.15.155 108.177.15.155	15169 (GOOGLE) (GOOGLE)
1	142.250.186.162 142.250.186.162	15169 (GOOGLE) (GOOGLE)
1	172.217.18.3 172.217.18.3	15169 (GOOGLE) (GOOGLE)
1	104.21.16.1 104.21.16.1	13335 (CLOUDFLAR...) (CLOUDFLARENET)
58	10

1 20.209.227.97 (Washington, United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

ctiqedsyo0ubymaz58yl2egc.blob.core.windows.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 208.67.248.46 (United States) 1 redirects

ASN40395 (VIRTBIZ-DALLAS, US)
PTR: biblechristians.net

208.67.248.46	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 172.232.11.9 (Chicago, United States) 1 redirects

ASN63949 (AKAMAI-LINODE-AP Akamai Connected Cloud, SG)
PTR: 172-232-11-9.ip.linodeusercontent.com

www.marikano.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

49 104.21.87.163 (None, )

ASN13335 (CLOUDFLARENET, US)

offer.kingarnerstore.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.185.200 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s52-in-f8.1e100.net

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 151.101.193.229 (San Francisco, United States)

ASN54113 (FASTLY, US)

cdn.jsdelivr.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 216.239.32.181 (United States)

ASN15169 (GOOGLE, US)

analytics.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 108.177.15.155 (United States)

ASN15169 (GOOGLE, US)
PTR: wr-in-f155.1e100.net

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.186.162 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s08-in-f2.1e100.net

td.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 172.217.18.3 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s22-in-f3.1e100.net

www.google.co.il	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.21.16.1 (None, )

ASN13335 (CLOUDFLARENET, US)

cdnstat.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
49	kingarnerstore.com offer.kingarnerstore.com	1 MB
2	doubleclick.net stats.g.doubleclick.net — Cisco Umbrella Rank: 135 td.doubleclick.net — Cisco Umbrella Rank: 182	551 B
2	marikano.com 1 redirects www.marikano.com	962 B
1	cdnstat.net cdnstat.net — Cisco Umbrella Rank: 553921	882 B
1	google.co.il www.google.co.il — Cisco Umbrella Rank: 35336	408 B
1	google.com analytics.google.com — Cisco Umbrella Rank: 142
1	jsdelivr.net cdn.jsdelivr.net — Cisco Umbrella Rank: 318	23 KB
1	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 39	108 KB
1	windows.net ctiqedsyo0ubymaz58yl2egc.blob.core.windows.net	555 B
58	9

	Domain	Requested by
49	offer.kingarnerstore.com	www.marikano.com offer.kingarnerstore.com
2	www.marikano.com	1 redirects ctiqedsyo0ubymaz58yl2egc.blob.core.windows.net
1	cdnstat.net	offer.kingarnerstore.com
1	www.google.co.il	offer.kingarnerstore.com
1	td.doubleclick.net	www.googletagmanager.com
1	stats.g.doubleclick.net	www.googletagmanager.com
1	analytics.google.com	www.googletagmanager.com
1	cdn.jsdelivr.net	offer.kingarnerstore.com
1	www.googletagmanager.com	offer.kingarnerstore.com
1	ctiqedsyo0ubymaz58yl2egc.blob.core.windows.net
58	10

This site contains no links.

Subject Issuer	Validity	Valid
*.blob.core.windows.net Microsoft Azure RSA TLS Issuing CA 07	`2024-10-23` - `2025-04-21`	6 months	crt.sh
www.marikano.com R10	`2024-11-15` - `2025-02-13`	3 months	crt.sh
kingarnerstore.com WE1	`2024-11-15` - `2025-02-13`	3 months	crt.sh
*.google-analytics.com WR2	`2024-12-02` - `2025-02-24`	3 months	crt.sh
jsdelivr.net GlobalSign Atlas R3 DV TLS CA 2024 Q3	`2024-07-30` - `2025-08-31`	a year	crt.sh
*.google.com WR2	`2024-12-02` - `2025-02-24`	3 months	crt.sh
*.g.doubleclick.net WR2	`2024-12-02` - `2025-02-24`	3 months	crt.sh
*.doubleclick.net WR2	`2024-12-02` - `2025-02-24`	3 months	crt.sh
*.google.co.il WR2	`2024-12-02` - `2025-02-24`	3 months	crt.sh
cdnstat.net WE1	`2024-11-04` - `2025-02-02`	3 months	crt.sh

This page contains 2 frames:

Primary Page: https://offer.kingarnerstore.com/skylink/get-skylink/?s=x&h=328074652&o=556&a=700005&t=IV&c1=53995_17908870_11_2397_25&c2=bpytFIDWDukxPFVzWmGGWKkKJKTRkjDQizjpKcaXgnmHQMrYKURGJvAxbIjEdKlPg&c3=wst
Frame ID: 1F77CE445732943039AEACDBDF677916
Requests: 57 HTTP requests in this frame

Frame: https://td.doubleclick.net/td/ga/rul?tid=G-LRKY75Q8Z8&gacid=1097191099.1735530854&gtm=45je4cc1v9180574355za200&dma=0&gcd=13l3l3l3l1l1&npa=0&pscdl=noapi&aip=1&fledge=1&frm=0&tag_exp=101925629~102067555~102067808~102081485~102198178&z=394697663
Frame ID: 295F272CDDA6A9ED4A1ECE37D23584BA
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Get Skylink

Page URL History Show full URLs

https://ctiqedsyo0ubymaz58yl2egc.blob.core.windows.net/ctiqedsyo0ubymaz58yl2egc/1.html Page URL
http://208.67.248.46/qs=r-aggibafgffbifbgagibdfekacikbjjibagekkgagekkgababadgadhkaccaffiadekiaeje... HTTP 307
https://208.67.248.46/qs=r-aggibafgffbifbgagibdfekacikbjjibagekkgagekkgababadgadhkaccaffiadekiaeje... HTTP 307
http://208.67.248.46/qs=r-aggibafgffbifbgagibdfekacikbjjibagekkgagekkgababadgadhkaccaffiadekiaeje... HTTP 302
https://www.marikano.com/rd/r.php?sid=719&pub=700005&c1=53995_17908870_11_2397_25&c2=bpytFIDWDukxPFVz... HTTP 302
https://www.marikano.com/rd/r.php?sid=719&pub=700005&c1=53995_17908870_11_2397_25&c2=bpytFIDWDukxPFVz... Page URL
https://offer.kingarnerstore.com/skylink/get-skylink/?s=x&h=328074652&o=556&a=700005&t=IV&c1=53995_17908870_1... Page URL

Detected technologies

Bootstrap (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js

Laravel (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtag/js

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]([\d.]*\d)[^/]*\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

jsDelivr (CDN) Expand

Overall confidence: 100%
Detected patterns

//cdn\.jsdelivr\.net/

math.js (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

math(?:\.min)?\.js

Page Statistics

58
Requests

100 %
HTTPS

0 %
IPv6

9
Domains

10
Subdomains

10
IPs

2
Countries

1387 kB
Transfer

5788 kB
Size

8
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://ctiqedsyo0ubymaz58yl2egc.blob.core.windows.net/ctiqedsyo0ubymaz58yl2egc/1.html Page URL
http://208.67.248.46/qs=r-aggibafgffbifbgagibdfekacikbjjibagekkgagekkgababadgadhkaccaffiadekiaejechiadcc HTTP 307
https://208.67.248.46/qs=r-aggibafgffbifbgagibdfekacikbjjibagekkgagekkgababadgadhkaccaffiadekiaejechiadcc HTTP 307
http://208.67.248.46/qs=r-aggibafgffbifbgagibdfekacikbjjibagekkgagekkgababadgadhkaccaffiadekiaejechiadcc HTTP 302
https://www.marikano.com/rd/r.php?sid=719&pub=700005&c1=53995_17908870_11_2397_25&c2=bpytFIDWDukxPFVzWmGGWKkKJKTRkjDQizjpKcaXgnmHQMrYKURGJvAxbIjEdKlPg&c3=25 HTTP 302
https://www.marikano.com/rd/r.php?sid=719&pub=700005&c1=53995_17908870_11_2397_25&c2=bpytFIDWDukxPFVzWmGGWKkKJKTRkjDQizjpKcaXgnmHQMrYKURGJvAxbIjEdKlPg&c3=25&cenhp1=1 Page URL
https://offer.kingarnerstore.com/skylink/get-skylink/?s=x&h=328074652&o=556&a=700005&t=IV&c1=53995_17908870_11_2397_25&c2=bpytFIDWDukxPFVzWmGGWKkKJKTRkjDQizjpKcaXgnmHQMrYKURGJvAxbIjEdKlPg&c3=wst Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 1

http://208.67.248.46/qs=r-aggibafgffbifbgagibdfekacikbjjibagekkgagekkgababadgadhkaccaffiadekiaejechiadcc HTTP 307
https://208.67.248.46/qs=r-aggibafgffbifbgagibdfekacikbjjibagekkgagekkgababadgadhkaccaffiadekiaejechiadcc HTTP 307
http://208.67.248.46/qs=r-aggibafgffbifbgagibdfekacikbjjibagekkgagekkgababadgadhkaccaffiadekiaejechiadcc HTTP 302
https://www.marikano.com/rd/r.php?sid=719&pub=700005&c1=53995_17908870_11_2397_25&c2=bpytFIDWDukxPFVzWmGGWKkKJKTRkjDQizjpKcaXgnmHQMrYKURGJvAxbIjEdKlPg&c3=25 HTTP 302
https://www.marikano.com/rd/r.php?sid=719&pub=700005&c1=53995_17908870_11_2397_25&c2=bpytFIDWDukxPFVzWmGGWKkKJKTRkjDQizjpKcaXgnmHQMrYKURGJvAxbIjEdKlPg&c3=25&cenhp1=1

58 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1 200
OK 1.html
ctiqedsyo0ubymaz58yl2egc.blob.core.windows.net/ctiqedsyo0ubymaz58yl2egc/ 152 B
555 B 844ms
209ms Document
text/html 20.209.227.97
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://ctiqedsyo0ubymaz58yl2egc.blob.core.windows.net/ctiqedsyo0ubymaz58yl2egc/1.html
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 20.209.227.97 Washington, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

Content-Length: 152
Content-MD5: uUX+93SMRrVIrJrkVXvaqQ==
Content-Type: text/html
Date: Mon, 30 Dec 2024 03:54:04 GMT
ETag: 0x8DD239BE17ADD2A
Last-Modified: Mon, 23 Dec 2024 21:50:56 GMT
Server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
x-ms-blob-type: BlockBlob
x-ms-lease-status: unlocked
x-ms-request-id: 68349e89-301e-0049-6c6e-5ae83e000000
x-ms-version: 2009-09-19

GET
H/1.1

200
OK

r.php
www.marikano.com/rd/
Redirect Chain

http://208.67.248.46/qs=r-aggibafgffbifbgagibdfekacikbjjibagekkgagekkgababadgadhkaccaffiadekiaejechiadcc
https://208.67.248.46/qs=r-aggibafgffbifbgagibdfekacikbjjibagekkgagekkgababadgadhkaccaffiadekiaejechiadcc
http://208.67.248.46/qs=r-aggibafgffbifbgagibdfekacikbjjibagekkgagekkgababadgadhkaccaffiadekiaejechiadcc
https://www.marikano.com/rd/r.php?sid=719&pub=700005&c1=53995_17908870_11_2397_25&c2=bpytFIDWDukxPFVzWmGGWKkKJKTRkjDQizjpKcaXgnmHQMrYKURGJvAxbIjEdKlPg&c3=25
https://www.marikano.com/rd/r.php?sid=719&pub=700005&c1=53995_17908870_11_2397_25&c2=bpytFIDWDukxPFVzWmGGWKkKJKTRkjDQizjpKcaXgnmHQMrYKURGJvAxbIjEdKlPg&c3=25&cenhp1=1

257 B
578 B

455ms
454ms

Document
text/html

172.232.11.9
AKAMAI-LINODE-AP ...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.marikano.com/rd/r.php?sid=719&pub=700005&c1=53995_17908870_11_2397_25&c2=bpytFIDWDukxPFVzWmGGWKkKJKTRkjDQizjpKcaXgnmHQMrYKURGJvAxbIjEdKlPg&c3=25&cenhp1=1
Requested by: Host: ctiqedsyo0ubymaz58yl2egc.blob.core.windows.net
URL: https://ctiqedsyo0ubymaz58yl2egc.blob.core.windows.net/ctiqedsyo0ubymaz58yl2egc/1.html
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 172.232.11.9 Chicago, United States, ASN63949 (AKAMAI-LINODE-AP Akamai Connected Cloud, SG),
Reverse DNS: 172-232-11-9.ip.linodeusercontent.com
Software: nginx/1.12.2 /
Resource Hash

Request headers

Referer: https://ctiqedsyo0ubymaz58yl2egc.blob.core.windows.net/ctiqedsyo0ubymaz58yl2egc/1.html#qs=r-aggibafgffbifbgagibdfekacikbjjibagekkgagekkgababadgadhkaccaffiadekiaejechiadcc
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

Content-Encoding: gzip
Content-Type: text/html; charset=UTF-8
Date: Mon, 30 Dec 2024 03:54:10 GMT
Server: nginx/1.12.2
Transfer-Encoding: chunked
Vary: Accept-Encoding

Redirect headers

Content-Type: text/html; charset=UTF-8
Date: Mon, 30 Dec 2024 03:54:10 GMT
Location: https://www.marikano.com/rd/r.php?sid=719&pub=700005&c1=53995_17908870_11_2397_25&c2=bpytFIDWDukxPFVzWmGGWKkKJKTRkjDQizjpKcaXgnmHQMrYKURGJvAxbIjEdKlPg&c3=25&cenhp1=1
Server: nginx/1.12.2
Transfer-Encoding: chunked

GET
H2 200 Primary Request / Show response
offer.kingarnerstore.com/skylink/get-skylink/ 68 KB
14 KB 1644ms
1470ms Document
text/html 104.21.87.163
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://offer.kingarnerstore.com/skylink/get-skylink/?s=x&h=328074652&o=556&a=700005&t=IV&c1=53995_17908870_11_2397_25&c2=bpytFIDWDukxPFVzWmGGWKkKJKTRkjDQizjpKcaXgnmHQMrYKURGJvAxbIjEdKlPg&c3=wst

Requested by

Host: www.marikano.com
URL: https://www.marikano.com/rd/r.php?sid=719&pub=700005&c1=53995_17908870_11_2397_25&c2=bpytFIDWDukxPFVzWmGGWKkKJKTRkjDQizjpKcaXgnmHQMrYKURGJvAxbIjEdKlPg&c3=25&cenhp1=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.21.87.163 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

089b70532f408b90cdd81e632331bc9a9b327c86ff9d584faec84def160203e7

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests; block-all-mixed-content
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.marikano.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

alt-svc: h3=":443"; ma=86400
cache-control: no-cache, private
cf-cache-status: DYNAMIC
cf-ray: 8f9f164b4891c22e-TLV
content-encoding: zstd
content-security-policy: upgrade-insecure-requests; block-all-mixed-content
content-type: text/html; charset=UTF-8
date: Mon, 30 Dec 2024 03:54:12 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
permissions-policy: interest-cohort=()
referrer-policy: no-referrer-when-downgrade
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=JdPtUO923fRiLR8sLbDWb6Z%2Fmiq0oAhHqYEbA0zzP2JjUACE%2BcgAyKfiJa66f9t8ez2hzbexY23dnTJj1IbFl8PyAL8rHe9jrx292RFTiWkH3jYkaAmwbeZXt6zOCcUl1riFdXj%2BQ6RJZbA%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
server-timing: cfL4;desc="?proto=TCP&rtt=3739&min_rtt=3725&rtt_var=799&sent=8&recv=11&lost=0&retrans=0&sent_bytes=3998&recv_bytes=2439&delivery_rate=1026840&cwnd=253&unsent_bytes=0&cid=da10df49db5bcab2&ts=1476&x=0"
strict-transport-security: max-age=15552000; includeSubDomains; preload
vary: Accept-Encoding
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block

GET
H2 200 get-style.css
offer.kingarnerstore.com/assets/css/skylink/ 36 KB
7 KB 263ms
261ms Stylesheet
text/css 104.21.87.163
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://offer.kingarnerstore.com/assets/css/skylink/get-style.css

Requested by

Host: offer.kingarnerstore.com
URL: https://offer.kingarnerstore.com/skylink/get-skylink/?s=x&h=328074652&o=556&a=700005&t=IV&c1=53995_17908870_11_2397_25&c2=bpytFIDWDukxPFVzWmGGWKkKJKTRkjDQizjpKcaXgnmHQMrYKURGJvAxbIjEdKlPg&c3=wst

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.21.87.163 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b3ddd6fdc587a6f485a34cf318c4a11db8e82865443e0978ab98fe77bff7aa98

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests; block-all-mixed-content
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://offer.kingarnerstore.com/skylink/get-skylink/?s=x&h=328074652&o=556&a=700005&t=IV&c1=53995_17908870_11_2397_25&c2=bpytFIDWDukxPFVzWmGGWKkKJKTRkjDQizjpKcaXgnmHQMrYKURGJvAxbIjEdKlPg&c3=wst

Response headers

content-encoding: gzip
cf-cache-status: MISS
etag: W/"66ec02e2-91e5"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=V5KffjV1a6wHMT9v%2BjAO%2Bsbs%2Ftbj%2FHOWfPnYFS46ON2kWOy2qRG4u89TL9030DHcHsHiy8faQzvVrsNj7fz%2BUKT1%2BmyRzLNRG4X5YPRi0t%2F%2FR%2BykyLlqqzyJ%2B11CH0FELFrIm1gnQsPsa3w%3D"}],"group":"cf-nel","max_age":604800}
x-content-type-options: nosniff
expires: Mon, 06 Jan 2025 03:54:12 GMT
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=TCP&rtt=3770&min_rtt=3720&rtt_var=101&sent=33&recv=26&lost=0&retrans=0&sent_bytes=20091&recv_bytes=3659&delivery_rate=3332724&cwnd=256&unsent_bytes=0&cid=da10df49db5bcab2&ts=1763&x=0"
date: Mon, 30 Dec 2024 03:54:12 GMT
content-type: text/css
last-modified: Thu, 19 Sep 2024 10:54:26 GMT
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-security-policy: upgrade-insecure-requests; block-all-mixed-content
cache-control: max-age=604800
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
referrer-policy: no-referrer-when-downgrade
cf-ray: 8f9f1654acb2c22e-TLV
permissions-policy: interest-cohort=()
x-xss-protection: 1; mode=block
server: cloudflare

GET
H2 200 slick.css
offer.kingarnerstore.com/assets/css/skylink/ 3 KB
1 KB 236ms
235ms Stylesheet
text/css 104.21.87.163
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://offer.kingarnerstore.com/assets/css/skylink/slick.css

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.21.87.163 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

bff4b48cd24e617e2c1f560b5c2a497e36404486ad944d278553b0cf53c45964

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests; block-all-mixed-content
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://offer.kingarnerstore.com/skylink/get-skylink/?s=x&h=328074652&o=556&a=700005&t=IV&c1=53995_17908870_11_2397_25&c2=bpytFIDWDukxPFVzWmGGWKkKJKTRkjDQizjpKcaXgnmHQMrYKURGJvAxbIjEdKlPg&c3=wst

Response headers

content-encoding: gzip
cf-cache-status: MISS
etag: W/"66ec02e2-b00"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=0EiLgOhnkFY4Uz7s%2F0KQhvPCFp%2B3aANbbBKyTul4Ihc3TtsONsyCKlRzhqvzuULLILP2YAeHa2ceaKHyZoephshu6rwBuU1cgwEifAKsOJxXRXLtSnC5Y%2BW11%2FndDOuNTZqE7b%2FRdlZF6AY%3D"}],"group":"cf-nel","max_age":604800}
x-content-type-options: nosniff
expires: Mon, 06 Jan 2025 03:54:12 GMT
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=TCP&rtt=3792&min_rtt=3725&rtt_var=163&sent=30&recv=23&lost=0&retrans=0&sent_bytes=18583&recv_bytes=3659&delivery_rate=3332724&cwnd=256&unsent_bytes=0&cid=da10df49db5bcab2&ts=1738&x=0"
date: Mon, 30 Dec 2024 03:54:12 GMT
content-type: text/css
last-modified: Thu, 19 Sep 2024 10:54:26 GMT
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-security-policy: upgrade-insecure-requests; block-all-mixed-content
cache-control: max-age=604800
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
referrer-policy: no-referrer-when-downgrade
cf-ray: 8f9f1654acb3c22e-TLV
permissions-policy: interest-cohort=()
x-xss-protection: 1; mode=block
server: cloudflare

GET
H2 200 styles.min.css
offer.kingarnerstore.com/assets/css/skylink/ 12 KB
3 KB 514ms
513ms Stylesheet
text/css 104.21.87.163
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://offer.kingarnerstore.com/assets/css/skylink/styles.min.css

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.21.87.163 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

4117f96a12b22ed10975f18fb11c291635a0a92f5f0121641ea188e5858c4b14

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests; block-all-mixed-content
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://offer.kingarnerstore.com/skylink/get-skylink/?s=x&h=328074652&o=556&a=700005&t=IV&c1=53995_17908870_11_2397_25&c2=bpytFIDWDukxPFVzWmGGWKkKJKTRkjDQizjpKcaXgnmHQMrYKURGJvAxbIjEdKlPg&c3=wst

Response headers

content-encoding: gzip
cf-cache-status: MISS
etag: W/"66ec02e2-2f48"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=MoEId7hCtRest49grH7SIeAPVMQ8kUeml01P3IjM0sk%2Bc4rx8RnK3FnFKyQHgW9ajwVF2UPNn8Q92xeir9PqTWC9wgXAzfYhH%2FPQZX7KFOQ2Wavq4axw9GHcsByJ%2B%2F3ifozlIh6zmBlfjSI%3D"}],"group":"cf-nel","max_age":604800}
x-content-type-options: nosniff
expires: Mon, 06 Jan 2025 03:54:12 GMT
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=TCP&rtt=3760&min_rtt=3720&rtt_var=47&sent=41&recv=30&lost=0&retrans=0&sent_bytes=27040&recv_bytes=3659&delivery_rate=3332724&cwnd=256&unsent_bytes=0&cid=da10df49db5bcab2&ts=2015&x=0"
date: Mon, 30 Dec 2024 03:54:13 GMT
content-type: text/css
last-modified: Thu, 19 Sep 2024 10:54:26 GMT
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-security-policy: upgrade-insecure-requests; block-all-mixed-content
cache-control: max-age=604800
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
referrer-policy: no-referrer-when-downgrade
cf-ray: 8f9f1654acb4c22e-TLV
permissions-policy: interest-cohort=()
x-xss-protection: 1; mode=block
server: cloudflare

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 324 KB
108 KB 428ms
145ms Script
application/javascript 142.250.185.200
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-LRKY75Q8Z8

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.200 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s52-in-f8.1e100.net

Software

Google Tag Manager /

Resource Hash

5f117747a4b249cd2df7962c6b40bcbc42f75c4b748f0a9628409ad87b0b7784

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://offer.kingarnerstore.com/skylink/get-skylink/?s=x&h=328074652&o=556&a=700005&t=IV&c1=53995_17908870_11_2397_25&c2=bpytFIDWDukxPFVzWmGGWKkKJKTRkjDQizjpKcaXgnmHQMrYKURGJvAxbIjEdKlPg&c3=wst

Response headers

content-encoding: br
report-to: {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcycc:838:0"}],}
expires: Mon, 30 Dec 2024 03:54:13 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Mon, 30 Dec 2024 03:54:13 GMT
content-type: application/javascript; charset=UTF-8
vary: Accept-Encoding
access-control-allow-headers: Cache-Control
strict-transport-security: max-age=31536000; includeSubDomains
cache-control: private, max-age=900
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcycc:838:0
access-control-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to=coop_reporting
content-length: 110060
x-xss-protection: 0
server: Google Tag Manager

GET
H2 200 logo.png
offer.kingarnerstore.com/assets/images/skylink/ 8 KB
9 KB 546ms
545ms Image
image/png 104.21.87.163
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://offer.kingarnerstore.com/assets/images/skylink/logo.png

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.21.87.163 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

3b71b19f4323705db98ebbc3e84e9affdd0b4f1b4de0879122c42c5036c9d8d2

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests; block-all-mixed-content
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://offer.kingarnerstore.com/skylink/get-skylink/?s=x&h=328074652&o=556&a=700005&t=IV&c1=53995_17908870_11_2397_25&c2=bpytFIDWDukxPFVzWmGGWKkKJKTRkjDQizjpKcaXgnmHQMrYKURGJvAxbIjEdKlPg&c3=wst

Response headers

cf-cache-status: MISS
etag: "66ec02e2-2110"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=wIy1SyE93%2FRpFO59HIzb2Yh2gRItVC0ZL9E3kGlLQDwAEO9s3GSzGJYElsVIJzTNscth1%2F5BDSy4Y7%2F3SgYLWRJY2BXh%2FbKWhDFyCF1p9DbOtqmxTHmjX37WvXeOjDxgppFKfj1mQEm0icg%3D"}],"group":"cf-nel","max_age":604800}
x-content-type-options: nosniff
expires: Mon, 06 Jan 2025 03:54:12 GMT
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=TCP&rtt=3747&min_rtt=3707&rtt_var=36&sent=46&recv=33&lost=0&retrans=0&sent_bytes=30566&recv_bytes=3659&delivery_rate=3332724&cwnd=256&unsent_bytes=0&cid=da10df49db5bcab2&ts=2046&x=0"
date: Mon, 30 Dec 2024 03:54:13 GMT
content-type: image/png
last-modified: Thu, 19 Sep 2024 10:54:26 GMT
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-security-policy: upgrade-insecure-requests; block-all-mixed-content
cache-control: max-age=604800
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
referrer-policy: no-referrer-when-downgrade
cf-ray: 8f9f1654acb5c22e-TLV
permissions-policy: interest-cohort=()
accept-ranges: bytes
content-length: 8464
x-xss-protection: 1; mode=block
server: cloudflare

GET
H2 200 bnr-prod.png
offer.kingarnerstore.com/assets/images/skylink/ 194 KB
195 KB 824ms
823ms Image
image/png 104.21.87.163
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://offer.kingarnerstore.com/assets/images/skylink/bnr-prod.png

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.21.87.163 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

a792aef8f38f4e63144187017be44d18f149f228301c2b4c0dd64eee801ef40b

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests; block-all-mixed-content
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://offer.kingarnerstore.com/skylink/get-skylink/?s=x&h=328074652&o=556&a=700005&t=IV&c1=53995_17908870_11_2397_25&c2=bpytFIDWDukxPFVzWmGGWKkKJKTRkjDQizjpKcaXgnmHQMrYKURGJvAxbIjEdKlPg&c3=wst

Response headers

cf-cache-status: MISS
etag: "66ec02e2-30754"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=M9v5Bl%2F2SECOtzh11bH%2BCxb4xSVb%2BeHQyeJ80JYlm4WTc4D0JntG3UdxaQQIXRqzQT7IaOLvvPyaqyOn%2BPqpTGXFJ7KnfcPEQDSgb9KXKHM0hU44y%2B5wg5fu0J4J9ES%2B138xoTWzweWX8fw%3D"}],"group":"cf-nel","max_age":604800}
x-content-type-options: nosniff
expires: Mon, 06 Jan 2025 03:54:12 GMT
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=TCP&rtt=3754&min_rtt=3707&rtt_var=20&sent=56&recv=37&lost=0&retrans=0&sent_bytes=39709&recv_bytes=3659&delivery_rate=3357664&cwnd=256&unsent_bytes=0&cid=da10df49db5bcab2&ts=2325&x=0"
date: Mon, 30 Dec 2024 03:54:13 GMT
content-type: image/png
last-modified: Thu, 19 Sep 2024 10:54:26 GMT
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-security-policy: upgrade-insecure-requests; block-all-mixed-content
cache-control: max-age=604800
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
referrer-policy: no-referrer-when-downgrade
cf-ray: 8f9f1654acb6c22e-TLV
permissions-policy: interest-cohort=()
accept-ranges: bytes
content-length: 198484
x-xss-protection: 1; mode=block
server: cloudflare

GET
H3 200 bnr-star.png
offer.kingarnerstore.com/assets/images/skylink/ 4 KB
5 KB 535ms
532ms Image
image/png 104.21.87.163
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://offer.kingarnerstore.com/assets/images/skylink/bnr-star.png

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

104.21.87.163 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

0f0c50a4139626d8351a7adc02d29c3cffeadbac0a774c82a531d28644450a6c

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests; block-all-mixed-content
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://offer.kingarnerstore.com/skylink/get-skylink/?s=x&h=328074652&o=556&a=700005&t=IV&c1=53995_17908870_11_2397_25&c2=bpytFIDWDukxPFVzWmGGWKkKJKTRkjDQizjpKcaXgnmHQMrYKURGJvAxbIjEdKlPg&c3=wst

Response headers

cf-cache-status: MISS
etag: "66ec02e2-fe1"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=dlDhk0h3rFNBnDMCLHWiI6wtJixa7t81P9%2BQjg27Z0V1YuNLVK9v4xMf%2FUshVrVr9FKl%2BQDuroZtrSZC55A9RL5jlaNSPGvF9kXWhwCBdpFcpfSSowcfYFufkwlI4fU46AqytXQAyzPz3mY%3D"}],"group":"cf-nel","max_age":604800}
x-content-type-options: nosniff
expires: Mon, 06 Jan 2025 03:54:13 GMT
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=79253&min_rtt=75397&rtt_var=6388&sent=76&recv=72&lost=0&retrans=0&sent_bytes=60921&recv_bytes=45766&delivery_rate=340000&cwnd=30000&unsent_bytes=0&cid=ae4942760128edb8&ts=977&x=1", cfExtPri, cfHdrFlush;dur=0
date: Mon, 30 Dec 2024 03:54:13 GMT
content-type: image/png
last-modified: Thu, 19 Sep 2024 10:54:26 GMT
vary: Accept-Encoding
priority: u=2,i
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-security-policy: upgrade-insecure-requests; block-all-mixed-content
cache-control: max-age=604800
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
referrer-policy: no-referrer-when-downgrade
cf-ray: 8f9f1657eacc7d9a-TLV
permissions-policy: interest-cohort=()
accept-ranges: bytes
content-length: 4065
x-xss-protection: 1; mode=block
server: cloudflare

GET
H3 200 bnr-t-pic.jpg
offer.kingarnerstore.com/assets/images/skylink/ 26 KB
27 KB 741ms
734ms Image
image/jpeg 104.21.87.163
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://offer.kingarnerstore.com/assets/images/skylink/bnr-t-pic.jpg

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

104.21.87.163 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

5a3b56c92b2ca4a908de5fd78d6d758f4ca5399de95f3f1e1afa8ae448bd96b7

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests; block-all-mixed-content
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://offer.kingarnerstore.com/skylink/get-skylink/?s=x&h=328074652&o=556&a=700005&t=IV&c1=53995_17908870_11_2397_25&c2=bpytFIDWDukxPFVzWmGGWKkKJKTRkjDQizjpKcaXgnmHQMrYKURGJvAxbIjEdKlPg&c3=wst

Response headers

cf-cache-status: MISS
etag: "66ec02e2-6709"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=dQe%2FJur0khYsyCGJ3WXyxjlVfciiJK3zqiF1YvscamYiFY8EuN6J4wVBMPDSYy2aepL3KKafXBBPzLa0%2FBYbOISyqWBJ8oD%2Fy5KorZeilO4rsNcaufnhLrfajOnOjuhstREowmb4tAich4Y%3D"}],"group":"cf-nel","max_age":604800}
x-content-type-options: nosniff
expires: Mon, 06 Jan 2025 03:54:13 GMT
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=79702&min_rtt=75397&rtt_var=2783&sent=235&recv=95&lost=0&retrans=0&sent_bytes=227841&recv_bytes=46788&delivery_rate=437852&cwnd=96000&unsent_bytes=0&cid=ae4942760128edb8&ts=1155&x=1", cfExtPri, cfHdrFlush;dur=28
date: Mon, 30 Dec 2024 03:54:13 GMT
content-type: image/jpeg
last-modified: Thu, 19 Sep 2024 10:54:26 GMT
vary: Accept-Encoding
priority: u=2,i
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-security-policy: upgrade-insecure-requests; block-all-mixed-content
cache-control: max-age=604800
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
referrer-policy: no-referrer-when-downgrade
cf-ray: 8f9f1657facf7d9a-TLV
permissions-policy: interest-cohort=()
accept-ranges: bytes
content-length: 26377
x-xss-protection: 1; mode=block
server: cloudflare

GET
H3 200 bnr-t-star.png
offer.kingarnerstore.com/assets/images/skylink/ 5 KB
6 KB 517ms
508ms Image
image/png 104.21.87.163
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://offer.kingarnerstore.com/assets/images/skylink/bnr-t-star.png

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

104.21.87.163 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

72625c31df56fecf380612521c726dac48073f592f8605f24fe6a19312ca706a

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests; block-all-mixed-content
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://offer.kingarnerstore.com/skylink/get-skylink/?s=x&h=328074652&o=556&a=700005&t=IV&c1=53995_17908870_11_2397_25&c2=bpytFIDWDukxPFVzWmGGWKkKJKTRkjDQizjpKcaXgnmHQMrYKURGJvAxbIjEdKlPg&c3=wst

Response headers

cf-cache-status: MISS
etag: "66ec02e2-1328"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=LFnt1l1jvQ52F6MtzLdptboYT8noZ8zJMlN%2BXTO3gJxgP1vDLxsb72YvuODMa%2FmrG3zMmLo5PfnPjDC2YoOuG3vHXPJVSwqm1CXKp69sVUbD9Xai0c4Xg2uRqgfognWpgcCu2BccdZWKPlQ%3D"}],"group":"cf-nel","max_age":604800}
x-content-type-options: nosniff
expires: Mon, 06 Jan 2025 03:54:13 GMT
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=79253&min_rtt=75397&rtt_var=6388&sent=71&recv=72&lost=0&retrans=0&sent_bytes=55052&recv_bytes=45766&delivery_rate=340000&cwnd=30000&unsent_bytes=0&cid=ae4942760128edb8&ts=959&x=1", cfExtPri, cfHdrFlush;dur=0
date: Mon, 30 Dec 2024 03:54:13 GMT
content-type: image/png
last-modified: Thu, 19 Sep 2024 10:54:26 GMT
vary: Accept-Encoding
priority: u=2,i
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-security-policy: upgrade-insecure-requests; block-all-mixed-content
cache-control: max-age=604800
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
referrer-policy: no-referrer-when-downgrade
cf-ray: 8f9f1657fad17d9a-TLV
permissions-policy: interest-cohort=()
accept-ranges: bytes
content-length: 4904
x-xss-protection: 1; mode=block
server: cloudflare

GET
H3 200 bnr-t-tk.png
offer.kingarnerstore.com/assets/images/skylink/ 2 KB
2 KB 588ms
579ms Image
image/png 104.21.87.163
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://offer.kingarnerstore.com/assets/images/skylink/bnr-t-tk.png

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

104.21.87.163 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

71f9d45f520e2c29bfe10398c31aec05e889de38ea50328c12804764cb4c671b

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests; block-all-mixed-content
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://offer.kingarnerstore.com/skylink/get-skylink/?s=x&h=328074652&o=556&a=700005&t=IV&c1=53995_17908870_11_2397_25&c2=bpytFIDWDukxPFVzWmGGWKkKJKTRkjDQizjpKcaXgnmHQMrYKURGJvAxbIjEdKlPg&c3=wst

Response headers

cf-cache-status: MISS
etag: "66ec02e2-699"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=W3c51aw838Hm2jpovYa%2FeFWnwFVWD9XwnTorAmz7S7pPhjuLFIgbAVpDHb1z2eQAlIxYK440MMxK1erv3v7oKFv0gS1sWpb9L0nqyimGOG19pugQX4AhlLq%2FjMy21iT%2FU3ALv4SYVzOurKA%3D"}],"group":"cf-nel","max_age":604800}
x-content-type-options: nosniff
expires: Mon, 06 Jan 2025 03:54:13 GMT
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=79253&min_rtt=75397&rtt_var=6388&sent=100&recv=72&lost=0&retrans=0&sent_bytes=85041&recv_bytes=45766&delivery_rate=340000&cwnd=30000&unsent_bytes=0&cid=ae4942760128edb8&ts=997&x=1", cfExtPri, cfHdrFlush;dur=39
date: Mon, 30 Dec 2024 03:54:13 GMT
content-type: image/png
last-modified: Thu, 19 Sep 2024 10:54:26 GMT
vary: Accept-Encoding
priority: u=3,i
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-security-policy: upgrade-insecure-requests; block-all-mixed-content
cache-control: max-age=604800
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
referrer-policy: no-referrer-when-downgrade
cf-ray: 8f9f1657fade7d9a-TLV
permissions-policy: interest-cohort=()
accept-ranges: bytes
content-length: 1689
x-xss-protection: 1; mode=block
server: cloudflare

GET
H3 200 frm-clk.png
offer.kingarnerstore.com/assets/images/skylink/ 3 KB
4 KB 588ms
579ms Image
image/png 104.21.87.163
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://offer.kingarnerstore.com/assets/images/skylink/frm-clk.png

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

104.21.87.163 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

827666d308a710cf777a499ca6b3da8d7ad500ccaea480a21106785541931aaf

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests; block-all-mixed-content
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://offer.kingarnerstore.com/skylink/get-skylink/?s=x&h=328074652&o=556&a=700005&t=IV&c1=53995_17908870_11_2397_25&c2=bpytFIDWDukxPFVzWmGGWKkKJKTRkjDQizjpKcaXgnmHQMrYKURGJvAxbIjEdKlPg&c3=wst

Response headers

cf-cache-status: MISS
etag: "66ec02e2-b09"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=%2BCI%2FQ1KeA1LOF1IPZXhwlw7Mx0yM%2FcqxUrRFfCHh7MFRb79o07PilFEanpfhWg6474FFTik%2FYA7tnydEcIlvneYq2I4fGft%2BaTttSiy8z%2FbW5giQmYszFgt3Wh6Sa8uljM2tsXmPYxTBg0M%3D"}],"group":"cf-nel","max_age":604800}
x-content-type-options: nosniff
expires: Mon, 06 Jan 2025 03:54:13 GMT
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=79253&min_rtt=75397&rtt_var=6388&sent=100&recv=72&lost=0&retrans=0&sent_bytes=85041&recv_bytes=45766&delivery_rate=340000&cwnd=30000&unsent_bytes=0&cid=ae4942760128edb8&ts=989&x=1", cfExtPri, cfHdrFlush;dur=47
date: Mon, 30 Dec 2024 03:54:13 GMT
content-type: image/png
last-modified: Thu, 19 Sep 2024 10:54:26 GMT
vary: Accept-Encoding
priority: u=3,i
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-security-policy: upgrade-insecure-requests; block-all-mixed-content
cache-control: max-age=604800
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
referrer-policy: no-referrer-when-downgrade
cf-ray: 8f9f1657fadf7d9a-TLV
permissions-policy: interest-cohort=()
accept-ranges: bytes
content-length: 2825
x-xss-protection: 1; mode=block
server: cloudflare

GET
H3 200 btn-arw.png
offer.kingarnerstore.com/assets/images/retrofilm/ 2 KB
3 KB 533ms
524ms Image
image/png 104.21.87.163
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://offer.kingarnerstore.com/assets/images/retrofilm/btn-arw.png

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

104.21.87.163 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

a57d4a914179de655239d545002d8f233678e4565963ba15f2c2e35c0c0cd470

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests; block-all-mixed-content
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://offer.kingarnerstore.com/skylink/get-skylink/?s=x&h=328074652&o=556&a=700005&t=IV&c1=53995_17908870_11_2397_25&c2=bpytFIDWDukxPFVzWmGGWKkKJKTRkjDQizjpKcaXgnmHQMrYKURGJvAxbIjEdKlPg&c3=wst

Response headers

cf-cache-status: MISS
etag: "66ec02e2-6ce"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=oBlCIwO9BoI%2BSiPDtDwpvOu6c1FkV%2FwZFahcZeQnAw%2FZdgNvD4A0nffwYQCY34r6fzEBcsiJ1LqRDb%2F7j4ltlIPbscHErJFFQ1FzQbhuLf3wUG%2BKjGG1Koha%2FjbuQETpVNjTC1FfRyrSEj4%3D"}],"group":"cf-nel","max_age":604800}
x-content-type-options: nosniff
expires: Mon, 06 Jan 2025 03:54:13 GMT
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=79253&min_rtt=75397&rtt_var=6388&sent=95&recv=72&lost=0&retrans=0&sent_bytes=79975&recv_bytes=45766&delivery_rate=340000&cwnd=30000&unsent_bytes=0&cid=ae4942760128edb8&ts=981&x=1", cfExtPri, cfHdrFlush;dur=0
date: Mon, 30 Dec 2024 03:54:13 GMT
content-type: image/png
last-modified: Thu, 19 Sep 2024 10:54:26 GMT
vary: Accept-Encoding
priority: u=3,i
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-security-policy: upgrade-insecure-requests; block-all-mixed-content
cache-control: max-age=604800
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
referrer-policy: no-referrer-when-downgrade
cf-ray: 8f9f1657fae17d9a-TLV
permissions-policy: interest-cohort=()
accept-ranges: bytes
content-length: 1742
x-xss-protection: 1; mode=block
server: cloudflare

GET
H3 200 secure-img.png
offer.kingarnerstore.com/assets/images/skylink/ 24 KB
25 KB 356ms
348ms Image
image/png 104.21.87.163
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://offer.kingarnerstore.com/assets/images/skylink/secure-img.png

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

104.21.87.163 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

0f3315434fd9fb2498853b9c46d3e4760d6027adf670d3cf103061afd716b245

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests; block-all-mixed-content
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://offer.kingarnerstore.com/skylink/get-skylink/?s=x&h=328074652&o=556&a=700005&t=IV&c1=53995_17908870_11_2397_25&c2=bpytFIDWDukxPFVzWmGGWKkKJKTRkjDQizjpKcaXgnmHQMrYKURGJvAxbIjEdKlPg&c3=wst

Response headers

cf-cache-status: MISS
etag: "66ec02e2-60d9"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=EpWWPn%2FIfLayuTnCRIgAtMJRaKBMKRpdTg%2BHVkukLKSHUFZyVt9wLOIWMaZbJKpeMOsd2tK72%2B7iBXbK2S3R1lBtWPKaPhS8NQrjr8Q4hRybYV%2B7%2FgJrY9P4mBHetn56TMYdvcSbW1I14xQ%3D"}],"group":"cf-nel","max_age":604800}
x-content-type-options: nosniff
expires: Mon, 06 Jan 2025 03:54:13 GMT
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=79350&min_rtt=75397&rtt_var=7606&sent=46&recv=54&lost=0&retrans=0&sent_bytes=28778&recv_bytes=44986&delivery_rate=155260&cwnd=19200&unsent_bytes=0&cid=ae4942760128edb8&ts=806&x=1", cfExtPri, cfHdrFlush;dur=0
date: Mon, 30 Dec 2024 03:54:13 GMT
content-type: image/png
last-modified: Thu, 19 Sep 2024 10:54:26 GMT
vary: Accept-Encoding
priority: u=3,i
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-security-policy: upgrade-insecure-requests; block-all-mixed-content
cache-control: max-age=604800
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
referrer-policy: no-referrer-when-downgrade
cf-ray: 8f9f1657fae27d9a-TLV
permissions-policy: interest-cohort=()
accept-ranges: bytes
content-length: 24793
x-xss-protection: 1; mode=block
server: cloudflare

GET
H3 200 s1-prod.png
offer.kingarnerstore.com/assets/images/skylink/ 125 KB
126 KB 879ms
871ms Image
image/png 104.21.87.163
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://offer.kingarnerstore.com/assets/images/skylink/s1-prod.png

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

104.21.87.163 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f5e445c5d41b9a63efca05196442993819949ea8b83ea13bbc53626e5a95d59f

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests; block-all-mixed-content
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://offer.kingarnerstore.com/skylink/get-skylink/?s=x&h=328074652&o=556&a=700005&t=IV&c1=53995_17908870_11_2397_25&c2=bpytFIDWDukxPFVzWmGGWKkKJKTRkjDQizjpKcaXgnmHQMrYKURGJvAxbIjEdKlPg&c3=wst

Response headers

cf-cache-status: MISS
etag: "66ec02e2-1f59e"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=jdbH5Pdm1prmeE1s4yab8Cwic7Kc%2FJWxmohGtpKv%2FWEGFtO3QrMakrWSWp9uBJ3b4smiOGRPYtY2VVV0QpLqDsnuer1LXDQ%2BPT0TsPhFzRkKgjNVn8AFfmHlmvT%2BA%2FQ6QXmhB%2BFPjMw4O3g%3D"}],"group":"cf-nel","max_age":604800}
x-content-type-options: nosniff
expires: Mon, 06 Jan 2025 03:54:13 GMT
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=78710&min_rtt=75397&rtt_var=1631&sent=570&recv=117&lost=0&retrans=0&sent_bytes=616044&recv_bytes=48878&delivery_rate=1907264&cwnd=260400&unsent_bytes=0&cid=ae4942760128edb8&ts=1294&x=1", cfExtPri, cfHdrFlush;dur=0
date: Mon, 30 Dec 2024 03:54:13 GMT
content-type: image/png
last-modified: Thu, 19 Sep 2024 10:54:26 GMT
vary: Accept-Encoding
priority: u=3,i
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-security-policy: upgrade-insecure-requests; block-all-mixed-content
cache-control: max-age=604800
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
referrer-policy: no-referrer-when-downgrade
cf-ray: 8f9f1657fae37d9a-TLV
permissions-policy: interest-cohort=()
accept-ranges: bytes
content-length: 128414
x-xss-protection: 1; mode=block
server: cloudflare

GET
H3 200 s1-prod-mob.png
offer.kingarnerstore.com/assets/images/skylink/ 46 KB
47 KB 815ms
808ms Image
image/png 104.21.87.163
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://offer.kingarnerstore.com/assets/images/skylink/s1-prod-mob.png

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

104.21.87.163 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2ed54f81dec64848b1f603022e19a8dcedd4273f72b5cbd2697472fdb882d238

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests; block-all-mixed-content
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://offer.kingarnerstore.com/skylink/get-skylink/?s=x&h=328074652&o=556&a=700005&t=IV&c1=53995_17908870_11_2397_25&c2=bpytFIDWDukxPFVzWmGGWKkKJKTRkjDQizjpKcaXgnmHQMrYKURGJvAxbIjEdKlPg&c3=wst

Response headers

cf-cache-status: MISS
etag: "66ec02e2-b8bd"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=8q%2FzdUOJ3nz3VHAc26cBtk9uv%2FdiI1Bi9Gg%2Fmml1JORNG0NCi14Gq9zqTeuOiCiLTHMn3IVYQOUfCglVOctUFOIJb9SHRkr3GeIdmoYzABVhqwArtkszy5VUwFrqHYPSLr%2B5SEqZ4mEl%2F2o%3D"}],"group":"cf-nel","max_age":604800}
x-content-type-options: nosniff
expires: Mon, 06 Jan 2025 03:54:13 GMT
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=78255&min_rtt=75397&rtt_var=1824&sent=364&recv=105&lost=0&retrans=0&sent_bytes=377124&recv_bytes=48337&delivery_rate=1186486&cwnd=158400&unsent_bytes=0&cid=ae4942760128edb8&ts=1239&x=1", cfExtPri, cfHdrFlush;dur=12
date: Mon, 30 Dec 2024 03:54:13 GMT
content-type: image/png
last-modified: Thu, 19 Sep 2024 10:54:26 GMT
vary: Accept-Encoding
priority: u=3,i
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-security-policy: upgrade-insecure-requests; block-all-mixed-content
cache-control: max-age=604800
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
referrer-policy: no-referrer-when-downgrade
cf-ray: 8f9f1657fae47d9a-TLV
permissions-policy: interest-cohort=()
accept-ranges: bytes
content-length: 47293
x-xss-protection: 1; mode=block
server: cloudflare

GET
H3 200 btn-arw.png
offer.kingarnerstore.com/assets/images/skylink/ 2 KB
3 KB 530ms
523ms Image
image/png 104.21.87.163
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://offer.kingarnerstore.com/assets/images/skylink/btn-arw.png

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

104.21.87.163 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

a57d4a914179de655239d545002d8f233678e4565963ba15f2c2e35c0c0cd470

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests; block-all-mixed-content
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://offer.kingarnerstore.com/skylink/get-skylink/?s=x&h=328074652&o=556&a=700005&t=IV&c1=53995_17908870_11_2397_25&c2=bpytFIDWDukxPFVzWmGGWKkKJKTRkjDQizjpKcaXgnmHQMrYKURGJvAxbIjEdKlPg&c3=wst

Response headers

cf-cache-status: MISS
etag: "66ec02e2-6ce"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=An6BsXtWR%2FZxADw53fZNS4hLasNbcsReAEtetKn8DgAHDUso1PFt%2BbLuaa8l6ptkMct%2FZmVh6nnYiPOGh91kEJdkw2%2FM30JQeCO0cR%2FTZv54ik%2BD4siYRCaT5MP2mtLL%2BXJtoIabPYEkE24%3D"}],"group":"cf-nel","max_age":604800}
x-content-type-options: nosniff
expires: Mon, 06 Jan 2025 03:54:13 GMT
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=79253&min_rtt=75397&rtt_var=6388&sent=92&recv=72&lost=0&retrans=0&sent_bytes=77309&recv_bytes=45766&delivery_rate=340000&cwnd=30000&unsent_bytes=0&cid=ae4942760128edb8&ts=980&x=1", cfExtPri, cfHdrFlush;dur=0
date: Mon, 30 Dec 2024 03:54:13 GMT
content-type: image/png
last-modified: Thu, 19 Sep 2024 10:54:26 GMT
vary: Accept-Encoding
priority: u=3,i
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-security-policy: upgrade-insecure-requests; block-all-mixed-content
cache-control: max-age=604800
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
referrer-policy: no-referrer-when-downgrade
cf-ray: 8f9f1657fae57d9a-TLV
permissions-policy: interest-cohort=()
accept-ranges: bytes
content-length: 1742
x-xss-protection: 1; mode=block
server: cloudflare

GET
H3 200 mnybk-seal.png
offer.kingarnerstore.com/assets/images/skylink/ 36 KB
37 KB 815ms
808ms Image
image/png 104.21.87.163
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://offer.kingarnerstore.com/assets/images/skylink/mnybk-seal.png

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

104.21.87.163 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

210082e5868ac02baafa6910cf9b5a724a49a82d61894fc3d85bec8396adaf8c

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests; block-all-mixed-content
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://offer.kingarnerstore.com/skylink/get-skylink/?s=x&h=328074652&o=556&a=700005&t=IV&c1=53995_17908870_11_2397_25&c2=bpytFIDWDukxPFVzWmGGWKkKJKTRkjDQizjpKcaXgnmHQMrYKURGJvAxbIjEdKlPg&c3=wst

Response headers

cf-cache-status: MISS
etag: "66ec02e2-91f0"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=DHPJpvVjUXobpLujSjLv7%2B1vJHj8B83VLqK8gkw7EJxbKgTTnaWbCOxB6%2BlSIJ5B76Qn1QuKQdSG11EvOU7nR5r4eNwX0x%2FeL8vK4bQhfWvJw2pojvcK68k%2BBp7V5IT74nNNacUSQLd%2FHcE%3D"}],"group":"cf-nel","max_age":604800}
x-content-type-options: nosniff
expires: Mon, 06 Jan 2025 03:54:13 GMT
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=78255&min_rtt=75397&rtt_var=1824&sent=364&recv=105&lost=0&retrans=0&sent_bytes=377124&recv_bytes=48337&delivery_rate=1186486&cwnd=158400&unsent_bytes=0&cid=ae4942760128edb8&ts=1235&x=1", cfExtPri, cfHdrFlush;dur=31
date: Mon, 30 Dec 2024 03:54:13 GMT
content-type: image/png
last-modified: Thu, 19 Sep 2024 10:54:26 GMT
vary: Accept-Encoding
priority: u=3,i
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-security-policy: upgrade-insecure-requests; block-all-mixed-content
cache-control: max-age=604800
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
referrer-policy: no-referrer-when-downgrade
cf-ray: 8f9f1657fae67d9a-TLV
permissions-policy: interest-cohort=()
accept-ranges: bytes
content-length: 37360
x-xss-protection: 1; mode=block
server: cloudflare

GET
H3 200 rat-star.png
offer.kingarnerstore.com/assets/images/skylink/ 5 KB
6 KB 585ms
578ms Image
image/png 104.21.87.163
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://offer.kingarnerstore.com/assets/images/skylink/rat-star.png

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

104.21.87.163 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f4466636f99dac1f8f06798cfc25166063e284ff97efb79d6559c4d726b21b8a

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests; block-all-mixed-content
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://offer.kingarnerstore.com/skylink/get-skylink/?s=x&h=328074652&o=556&a=700005&t=IV&c1=53995_17908870_11_2397_25&c2=bpytFIDWDukxPFVzWmGGWKkKJKTRkjDQizjpKcaXgnmHQMrYKURGJvAxbIjEdKlPg&c3=wst

Response headers

cf-cache-status: MISS
etag: "66ec02e2-1525"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Lt8pSS9GAysn341vJjpntYGudtxk9N4QjFqd7zPs7wTrnJHxJ6kPCtv4FOEDm2mnAiNMJ2lB01kPVHd5uUL8S%2F0hj5DcxAv9uhvzOF19hy1V11BtftzqJCFa53RJge1T6pCSEmwt7lsPMZo%3D"}],"group":"cf-nel","max_age":604800}
x-content-type-options: nosniff
expires: Mon, 06 Jan 2025 03:54:13 GMT
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=79253&min_rtt=75397&rtt_var=6388&sent=100&recv=72&lost=0&retrans=0&sent_bytes=85041&recv_bytes=45766&delivery_rate=340000&cwnd=30000&unsent_bytes=0&cid=ae4942760128edb8&ts=1000&x=1", cfExtPri, cfHdrFlush;dur=36
date: Mon, 30 Dec 2024 03:54:13 GMT
content-type: image/png
last-modified: Thu, 19 Sep 2024 10:54:26 GMT
vary: Accept-Encoding
priority: u=3,i
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-security-policy: upgrade-insecure-requests; block-all-mixed-content
cache-control: max-age=604800
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
referrer-policy: no-referrer-when-downgrade
cf-ray: 8f9f1657fae77d9a-TLV
permissions-policy: interest-cohort=()
accept-ranges: bytes
content-length: 5413
x-xss-protection: 1; mode=block
server: cloudflare

GET
H3 200 s3-lstimg1.jpg
offer.kingarnerstore.com/assets/images/skylink/ 8 KB
9 KB 532ms
525ms Image
image/jpeg 104.21.87.163
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://offer.kingarnerstore.com/assets/images/skylink/s3-lstimg1.jpg

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

104.21.87.163 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2fe362c85863a7062d1f6f3e57b24c1f5ee42f021035efb2fe152172dcf10de9

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests; block-all-mixed-content
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://offer.kingarnerstore.com/skylink/get-skylink/?s=x&h=328074652&o=556&a=700005&t=IV&c1=53995_17908870_11_2397_25&c2=bpytFIDWDukxPFVzWmGGWKkKJKTRkjDQizjpKcaXgnmHQMrYKURGJvAxbIjEdKlPg&c3=wst

Response headers

cf-cache-status: MISS
etag: "66ec02e2-1f04"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=zKlKl7%2FKsAIFMvo72GMF4IgNN2tc7wUquhPPaECjAOeUwb4UvEYfTl0XKutsEQoxVAEAjVfP6hjV3IifsX%2FHX37D%2BtuNY17xcRXmUSPF3fIFWvh%2BxRLC2zO3jl7bAxPv9bdnIMKkObb5%2BME%3D"}],"group":"cf-nel","max_age":604800}
x-content-type-options: nosniff
expires: Mon, 06 Jan 2025 03:54:13 GMT
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=79253&min_rtt=75397&rtt_var=6388&sent=98&recv=72&lost=0&retrans=0&sent_bytes=82641&recv_bytes=45766&delivery_rate=340000&cwnd=30000&unsent_bytes=0&cid=ae4942760128edb8&ts=984&x=1", cfExtPri, cfHdrFlush;dur=0
date: Mon, 30 Dec 2024 03:54:13 GMT
content-type: image/jpeg
last-modified: Thu, 19 Sep 2024 10:54:26 GMT
vary: Accept-Encoding
priority: u=3,i
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-security-policy: upgrade-insecure-requests; block-all-mixed-content
cache-control: max-age=604800
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
referrer-policy: no-referrer-when-downgrade
cf-ray: 8f9f1657fae87d9a-TLV
permissions-policy: interest-cohort=()
accept-ranges: bytes
content-length: 7940
x-xss-protection: 1; mode=block
server: cloudflare

GET
H3 200 s3-lst-star.png
offer.kingarnerstore.com/assets/images/skylink/ 5 KB
6 KB 604ms
598ms Image
image/png 104.21.87.163
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://offer.kingarnerstore.com/assets/images/skylink/s3-lst-star.png

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

104.21.87.163 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

3e4a5b3854a52f8eaffa45af03fe981fc2abf3f3b725cad1b603bd468401b119

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests; block-all-mixed-content
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://offer.kingarnerstore.com/skylink/get-skylink/?s=x&h=328074652&o=556&a=700005&t=IV&c1=53995_17908870_11_2397_25&c2=bpytFIDWDukxPFVzWmGGWKkKJKTRkjDQizjpKcaXgnmHQMrYKURGJvAxbIjEdKlPg&c3=wst

Response headers

cf-cache-status: MISS
etag: "66ec02e2-12f4"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=T6lGioSBOxZwiccHQqOfqB39v6MZUqLskqhXRa2%2F746UAprBbncKs4gHtkCT4OnL8fOy9KXW7z%2BUVFEdZsFTm%2F3BNBeKeIWgKxiY0pF%2B%2BUyEe%2BpQuGdwxATSWxLeWmg%2FyiKa8vgxTmXMGrg%3D"}],"group":"cf-nel","max_age":604800}
x-content-type-options: nosniff
expires: Mon, 06 Jan 2025 03:54:13 GMT
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=79253&min_rtt=75397&rtt_var=6388&sent=100&recv=72&lost=0&retrans=0&sent_bytes=85041&recv_bytes=45766&delivery_rate=340000&cwnd=30000&unsent_bytes=0&cid=ae4942760128edb8&ts=992&x=1", cfExtPri, cfHdrFlush;dur=62
date: Mon, 30 Dec 2024 03:54:13 GMT
content-type: image/png
last-modified: Thu, 19 Sep 2024 10:54:26 GMT
vary: Accept-Encoding
priority: u=3,i
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-security-policy: upgrade-insecure-requests; block-all-mixed-content
cache-control: max-age=604800
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
referrer-policy: no-referrer-when-downgrade
cf-ray: 8f9f1657fae97d9a-TLV
permissions-policy: interest-cohort=()
accept-ranges: bytes
content-length: 4852
x-xss-protection: 1; mode=block
server: cloudflare

GET
H3 200 vry-img.png
offer.kingarnerstore.com/assets/images/skylink/ 2 KB
2 KB 603ms
597ms Image
image/png 104.21.87.163
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://offer.kingarnerstore.com/assets/images/skylink/vry-img.png

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

104.21.87.163 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

56ef23f536f31fec6897550a22d20eecbabbe9e2b7f1a563d952c885e73cc7df

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests; block-all-mixed-content
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://offer.kingarnerstore.com/skylink/get-skylink/?s=x&h=328074652&o=556&a=700005&t=IV&c1=53995_17908870_11_2397_25&c2=bpytFIDWDukxPFVzWmGGWKkKJKTRkjDQizjpKcaXgnmHQMrYKURGJvAxbIjEdKlPg&c3=wst

Response headers

cf-cache-status: MISS
etag: "66ec02e2-699"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=jgrH6yYnnjOeK9BOUCAhXy%2FZDx369O4UU53l%2Fp0T89vbEr2MxWXLiNsH%2BdV0PkOkhIwgIQb4Tu4WHKVwDc0dFPCgd4HxYMUVw2d7B3i9lCgXPxK4V%2FVv%2FmEX5NLsqe4U11pTHidsjG7cGdA%3D"}],"group":"cf-nel","max_age":604800}
x-content-type-options: nosniff
expires: Mon, 06 Jan 2025 03:54:13 GMT
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=79253&min_rtt=75397&rtt_var=6388&sent=100&recv=72&lost=0&retrans=0&sent_bytes=85041&recv_bytes=45766&delivery_rate=340000&cwnd=30000&unsent_bytes=0&cid=ae4942760128edb8&ts=985&x=1", cfExtPri, cfHdrFlush;dur=69
date: Mon, 30 Dec 2024 03:54:13 GMT
content-type: image/png
last-modified: Thu, 19 Sep 2024 10:54:26 GMT
vary: Accept-Encoding
priority: u=3,i
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-security-policy: upgrade-insecure-requests; block-all-mixed-content
cache-control: max-age=604800
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
referrer-policy: no-referrer-when-downgrade
cf-ray: 8f9f1657faea7d9a-TLV
permissions-policy: interest-cohort=()
accept-ranges: bytes
content-length: 1689
x-xss-protection: 1; mode=block
server: cloudflare

GET
H3 200 s3-lstimg2.jpg
offer.kingarnerstore.com/assets/images/skylink/ 9 KB
9 KB 524ms
519ms Image
image/jpeg 104.21.87.163
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://offer.kingarnerstore.com/assets/images/skylink/s3-lstimg2.jpg

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

104.21.87.163 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c7a5027f32eb6102f2bde9d5c96d2f3b6d0872e9bb059c55e852298c0d76fbbc

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests; block-all-mixed-content
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://offer.kingarnerstore.com/skylink/get-skylink/?s=x&h=328074652&o=556&a=700005&t=IV&c1=53995_17908870_11_2397_25&c2=bpytFIDWDukxPFVzWmGGWKkKJKTRkjDQizjpKcaXgnmHQMrYKURGJvAxbIjEdKlPg&c3=wst

Response headers

cf-cache-status: MISS
etag: "66ec02e2-2280"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Yu%2FXWTrhe298Rdod3MFp6vtTib87Atbw9xo%2FCv2JZ7GIMhkCZlpaAyoGSkRJ8JSVPJ3ez4nOz4tmAs76KHXwfOrInE1RJgXH0ThBZPhnBKaWkPXXmkzZWvUU9ykzkOXaLaGd6xMzrQzf0zM%3D"}],"group":"cf-nel","max_age":604800}
x-content-type-options: nosniff
expires: Mon, 06 Jan 2025 03:54:13 GMT
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=79253&min_rtt=75397&rtt_var=6388&sent=81&recv=72&lost=0&retrans=0&sent_bytes=65953&recv_bytes=45766&delivery_rate=340000&cwnd=30000&unsent_bytes=0&cid=ae4942760128edb8&ts=978&x=1", cfExtPri, cfHdrFlush;dur=0
date: Mon, 30 Dec 2024 03:54:13 GMT
content-type: image/jpeg
last-modified: Thu, 19 Sep 2024 10:54:26 GMT
vary: Accept-Encoding
priority: u=3,i
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-security-policy: upgrade-insecure-requests; block-all-mixed-content
cache-control: max-age=604800
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
referrer-policy: no-referrer-when-downgrade
cf-ray: 8f9f1657faeb7d9a-TLV
permissions-policy: interest-cohort=()
accept-ranges: bytes
content-length: 8832
x-xss-protection: 1; mode=block
server: cloudflare

GET
H3 200 s3-lstimg3.jpg
offer.kingarnerstore.com/assets/images/skylink/ 8 KB
9 KB 603ms
597ms Image
image/jpeg 104.21.87.163
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://offer.kingarnerstore.com/assets/images/skylink/s3-lstimg3.jpg

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

104.21.87.163 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

6d4b5b0c50d178db91f61e269cbf8b0fe09f108de787bedcfc190debf013779c

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests; block-all-mixed-content
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://offer.kingarnerstore.com/skylink/get-skylink/?s=x&h=328074652&o=556&a=700005&t=IV&c1=53995_17908870_11_2397_25&c2=bpytFIDWDukxPFVzWmGGWKkKJKTRkjDQizjpKcaXgnmHQMrYKURGJvAxbIjEdKlPg&c3=wst

Response headers

cf-cache-status: MISS
etag: "66ec02e2-2124"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Bf%2F3Ot%2B5t8XlZAOT%2BJtuVtRsi53l0Dn%2BkWpqQVHVDfyLntq4vLYmyLYoU79I4OAybRfsmyVDRSJTCziAkYSIAk3v621QSNnL6pwZ2hdwUxc1NtuAon4e%2BVK8DaOXfsdOh70%2BM4JQZs1EdZ0%3D"}],"group":"cf-nel","max_age":604800}
x-content-type-options: nosniff
expires: Mon, 06 Jan 2025 03:54:13 GMT
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=79253&min_rtt=75397&rtt_var=6388&sent=100&recv=72&lost=0&retrans=0&sent_bytes=85041&recv_bytes=45766&delivery_rate=340000&cwnd=30000&unsent_bytes=0&cid=ae4942760128edb8&ts=990&x=1", cfExtPri, cfHdrFlush;dur=64
date: Mon, 30 Dec 2024 03:54:13 GMT
content-type: image/jpeg
last-modified: Thu, 19 Sep 2024 10:54:26 GMT
vary: Accept-Encoding
priority: u=3,i
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-security-policy: upgrade-insecure-requests; block-all-mixed-content
cache-control: max-age=604800
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
referrer-policy: no-referrer-when-downgrade
cf-ray: 8f9f1657faec7d9a-TLV
permissions-policy: interest-cohort=()
accept-ranges: bytes
content-length: 8484
x-xss-protection: 1; mode=block
server: cloudflare

GET
H3 200 s5-ship-img.png
offer.kingarnerstore.com/assets/images/skylink/ 13 KB
14 KB 273ms
268ms Image
image/png 104.21.87.163
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://offer.kingarnerstore.com/assets/images/skylink/s5-ship-img.png

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

104.21.87.163 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d3c0ebec0d6799488e77cab92792d19d154cb6b7b835dea5065556881b37e1ce

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests; block-all-mixed-content
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://offer.kingarnerstore.com/skylink/get-skylink/?s=x&h=328074652&o=556&a=700005&t=IV&c1=53995_17908870_11_2397_25&c2=bpytFIDWDukxPFVzWmGGWKkKJKTRkjDQizjpKcaXgnmHQMrYKURGJvAxbIjEdKlPg&c3=wst

Response headers

cf-cache-status: MISS
etag: "66ec02e2-356c"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=JroQ5gMzH%2F2l7BQ0kRr1anB2GOSpGQgX2A4JzRWt8CKREaHCyN%2FrMGwEzD8pImsioR1BE911mJ4vA2DWeNZT%2BdeImilCeBknALwApb43g7BuXnDa05DUurSq0h7Bf81%2FdLuOkcjRo0ZGhQw%3D"}],"group":"cf-nel","max_age":604800}
x-content-type-options: nosniff
expires: Mon, 06 Jan 2025 03:54:13 GMT
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=77793&min_rtt=75397&rtt_var=13596&sent=32&recv=49&lost=0&retrans=0&sent_bytes=13897&recv_bytes=44771&delivery_rate=13298&cwnd=12000&unsent_bytes=0&cid=ae4942760128edb8&ts=727&x=1", cfExtPri, cfHdrFlush;dur=0
date: Mon, 30 Dec 2024 03:54:13 GMT
content-type: image/png
last-modified: Thu, 19 Sep 2024 10:54:26 GMT
vary: Accept-Encoding
priority: u=3,i
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-security-policy: upgrade-insecure-requests; block-all-mixed-content
cache-control: max-age=604800
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
referrer-policy: no-referrer-when-downgrade
cf-ray: 8f9f1657faed7d9a-TLV
permissions-policy: interest-cohort=()
accept-ranges: bytes
content-length: 13676
x-xss-protection: 1; mode=block
server: cloudflare

GET
H3 200 s5-return-img.png
offer.kingarnerstore.com/assets/images/skylink/ 19 KB
20 KB 678ms
673ms Image
image/png 104.21.87.163
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://offer.kingarnerstore.com/assets/images/skylink/s5-return-img.png

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

104.21.87.163 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

3efd4c11f14c7ceec7016d4d2c9f0bdf2067a216c60578c0f4b723396476a940

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests; block-all-mixed-content
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://offer.kingarnerstore.com/skylink/get-skylink/?s=x&h=328074652&o=556&a=700005&t=IV&c1=53995_17908870_11_2397_25&c2=bpytFIDWDukxPFVzWmGGWKkKJKTRkjDQizjpKcaXgnmHQMrYKURGJvAxbIjEdKlPg&c3=wst

Response headers

cf-cache-status: MISS
etag: "66ec02e2-4c39"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=miZbulnoKqtneEs21RQQtMEuRz%2Fv8gPiSL%2FI6f8KJcrwK5ps5Wkyu8tmWaEvSVuRMd%2FUmh9twZapspnLzgj4gIcL27CMt4Fetua3w%2FEn3tXkHtIYkqmmKTe9CW0IU8D77udHm1xLbOY%2FTqU%3D"}],"group":"cf-nel","max_age":604800}
x-content-type-options: nosniff
expires: Mon, 06 Jan 2025 03:54:13 GMT
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=79599&min_rtt=75397&rtt_var=2815&sent=162&recv=90&lost=0&retrans=0&sent_bytes=146209&recv_bytes=46564&delivery_rate=343438&cwnd=55200&unsent_bytes=0&cid=ae4942760128edb8&ts=1127&x=1", cfExtPri, cfHdrFlush;dur=5
date: Mon, 30 Dec 2024 03:54:13 GMT
content-type: image/png
last-modified: Thu, 19 Sep 2024 10:54:26 GMT
vary: Accept-Encoding
priority: u=3,i
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-security-policy: upgrade-insecure-requests; block-all-mixed-content
cache-control: max-age=604800
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
referrer-policy: no-referrer-when-downgrade
cf-ray: 8f9f1657faee7d9a-TLV
permissions-policy: interest-cohort=()
accept-ranges: bytes
content-length: 19513
x-xss-protection: 1; mode=block
server: cloudflare

GET
H3 200 footer.png
offer.kingarnerstore.com/assets/images/skylink/ 8 KB
9 KB 606ms
601ms Image
image/png 104.21.87.163
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://offer.kingarnerstore.com/assets/images/skylink/footer.png

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

104.21.87.163 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

3b71b19f4323705db98ebbc3e84e9affdd0b4f1b4de0879122c42c5036c9d8d2

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests; block-all-mixed-content
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://offer.kingarnerstore.com/skylink/get-skylink/?s=x&h=328074652&o=556&a=700005&t=IV&c1=53995_17908870_11_2397_25&c2=bpytFIDWDukxPFVzWmGGWKkKJKTRkjDQizjpKcaXgnmHQMrYKURGJvAxbIjEdKlPg&c3=wst

Response headers

cf-cache-status: MISS
etag: "66ec02e2-2110"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=jkQOhGGM%2BrpcMvQo8%2BKcbEsRJimRGWuvVRJrQcn4o2GbWyrM%2FbfQe9WuSvcOfnndNTNFgpcOX0c9860Z0sPRxX58js2%2BPafWXIvq2qgf16tu0yjOaNPw%2BcjfuquJirI3ZuPSFkhNMsACS%2FU%3D"}],"group":"cf-nel","max_age":604800}
x-content-type-options: nosniff
expires: Mon, 06 Jan 2025 03:54:13 GMT
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=79253&min_rtt=75397&rtt_var=6388&sent=100&recv=72&lost=0&retrans=0&sent_bytes=85041&recv_bytes=45766&delivery_rate=340000&cwnd=30000&unsent_bytes=0&cid=ae4942760128edb8&ts=1024&x=1", cfExtPri, cfHdrFlush;dur=30
date: Mon, 30 Dec 2024 03:54:13 GMT
content-type: image/png
last-modified: Thu, 19 Sep 2024 10:54:26 GMT
vary: Accept-Encoding
priority: u=3,i
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-security-policy: upgrade-insecure-requests; block-all-mixed-content
cache-control: max-age=604800
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
referrer-policy: no-referrer-when-downgrade
cf-ray: 8f9f1657faf07d9a-TLV
permissions-policy: interest-cohort=()
accept-ranges: bytes
content-length: 8464
x-xss-protection: 1; mode=block
server: cloudflare

GET
H3 200 email-decode.min.js Show response
offer.kingarnerstore.com/cdn-cgi/scripts/5c5dd728/cloudflare-static/ 1 KB
1 KB 97ms
86ms Script
application/javascript 104.21.87.163
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://offer.kingarnerstore.com/cdn-cgi/scripts/5c5dd728/cloudflare-static/email-decode.min.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

104.21.87.163 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2595496fe48df6fcf9b1bc57c29a744c121eb4dd11566466bc13d2e52e6bbcc8

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://offer.kingarnerstore.com/skylink/get-skylink/?s=x&h=328074652&o=556&a=700005&t=IV&c1=53995_17908870_11_2397_25&c2=bpytFIDWDukxPFVzWmGGWKkKJKTRkjDQizjpKcaXgnmHQMrYKURGJvAxbIjEdKlPg&c3=wst

Response headers

strict-transport-security: max-age=15552000; includeSubDomains; preload
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cache-control: max-age=172800, public
content-encoding: gzip
etag: W/"675fc4cd-4d7"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=%2B17HrT%2Flo55klW9Hr6pIISt3TPwpX%2Bd%2Bd3ue2HS6TnFZG%2B0ahuvemGywg9XXNnvHCY%2BLy%2Bo4LxyVrTL77FpR1Y98PhKEeKxrWZ0gkmltxAFPqjrHXtr%2FlGi9Z%2BF9lFF3hFV%2BCAtOlZaDLSw%3D"}],"group":"cf-nel","max_age":604800}
x-content-type-options: nosniff
cf-ray: 8f9f1657fad37d9a-TLV
expires: Wed, 01 Jan 2025 03:54:13 GMT
date: Mon, 30 Dec 2024 03:54:13 GMT
content-type: application/javascript
last-modified: Mon, 16 Dec 2024 06:12:29 GMT
vary: Accept-Encoding
server: cloudflare
x-frame-options: DENY

GET
H3 200 jquery-3.5.1.min.js Show response
offer.kingarnerstore.com/assets/js/article/ 88 KB
31 KB 745ms
733ms Script
application/javascript 104.21.87.163
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://offer.kingarnerstore.com/assets/js/article/jquery-3.5.1.min.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

104.21.87.163 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

62b3b6491e32bc1e24d999fd1360e766ff2d48a3354bdcf3583e1c37a57e9e5c

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests; block-all-mixed-content
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://offer.kingarnerstore.com/skylink/get-skylink/?s=x&h=328074652&o=556&a=700005&t=IV&c1=53995_17908870_11_2397_25&c2=bpytFIDWDukxPFVzWmGGWKkKJKTRkjDQizjpKcaXgnmHQMrYKURGJvAxbIjEdKlPg&c3=wst

Response headers

content-encoding: gzip
cf-cache-status: MISS
etag: W/"651c1d2f-15f5e"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=46LcAADXXEzEyHuoL7yiUIRKlhZmk%2FIQncSQ%2Bqq6ileHVyIUET8JzDTcc0464iPLF2dqw0UR4InV806J6RqrsxYZ6X7vnVoJJMYfMGWHbX%2BeIT0TIr4gqeqbjH7ioz%2BOhICzDdzjSUf%2FOLk%3D"}],"group":"cf-nel","max_age":604800}
x-content-type-options: nosniff
expires: Mon, 06 Jan 2025 03:54:13 GMT
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=79702&min_rtt=75397&rtt_var=2783&sent=235&recv=95&lost=0&retrans=0&sent_bytes=227841&recv_bytes=46788&delivery_rate=437852&cwnd=96000&unsent_bytes=0&cid=ae4942760128edb8&ts=1172&x=1", cfExtPri, cfHdrFlush;dur=17
date: Mon, 30 Dec 2024 03:54:13 GMT
content-type: application/javascript; charset=utf-8
last-modified: Tue, 03 Oct 2023 13:54:55 GMT
vary: Accept-Encoding
priority: u=2,i=?0
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-security-policy: upgrade-insecure-requests; block-all-mixed-content
cache-control: max-age=604800
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
referrer-policy: no-referrer-when-downgrade
cf-ray: 8f9f1657fad57d9a-TLV
permissions-policy: interest-cohort=()
x-xss-protection: 1; mode=block
server: cloudflare

GET
H3 200 math.js Show response
offer.kingarnerstore.com/assets/js/checkout/ 664 KB
177 KB 763ms
751ms Script
application/javascript 104.21.87.163
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://offer.kingarnerstore.com/assets/js/checkout/math.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

104.21.87.163 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

4308940f822561d4610f91d515c51c7020e49984da9c542252c9826776e0a134

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests; block-all-mixed-content
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://offer.kingarnerstore.com/skylink/get-skylink/?s=x&h=328074652&o=556&a=700005&t=IV&c1=53995_17908870_11_2397_25&c2=bpytFIDWDukxPFVzWmGGWKkKJKTRkjDQizjpKcaXgnmHQMrYKURGJvAxbIjEdKlPg&c3=wst

Response headers

content-encoding: gzip
cf-cache-status: MISS
etag: W/"6405c7b6-a5e33"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=JOz%2BOH5y6KkEquctfKrUtIpYoMl63JD4LWQ2Cn%2Bpk8PwC0NCyrooE0Huk%2B1o%2BVLG7isnUiWIAHIIPhtMAMGj%2FN978mBzRhNyF1%2F12Zi%2FclQTh1zUBUvDVeCFeO0RVEVPfCJcRR2rfjESYBM%3D"}],"group":"cf-nel","max_age":604800}
x-content-type-options: nosniff
expires: Mon, 06 Jan 2025 03:54:13 GMT
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=79702&min_rtt=75397&rtt_var=2783&sent=235&recv=95&lost=0&retrans=0&sent_bytes=227841&recv_bytes=46788&delivery_rate=437852&cwnd=96000&unsent_bytes=0&cid=ae4942760128edb8&ts=1168&x=1", cfExtPri, cfHdrFlush;dur=39
date: Mon, 30 Dec 2024 03:54:13 GMT
content-type: application/javascript; charset=utf-8
last-modified: Mon, 06 Mar 2023 11:00:06 GMT
vary: Accept-Encoding
priority: u=2,i=?0
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-security-policy: upgrade-insecure-requests; block-all-mixed-content
cache-control: max-age=604800
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
referrer-policy: no-referrer-when-downgrade
cf-ray: 8f9f1657fad77d9a-TLV
permissions-policy: interest-cohort=()
x-xss-protection: 1; mode=block
server: cloudflare

GET
H2 200 bootstrap.bundle.min.js Show response
cdn.jsdelivr.net/npm/bootstrap@5.0.0-beta1/dist/js/ 79 KB
23 KB 400ms
127ms Script
application/javascript 151.101.193.229
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/bootstrap@5.0.0-beta1/dist/js/bootstrap.bundle.min.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.193.229 San Francisco, United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

886a0d1005f4d663e11473c81ea20b2b9d618372313df55223d2c571dffc5698

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin: https://offer.kingarnerstore.com
Referer: https://offer.kingarnerstore.com/skylink/get-skylink/?s=x&h=328074652&o=556&a=700005&t=IV&c1=53995_17908870_11_2397_25&c2=bpytFIDWDukxPFVzWmGGWKkKJKTRkjDQizjpKcaXgnmHQMrYKURGJvAxbIjEdKlPg&c3=wst

Response headers

access-control-expose-headers: *
content-encoding: br
etag: W/"13bb5-zUKjci8NkL/tAMsum+NysHqoVi8"
age: 2253018
x-content-type-options: nosniff
x-jsd-version-type: version
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
x-cache: HIT
date: Mon, 30 Dec 2024 03:54:13 GMT
content-type: application/javascript; charset=utf-8
x-served-by: cache-fra-eddf8230132-FRA
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains; preload
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
access-control-allow-origin: *
content-length: 23485
x-jsd-version: 5.0.0-beta1

GET
H3 200 codebase.min.js Show response
offer.kingarnerstore.com/assets/dist/ 164 KB
46 KB 805ms
794ms Script
application/javascript 104.21.87.163
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://offer.kingarnerstore.com/assets/dist/codebase.min.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

104.21.87.163 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d003f8b2018ff1ad84f86217e69f5f178ff201da83c742b2769932845f2f4c42

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests; block-all-mixed-content
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://offer.kingarnerstore.com/skylink/get-skylink/?s=x&h=328074652&o=556&a=700005&t=IV&c1=53995_17908870_11_2397_25&c2=bpytFIDWDukxPFVzWmGGWKkKJKTRkjDQizjpKcaXgnmHQMrYKURGJvAxbIjEdKlPg&c3=wst

Response headers

content-encoding: gzip
cf-cache-status: MISS
etag: W/"6405c7b6-28fa4"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=jP7iP32Cg8LQpWoEoRdmRO1dmDl%2BL%2BjjNjpbhu2Vr4HGYSwY4tf1BQAhwecIIow%2BjhTDRqpnGEAvzjA6mAYXZVBzNURne7Dan9upQLCKruQf%2FcqBDCgGnP3Sb19Ohscb3MumtrogUNUNmE4%3D"}],"group":"cf-nel","max_age":604800}
x-content-type-options: nosniff
expires: Mon, 06 Jan 2025 03:54:13 GMT
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=78255&min_rtt=75397&rtt_var=1824&sent=364&recv=105&lost=0&retrans=0&sent_bytes=377124&recv_bytes=48337&delivery_rate=1186486&cwnd=158400&unsent_bytes=0&cid=ae4942760128edb8&ts=1241&x=1", cfExtPri, cfHdrFlush;dur=10
date: Mon, 30 Dec 2024 03:54:13 GMT
content-type: application/javascript; charset=utf-8
last-modified: Mon, 06 Mar 2023 11:00:06 GMT
vary: Accept-Encoding
priority: u=2,i=?0
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-security-policy: upgrade-insecure-requests; block-all-mixed-content
cache-control: max-age=604800
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
referrer-policy: no-referrer-when-downgrade
cf-ray: 8f9f1657fad87d9a-TLV
permissions-policy: interest-cohort=()
x-xss-protection: 1; mode=block
server: cloudflare

GET
H3 200 checkout.js Show response
offer.kingarnerstore.com/assets/js/checkout/ 23 KB
8 KB 271ms
260ms Script
application/javascript 104.21.87.163
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://offer.kingarnerstore.com/assets/js/checkout/checkout.js?v=1735530852

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

104.21.87.163 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d74e0e7b7e3273d6cadc717b048d05d7051d323a2ae1d72a1ab104f8ba534127

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests; block-all-mixed-content
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://offer.kingarnerstore.com/skylink/get-skylink/?s=x&h=328074652&o=556&a=700005&t=IV&c1=53995_17908870_11_2397_25&c2=bpytFIDWDukxPFVzWmGGWKkKJKTRkjDQizjpKcaXgnmHQMrYKURGJvAxbIjEdKlPg&c3=wst

Response headers

content-encoding: gzip
cf-cache-status: MISS
etag: W/"654b4968-5dcd"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=FrItS7Uhi%2FP2HzzeURUC8xtB%2Fbrfy9mGGrmC%2FYz3%2Bj8SXAzzllElRc83B%2Bkb%2BjIiYtEuKkha4GSvM92htKoKDvrj2k%2FJ1OMo%2BBVp9l2T2Yy0wHwBL30W3kxej7BJ6%2Fc0DxOAmVKurQ2xr70%3D"}],"group":"cf-nel","max_age":604800}
x-content-type-options: nosniff
expires: Mon, 06 Jan 2025 03:54:13 GMT
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=77793&min_rtt=75397&rtt_var=13596&sent=25&recv=49&lost=0&retrans=0&sent_bytes=5741&recv_bytes=44771&delivery_rate=13298&cwnd=12000&unsent_bytes=0&cid=ae4942760128edb8&ts=716&x=1", cfExtPri, cfHdrFlush;dur=0
date: Mon, 30 Dec 2024 03:54:13 GMT
content-type: application/javascript; charset=utf-8
last-modified: Wed, 08 Nov 2023 08:40:08 GMT
vary: Accept-Encoding
priority: u=2,i=?0
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-security-policy: upgrade-insecure-requests; block-all-mixed-content
cache-control: max-age=604800
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
referrer-policy: no-referrer-when-downgrade
cf-ray: 8f9f1657fad97d9a-TLV
permissions-policy: interest-cohort=()
x-xss-protection: 1; mode=block
server: cloudflare

GET
H3 200 jquery.accordion.js Show response
offer.kingarnerstore.com/assets/js/airvive/ 7 KB
3 KB 589ms
579ms Script
application/javascript 104.21.87.163
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://offer.kingarnerstore.com/assets/js/airvive/jquery.accordion.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

104.21.87.163 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

76b6ec40592dd8249c1be660696cf024d83d55837b22b1c181d8be77319b261f

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests; block-all-mixed-content
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://offer.kingarnerstore.com/skylink/get-skylink/?s=x&h=328074652&o=556&a=700005&t=IV&c1=53995_17908870_11_2397_25&c2=bpytFIDWDukxPFVzWmGGWKkKJKTRkjDQizjpKcaXgnmHQMrYKURGJvAxbIjEdKlPg&c3=wst

Response headers

content-encoding: gzip
cf-cache-status: MISS
etag: W/"660d3f1c-1be9"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=%2Fam8dv3hli3zj1Us%2FUsEAYMgIism0MV2fsJtXnXKOCLfg041Jv7Wl8f830pzjEWsjhkvwnsetQJQbBQ32JBAvshxHSWQg7fWKzviWr2p6Dj3fZulfHlPoBFtyPdSuWM9X4nmKINv5KCRHHc%3D"}],"group":"cf-nel","max_age":604800}
x-content-type-options: nosniff
expires: Mon, 06 Jan 2025 03:54:13 GMT
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=79253&min_rtt=75397&rtt_var=6388&sent=100&recv=72&lost=0&retrans=0&sent_bytes=85041&recv_bytes=45766&delivery_rate=340000&cwnd=30000&unsent_bytes=0&cid=ae4942760128edb8&ts=992&x=1", cfExtPri, cfHdrFlush;dur=44
date: Mon, 30 Dec 2024 03:54:13 GMT
content-type: application/javascript; charset=utf-8
last-modified: Wed, 03 Apr 2024 11:35:56 GMT
vary: Accept-Encoding
priority: u=2,i=?0
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-security-policy: upgrade-insecure-requests; block-all-mixed-content
cache-control: max-age=604800
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
referrer-policy: no-referrer-when-downgrade
cf-ray: 8f9f1657fada7d9a-TLV
permissions-policy: interest-cohort=()
x-xss-protection: 1; mode=block
server: cloudflare

GET
H3 200 sticky-prospect-script.js Show response
offer.kingarnerstore.com/assets/extensions/stickyProspect/js/ 3 KB
1 KB 532ms
522ms Script
application/javascript 104.21.87.163
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://offer.kingarnerstore.com/assets/extensions/stickyProspect/js/sticky-prospect-script.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

104.21.87.163 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

64517cddfdcc07b28dee15553a2db60b1616f78ab7fabee6a1ba8c64ca8b7655

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests; block-all-mixed-content
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://offer.kingarnerstore.com/skylink/get-skylink/?s=x&h=328074652&o=556&a=700005&t=IV&c1=53995_17908870_11_2397_25&c2=bpytFIDWDukxPFVzWmGGWKkKJKTRkjDQizjpKcaXgnmHQMrYKURGJvAxbIjEdKlPg&c3=wst

Response headers

content-encoding: gzip
cf-cache-status: MISS
etag: W/"66f2d7d4-da4"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=kQDaQ%2BJLIlfda7ZKh4PXyCC2HUYonzWRKx04V1NkFk%2BaIQNFF4tW7ICNluNiKF8V2lHSYHKer5NbDGPX4S3ROzB8r6wkkOwv4aBCIDBrRmLKiI0%2B9EdkzBbZJYzvaUOmhl%2F9rjg2RX6xRtk%3D"}],"group":"cf-nel","max_age":604800}
x-content-type-options: nosniff
expires: Mon, 06 Jan 2025 03:54:13 GMT
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=79253&min_rtt=75397&rtt_var=6388&sent=90&recv=72&lost=0&retrans=0&sent_bytes=75858&recv_bytes=45766&delivery_rate=340000&cwnd=30000&unsent_bytes=0&cid=ae4942760128edb8&ts=978&x=1", cfExtPri, cfHdrFlush;dur=0
date: Mon, 30 Dec 2024 03:54:13 GMT
content-type: application/javascript; charset=utf-8
last-modified: Tue, 24 Sep 2024 15:16:36 GMT
vary: Accept-Encoding
priority: u=2,i=?0
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-security-policy: upgrade-insecure-requests; block-all-mixed-content
cache-control: max-age=604800
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
referrer-policy: no-referrer-when-downgrade
cf-ray: 8f9f1657fadb7d9a-TLV
permissions-policy: interest-cohort=()
x-xss-protection: 1; mode=block
server: cloudflare

GET
H3 200 Graphik-Regular.woff2
offer.kingarnerstore.com/assets/fonts/yumi/ 37 KB
37 KB 796ms
795ms Font
font/woff2 104.21.87.163
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://offer.kingarnerstore.com/assets/fonts/yumi/Graphik-Regular.woff2

Requested by

Host: offer.kingarnerstore.com
URL: https://offer.kingarnerstore.com/assets/css/skylink/get-style.css

Protocol

Security

QUIC, , AES_128_GCM

Server

104.21.87.163 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

74c27caaaacf7943655883e28a3bc2fb31f05236a9c5be850fcc496b208b1769

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin: https://offer.kingarnerstore.com
Referer: https://offer.kingarnerstore.com/assets/css/skylink/get-style.css

Response headers

cf-cache-status: MISS
etag: "65e0972d-928c"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=82LLIKDxFYNXql2BSoVa3x3Dv5JtReMteQy1D2SrNYdK0m9biJV2mDT9zNAjqckhzHyAmHItOWluA5sREV5L8M4k8n4wKejDm7hIkVoktDf8oZijCyRvNOmt%2FLr6CnGsvFYUVCyZNhY1WHA%3D"}],"group":"cf-nel","max_age":604800}
x-content-type-options: nosniff
expires: Mon, 06 Jan 2025 03:54:13 GMT
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=78255&min_rtt=75397&rtt_var=1824&sent=364&recv=105&lost=0&retrans=0&sent_bytes=377124&recv_bytes=48337&delivery_rate=1186486&cwnd=158400&unsent_bytes=0&cid=ae4942760128edb8&ts=1243&x=1", cfExtPri, cfHdrFlush;dur=41
date: Mon, 30 Dec 2024 03:54:13 GMT
content-type: font/woff2
last-modified: Thu, 29 Feb 2024 14:39:41 GMT
vary: Accept-Encoding
priority: u=0,i=?0
strict-transport-security: max-age=15552000; includeSubDomains; preload
cache-control: max-age=604800
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 8f9f16582b0f7d9a-TLV
accept-ranges: bytes
access-control-allow-origin: *
content-length: 37516
server: cloudflare

GET
H3 200 select-d-arw.png
offer.kingarnerstore.com/assets/images/retrofilm/ 985 B
2 KB 592ms
592ms Image
image/png 104.21.87.163
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://offer.kingarnerstore.com/assets/images/retrofilm/select-d-arw.png

Requested by

Host: offer.kingarnerstore.com
URL: https://offer.kingarnerstore.com/assets/css/skylink/get-style.css

Protocol

Security

QUIC, , AES_128_GCM

Server

104.21.87.163 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e11842bd7732a4bc4b6b35060699fa1b20be8a1533f23a3680f81e5b7e33f2f5

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests; block-all-mixed-content
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://offer.kingarnerstore.com/assets/css/skylink/get-style.css

Response headers

cf-cache-status: MISS
etag: "66ec02e2-3d9"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=cSxozEHh4AamgnwORX7cjD6i%2FWVjRGc636kwmlXun06h9cKvhtMTf8%2Fr%2B5vwklkiYYQEyhOacdqzCeESHSzBGF0MfwBXQgeeW4xhiCOLrRwwlNKHoJ112lrI9Labxq7lSPIaNvtUxARMy74%3D"}],"group":"cf-nel","max_age":604800}
x-content-type-options: nosniff
expires: Mon, 06 Jan 2025 03:54:13 GMT
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=79253&min_rtt=75397&rtt_var=6388&sent=100&recv=72&lost=0&retrans=0&sent_bytes=85041&recv_bytes=45766&delivery_rate=340000&cwnd=30000&unsent_bytes=0&cid=ae4942760128edb8&ts=995&x=1", cfExtPri, cfHdrFlush;dur=59
date: Mon, 30 Dec 2024 03:54:13 GMT
content-type: image/png
last-modified: Thu, 19 Sep 2024 10:54:26 GMT
vary: Accept-Encoding
priority: u=3,i
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-security-policy: upgrade-insecure-requests; block-all-mixed-content
cache-control: max-age=604800
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
referrer-policy: no-referrer-when-downgrade
cf-ray: 8f9f16580af47d9a-TLV
permissions-policy: interest-cohort=()
accept-ranges: bytes
content-length: 985
x-xss-protection: 1; mode=block
server: cloudflare

GET
H3 200 comon-bdr2.png
offer.kingarnerstore.com/assets/images/retrofilm/ 2 KB
2 KB 591ms
590ms Image
image/png 104.21.87.163
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://offer.kingarnerstore.com/assets/images/retrofilm/comon-bdr2.png

Requested by

Host: offer.kingarnerstore.com
URL: https://offer.kingarnerstore.com/assets/css/skylink/get-style.css

Protocol

Security

QUIC, , AES_128_GCM

Server

104.21.87.163 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

929ae5e56c56fb9e15bfa3eccde6cf40f8979aa7a34fa11a405fc3b03f71e015

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests; block-all-mixed-content
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://offer.kingarnerstore.com/assets/css/skylink/get-style.css

Response headers

cf-cache-status: MISS
etag: "66ec02e2-666"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=vCtK4QbPuLNGx%2FPwHLCAyckql9lzGFl7G6mjZ5MESYDxZjfsgR9XwEl7N%2BbRwSZRujsx7jHqbYVol%2FORtcKaz7VZRs%2B4vhL%2FWahmuE8VxVsxLjvncAO65xGqJv9GuZT%2B%2B3DdwKB4DvVhFcY%3D"}],"group":"cf-nel","max_age":604800}
x-content-type-options: nosniff
expires: Mon, 06 Jan 2025 03:54:13 GMT
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=79253&min_rtt=75397&rtt_var=6388&sent=100&recv=72&lost=0&retrans=0&sent_bytes=85041&recv_bytes=45766&delivery_rate=340000&cwnd=30000&unsent_bytes=0&cid=ae4942760128edb8&ts=996&x=1", cfExtPri, cfHdrFlush;dur=58
date: Mon, 30 Dec 2024 03:54:13 GMT
content-type: image/png
last-modified: Thu, 19 Sep 2024 10:54:26 GMT
vary: Accept-Encoding
priority: u=3,i
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-security-policy: upgrade-insecure-requests; block-all-mixed-content
cache-control: max-age=604800
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
referrer-policy: no-referrer-when-downgrade
cf-ray: 8f9f16580af57d9a-TLV
permissions-policy: interest-cohort=()
accept-ranges: bytes
content-length: 1638
x-xss-protection: 1; mode=block
server: cloudflare

GET
H3 200 comon-bdr1.png
offer.kingarnerstore.com/assets/images/retrofilm/ 2 KB
3 KB 590ms
590ms Image
image/png 104.21.87.163
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://offer.kingarnerstore.com/assets/images/retrofilm/comon-bdr1.png

Requested by

Host: offer.kingarnerstore.com
URL: https://offer.kingarnerstore.com/assets/css/skylink/get-style.css

Protocol

Security

QUIC, , AES_128_GCM

Server

104.21.87.163 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

985a690ca033a292c2ccc8715f5eacfff6e2341700b5a218b1ebbd7d848a9183

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests; block-all-mixed-content
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://offer.kingarnerstore.com/assets/css/skylink/get-style.css

Response headers

cf-cache-status: MISS
etag: "66ec02e2-6c9"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=EuNhf8f8l47e6yOXkZK%2B8b2nShba95wmwCqvrKwu4lxrv%2FRw2LMXvj3khJEe9u%2Fpg17MCEm5q9zXPjkxpyy1A9ybnGp%2FqRJKktKYJpCI6rPKAtazIfmD738KGRPLS90iR39nagqk%2BK7efeE%3D"}],"group":"cf-nel","max_age":604800}
x-content-type-options: nosniff
expires: Mon, 06 Jan 2025 03:54:13 GMT
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=79253&min_rtt=75397&rtt_var=6388&sent=100&recv=72&lost=0&retrans=0&sent_bytes=85041&recv_bytes=45766&delivery_rate=340000&cwnd=30000&unsent_bytes=0&cid=ae4942760128edb8&ts=1010&x=1", cfExtPri, cfHdrFlush;dur=45
date: Mon, 30 Dec 2024 03:54:13 GMT
content-type: image/png
last-modified: Thu, 19 Sep 2024 10:54:26 GMT
vary: Accept-Encoding
priority: u=3,i
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-security-policy: upgrade-insecure-requests; block-all-mixed-content
cache-control: max-age=604800
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
referrer-policy: no-referrer-when-downgrade
cf-ray: 8f9f16580af77d9a-TLV
permissions-policy: interest-cohort=()
accept-ranges: bytes
content-length: 1737
x-xss-protection: 1; mode=block
server: cloudflare

GET
H3 200 Graphik-Bold.woff2
offer.kingarnerstore.com/assets/fonts/yumi/ 39 KB
40 KB 740ms
739ms Font
font/woff2 104.21.87.163
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://offer.kingarnerstore.com/assets/fonts/yumi/Graphik-Bold.woff2

Requested by

Host: offer.kingarnerstore.com
URL: https://offer.kingarnerstore.com/assets/css/skylink/get-style.css

Protocol

Security

QUIC, , AES_128_GCM

Server

104.21.87.163 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

91c54fcea75be03571534d0c44b950ee3053e44ee6fec70b8fb654e903a91f5a

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin: https://offer.kingarnerstore.com
Referer: https://offer.kingarnerstore.com/assets/css/skylink/get-style.css

Response headers

cf-cache-status: MISS
etag: "65e0972d-9ccc"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=6MUCrYgDH%2BIsr82o3PwIf9IVNGGiBtuqJjvcye5r8TJ3WW0TBYIC9PsjsqxDLOvFhAo68MiGgurEjmUPh47wfd2BykHC6PdyDiqF0mcP%2FPNWrAnlIE6f9NBv%2FbRhr6lTOD6vm9u7%2B%2FGCf4k%3D"}],"group":"cf-nel","max_age":604800}
x-content-type-options: nosniff
expires: Mon, 06 Jan 2025 03:54:13 GMT
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=78255&min_rtt=75397&rtt_var=1824&sent=346&recv=104&lost=0&retrans=0&sent_bytes=355677&recv_bytes=47211&delivery_rate=1186486&cwnd=158400&unsent_bytes=0&cid=ae4942760128edb8&ts=1227&x=1", cfExtPri, cfHdrFlush;dur=0
date: Mon, 30 Dec 2024 03:54:13 GMT
content-type: font/woff2
last-modified: Thu, 29 Feb 2024 14:39:41 GMT
vary: Accept-Encoding
priority: u=0,i=?0
strict-transport-security: max-age=15552000; includeSubDomains; preload
cache-control: max-age=604800
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 8f9f16582b107d9a-TLV
accept-ranges: bytes
access-control-allow-origin: *
content-length: 40140
server: cloudflare

GET
H3 200 Graphik-Medium.woff2
offer.kingarnerstore.com/assets/fonts/yumi/ 39 KB
40 KB 797ms
796ms Font
font/woff2 104.21.87.163
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://offer.kingarnerstore.com/assets/fonts/yumi/Graphik-Medium.woff2

Requested by

Host: offer.kingarnerstore.com
URL: https://offer.kingarnerstore.com/assets/css/skylink/get-style.css

Protocol

Security

QUIC, , AES_128_GCM

Server

104.21.87.163 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

194fb161c5a444a9db37a053bc28a914b838677c2b8ba9f378826641cd2bab53

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin: https://offer.kingarnerstore.com
Referer: https://offer.kingarnerstore.com/assets/css/skylink/get-style.css

Response headers

cf-cache-status: MISS
etag: "65e0972d-9cb8"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=K%2B2D3d%2FWLpNVOCp8zxvdvyO9AVvUPQs5wt0t%2BQptoRypkn0z2lENKAq91oBaMzJ0Gx4DFABC4yQRwryhwycUesUP3v4kCGIarUBh%2FjmP%2BUzZtv0X57dWh5aMRXBQv2pf1PSNwazuKLL%2Bwrc%3D"}],"group":"cf-nel","max_age":604800}
x-content-type-options: nosniff
expires: Mon, 06 Jan 2025 03:54:13 GMT
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=78255&min_rtt=75397&rtt_var=1824&sent=364&recv=105&lost=0&retrans=0&sent_bytes=377124&recv_bytes=48337&delivery_rate=1186486&cwnd=158400&unsent_bytes=0&cid=ae4942760128edb8&ts=1250&x=1", cfExtPri, cfHdrFlush;dur=34
date: Mon, 30 Dec 2024 03:54:13 GMT
content-type: font/woff2
last-modified: Thu, 29 Feb 2024 14:39:41 GMT
vary: Accept-Encoding
priority: u=0,i=?0
strict-transport-security: max-age=15552000; includeSubDomains; preload
cache-control: max-age=604800
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 8f9f16582b117d9a-TLV
accept-ranges: bytes
access-control-allow-origin: *
content-length: 40120
server: cloudflare

GET
H3 200 Graphik-Semibold.woff2
offer.kingarnerstore.com/assets/fonts/yumi/ 39 KB
40 KB 798ms
797ms Font
font/woff2 104.21.87.163
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://offer.kingarnerstore.com/assets/fonts/yumi/Graphik-Semibold.woff2

Requested by

Host: offer.kingarnerstore.com
URL: https://offer.kingarnerstore.com/assets/css/skylink/get-style.css

Protocol

Security

QUIC, , AES_128_GCM

Server

104.21.87.163 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e9754a4c7aa65973dca2c528d043b45efe4cfb92a27ef5b2e212c3784222b694

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin: https://offer.kingarnerstore.com
Referer: https://offer.kingarnerstore.com/assets/css/skylink/get-style.css

Response headers

cf-cache-status: MISS
etag: "65e0972d-9cf4"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=TyTxa2GCOygfbzfy%2BbGI%2BRWvaE82Ga%2BTUYEict4V61NXC6ELZyUrihK%2BYrwA6Jje5UixYULFeZiWYii8O1qi0hOACOpmXMHObU1WLSkkM2OpXTgKrnSzhK8o9P%2Bsy5qhGz56xY3PL5ygMJQ%3D"}],"group":"cf-nel","max_age":604800}
x-content-type-options: nosniff
expires: Mon, 06 Jan 2025 03:54:13 GMT
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=78065&min_rtt=75397&rtt_var=1748&sent=381&recv=106&lost=0&retrans=0&sent_bytes=395841&recv_bytes=48383&delivery_rate=961999&cwnd=168000&unsent_bytes=0&cid=ae4942760128edb8&ts=1255&x=1", cfExtPri, cfHdrFlush;dur=29
date: Mon, 30 Dec 2024 03:54:13 GMT
content-type: font/woff2
last-modified: Thu, 29 Feb 2024 14:39:41 GMT
vary: Accept-Encoding
priority: u=0,i=?0
strict-transport-security: max-age=15552000; includeSubDomains; preload
cache-control: max-age=604800
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 8f9f16582b127d9a-TLV
accept-ranges: bytes
access-control-allow-origin: *
content-length: 40180
server: cloudflare

GET
H3 200 Graphik-MediumItalic.woff2
offer.kingarnerstore.com/assets/fonts/yumi/ 42 KB
42 KB 798ms
797ms Font
font/woff2 104.21.87.163
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://offer.kingarnerstore.com/assets/fonts/yumi/Graphik-MediumItalic.woff2

Requested by

Host: offer.kingarnerstore.com
URL: https://offer.kingarnerstore.com/assets/css/skylink/get-style.css

Protocol

Security

QUIC, , AES_128_GCM

Server

104.21.87.163 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

6cc4f6be860155964343e2615b16934d13d2d7bb8b8e5999f3329e15df841e8e

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin: https://offer.kingarnerstore.com
Referer: https://offer.kingarnerstore.com/assets/css/skylink/get-style.css

Response headers

cf-cache-status: MISS
etag: "65e0972d-a700"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=gWsG20vzJkzIoaOUf7LOPHBwq6bvxr9E6Jy23eRPemcgvBT2Z5RAdiPacEjEiea00mMQP9LedAFUpMWkdmbaim1Dmzg4KEhkUJC0LuDYgbk0x77NJOdy4rVtOReYMugTsWmAY%2FeSNXFSRUg%3D"}],"group":"cf-nel","max_age":604800}
x-content-type-options: nosniff
expires: Mon, 06 Jan 2025 03:54:13 GMT
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=78255&min_rtt=75397&rtt_var=1824&sent=364&recv=105&lost=0&retrans=0&sent_bytes=377124&recv_bytes=48337&delivery_rate=1186486&cwnd=158400&unsent_bytes=0&cid=ae4942760128edb8&ts=1245&x=1", cfExtPri, cfHdrFlush;dur=39
date: Mon, 30 Dec 2024 03:54:13 GMT
content-type: font/woff2
last-modified: Thu, 29 Feb 2024 14:39:41 GMT
vary: Accept-Encoding
priority: u=0,i=?0
strict-transport-security: max-age=15552000; includeSubDomains; preload
cache-control: max-age=604800
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 8f9f16582b137d9a-TLV
accept-ranges: bytes
access-control-allow-origin: *
content-length: 42752
server: cloudflare

GET
H3 206 vid2.mp4
offer.kingarnerstore.com/assets/images/skylink/ 46 KB
0 569ms
568ms Media
video/mp4 104.21.87.163
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://offer.kingarnerstore.com/assets/images/skylink/vid2.mp4

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

104.21.87.163 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests; block-all-mixed-content
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://offer.kingarnerstore.com/skylink/get-skylink/?s=x&h=328074652&o=556&a=700005&t=IV&c1=53995_17908870_11_2397_25&c2=bpytFIDWDukxPFVzWmGGWKkKJKTRkjDQizjpKcaXgnmHQMrYKURGJvAxbIjEdKlPg&c3=wst
Accept-Encoding: identity;q=1, *;q=0
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Range: bytes=0-

Response headers

cf-cache-status: MISS
etag: "66ec02e2-34aac0"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Mbb02lHvmjZVUy0q%2B38CAFrTJaydilR1SVEIGALrLJZQ4LZ%2Fd579twrVPDZ16bYE55z5IjHzY7LDrlbhH4gcG06pQO3ApEXMAxhgHnmHJTeeuDE1RwKpp1sPlnToTcmbBbaEo3gnph7va%2FU%3D"}],"group":"cf-nel","max_age":604800}
x-content-type-options: nosniff
expires: Mon, 06 Jan 2025 03:54:13 GMT
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=79253&min_rtt=75397&rtt_var=6388&sent=100&recv=72&lost=0&retrans=0&sent_bytes=85041&recv_bytes=45766&delivery_rate=340000&cwnd=30000&unsent_bytes=0&cid=ae4942760128edb8&ts=1016&x=1", cfExtPri, cfHdrFlush;dur=39
date: Mon, 30 Dec 2024 03:54:13 GMT
content-type: video/mp4
last-modified: Thu, 19 Sep 2024 10:54:26 GMT
vary: Accept-Encoding
priority: u=3,i
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-security-policy: upgrade-insecure-requests; block-all-mixed-content
cache-control: max-age=604800
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Content-Range: bytes 0-3451583/3451584
referrer-policy: no-referrer-when-downgrade
cf-ray: 8f9f16583b157d9a-TLV
permissions-policy: interest-cohort=()
Content-Length: 3451584
x-xss-protection: 1; mode=block
server: cloudflare

GET
H3 200 s3-lst-arw.png
offer.kingarnerstore.com/assets/images/retrofilm/ 1 KB
2 KB 568ms
567ms Image
image/png 104.21.87.163
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://offer.kingarnerstore.com/assets/images/retrofilm/s3-lst-arw.png

Requested by

Host: offer.kingarnerstore.com
URL: https://offer.kingarnerstore.com/assets/css/skylink/get-style.css

Protocol

Security

QUIC, , AES_128_GCM

Server

104.21.87.163 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

a98add297bf1dae4c60dbfabcfaa2d96dd8c6fd27c0d9f031861b8bff1c26453

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests; block-all-mixed-content
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://offer.kingarnerstore.com/assets/css/skylink/get-style.css

Response headers

cf-cache-status: MISS
etag: "66ec02e2-41f"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=DASd5cAFbeZ0ku91iQlNi2Xt0xzmjiv9Oho2dq4VYY4WT4UsCR7KgzSplNnKB3D1BtPGQ5s2h18q9ZUGzxcdgSAYziInKw4pj17V9SKqQsZid24W%2BW%2Fam5hwOukyUwNHIm1PA85cfMEJSiM%3D"}],"group":"cf-nel","max_age":604800}
x-content-type-options: nosniff
expires: Mon, 06 Jan 2025 03:54:13 GMT
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=79253&min_rtt=75397&rtt_var=6388&sent=100&recv=72&lost=0&retrans=0&sent_bytes=85041&recv_bytes=45766&delivery_rate=340000&cwnd=30000&unsent_bytes=0&cid=ae4942760128edb8&ts=986&x=1", cfExtPri, cfHdrFlush;dur=69
date: Mon, 30 Dec 2024 03:54:13 GMT
content-type: image/png
last-modified: Thu, 19 Sep 2024 10:54:26 GMT
vary: Accept-Encoding
priority: u=3,i
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-security-policy: upgrade-insecure-requests; block-all-mixed-content
cache-control: max-age=604800
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
referrer-policy: no-referrer-when-downgrade
cf-ray: 8f9f16583b167d9a-TLV
permissions-policy: interest-cohort=()
accept-ranges: bytes
content-length: 1055
x-xss-protection: 1; mode=block
server: cloudflare

GET
H3 200 close-btn.png
offer.kingarnerstore.com/assets/images/retrofilm/ 966 B
2 KB 568ms
567ms Image
image/png 104.21.87.163
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://offer.kingarnerstore.com/assets/images/retrofilm/close-btn.png

Requested by

Host: offer.kingarnerstore.com
URL: https://offer.kingarnerstore.com/assets/css/skylink/get-style.css

Protocol

Security

QUIC, , AES_128_GCM

Server

104.21.87.163 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

0f390571fdc97ea292fd4a455e2404af98d34784255706f7ce0bc99dd1f42348

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests; block-all-mixed-content
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://offer.kingarnerstore.com/assets/css/skylink/get-style.css

Response headers

cf-cache-status: MISS
etag: "66ec02e2-3c6"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=i1YdHPuBJsybAMhEB3axOj8y2zVpvFzxJ4tTTmp2%2Bux%2FDONXblLLnkj6rhdZmXaSNZ2h2FtDb4YMcdjNsS96hCoqRPD8BK%2FwsnaI8G86jH94eb5LxuwNjo3rojG4Dck3ZdAm4kNw7d2l9sg%3D"}],"group":"cf-nel","max_age":604800}
x-content-type-options: nosniff
expires: Mon, 06 Jan 2025 03:54:13 GMT
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=79253&min_rtt=75397&rtt_var=6388&sent=100&recv=72&lost=0&retrans=0&sent_bytes=85041&recv_bytes=45766&delivery_rate=340000&cwnd=30000&unsent_bytes=0&cid=ae4942760128edb8&ts=1021&x=1", cfExtPri, cfHdrFlush;dur=34
date: Mon, 30 Dec 2024 03:54:13 GMT
content-type: image/png
last-modified: Thu, 19 Sep 2024 10:54:26 GMT
vary: Accept-Encoding
priority: u=3,i
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-security-policy: upgrade-insecure-requests; block-all-mixed-content
cache-control: max-age=604800
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
referrer-policy: no-referrer-when-downgrade
cf-ray: 8f9f16583b177d9a-TLV
permissions-policy: interest-cohort=()
accept-ranges: bytes
content-length: 966
x-xss-protection: 1; mode=block
server: cloudflare

GET
H3 200 s5-bdr-img.png
offer.kingarnerstore.com/assets/images/retrofilm/ 2 KB
2 KB 568ms
567ms Image
image/png 104.21.87.163
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://offer.kingarnerstore.com/assets/images/retrofilm/s5-bdr-img.png

Requested by

Host: offer.kingarnerstore.com
URL: https://offer.kingarnerstore.com/assets/css/skylink/get-style.css

Protocol

Security

QUIC, , AES_128_GCM

Server

104.21.87.163 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

76eb4dc348b18e2fee20e0248772c0e58fec4b8a97d7bb9aa1367a8679d227c8

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests; block-all-mixed-content
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://offer.kingarnerstore.com/assets/css/skylink/get-style.css

Response headers

cf-cache-status: MISS
etag: "66ec02e2-660"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=wTI%2BFuK9%2Fu0N844fo7l54u%2FMvL1By5kICh5DL%2FG1vxvDcCzz2oRiacEHlcVS%2Bat5ASJPGoV%2FXUcgM3QhXhdLWIRuUzetmXio8rPAvF8800M4U%2BwXy3emkPROLdu4L0NLsJU%2B8c3rgniuqUE%3D"}],"group":"cf-nel","max_age":604800}
x-content-type-options: nosniff
expires: Mon, 06 Jan 2025 03:54:13 GMT
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=79253&min_rtt=75397&rtt_var=6388&sent=100&recv=72&lost=0&retrans=0&sent_bytes=85041&recv_bytes=45766&delivery_rate=340000&cwnd=30000&unsent_bytes=0&cid=ae4942760128edb8&ts=994&x=1", cfExtPri, cfHdrFlush;dur=61
date: Mon, 30 Dec 2024 03:54:13 GMT
content-type: image/png
last-modified: Thu, 19 Sep 2024 10:54:26 GMT
vary: Accept-Encoding
priority: u=3,i
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-security-policy: upgrade-insecure-requests; block-all-mixed-content
cache-control: max-age=604800
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
referrer-policy: no-referrer-when-downgrade
cf-ray: 8f9f16583b187d9a-TLV
permissions-policy: interest-cohort=()
accept-ranges: bytes
content-length: 1632
x-xss-protection: 1; mode=block
server: cloudflare

POST
H2 204 collect
analytics.google.com/g/ 0
0 346ms
133ms Fetch
text/plain 216.239.32.181
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.google.com/g/collect?v=2&tid=G-LRKY75Q8Z8&gtm=45je4cc1v9180574355za200&_p=1735530853067&_gaz=1&gcd=13l3l3l3l1l1&npa=0&dma=0&tag_exp=101925629~102067555~102067808~102081485~102198178&cid=1097191099.1735530854&ul=he-il&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&are=1&pae=1&frm=0&pscdl=noapi&_s=1&sid=1735530853&sct=1&seg=0&dl=https%3A%2F%2Foffer.kingarnerstore.com%2Fskylink%2Fget-skylink%2F%3Fs%3Dx%26h%3D328074652%26o%3D556%26a%3D700005%26t%3DIV%26c1%3D53995_17908870_11_2397_25%26c2%3DbpytFIDWDukxPFVzWmGGWKkKJKTRkjDQizjpKcaXgnmHQMrYKURGJvAxbIjEdKlPg%26c3%3Dwst&dr=https%3A%2F%2Fwww.marikano.com%2F&dt=Get%20Skylink&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1&tfd=2878
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-LRKY75Q8Z8
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 216.239.32.181 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://offer.kingarnerstore.com/skylink/get-skylink/?s=x&h=328074652&o=556&a=700005&t=IV&c1=53995_17908870_11_2397_25&c2=bpytFIDWDukxPFVzWmGGWKkKJKTRkjDQizjpKcaXgnmHQMrYKURGJvAxbIjEdKlPg&c3=wst

Response headers

cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsggc:136:0
report-to: {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsggc:136:0"}],}
expires: Fri, 01 Jan 1990 00:00:00 GMT
access-control-allow-origin: https://offer.kingarnerstore.com
cross-origin-opener-policy-report-only: same-origin; report-to=coop_reporting
content-length: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Mon, 30 Dec 2024 03:54:14 GMT
content-type: text/plain
server: Golfe2

POST
H2 204 collect
stats.g.doubleclick.net/g/ 0
551 B 419ms
141ms Ping
text/plain 108.177.15.155
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://stats.g.doubleclick.net/g/collect?v=2&tid=G-LRKY75Q8Z8&cid=1097191099.1735530854&gtm=45je4cc1v9180574355za200&aip=1&dma=0&gcd=13l3l3l3l1l1&npa=0&frm=0&tag_exp=101925629~102067555~102067808~102081485~102198178
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-LRKY75Q8Z8
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.177.15.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: wr-in-f155.1e100.net
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://offer.kingarnerstore.com/skylink/get-skylink/?s=x&h=328074652&o=556&a=700005&t=IV&c1=53995_17908870_11_2397_25&c2=bpytFIDWDukxPFVzWmGGWKkKJKTRkjDQizjpKcaXgnmHQMrYKURGJvAxbIjEdKlPg&c3=wst

Response headers

cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsggc:111:0
report-to: {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsggc:111:0"}],}
expires: Fri, 01 Jan 1990 00:00:00 GMT
access-control-allow-origin: https://offer.kingarnerstore.com
cross-origin-opener-policy-report-only: same-origin; report-to=coop_reporting
content-length: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Mon, 30 Dec 2024 03:54:14 GMT
content-type: text/plain
server: Golfe2

GET
H2 200 rul
td.doubleclick.net/td/ga/ Frame 295F 0
0 408ms
141ms Document
text/html 142.250.186.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://td.doubleclick.net/td/ga/rul?tid=G-LRKY75Q8Z8&gacid=1097191099.1735530854&gtm=45je4cc1v9180574355za200&dma=0&gcd=13l3l3l3l1l1&npa=0&pscdl=noapi&aip=1&fledge=1&frm=0&tag_exp=101925629~102067555~102067808~102081485~102198178&z=394697663

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-LRKY75Q8Z8

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://offer.kingarnerstore.com/skylink/get-skylink/?s=x&h=328074652&o=556&a=700005&t=IV&c1=53995_17908870_11_2397_25&c2=bpytFIDWDukxPFVzWmGGWKkKJKTRkjDQizjpKcaXgnmHQMrYKURGJvAxbIjEdKlPg&c3=wst
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, must-revalidate
content-encoding: br
content-length: 16
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 30 Dec 2024 03:54:14 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
pragma: no-cache
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 ga-audiences
www.google.co.il/ads/ 42 B
408 B 405ms
137ms Image
image/gif 172.217.18.3
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.co.il/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-LRKY75Q8Z8&cid=1097191099.1735530854&gtm=45je4cc1v9180574355za200&aip=1&dma=0&gcd=13l3l3l3l1l1&npa=0&frm=0&tag_exp=101925629~102067555~102067808~102081485~102198178&tag_exp=101925629~102067555~102067808~102081485~102198178&z=154817594

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.18.3 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s22-in-f3.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://offer.kingarnerstore.com/skylink/get-skylink/?s=x&h=328074652&o=556&a=700005&t=IV&c1=53995_17908870_11_2397_25&c2=bpytFIDWDukxPFVzWmGGWKkKJKTRkjDQizjpKcaXgnmHQMrYKURGJvAxbIjEdKlPg&c3=wst

Response headers

cache-control: no-cache, no-store, must-revalidate
timing-allow-origin: *
pragma: no-cache
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
expires: Fri, 01 Jan 1990 00:00:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-length: 42
date: Mon, 30 Dec 2024 03:54:14 GMT
x-xss-protection: 0
content-type: image/gif
server: cafe

GET
H3 206 vid2.mp4
offer.kingarnerstore.com/assets/images/skylink/ 171 KB
172 KB 612ms
611ms Media
video/mp4 104.21.87.163
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://offer.kingarnerstore.com/assets/images/skylink/vid2.mp4

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

104.21.87.163 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

54a0b74f163da763c42ae0318804e07fcd5b59b4ca9163638d62a847e16b6ed4

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests; block-all-mixed-content
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://offer.kingarnerstore.com/skylink/get-skylink/?s=x&h=328074652&o=556&a=700005&t=IV&c1=53995_17908870_11_2397_25&c2=bpytFIDWDukxPFVzWmGGWKkKJKTRkjDQizjpKcaXgnmHQMrYKURGJvAxbIjEdKlPg&c3=wst
Accept-Encoding: identity;q=1, *;q=0
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Range: bytes=3276800-

Response headers

cf-cache-status: HIT
etag: "66ec02e2-34aac0"
age: 0
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=y2vpKelNPoT5ogC7Sg7TcA6YMrti6pb7CdGAjksG11VdTOdpfipwA%2BTPrltfMl11xaGOmNklT%2BdIKCXFKe08zQ1vP6BwsKYu6e%2BUjCYWwW9FeoiFrkOiy0%2BkdF4SPhxp0l1bJqABsJrS0h4%3D"}],"group":"cf-nel","max_age":604800}
x-content-type-options: nosniff
expires: Mon, 06 Jan 2025 03:54:13 GMT
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=76797&min_rtt=75397&rtt_var=568&sent=903&recv=175&lost=0&retrans=0&sent_bytes=1004590&recv_bytes=52507&delivery_rate=2032657&cwnd=350400&unsent_bytes=0&cid=ae4942760128edb8&ts=1760&x=1", cfExtPri, cfHdrFlush;dur=0
date: Mon, 30 Dec 2024 03:54:14 GMT
last-modified: Thu, 19 Sep 2024 10:54:26 GMT
vary: Accept-Encoding
priority: u=3,i
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-security-policy: upgrade-insecure-requests; block-all-mixed-content
cache-control: max-age=604800
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-type: video/mp4
Content-Range: bytes 3276800-3451583/3451584
referrer-policy: no-referrer-when-downgrade
cf-ray: 8f9f165c5ce37d9a-TLV
permissions-policy: interest-cohort=()
Content-Length: 174784
x-xss-protection: 1; mode=block
server: cloudflare

GET
H3 200 open-btn.png
offer.kingarnerstore.com/assets/images/retrofilm/ 931 B
2 KB 241ms
240ms Image
image/png 104.21.87.163
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://offer.kingarnerstore.com/assets/images/retrofilm/open-btn.png

Requested by

Host: offer.kingarnerstore.com
URL: https://offer.kingarnerstore.com/assets/css/skylink/get-style.css

Protocol

Security

QUIC, , AES_128_GCM

Server

104.21.87.163 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

492c9a2561581b3855665e4bc504273922554d64967f1e3f063c03e7e7868138

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests; block-all-mixed-content
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://offer.kingarnerstore.com/assets/css/skylink/get-style.css

Response headers

cf-cache-status: MISS
etag: "66ec02e2-3a3"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=y4fNdXX8R2E1G2RB2o6qm1nfXWfUAed9qDAongtxCRFQHmklCDwbzmixj84V4gEV765wnMdP35FkE9pyCXAhtR1uPivAQzTL8INqZILkkt9cKsStTrvfEex1alZeMXQ%2F9sTydQfpQMjlG%2Bc%3D"}],"group":"cf-nel","max_age":604800}
x-content-type-options: nosniff
expires: Mon, 06 Jan 2025 03:54:14 GMT
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=76797&min_rtt=75397&rtt_var=568&sent=1053&recv=175&lost=0&retrans=0&sent_bytes=1184317&recv_bytes=52507&delivery_rate=2032657&cwnd=350400&unsent_bytes=0&cid=ae4942760128edb8&ts=1762&x=1", cfExtPri, cfHdrFlush;dur=0
date: Mon, 30 Dec 2024 03:54:14 GMT
content-type: image/png
last-modified: Thu, 19 Sep 2024 10:54:26 GMT
vary: Accept-Encoding
priority: u=3,i
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-security-policy: upgrade-insecure-requests; block-all-mixed-content
cache-control: max-age=604800
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
referrer-policy: no-referrer-when-downgrade
cf-ray: 8f9f165eade57d9a-TLV
permissions-policy: interest-cohort=()
accept-ranges: bytes
content-length: 931
x-xss-protection: 1; mode=block
server: cloudflare

GET
H3 206 vid2.mp4
offer.kingarnerstore.com/assets/images/skylink/ 3 MB
0 0ms
0ms Media
video/mp4 104.21.87.163
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://offer.kingarnerstore.com/assets/images/skylink/vid2.mp4

Protocol

Security

QUIC, , AES_128_GCM

Server

104.21.87.163 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests; block-all-mixed-content
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://offer.kingarnerstore.com/skylink/get-skylink/?s=x&h=328074652&o=556&a=700005&t=IV&c1=53995_17908870_11_2397_25&c2=bpytFIDWDukxPFVzWmGGWKkKJKTRkjDQizjpKcaXgnmHQMrYKURGJvAxbIjEdKlPg&c3=wst
Accept-Encoding: identity;q=1, *;q=0
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Range: bytes=32768-

Response headers

cf-cache-status: HIT
etag: "66ec02e2-34aac0"
age: 0
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=y2vpKelNPoT5ogC7Sg7TcA6YMrti6pb7CdGAjksG11VdTOdpfipwA%2BTPrltfMl11xaGOmNklT%2BdIKCXFKe08zQ1vP6BwsKYu6e%2BUjCYWwW9FeoiFrkOiy0%2BkdF4SPhxp0l1bJqABsJrS0h4%3D"}],"group":"cf-nel","max_age":604800}
x-content-type-options: nosniff
expires: Mon, 06 Jan 2025 03:54:13 GMT
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=76797&min_rtt=75397&rtt_var=568&sent=903&recv=175&lost=0&retrans=0&sent_bytes=1004590&recv_bytes=52507&delivery_rate=2032657&cwnd=350400&unsent_bytes=0&cid=ae4942760128edb8&ts=1760&x=1", cfExtPri, cfHdrFlush;dur=0
date: Mon, 30 Dec 2024 03:54:14 GMT
last-modified: Thu, 19 Sep 2024 10:54:26 GMT
vary: Accept-Encoding
priority: u=3,i
x-frame-options: SAMEORIGIN
content-type: video/mp4
content-security-policy: upgrade-insecure-requests; block-all-mixed-content
cache-control: max-age=604800
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Content-Range: bytes 32768-3451583/3451584
referrer-policy: no-referrer-when-downgrade
cf-ray: 8f9f165c5ce37d9a-TLV
permissions-policy: interest-cohort=()
Content-Length: 3418816
x-xss-protection: 1; mode=block
server: cloudflare

GET
H3 200 favicon.png
offer.kingarnerstore.com/assets/images/skylink/article/ 716 B
2 KB 242ms
241ms Other
image/png 104.21.87.163
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://offer.kingarnerstore.com/assets/images/skylink/article/favicon.png

Protocol

Security

QUIC, , AES_128_GCM

Server

104.21.87.163 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

277d31164d3829d46239bd76d12fa4c778e8a2177e46747252e6868e3ef91e6e

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests; block-all-mixed-content
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://offer.kingarnerstore.com/skylink/get-skylink/?s=x&h=328074652&o=556&a=700005&t=IV&c1=53995_17908870_11_2397_25&c2=bpytFIDWDukxPFVzWmGGWKkKJKTRkjDQizjpKcaXgnmHQMrYKURGJvAxbIjEdKlPg&c3=wst

Response headers

cf-cache-status: MISS
etag: "66ec02e2-2cc"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=qQZsIq%2Fu0wkWoO6DVIJuBVKiZRzR%2FXTcXaVcrs8BXsrmTwLIqIhPBemAdwjBCet7TrdxBBfAhuZX7oLanNa74viysRURVWKNNGIJs7AI5yd9Z796QEkTcu%2FfrUkBC%2FigZLBN%2BsPsiEyN7%2B4%3D"}],"group":"cf-nel","max_age":604800}
x-content-type-options: nosniff
expires: Mon, 06 Jan 2025 03:54:14 GMT
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=78486&min_rtt=75397&rtt_var=572&sent=1802&recv=223&lost=0&retrans=0&sent_bytes=2081372&recv_bytes=56860&delivery_rate=4157741&cwnd=544800&unsent_bytes=0&cid=ae4942760128edb8&ts=2030&x=1", cfExtPri, cfHdrFlush;dur=14
date: Mon, 30 Dec 2024 03:54:14 GMT
content-type: image/png
last-modified: Thu, 19 Sep 2024 10:54:26 GMT
vary: Accept-Encoding
priority: u=1,i
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-security-policy: upgrade-insecure-requests; block-all-mixed-content
cache-control: max-age=604800
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
referrer-policy: no-referrer-when-downgrade
cf-ray: 8f9f16606ead7d9a-TLV
permissions-policy: interest-cohort=()
accept-ranges: bytes
content-length: 716
x-xss-protection: 1; mode=block
server: cloudflare

GET
H2 200 script.js Show response
cdnstat.net/get/ 129 B
882 B 436ms
153ms Script
text/javascript 104.21.16.1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdnstat.net/get/script.js?referrer=https://offer.kingarnerstore.com/skylink/get-skylink/?s=x&h=328074652&o=556&a=700005&t=IV&c1=53995_17908870_11_2397_25&c2=bpytFIDWDukxPFVzWmGGWKkKJKTRkjDQizjpKcaXgnmHQMrYKURGJvAxbIjEdKlPg&c3=wst
Requested by: Host: offer.kingarnerstore.com
URL: https://offer.kingarnerstore.com/assets/js/article/jquery-3.5.1.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.21.16.1 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PHP/8.2.1
Resource Hash: c59a3960888d96b3748601b9b77df171bafa3d53289ec4b8b6db3d474e9a39e1

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://offer.kingarnerstore.com/skylink/get-skylink/?s=x&h=328074652&o=556&a=700005&t=IV&c1=53995_17908870_11_2397_25&c2=bpytFIDWDukxPFVzWmGGWKkKJKTRkjDQizjpKcaXgnmHQMrYKURGJvAxbIjEdKlPg&c3=wst

Response headers

content-encoding: zstd
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=LfIkJT1EHkmt47AlFE3Lonqh9ObHfFSsqtSSwwtQylQpuy1csroJtZMnk229cBnqHghYSuSpQBIc939FoNAPPUHlcYTanVOp19qFlX0s8i5%2BQhK0KaPK1tdoXNCWGg%3D%3D"}],"group":"cf-nel","max_age":604800}
access-control-allow-methods: GET, POST
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=TCP&rtt=52555&min_rtt=52553&rtt_var=19712&sent=6&recv=8&lost=0&retrans=0&sent_bytes=3977&recv_bytes=2453&delivery_rate=73496&cwnd=252&unsent_bytes=0&cid=4842c52fb9bc2f24&ts=167&x=0"
date: Mon, 30 Dec 2024 03:54:15 GMT
content-type: text/javascript; charset=utf-8
vary: Accept-Encoding
access-control-allow-headers: X-Requested-With,content-type
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
access-control-allow-credentials: true
cf-ray: 8f9f1664ef1bdcc9-FRA
access-control-allow-origin: https://offer.kingarnerstore.com
x-powered-by: PHP/8.2.1
server: cloudflare

Verdicts & Comments Add Verdict or Comment

58 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

8 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
offer.kingarnerstore.com/skylink/get-skylink	1970-01-21 02:06:10	Name: PHPREFS Value: full
www.marikano.com/rd	1969-12-31 23:59:59	Name: test Value: test
.marikano.com/	1969-12-31 23:59:59	Name: uid556 Value: 328074652-20241229215410-8f65b16df378e8a6bece9614e1530fb1-59
offer.kingarnerstore.com/	1970-01-21 02:05:38	Name: XSRF-TOKEN Value: eyJpdiI6InM2aEU2Q0xoQksrWThOanloUXFHOGc9PSIsInZhbHVlIjoiazIwWjExenJHY3J6S3VaRWFFUHM2MEU0VFJpdXpucXhXT1lnTjRCUDA2LzFDN05DSnZ0bkIrZzhzK3RERlpBMERDMWpiWXF3ZnZPQUtVZEZFaktHeDB6TFYralQ4aXk0QnhJVjduSFdNaHllaVR4ODR3T0dOaHpEYjBzOTkrTSsiLCJtYWMiOiJhZjdmNTA3NjY1NTE4YWQyYTk3Yzg0ODc2MTM5NzlkZmUxM2RhYjAyOTZhZDg0YjYzOTJmZDM3YzBmYzU0MDVlIiwidGFnIjoiIn0%3D
offer.kingarnerstore.com/	1970-01-21 02:05:38	Name: laravel_session Value: eyJpdiI6IndpN0t1MUlMOVg3elRzQTYzcUJnN2c9PSIsInZhbHVlIjoiVFVsV2MvVUFKenUzZnp5Vk1QZHNneGp6SHVFNjZ1VkdOMkZ2OUZWdFlqc3lZOVowYjB2RHFQRWFCZ0tycjQ2WTR2ejR5QXpJR0xQUG5iaGhRQ3VhM3FWMHRjVmJkSVdqcEwxSUlLVGEvWnJadzBWVGZST0x5aENQS2pYRVVyQ3UiLCJtYWMiOiI5NGY1MDAwNWI5N2Q4ZjkxM2M5NmVmZWEwYWI5OGFlYTZhODFhNDcxZTUwMmYzZDZlMDczYzE3NGU0NjY0MmU2IiwidGFnIjoiIn0%3D
.kingarnerstore.com/	1970-01-21 11:41:30	Name: _ga Value: GA1.1.1097191099.1735530854
.kingarnerstore.com/	1970-01-21 11:41:30	Name: _ga_LRKY75Q8Z8 Value: GS1.1.1735530853.1.0.1735530853.60.0.0
.doubleclick.net/	1970-01-21 02:05:31	Name: test_cookie Value: CheckForPermission

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

analytics.google.com
cdn.jsdelivr.net
cdnstat.net
ctiqedsyo0ubymaz58yl2egc.blob.core.windows.net
offer.kingarnerstore.com
stats.g.doubleclick.net
td.doubleclick.net
www.google.co.il
www.googletagmanager.com
www.marikano.com
104.21.16.1
104.21.87.163
108.177.15.155
142.250.185.200
142.250.186.162
151.101.193.229
172.217.18.3
172.232.11.9
20.209.227.97
208.67.248.46
216.239.32.181
089b70532f408b90cdd81e632331bc9a9b327c86ff9d584faec84def160203e7
0f0c50a4139626d8351a7adc02d29c3cffeadbac0a774c82a531d28644450a6c
0f3315434fd9fb2498853b9c46d3e4760d6027adf670d3cf103061afd716b245
0f390571fdc97ea292fd4a455e2404af98d34784255706f7ce0bc99dd1f42348
194fb161c5a444a9db37a053bc28a914b838677c2b8ba9f378826641cd2bab53
210082e5868ac02baafa6910cf9b5a724a49a82d61894fc3d85bec8396adaf8c
2595496fe48df6fcf9b1bc57c29a744c121eb4dd11566466bc13d2e52e6bbcc8
277d31164d3829d46239bd76d12fa4c778e8a2177e46747252e6868e3ef91e6e
2ed54f81dec64848b1f603022e19a8dcedd4273f72b5cbd2697472fdb882d238
2fe362c85863a7062d1f6f3e57b24c1f5ee42f021035efb2fe152172dcf10de9
3b71b19f4323705db98ebbc3e84e9affdd0b4f1b4de0879122c42c5036c9d8d2
3e4a5b3854a52f8eaffa45af03fe981fc2abf3f3b725cad1b603bd468401b119
3efd4c11f14c7ceec7016d4d2c9f0bdf2067a216c60578c0f4b723396476a940
4117f96a12b22ed10975f18fb11c291635a0a92f5f0121641ea188e5858c4b14
4308940f822561d4610f91d515c51c7020e49984da9c542252c9826776e0a134
492c9a2561581b3855665e4bc504273922554d64967f1e3f063c03e7e7868138
54a0b74f163da763c42ae0318804e07fcd5b59b4ca9163638d62a847e16b6ed4
56ef23f536f31fec6897550a22d20eecbabbe9e2b7f1a563d952c885e73cc7df
5a3b56c92b2ca4a908de5fd78d6d758f4ca5399de95f3f1e1afa8ae448bd96b7
5f117747a4b249cd2df7962c6b40bcbc42f75c4b748f0a9628409ad87b0b7784
62b3b6491e32bc1e24d999fd1360e766ff2d48a3354bdcf3583e1c37a57e9e5c
64517cddfdcc07b28dee15553a2db60b1616f78ab7fabee6a1ba8c64ca8b7655
6cc4f6be860155964343e2615b16934d13d2d7bb8b8e5999f3329e15df841e8e
6d4b5b0c50d178db91f61e269cbf8b0fe09f108de787bedcfc190debf013779c
71f9d45f520e2c29bfe10398c31aec05e889de38ea50328c12804764cb4c671b
72625c31df56fecf380612521c726dac48073f592f8605f24fe6a19312ca706a
74c27caaaacf7943655883e28a3bc2fb31f05236a9c5be850fcc496b208b1769
76b6ec40592dd8249c1be660696cf024d83d55837b22b1c181d8be77319b261f
76eb4dc348b18e2fee20e0248772c0e58fec4b8a97d7bb9aa1367a8679d227c8
827666d308a710cf777a499ca6b3da8d7ad500ccaea480a21106785541931aaf
886a0d1005f4d663e11473c81ea20b2b9d618372313df55223d2c571dffc5698
91c54fcea75be03571534d0c44b950ee3053e44ee6fec70b8fb654e903a91f5a
929ae5e56c56fb9e15bfa3eccde6cf40f8979aa7a34fa11a405fc3b03f71e015
985a690ca033a292c2ccc8715f5eacfff6e2341700b5a218b1ebbd7d848a9183
a57d4a914179de655239d545002d8f233678e4565963ba15f2c2e35c0c0cd470
a792aef8f38f4e63144187017be44d18f149f228301c2b4c0dd64eee801ef40b
a98add297bf1dae4c60dbfabcfaa2d96dd8c6fd27c0d9f031861b8bff1c26453
b3ddd6fdc587a6f485a34cf318c4a11db8e82865443e0978ab98fe77bff7aa98
bff4b48cd24e617e2c1f560b5c2a497e36404486ad944d278553b0cf53c45964
c59a3960888d96b3748601b9b77df171bafa3d53289ec4b8b6db3d474e9a39e1
c7a5027f32eb6102f2bde9d5c96d2f3b6d0872e9bb059c55e852298c0d76fbbc
d003f8b2018ff1ad84f86217e69f5f178ff201da83c742b2769932845f2f4c42
d3c0ebec0d6799488e77cab92792d19d154cb6b7b835dea5065556881b37e1ce
d74e0e7b7e3273d6cadc717b048d05d7051d323a2ae1d72a1ab104f8ba534127
e11842bd7732a4bc4b6b35060699fa1b20be8a1533f23a3680f81e5b7e33f2f5
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e9754a4c7aa65973dca2c528d043b45efe4cfb92a27ef5b2e212c3784222b694
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f4466636f99dac1f8f06798cfc25166063e284ff97efb79d6559c4d726b21b8a
f5e445c5d41b9a63efca05196442993819949ea8b83ea13bbc53626e5a95d59f

offer.kingarnerstore.com Open in urlscan Pro 104.21.87.163 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

58 Requests

100 %HTTPS

0 %IPv6

9 Domains

10 Subdomains

10 IPs

2 Countries

1387 kBTransfer

5788 kBSize

8 Cookies

0 Outgoing links

Page URL History

Redirected requests

58 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

offer.kingarnerstore.com Open in urlscan Pro
104.21.87.163 Public Scan

Screenshot
Live screenshot

Full Image

58
Requests

100 %
HTTPS

0 %
IPv6

9
Domains

10
Subdomains

10
IPs

2
Countries

1387 kB
Transfer

5788 kB
Size

8
Cookies

58 HTTP transactions
0 data transactions